[K12OSN] DHCP and specific IPs

Rob Owens rob.owens at biochemfluidics.com
Fri Nov 7 14:38:07 UTC 2008 

Doug Simpson wrote:
> Is there a way to make DHCP hand out IP addresses, but only to computers that we have the MAC addresses for? In other words, DHCP will hand out IP addresses, but only to a certain specified list of MAC addresses.
> 
> I am wanting to stop people from bringing unauthorized equipment from home and connecting it to our network and if it don't get an IP address, it won't work.
> 
> I already have the list of valid MAC addresses in the lease files for DHCP and I can weed out the ones that aren't ours.
> 
> The DHCP I am running is running on a linux server if that makes a difference.
> 

First you have to get rid of your dynamic IP assignment by removing the
"range" statement and anything associated with it.  On my system, that
would mean getting rid of the entire "shared-network WORKSTATIONS" section.

Then you have to manually map each MAC address to an IP address with
statements like this:

host pickahostname {
  hardware ethernet 00:00:00:00:00:00;  #put a real MAC address here
  fixed-address 192.168.1.100;	#each host needs a unique address here
}

But Nils is right, people can still assign a static IP address if they
know what network range you're using.  That is probably a worse
situation than you have now, because it is just asking for duplicate IP
addresses to happen.

-Rob
********************************************************

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the addressee, any disclosure, reproduction,
copying, distribution, or other dissemination or use of this transmission in
error please notify the sender immediately and then delete this e-mail.
E-mail transmission cannot be guaranteed to be secure or error free as
information could be intercepted, corrupted lost, destroyed, arrive late or
incomplete, or contain viruses.
The sender therefore does not accept liability for any errors or omissions
in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard copy
version.

********************************************************

More information about the K12OSN mailing list