today a colleague and myself wanted to test first hop security features in an ACI fabric. To be more precise DHCP policies (a.k.a DHCP snooping) for IPv4 (DHCP) and IPv6 (DHCPv6).

Normally we’re testing these kind of things using Scapy one-liners. However in this case we wanted to see the “whole DHCP dance”. Instead of permanently installing a dhcpd or dnsmasq daemon on our Linux clients, I created a small docker image.

The advantage is, that you can drill up the service real quick using a one-liner and a really small config file and kill the whole container afterwards. Again, the main purpose is testing and not for production use.

Make sure to check out the image on Dockerhub in case you ever need something like this really quick.

netgab/dnsmasq-dhcp on Dockerhub


Leave a Reply