(2019-05-27)
Detecting DHCP Servers
If you want a heads-up on DHCP server changes on your network (like the fact that some bright light has plugged a rogue DHCP server into it), there are a couple options.
Nmap
# nmap --script broadcast-dhcp-discover
Note you might have to add the -i <interface> flag.
Problem with this solution is that it stops after the first answer.
Tcpdump
# tcpdump -i ens192 -nev udp src port 67
Should return a hit whenever a DHCP REPLY packet is detected on the network. DHCP REPLY packets are only emitted by DHCP servers.
Naturally you can do things like exclude your known DHCP server.