Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Dhcp server answers on port 67

Guru
Posts: 8
6973     1

A TCP dump reveals, that the Dhcp server very often /allways replies to the client on port 67 when a proxy is involved. I need to get my head around this. Port 67 should be used by the server and port 68 by the client. Why do we reply to the client on port 67 when a proxy is involved?

 

Best regards

 

Jan Vejling

Denmark

Re: Dhcp server answers on port 67

Superuser
Posts: 105
6973     1

Hi,

 

Does proxy means the dhcp relay?

 

About why dhcp server always replies using port 67, as fas as i know that this port is used by the server to receive and reply the dhcp packets from clients although there is dhcp relay in the middle. and port 68 is used by the client to receive and sent dhcp packet.

 

 

Re: Dhcp server answers on port 67

Guru
Posts: 8
6974     1

Hi

Yes talking about Proxy i mean the router between the Dhcp server and the client.

You are right about the ports, 68 used by clients 67 used by (open at) server. Hence im currious why i see server responding to clients on port 67 (like expecting them - or maybe the proxy having an open service on port 67), actualized by firewall rules. 

 

/JanV

Re: Dhcp server answers on port 67

[ Edited ]
Superuser
Posts: 105
6974     1

Hi,

 

yes you are correct that the proxy (relay agent) always listen to port 67. like mention in the ietf dhcp implementation draft: https://tools.ietf.org/html/draft-ietf-dhc-implementation-02

 

+ Relay Agent Port Usage

 

Relay agents should use port 67 as the source port number. Relay agents always listen on port 67, but port 68 has sometimes been used as the source port number probably becuase it was copied from the source port of the incoming packet.

 

 

Hope that can answer your question.

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You