DHCP client address change detector

In a previous post I’ve described how useless DHCP logging is when you try to detect change in DHCP-assigned IP address. Fortunately the removal of the old IP address (triggered by the DHCPNAK server response) and configuration of the new IP address (sent in the DHCPACK response) triggers a change in the IP routing table that can be detected with the new IP routing table event detector introduced in EEM 3.0 (available from Cisco IOS release 12.4(22)T).

The EEM applet that detects the changed DHCP-assigned IP address (including the initial address assignment which also triggers the syslog message) is described in the CT3 wiki.

2 comments:

  1. I have a DHCP server installed in a Windows 2003 server that contains several
    Address pool assigned to each VLAN. in my switch (Cisco 4506), I configured each SVI interface with an DHCP-relay to send DHCP request to my server.actually its all going well
    But my point if a user changes the VLAN it keeps
    the same address given in the VLAN, but not a new address that corresponds to the new VLAN.
    How to solve this problem????

    ReplyDelete
  2. Ivan Pepelnjak27 July, 2010 18:41

    First, the client has to detect it's on another VLAN; its LAN interface must flap.

    Second, once it sends out its DHCP request asking the DHCP server to reconfirm its address, the switch has to be willing to propagate it.

    Last, the DHCP server must be "authoritative" (ISC's terminology, not mine), it must reply with a NAK, thus forcing the client to ask for another address.

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.