Informations, tips and technics.

tcpdump, dhcp, mac address

As an administrator of a linux dhcp server I have to support it of course. Last day, someone come to my desk and ask me if there is a trouble on the dhcp because he can’t get an ip address from the dhcp server. For your information, I have to add manually the host in the dhcp server and the dns server (security policy). Anyway, with tcpdump, you can troubleshoot the ip frame going to and from the dhcp server. Here are some tcpdump syntax that can be usefull:

  • tcpdump -n ether host xx:xx:xx:xx:xx:xx
    To catch a mac address
  • tcpdump -e -i eth0 | grep ‘xx:xx:xx:xx:xx:xx’
    Same thing
  • tcpdump -n port 67
    Catch dhcp transactions

Note that I have not tested the mac filters yet but I want to post them here so I cna test them later.


Filed under: Linux, , ,

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: