Reason: Some time ago, a friend unit LAN appeared a little problem to me to help look. According to friends, the recent units in some sections of the computer frequently appear to be unable to surf the phenomenon. Ask a friend to know that these computers are open DHCP services, automatic access to IP, after the investigation of their gateway address has been found to have problems. The correct address should be 192.168.4.254, and these failed computers get a gateway address of 192.168.4.65. After some computers use Ipconfig/release to release the network parameters obtained, they can obtain the real gateway address with ipconfig/renew, and most of them still get the wrong data.
Why are the actual DHCP server-assigned network parameters not properly transferred to the client? The reason is simple: there is another DHCP server on the network that assigns unauthorized network information to clients that are set to obtain an IP address automatically. What a "inside Ghost" is hard to defend! Here are some of my experiences to talk about how to effectively prevent unauthorized DCHP servers in a LAN.
First, the preparatory knowledge:
The general company will have a DHCP server to provide employees with the necessary network parameter information, such as IP address, subnet mask, gateway, DNS and other addresses, many cases routers can assume this task. Each time the employee computer is started, a broadcast packet is sent to the network to find the DHCP server (provided that the computer is set to obtain an IP address automatically), broadcast packets are sent randomly to the network, and when a DHCP server receives the broadcast packet, it sends an answer message to the computer of the packet source MAC address. Also, extract an IP address from your own address pool and assign it to that computer.
The legitimate DHCP server can provide the correct data, and the unauthorized DHCP server provides the wrong data. How do we get network information from our employees ' machines through legitimate DHCP servers? If it is a switched network, it is not possible, because the broadcast packet will be sent to all devices on the network, the legitimate or unauthorized server to answer first is not any rule. So the network is completely disturbed, the original can be normal access to the machine could no longer connect to the Internet.
Second, the prevention strategy:
1. Negative Precautions:
Since the broadcast packet will be sent to all devices on the network, the legitimate or unauthorized server to answer the first is not any regular, then we can try to broadcast the packet sent to temporarily resolve the problem until the client can get the real address.
First typing the following command:
Ipconfig/release (This command releases unauthorized network data)
Then typing the following command:
Ipconfig/renew (try to get network parameters)
If you still get the error message, try the above two commands again until you get the correct information. However, this method is not a cure, the number of repeated attempts is not guaranteed, generally require more than 10 or even dozens of times, in addition, when the DHCP lease expires after the employee machine needs to find the DHCP server to obtain information, the fault will still appear.
2, the official offer method:
The operating system we use is all windows, and Microsoft offers us an official solution. In a network of Windows system builds, if an unauthorized DHCP server is built with a Windows system, we can filter the unauthorized DHCP server through the "domain" approach. By adding a legitimate DHCP server to the Active Directory (Active Directory), you can effectively suppress an unauthorized DHCP server by using this authentication method.
The idea is to not join a DHCP server in the domain to send a DHCP inform query packet to other DHCP servers in the network before the request, and if other DHCP servers respond, the DHCP server cannot respond to customer requests. This means that a DHCP server that joins a domain in the network has a higher priority than a DHCP server that is not joined to a domain. This does not make any difference if the legitimate DHCP presence is not authorized.
The process of authorizing legitimate DHCP is as follows:
Step One: Start-> program-> management Tools->DHCP
Step Two: Select DHCP root, right-click, and then browse to select the server you want to authenticate.
Step three: Click the "Add" button, enter the IP address of the DHCP server to be authenticated, and complete the authorization operation.
This method works fine, but requires domain support. To know that for many small and medium-sized enterprises "domain" for them is overqualified, basically use the Working Group is enough to deal with the day-to-day work. So this method is recommended by Microsoft, the effect is good, but not very suitable for the actual situation. In addition, this method only applies to the unauthorized DHCP server is a Windows system, the non-Windows operating system and even NT4 such systems will have some problems.
Current 1/3 page
123 Next read the full text
