Check-Mac-Address
These scenarios show how the
check-mac-address feature works for the DHCP server
Test Check MAC Address
Description
The check-mac-address option filters packets if there are differences between the MAC address found at the ethernet header and the MAC address found in the DHCP packet.
To check this option, you should send packets with these differences and enable this option to see if warnings appear in your logs.
Also, this test checks how the server behaves under normal conditions.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.0.0.1/24 set service dhcp-server shared-network dhcp subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Run command system journal show | tail at DUT0 and check if output contains the following tokens:
DHCPDISCOVER from 10:00:00:00:00:02 via eth0Show output
May 14 11:33:22.737527 osdx cfgd[1681]: [292670]Completed change to active configuration May 14 11:33:22.753951 osdx OSDxCLI[292670]: User 'admin' committed the configuration. May 14 11:33:22.778642 osdx OSDxCLI[292670]: User 'admin' left the configuration menu. May 14 11:33:23.000104 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:23.022064 osdx dhcpd[295416]: Server starting service. May 14 11:33:25.118612 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:25.640638 osdx dhcpd[295416]: DHCPDISCOVER from 10:00:00:00:00:02 via eth0 May 14 11:33:26.641252 osdx dhcpd[295416]: DHCPOFFER on 10.0.0.5 to 10:00:00:00:00:02 via eth0 May 14 11:33:26.704865 osdx dhcpd[295416]: DHCPDISCOVER from 10:00:00:00:00:02 via eth0 May 14 11:33:26.704900 osdx dhcpd[295416]: DHCPOFFER on 10.0.0.5 to 10:00:00:00:00:02 via eth0
Step 3: Modify the following configuration lines in DUT0 :
set service dhcp-server check-mac-address
Step 4: Run command system journal clear at DUT0.
Step 5: Run command system journal show | tail at DUT0 and check if output does not contain the following tokens:
DHCPDISCOVER from 10:00:00:00:00:02 via eth0Show output
May 14 11:33:28.262046 osdx systemd-journald[1884]: Runtime Journal (/run/log/journal/0288f6065d6743618e90e784ba8b9df5) is 2.0M, max 15.3M, 13.3M free. May 14 11:33:28.265858 osdx systemd-journald[1884]: Received client request to rotate journal, rotating. May 14 11:33:28.265931 osdx systemd-journald[1884]: Vacuuming done, freed 0B of archived journals from /run/log/journal/0288f6065d6743618e90e784ba8b9df5. May 14 11:33:28.274205 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal clear'.
Step 6: Run command system journal show | tail at DUT0 and check if output contains the following tokens:
MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01)Show output
May 14 11:33:28.262046 osdx systemd-journald[1884]: Runtime Journal (/run/log/journal/0288f6065d6743618e90e784ba8b9df5) is 2.0M, max 15.3M, 13.3M free. May 14 11:33:28.265858 osdx systemd-journald[1884]: Received client request to rotate journal, rotating. May 14 11:33:28.265931 osdx systemd-journald[1884]: Vacuuming done, freed 0B of archived journals from /run/log/journal/0288f6065d6743618e90e784ba8b9df5. May 14 11:33:28.274205 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal clear'. May 14 11:33:28.402069 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:28.496803 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:28.546070 osdx dhcpd[295477]: Server starting service. May 14 11:33:28.808450 osdx dhcpd[295477]: MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01) May 14 11:33:29.860660 osdx dhcpd[295477]: MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01)
Step 7: Set the following configuration in DUT1 :
set interfaces ethernet eth0 mac '10:00:00:00:00:05' set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 8: Modify the following configuration lines in DUT1 :
set interfaces ethernet eth0 address dhcp
Step 9: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:
10.0.0.5Show output
----------------------------------------------------------------- Name IP Address Admin Oper Vrf Description ----------------------------------------------------------------- eth0 10.0.0.5/24 up up fe80::dcad:beff:feef:6c10/64
Step 10: Run command service dhcp-server show leases main | grep 10.0.0.5 at DUT0 and check if output contains the following tokens:
10:00:00:00:00:05Show output
10.0.0.5 10:00:00:00:00:05 2025/05/14 11:33:33 2025/05/14 23:33:33 2025/05/14 11:33:33
Test Check MAC Address VRF
Description
This scenario configures a DHCP server with VRF instead of regular interfaces and checks the check-mac-address option.
