MS DHCP Servers
Overview
The Switching > Monitor > DHCP Servers & ARP page displays information about any DHCPv4 and DHCPv6 Servers and IPv6 Route Advertisements seen by Meraki Switches on the LAN. From this page Administrators can configure the MS switches in the network to allow or block DHCP or Router Advertisement messages from specific devices.
Learn more with this free online training course on the Meraki Learning Hub:
Email Alerts
Users can configure Email Alerts to be sent when a new DHCP server or Router Advertisement is detected on the network.
The Email Alerts can be configured from the Network-wide > Configure > Alerts page, under the Switch heading. Additionally, the Network-wide > Configure > Alerts page can be used to specify which Administrators receive these alerts.
NOTE: the Email Alerts dropdown menu on the DHCP Servers & ARP page will be deprecated in the new UI which adds support for DHCPv6 and RA Guard.
Warning: The Email Alert feature only applies to switches which are NOT bound to a configuration template
DHCP Servers
Default DHCP Server Policy
The default setting is to Allow DHCP Servers on the network for easy installation into an existing environment. This can be changed to either Allow or Block new DHCP servers. If the default policy is set to Block DHCP Servers, the Allowed DHCP Servers boxes must list the MAC address of servers which should be allowed to send DHCP traffic through the switches.
Blocking DHCP Servers
By default DHCP Servers can be explicitly blocked by entering the MAC address of the server in question into the Blocked DHCP Servers box. This will prevent DHCP traffic sourced from that MAC from traversing the switches. The MAC address of the server to be blocked can be added to the list by manual entry or by Blocking a detected server from the DHCP Servers list.
Note: Meraki Switches configured as DHCP servers are always allowed to pass DHCP traffic.
Warning: Blocking a DHCP server will block that server for all VLANs and Subnets.
Allowed DHCP Servers
If the Default DHCP Server Policy is set to 'Deny DHCP Servers' the Blocked DHCP Servers box will change to the Allowed DHCP Servers box. When this change is made only DHCP Servers with a MAC Address matching one of the entries in the Allowed DHCP Servers box will be allowed to pass DHCP traffic, all other detected DHCP Servers will not be allowed to pass DHCP traffic.
Detected DHCP Servers
The DHCP Servers list displays any clients on the network that have been observed sending DHCP responses. The table can display servers that have been detected in the the Last 2 Hours, Last Day, Last Week, and Last 30 Days by selecting the appropriate time period from the dropdown menu. DHCP Servers will only be listed here if a Meraki Switch on the network has seen DHCP response traffic sourced from that client. The table displays information such as the server MAC, VLANs and Subnets of operation, time last seen, and a copy of the most recent DHCP packet to be seen from that client. The screenshot below shows two different devices acting as DHCP Servers for 3 different VLANs across 4 different Subnets.
| Description | The Description field lists the description of the Client from the Network-wide > Monitor > Clients list. Clicking on the Description will take you to the Client Details page for that client, if available. If the client is another Meraki device in the Network, such as the 'Main MX' in the image above you will be taken to the Appliance Status or Details page for that device. |
| MAC | The MAC field lists the MAC address that was seen as the Source of a DHCP packet coming from the DHCP server, such as a DHCP Offer. |
| VLAN | The VLAN field shows what VLAN the DHCP server was detected on. If a single DHCP Server is responding on multiple VLANs one entry for each VLAN will be created. |
| Subnet | Shows what Subnet the DHCP server was detected on. If a single DHCP server is responding on multiple subnets one entry for each subnet will be created. |
| IP | IP address that the server was last seen responding with for a specific entry. |
| Version | Represents the IP version of the DHCP packet sent by the server. A rhombus with a 4 in it represents IPv4 while IPv6 is represented by a hexagon with a 6 in it. |
| Last Seen | The Last Seen field displays the time since a DHCP packet was seen from that server. Depending on the length of time it may be displayed in Minutes, Hours, or Days. |
| Recent Packet | Provides a link which, when clicked, brings up a pop-up window displaying the most recent DHCP packet to come from the server. Below is an image of an example packet as displayed after clicking the Recent Packet link. |
| Policy | The Policy field displays the policy applied to a specific DHCP Server, either 'allowed' or 'blocked.' |
| Seen By | Lists of switches in the Network that have detected a specific DHCP server. Clicking on the name of one of the switches will bring you to the Switch Details page for that switch. |
| Last Reply IP | Formerly Last ACK IP, this field displays the IP of the client that was last sent a DHCP ACK by the DHCP Server. |
| Last Reply Seen | Formerly Last ACK Seen, this field displays the time since the last DHCP ACK was seen for a specific server. Like the Last Seen field, the length of time may be displayed in Minutes, Hours, or Days. |
| Action | An option to Allow or Block a DHCP server, depending on the policy for that server entry. |