Why can't routers list clients with static IPs?
Nearly every router I've ever owned does not list devices that have static IPs, regardless if they are inside or outside the DHCP scope. They only list devices that have been given an address by DHCP. I've seen this on cheap home routers and expensive business routers, and have yet to find one that actually lists all the devices that are connected to it. Why is this?
Solution 1:
What you are saying is not completely correct.
On the one hand, components with static IPs are not "clients", i.e., they did not request to the router the use of the DHCP service. They are, in other words, correctly omitted from the DHCP client list.
On the other hand, this does not mean that the router ignores clients using its other services (especially that of routing). These clients must reveal their identity to the router by means of the exchange of ARP traffic (who has 192.168.1.13? tell 192.168.1.1...). These clients are listed in an ARP table, which may or may not be accessible to you. For instance, on routers with DD-WRT software (or Open-WRT, or Tomato), the command arp shows the clients that are active, i.e., those which are using the router's routing capacity. In fact, in these routers, you will see two distinct tables on the GUI, one for DHCP clients, the other one for active clients. The two are, in principle and in fact, different because the latter includes static IPs which are doing something. I think also some Cisco routers show a ARP table (mine surely does).
How about silent clients? Well, those are ignored, and you cannot see them. Why? Because there is no way for the router to learn of their existence. These include very innocuous components as well as evil ones lurking in the dark. Among the innocuous components, there are things like printers: they do not need to access the Internet thus they ask nothing from the router, and, if they are connected to the other pcs via a switch, their traffic will never even reach the router, it is taken care exclusively by the switch. So, as far as routers are concerned, printers don't even exist.
How about evil ones? They escape detection as long as they keep quiet, for the above-mentioned reasons, but as soon as they start accessing the Internet, you will see them. The problem here is the ARP table has a short TTL (time to live), so that, unless they are downloading via torrent a very large file, your chances of catching them as they access the internet thru your router are pretty slim.
To catch evildoers, a much more suitable instrument is nmap.
Solution 2:
Typically these lists are not described as "connected devices" but as "clients". And that is exactly what the list shows you, the DHCP clients. Obviously the machines with static IPs have no interaction with the DHCP server, so they don't show up on the list.
Now, theoretically, the router could enumerate all of the IPs that have sent traffic to it, but there are several reasons why the probably don't.
- First of all that data is deep in the routing/switching software/firmware so its probably not as easily accessible as the log the DHCP server provides.
- DHCP offers have a built in timeout using the DHCP lease time. The router would have to have some arbitrary timeout to indicate when it thinks a device is no longer active.
- Most people use DHCP, so it works for 95% of the cases. And in the case of a static IP its assumed that YOU configured it, so you should know that the device is there.