December 31, 2011 at 2:24 am #7203
Could some one help me on DHCP lease time…please…
My query: Where is default dhcp lease time provided in linux flavours like ubuntu?
Thru google I came to conclusion it is in /etc/dhcp3/dhcp-client.conf file, where it has settings for eth0 with ipaddress, gateway, subnet, lease time etc… In my Virtual box, it is set as 3600 (seconds), but when I run the command dhcpclient eth0, it assigns a new ipaddress and shows approx 1400seconds to renew my ipaddress. Since it is one of vulnerable webapp distro, my trouble is after 25minutes or something, it assigns new ipaddress and from testing BT5 attacker vm, couldnt connect to it… Though my settings in dhcp-client.conf has 3600seconds, I think it should show around 3xxx seconds rather than 1400seconds…
I did came across /etc/lib/dhcp3/dhcp-eth0-lease file, where it has got all the dhcp setting created with few more parameters like renew/rebind etc with datetime.
I’m not clear from where this 1400seconds is been set.
I have been searching thru and couldn’t find answer to it…
Please do clarify me,
December 31, 2011 at 3:16 am #45037
December 31, 2011 at 3:21 am #45038
December 31, 2011 at 3:32 am #45039
December 31, 2011 at 1:46 pm #45040
I remember going thru the same help while searched on google, my dhcp-client.conf file doesn’t have entry for default, but just max-lease-time as 3600.
Not sure if anything else as a part of dhcp leasing, it updates as 1400seconds….
I will try with defaul-lease time entry and see if it changes any behaviour.
January 4, 2012 at 3:20 pm #45041
DHCP in general, assigns ip addresses for a specified period of time, usually from 1 to 30 days. When the lease is about half used up, it sends a request to the server, asking if it can renew its current address. if the address is still available for that user, then the request is granted.
If you have dhcp lease time set to 3600 seconds (1 hour), that is IMO really really short. Do you have a reason that you want to generate all sorts of traffic asking to renew ip addresses every 30 minutes? I guess i could see if the network is wireless at a coffee shop, but for most businesses and home networks, 3600 seconds is really short.
January 4, 2012 at 3:29 pm #45042
Do you have a reason that you want to generate all sorts of traffic asking to renew ip addresses every 30 minutes? I guess i could see if the network is wireless at a coffee shop, but for most businesses and home networks, 3600 seconds is really short.
Yea, the lease is typically shortened for public/guest WiFi access that gets a lot of traffic. You could saturate your pool and have your users inadvertently DoS themselves if you leave the defaults.
I don’t think traffic is a major in a client VM. It sounds like the OP wants to know just because 🙂
January 4, 2012 at 5:03 pm #45043
I agree it is very short and as it is vulnerable app, I would like to change the leasetime more than 3600, but the problem is even if I change it, It is not taking the value from dhcpd.conf file. Somewhere else it looks like picking a value? couldn’t find the entry for it…
I have checked the Tcpipguide website and its leasetime/dhcp allocation process, everything points at same file…OR might be I’m missing something….
January 4, 2012 at 5:46 pm #45044
I misread your original post. The lease time is configured on the server side, which will be VirtualBox in this case. Googling virtualbox dhcp lease time shows this thread as #6, so you may not have a lot of luck in changing that.
To resolve the core problem where your IP changes after a period of time (which really doesn’t make sense either since it should renew the lease and keep the same IP, as someone already stated above), why don’t you just configure a static IP address?
January 4, 2012 at 8:19 pm #45045
thanks you mate, I did tried the static ip option. I have provided static ip as 192.168.0.20. When I run dhclient eth0, you wont believe it, i’m getting a ip allocated as 192.168.0.34 ??? 😮 Also when it renews after n seconds, it is not assigning same ipaddress, it assigns the next increment (192.168.0.35)….strange…
Here the problem is, I couldn’t identify from where it is getting this 192.168.0.34!!!!! I have been searching this now….
not sure If I will get imme answer, will update you soon.
