The internet is actually a group of interconnected networks. Messages between computers are exchanged over the internet by using packet switching. Different networks use a protocol to allow them to communicate with one another.
Internet Protocol (IP) specifies the format of IP packet headers as they travel through the network. Routers utilize routing tables to send data packets through the network from node to node. Every computer on the internet has a unique address. IP attaches to the data packet the address from which the data comes and the address of the system to which it is going in a protocol header.
A Local Area Network (LAN) connects terminals over a small geographic area. A Virtual Local Area Network (VLAN) is a network of computers that behave as if they are connected in close geographic proximity to one another even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware.
Dynamic Host Configuration Protocol (DHCP) allows devices operating within a network to obtain various parameters necessary to operate in an IP network. DHCP permits devices to be added to the network often without requiring any manual steps. DHCP provides a way to administer network parameter assignment at a single DHCP server.
The DHCP server manages a pool of IP addresses. A DHCP server usually provides a lease on an IP address for a set period of time. A host can request renewal of the lease on the current IP address while the lease is active. To avoid losing their leases while connected to a network, most hosts will renew the lease to maintain the same IP address throughout their connection to a single network. A host that loses an IP address due to an expired lease will need to obtain a new IP address from the DHCP server before network connectivity is restored.
The DHCP server ensures that all IP addresses are unique to prevent assignment of a given IP address to a second host while the first host's lease continues. The DHCP server is designed to manage the pool of IP addresses rather than relying on a network administrator.
Hosts send an IP lease request to a DHCP server. The DHCP server then extends an IP lease offer. The DHCP server reserves an IP address for the host and sends an offer across the network to the host.
When the host receives an IP lease offer from a DHCP server, it informs all the other DHCP servers that it has accepted an offer. The host broadcasts a request message containing the IP address of the DHCP server that made the offer.
When the other DHCP servers receive the request message, they withdraw any offers that they might have made to the host. Any IP addresses they had reserved for that host are returned to the pool of valid addresses that the DHCP servers may offer to other hosts. After the DHCP server receives the request message from the host, an acknowledgement packet is sent from the DHCP server to the host to acknowledge receipt of the request message.
Address Resolution Protocol (ARP) may be used when two hosts are on different networks and must communicate through a router. In cases in which the two hosts are on separate networks, the sending host sends its packet to a router which looks up the receiving host's IP address or the IP address of the next appropriate router to send data to the receiving host. A sending host may have to send an ARP request and receive an ARP reply from a receiving host to ascertain an unknown receiving host's address.
Unfortunately, conflicts may arise with the use of certain IP addresses when two hosts are utilizing the same IP address because one host obtained the address through DHCP or other address assignment protocol while the other did not.
Currently, the hosts themselves detect IP address conflict and inform the user of the conflicting host. However the user is not required to take action. This means the conflict can continue to cause problems to the authorized user (the host who obtained the address through DHCP or other address assignment protocol).
Use of a DHCP snooping feature may also solve the problem of multiple hosts utilizing the same IP address on a network. The DHCP snooping feature has a IP-source filtering sub-feature. If enabled, this allows only traffic from specified IP-MAC combinations on a given port, which are obtained by sniffing DHCP packets on the network. If the user enables IP source-filtering, a hardware entry is created for every valid IP-MAC association on a port, based on established DHCP leases. This would cause the traffic from the user with the static assignment to be dropped. However, this can quickly use up hardware resources, depending on the number of hosts on a given port.
Hence, there is a need in the art for a convenient to implement, reliable, inexpensive and efficient method to identify offending hosts whenever an address conflict is detected and selectively drop traffic from those hosts.