To check this option, you will need to send packets with differences in the Source MAC for the link layer and the client MAC from the application layer.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.0.0.1/24 set interfaces ethernet eth0 vrf VRF0 set service dhcp-server shared-network dhcp local-vrf VRF0 set service dhcp-server shared-network dhcp subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.6 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system vrf VRF0
Step 2: Run command system journal show | tail at DUT0 and check if output contains the following tokens:
DHCPDISCOVER from 10:00:00:00:00:02 via eth0Show output
May 14 11:33:44.468962 osdx cfgd[1681]: [292670]Completed change to active configuration May 14 11:33:44.470542 osdx dhcpd[295831]: Wrote 0 leases to leases file. May 14 11:33:44.484157 osdx OSDxCLI[292670]: User 'admin' committed the configuration. May 14 11:33:44.618510 osdx OSDxCLI[292670]: User 'admin' left the configuration menu. May 14 11:33:44.734173 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:44.774573 osdx dhcpd[295831]: Server starting service. May 14 11:33:45.552479 osdx dhcpd[295831]: DHCPDISCOVER from 10:00:00:00:00:02 via eth0 May 14 11:33:46.552794 osdx dhcpd[295831]: DHCPOFFER on 10.0.0.5 to 10:00:00:00:00:02 via eth0 May 14 11:33:46.604409 osdx dhcpd[295831]: DHCPDISCOVER from 10:00:00:00:00:02 via eth0 May 14 11:33:46.604437 osdx dhcpd[295831]: DHCPOFFER on 10.0.0.5 to 10:00:00:00:00:02 via eth0
Step 3: Modify the following configuration lines in DUT0 :
set service dhcp-server check-mac-address
Step 4: Run command system journal clear at DUT0.
Step 5: Run command system journal show | tail at DUT0 and check if output does not contain the following tokens:
DHCPDISCOVER from 10:00:00:00:00:02 via eth0Show output
May 14 11:33:48.076648 osdx systemd-journald[1884]: Runtime Journal (/run/log/journal/0288f6065d6743618e90e784ba8b9df5) is 2.0M, max 15.3M, 13.3M free. May 14 11:33:48.078384 osdx systemd-journald[1884]: Received client request to rotate journal, rotating. May 14 11:33:48.078440 osdx systemd-journald[1884]: Vacuuming done, freed 0B of archived journals from /run/log/journal/0288f6065d6743618e90e784ba8b9df5. May 14 11:33:48.087524 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal clear'.
Step 6: Run command system journal show | tail at DUT0 and check if output contains the following tokens:
MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01)Show output
May 14 11:33:48.076648 osdx systemd-journald[1884]: Runtime Journal (/run/log/journal/0288f6065d6743618e90e784ba8b9df5) is 2.0M, max 15.3M, 13.3M free. May 14 11:33:48.078384 osdx systemd-journald[1884]: Received client request to rotate journal, rotating. May 14 11:33:48.078440 osdx systemd-journald[1884]: Vacuuming done, freed 0B of archived journals from /run/log/journal/0288f6065d6743618e90e784ba8b9df5. May 14 11:33:48.087524 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal clear'. May 14 11:33:48.318523 osdx dhcpd[295887]: Server starting service. May 14 11:33:48.322625 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:48.421840 osdx OSDxCLI[292670]: User 'admin' executed a new command: 'system journal show | tail'. May 14 11:33:48.700557 osdx dhcpd[295887]: MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01) May 14 11:33:49.788416 osdx dhcpd[295887]: MAC received in DHCP packet (10:00:00:00:00:02) is different than source MAC in ethernet header (10:00:00:00:00:01)
Step 7: Set the following configuration in DUT1 :
set interfaces ethernet eth0 mac '10:00:00:00:00:05' set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 8: Modify the following configuration lines in DUT1 :
set interfaces ethernet eth0 address dhcp
Step 9: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:
10.0.0.5Show output
----------------------------------------------------------------- Name IP Address Admin Oper Vrf Description ----------------------------------------------------------------- eth0 10.0.0.5/24 up up fe80::dcad:beff:feef:6c10/64
Step 10: Run command service dhcp-server show leases VRF0 | grep 10.0.0.5 at DUT0 and check if output contains the following tokens:
10:00:00:00:00:05Show output
10.0.0.5 10:00:00:00:00:05 2025/05/14 11:33:53 2025/05/14 23:33:53 2025/05/14 11:33:53