Does DHCP Server require connection other than 255.255.255.255?

E

EnthusiastXYZ

Limp Gawd
Joined
Jun 26, 2020
Messages
221
DHCP requires 255.255.255.255 output and input, but does it require direct communication with DHCP server IP if DHCP server IP is NOT Gateway IP?

For example, if ISP Gateway is not DHCP server and ISP DHCP server IP is 10.X.X.X, then does client have to accept packets from IP 10.X.X.X to be leased an IP address?
 
I think your question is essentially 'do you need to have an IP address assigned by a DHCP server in the same range as the default gateway?'. If you have a separate DHCP server and a special application, the answer is no. But if the address is not in the same range as the default gateway, your client will not have a default gateway it can find and won't get to the Internet.

Here's an example:
ISP gateway is 10.x.x.x.
DHCP server is 192.168.1.x and gives out IPs 192-168.1.5-50 with a default gateway of 192.168.1.1

IP can be assigned to a client, but client will never hit the Internet since its default gateway is 192.168.1.1.

Now, I know there are certain stand-alone DHCP servers that will allow you to put anything you want in any field, so you could issue IPs in the 192.168.1.5-50 range with a default gateway of 10.x.x.x. But I'm really not sure how this would work since I don't think that would be a valid route unless the subnet mask was 0.0.0.0 (and I may even be wrong about that part).

The real question is what do you have going on with your ISP router and your router that you're having trouble with?
 
Multiple DHCP servers in a single broadcast domain will result in a race condition. Google that if you don't understand what it means. You can view this page for high level details of a dhcp discover/offer:

https://www.eventhelix.com/networking/dhcp-flow/dhcp-sequence-diagram.pdf

Also, be aware that dhcp renewals are direct client to server. In short, the answer to your question is that both the client and server must be able to communicate to each other and not just broadcast.
 
When my ISP router is in Bridged Mode, my ISP is always a random public IP to my personal router and gateway for that IP is always in the same subnet, but I keep seeing 10.X.X.X > 255.255.255.255 DHCP Reply (for WAN port) in TCPDump every 5-10 seconds or so. It never stops, but it doesn't create floods act as denial of service issue.

If I put ISP-provided router in Router Mode, ISP router settings show 10.X.X.X for DHCP and 10.Y.Y.Y for Gateway (same subnet).

It is almost as if ISP expects clients to use ISP-provided equipment that is set to use 10.X.X.X for DHCP. Thing is, TCPDump shows that even when my personal router tries to acquire a WAN IP, the only 255.255.255.255 packets come from my router's 0.0.0.0 address to 255.255.255.255 DHCP IP, and DHCP reply comes only from 10.X.X.X. There is no never DHCP reply from gateway (public IP) to which my personal router connects. Doesn't that mean that 10.X.X.X is the correct DHCP server? It's a private IP, but my ISP uses 10.X.X.X for first hop and 172.16.X.X for second hop. I know DHCP forwarding also exists and "DHCP cross subnet" concept.

My previous personal router from Netgear shows logs of specifically dropping packets form 10.X.X.X and detecting them as "Smurf attack". Therefore, I can't figure out whether I should allow packets from 10.X.X.X or not... Perhaps the issue is that there should only be an initial DHCP reply from 10.X.X.X, after which packets from it should stop until DHCP needs another lease..?
 
Last edited:
Again with the conflating of unrelated things. The DHCP server and default route have NOTHING to do with each other. Only in consumer crap home networking land are these things often the same device. There is a saying "a little knowledge is a dangerous thing." You seem to have a desire to get neck deep into things that you do not have a basic understanding of. It is admirable that you're interested but, I seriously suggest you take a step back and gain some basic networking knowledge before you jump head first into the deep end.
 
EnthusiastXYZ said:
When my ISP router is in Bridged Mode, my ISP is always a random public IP to my personal router and gateway for that IP is always in the same subnet, but I keep seeing 10.X.X.X > 255.255.255.255 DHCP Reply (for WAN port) in TCPDump every 5-10 seconds or so. It never stops, but it doesn't create floods act as denial of service issue.

If I put ISP-provided router in Router Mode, ISP router settings show 10.X.X.X for DHCP and 10.Y.Y.Y for Gateway (same subnet).

It is almost as if ISP expects clients to use ISP-provided equipment that is set to use 10.X.X.X for DHCP. Thing is, TCPDump shows that even when my personal router tries to acquire a WAN IP, the only 255.255.255.255 packets come from my router's 0.0.0.0 address to 255.255.255.255 DHCP IP, and DHCP reply comes only from 10.X.X.X. There is no never DHCP reply from gateway (public IP) to which my personal router connects. Doesn't that mean that 10.X.X.X is the correct DHCP server? It's a private IP, but my ISP uses 10.X.X.X for first hop and 172.16.X.X for second hop. I know DHCP forwarding also exists and "DHCP cross subnet" concept.

My previous personal router from Netgear shows logs of specifically dropping packets form 10.X.X.X and detecting them as "Smurf attack". Therefore, I can't figure out whether I should allow packets from 10.X.X.X or not... Perhaps the issue is that there should only be an initial DHCP reply from 10.X.X.X, after which packets from it should stop until DHCP needs another lease..?
Click to expand...
So one of the things that complicates this further is that there is a 'private' IP for the modem as well as ISPs can use that to manage/test the modem--many times this IP is a 10.x.x.x address. If you're dumping the raw tcp/ip, it's possible to see these as well.

As mentioned, I would dig into how networking and IP subnetting works before you look at those dumps again. There's can be a lot of information from an ethernet tap that won't make sense until you understand what it is.
 
EDIT: I was a bit wrong.

10.X.X.X acts as both - gateway IP and DHCP server IP for ISP-provided router in Router Mode. When ISP router is in Bridged Mode, 10.X.X.X serves as only DHCP server for my personal router, but is never gateway and is never on the same subnet as gateway.
 
Last edited:
You must log in or register to reply here.
Back
Top