DHCP Authentication

[Simon Hobson]

Thinking some more about this, I don't think it's going to be easy to 
achieve what you want without some interaction/help from the people 
who run the host network.

You can't just fire up another DHCP server without upsetting the rest 
of the network. You can't use different ports without getting support 
from the routers.

IFF you can get the requisite support from the admins of the existing 
DHCP server, this is what I think your best bet is going to be :

1) Find something unique to your devices that you can identify them 
by. Worst case is to use a MAC list, but that gives ongoing 
management issues. If you could set a specific option (or vendor 
encapsulated option space) on your clients AND the host DHCP server 
can be configured to ignore clients that have this set then you have 
cracked the hardest part.

2) You get the host DHCP server configured to ignore your clients.

3) You configure your new DHCP server to ignore all but your clients.


If 2 is not possible, then it gets harder, and you'll have to look at 
configuring/hacking the client to ignore offers from a server that 
doesn't include some specific option.


Not too dissimilar to what you started off asking for, but without 
requiring RFC<whatever) authentication support !



So I suppose the next question for those familiar with the ISC client 
is : how hard would it be to configure it to ignore offers that don't 
include a certain option or vendor option space ?