January 4, 2012 at 8:49 pm #45046
This machine that’s receiving the 192.168.0.34 IP address, is this a virtual machine? Are you using Virtualbox as your VM software? If so, in the networking settings of this virtual machine, which setting are you using? If it’s bridged, it’s getting the address from a DHCP somewhere on your network. Is this computer that Virtualbox is installed on connected to a wireless router of some sort? If so, the VM is getting it’s IP from that. If not, there’s another DHCP server somewhere on your network. But if the VM is configured for NAT, internal, or host-only, then it’s getting the IP address from the DHCP server that’s build directly into the Virtualbox software.
Here’s a page on networking when using Virtualbox: http://www.virtualbox.org/manual/ch06.html
Sorry for my reply earlier, I passed right over “virtualbox” in your first post.
January 4, 2012 at 9:30 pm #45047
You hit the point exactly, I’m using the VM which receives 192.168.0.34 set as bridged network. I believe it is getting thru my host (which is 192.168.0.3). I was under the assumption I can define a static IP in virtualmachine and it will be assigned with staticip…Looks like it is not doing it…
To further clarify, after reading thru the network settings, i have set it as NAT, which means, I cannot set ipaddress in the range of 192.168.0.xx series (so that it can be in private network), right ? , This VM being a victim vm and BT5 as attacker should also be configured in the same iprange as victim…? Am i right?
January 4, 2012 at 9:45 pm #45048
Oh, you were talking about DHCP in VirtualBox, and I thought you had it set to host-only networking or NAT. If it’s bridged, it’s going to be picking that address up off whatever you have serving DHCP on your LAN, which is probably your router.
Is this BT5 or another distribution (you didn’t specify the victim OS)?
Also, how are you setting the static IP? If you run dhclient after setting that, it will wipe out whatever you set and use the DHCP address. That’s to be expected.
When using NAT, you’re going to get whatever ranges are configured in VirtualBox. I don’t recall if they’re on 192.168.0.0 or not. And yes, you’ll need both systems on the same subnet unless you want to attempt setting up a router in between them (I suggest you get this working first though ;)).
I’m not trying to be rude, so please don’t take this the wrong way, but I really think you should go back and focus on the basics before you get too carried away with attacking things. I think your limited networking knowledge is going to make nearly everything you try to do much more difficult than it needs to be. I suggest getting a Network+ or ICND1 book and going through one of those (whether you pursue the certification is up to you, but the knowledge will help you immensely regardless).
January 4, 2012 at 10:15 pm #45049
Very true: virtual machines have a habit of inheriting certain settings from the host machine. Especially if/when you don’t want them to. I suspect this is what’s happening in this case with dhcp settings / static ip. (PS if you choose a static ip, be sure to choose one that’s on the same subnet but outside the dhcp range, so you don’t experience “duplicate ip address” problems).
January 4, 2012 at 10:26 pm #45050
Hi Dynamik & HDCautism,
Thanks for your suggestion,
I’m not taking rude, advice well taken 🙂 Its all part of learning…. 🙂
Certain things which I read thru in websites (Google is friend) are not crystal clear personally even after trying practically, during that time, I seek you guys help/clarification. As you said , sure I will get to know more on networking side (but not cert level ;)). The harder the way I learn is a good base for my learning too. 🙂 . I’m glad you guys are here to help each other.
Back to issue, I have taken of staticip, (See these options I have been trying since yesterday, and some understanding from my side was not clear). Now i see myself clear on my understanding thru your answers.
January 5, 2012 at 1:15 am #45051
thanks for your pointers.
Atlast, things got settled now. I have got working version of lab without any issues…After setting as Hostonly, I got the better picture.
Also came across config setting in metasploitable website, which gave a very good idea of what I have to do…
January 5, 2012 at 3:21 pm #45052
That’s great news. Good job, V.
February 15, 2013 at 9:34 pm #45053bschumacherParticipant
Since nobody said the correct answer I figured I would clear things up for anyone else reading this.
DHCP will renew your lease at half of the duration of the total lease time. That is why you are seeing the time that you are seeing. It should start at 1800secs after the latest attempt to renew.
You must be logged in to reply to this topic.