authorized MAC addresses

Jeff Chambers jchambers at groundzero.net
Tue Jun 6 18:23:00 UTC 2006 

I do this exact thing.  here is a sample on how to achieve this.

I have a static assignment for the xbox, and three different pools of  
addresses and separated in wireless hosts where I use the subclasses,  
unknown MAC addresses and known MAC addresses.

This helps me when troubleshooting and in many other ways.
Jeff

here is a cropped version of my config file

<snip>
###lease time for hosts known hosts is seven days
default-lease-time 604800;
max-lease-time 604800;
min-lease-time 604800;

class "wireless" {
         match hardware;
}

subclass "wireless" 1:00:02:8a:b6:48:8c;        #W_192
subclass "wireless" 1:00:04:23:82:6f:16;        #W_241

subnet 209.73.73.0 netmask 255.255.255.0 {
         option routers 209.73.73.1;
         option domain-name-servers 205.147.0.100;
         option domain-name "groundzero.net";

         pool {
                 #hosts in the ethernet class get an address from  
this pool.
                 range 209.73.73.80 209.73.73.199;
                                 deny members of "wireless";
                                 deny unknown clients;
         }

         pool {
                 #hosts in the wireless class get an address from  
this pool.
                 range 209.73.73.200 209.73.73.219;
                                 allow members of "wireless";
                                 deny unknown clients;
                                 #lease time is 4 hours
                                 default-lease-time 14400;
                                 max-lease-time 14400;
                                 min-lease-time 14400;
         }

         pool {
                 #lease time for unknown hosts = 8 hours
                 range 209.73.73.220 209.73.73.254;
                 allow unknown clients;
                 #lease time is 8 hours
                 default-lease-time 28800;
                                 max-lease-time 28800;
                                 min-lease-time 28800;
         }
}

host xbox {
                         fixed-address 209.73.73.28;
                         hardware ethernet 00:0d:3a:0e:99:e4;
}

group {
host 276        { hardware ethernet 00:30:65:41:78:20;}
host 334		{ hardware ethernet 00:14:51:2c:c7:22;}
host W_192           { hardware ethernet 00:02:8a:b6:48:8c;}
host W_241           { hardware ethernet 00:04:23:82:6f:16;}

}



On Jun 6, 2006, at 10:59 AM, King, Michael wrote:

> Yes.
>
> For a short explanation, with all the bits of code and other stuff
> necessary check http://www.netreg.org
>
>
>
>> -----Original Message-----
>> From: dhcp-users-bounce at isc.org
>> [mailto:dhcp-users-bounce at isc.org] On Behalf Of Douglas Sterner
>> Sent: Tuesday, June 06, 2006 1:38 PM
>> To: dhcp-users at isc.org
>> Subject: authorized MAC addresses
>>
>> I've been googling the archives and the web looking for a way
>> to accomplish the following:
>> I have three DHCP servers on three seperate WAN segments. I
>> would like to have a central MAC address server for the
>> allocation of DHCP addresses. If the MAC is in the database
>> give it an address otherwise give it nothing or give it
>> another network. Has anyone set this up? We have a problem
>> with unkown pc's showing up on the network. Using Suse ES9 SP1
>>
>>
>> Thanks
>>
>>
>>
>>
>>
>

More information about the dhcp-users mailing list