I don’t know much about networking but that page seems to be about someone else setting up a dhcp server without the knowledge of the administrators or the users. In op’s case the concerns about mitm attacks don’t apply and the other concerns sound like problems that could arise in cases of misconfiguration. I also couldn’t see anything about it affecting the main network’s performance
Comment on Student dorm does not allow wifi routers
Confused_Emus@lemmy.dbzer0.com 2 months agoBecause that router will be broadcasting DHCP signals and offering IPs, conflicting with the authorized DHCP servers on the network. This wiki article will probably explain it better. I’m not so good with the words a such.
Lojcs@lemm.ee 2 months ago
Confused_Emus@lemmy.dbzer0.com 2 months ago
I mean, it’s all right there in the first two paragraphs. Keep in mind that by DHCP server we aren’t talking about something specifically set up by people with malicious intent. A home router is a DHCP server when not configured for pass through. Students who don’t know how routers actually work (we can’t all be IT nerds, lol) plug them into their dorm Ethernet jack, and now you’ve got an unauthorized device offering IP addresses that conflict with the authorized DHCP servers, which can quickly start causing issues with any new devices trying to connect to the network, and existing devices as their DHCP leases expire. Also keep in mind that we’re talking about a college network that will likely have local network resources for students like shared drives that would not be accessible to anyone connecting through the rogue device. Your IT department will quickly start getting complaints about the network that are caused by an access point you have no control over.
Lojcs@lemm.ee 2 months ago
I see, I thought routers knew not to do dhcp on the Wan port
Confused_Emus@lemmy.dbzer0.com 2 months ago
Typically they do. Which is great until you get a student who doesn’t understand WAN vs LAN and plugs both connections into the LAN port. Never underestimate the power of a Stupid User.
bamboo@lemm.ee 2 months ago
A consumer router only operates DHCP on the LAN side. Presumably one would plug the WAN side into the university network, making this a non-issue.
Confused_Emus@lemmy.dbzer0.com 2 months ago
Some of my other replies address that. Worked in IT on a college campus, and every class will have at least a few clueless users who just plug the cables into the LAN ports.
bamboo@lemm.ee 2 months ago
Makes sense. Would that not be trivially mitigated by just blocking dhcp responses from unapproved servers on the switch though?
Confused_Emus@lemmy.dbzer0.com 2 months ago
Should be, yes. At that point it’s a question of how well the network was configured. I’d hope this wouldn’t much of an issue these days - I did graduate from college in 2011, and I’m sure (hopeful) campus networks have improved since my student IT job days. These days my router config experience is from the ISP side. The only private network I’m responsible for is my own, thankfully!