How to create a DHCP snooping rule in a Linux virtual bridge -
i have linux server (10.0.0.1) running dhcp server , virtual bridge. virtual bridge connects 4 ethernet interfaces , works master switch connecting users.
the problem arise if user accidentally creates rogue dhcp server answers dhcp request before reach master dhcp server.
therefore block dhcp requests going in between ports on virtual switch, not requests to/from master dhcp server. ebtables rules can set this?
you must block dhcp responses @ switch, way, because packets don't pass through router (in case linux server), switch have alternative create dhcp snooping. this, filter dhcp responses ports.
i hope has been helpfull
linux dhcp ebtables
No comments:
Post a Comment