ADC Telecommunications, Inc.
264 C
HAPTER 13: CONFIGURING DHCP AUTHORITY
About DHCP Authority
DHCP authority is a security feature that prevents spoofing (unauthorized
use) of DHCP assigned IP addresses. Spoofing occurs when a host uses an IP
address that was dynamically assigned to another host via the Dynamic Host
Configuration Protocol (DHCP). DHCP authority prevents spoofing of IP
addresses by ensuring that IP addresses are only used by the specific cable
modems and CPEs to which they are assigned.
Configured on an interface basis, DHCP authority ensures that dynamically
assigned IP addresses are used by their original host by tagging Address
Resolution Protocol (ARP) entries within the ARP cache for a specified
interface.
This DHCP Authority ARP entry tagging process operates as follows:
■ Upon booting, the client (such as a cable modem or CPE device) requests
an IP address from the DHCP server. The DHCP relay agent operating on
the interface to which the client is attached, forwards the request to the
DHCP server.
■ Based on the subnet configuration within the provisioning server, the
DHCP server responds with a DHCP offer containing the IP address that
the client should use.
■ After receiving the IP address, the client sends a DHCP request back to
the DHCP server.
■ The DHCP server then sends a DHCP acknowledgement to the client
through the DHCP relay.