DHCPINFORM requests from Windows clients

I’ve had an issue where there every 100 seconds or so, I was seeing something similar to this showing in my ISC dhcp server logs:

Mar 16 23:50:06 dnsbox dhcpd: DHCPINFORM from 10.0.0.20 via eth0
Mar 16 23:50:06 dnsbox dhcpd: DHCPACK to 10.0.0.20 (00:19:d1:9f:aa:e6) via eth0

This was for every windows client on the network, luckily I’ve only got two or three at any given time 🙂

It took me a while to figure out, but it seems it’s actually Windows doing its automatic proxy auto-discovery (WPAD). If the DHCP server doesn’t respond with a “valid” response, it just keeps asking.

The fix is to set your DHCP server to respond with an option 252 response, it doesn’t have to be a valid one, just with something to shut it up. Since I made the change I haven’t seen a single request in my logs.

For ISC’s DHCP server (Ubuntu: isc-dhcp-server) Add this line to your configuration - unless you’re actually setting it up, just put it in the global declarations:

option wpad code 252 = text; 
option wpad "\n";

For dnsmasq use the following option:

dns-option=252,"\n";

The above options just respond with a “null” value, if you want to setup a pac file then just put the address in there. Make sure you put a _\n_ on the end because I’ve heard of clients ignoring the last character for some reason.



#dhcp #dnsmasq #error #isc #Linux #windows #wpad