You need to scan for active DHCP servers from a Linux machine that has a statically assigned IP address. For example, you suspect there is a rogue DHCP server on your network
The dhclient command, which normally configures an interface with a DHCP address, can be run to only query but not configure the interface.
- As root, run dhclient -d -nw <interface> where <interface> is the name of an active interface connected to the network you want to scan.
# dhclient -d -nw eth0
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/Listening on LPF/eth0/aa:bb:cc:dd:ee:ff
Sending on LPF/eth0/aa:bb:cc:dd:ee:ff
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 6 (xid=0x76367945)
DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x76367945)
DHCPOFFER from 192.168.1.1
DHCPACK from 192.168.1.1 (xid=0x76367945)
- Review the output for lines starting with DHCPOFFER; each distinct IP address is an active DHCP server.