2 Messages
Unauthorized DHCP server on my neighborhood's Layer 2 branch
I had been having a problem where every few days I'd lose Internet connectivity for up to 15 minutes, but I could speed up recovery by logging into my router and forcing a DHCP release/renew.
About 2 weeks ago while doing this, I noticed that my WAN address was on the 192.168.100.0/24 subnet. Unfortunately I did not catch the IP of the DHCP server.
To resolve my issue I added a line to my router's dhclient.conf file:
reject 192.168.0.0/16;
I have not noticed any issues since, so I believe my personal issue to be resolved. However, that means there is still a rogue, unauthorized DHCP server running on someone's WAN side disrupting other customers in my area. Comcast does not have any way for me to open a ticket to notify them of the issue. The symptoms of the issue would make it next to impossible to diagnose without the insight I have to provide. "My Internet drops for 15 minutes every 3 or 4 days" is not much to go on. There's never going to be an opportunity for an engineer to see this live. I'd really like to save some frustrations for both customers and the Support NOC. Is there any way for me to submit this info so whoever needs to see it is able to?
Reference pages for adding the "reject" line to dhclient.conf
https://askubuntu.com/questions/482684/is-there-a-way-to-refuse-a-dhcp-response-from-a-specific-ip
XfinityAldrik
Official Employee
•
2.1K Messages
2 months ago
Thank you for reaching out to us @user_sa4t2g! We take security issues very seriously, have you reached out to our Customer Security Assurance (CSA) team?
0
0