Whitelist for DHCP servers / Block DHCP offers

PeterDedecker · February 14, 2025, 5:37pm

For enhanced safety, it would be good to have a possibility to block strange/unknown/evil DHCP servers on the network. E.g. when someone else attaches a device on the network and runs a DHCP server, intentionally or by accident, all users on the network might end up in trouble.

Having a functionality on all managed switches and the LAN-side of the MAX routers to only allow known DHCP servers (or only the internal one of the Peplink device) and block all DHCP offers from other DHCP servers, would avoid this kind of misery. I always use that functionality on Meraki switches.

PeterDedecker · February 17, 2025, 10:39am

Basicly a DHCP Server whitelist/blacklist functionality.

jlough2 · February 26, 2025, 4:46pm

I have been struggling with that problem for about 2 years…only recently recognized that a false DHCP server was part of a combined persistent Firmware attack and Man in the Middle attack. One solution of interest that I am looking at as a I wade through the technical details of setting up a B-One router, is to set the router to respond only to the MAC addresses on my LAN, if that is possible. A DHCP Server whitelist would help.