Re: DHCP Mac address

To: debian-user@lists.debian.org
Subject: Re: DHCP Mac address
From: Jochen Schulz <kannstmichma@gmx.net>
Date: Mon, 13 Dec 2004 17:37:53 +0100
Message-id: <[🔎] slrncrrhb1.hfs.kannstmichma@wasteland.homelinux.net>
References: <[🔎] 41BD94A9.5050008@menem.mine.nu>

* Mark Maas:
>
> Does anyone know if it's possible to only give out leases to known 
> clients?
> And those clients be authenticated by there MAC addresses?
>
> Prefferably the MAC address I place in a seperate file.

Yes, I think every DHCP server allows that. If you're not too familiar
with these things, I suggest you use dnsmasq which primarily is a DNS
server (as the name suggests), but it can also act as a DHCP server.
This makes it possible to do DNS resolution for DHCP clients (even
with dynamical IPs) very easy.

To answer your question for dnsmasq (at least partly): just comment out
the option "read- ethers) in the example configuration and create a
hosts style file named /etc/ethers. See 'man 5 ethers' for an example.
This will give the same IPs to clients with a specific MAC address.

As some others already have noted, MAC filtering for security reasons is
almost useless. It is very easy to spoof a MAC address if someone is
already able to sniff some traffic (WEP encryption in wireless LANs
doesn't help very much against that, too).

If you provide us with more details about your LAN we might be able to
propose better alternatives.

J.
-- 
I wish I could do more to put the sparkle back into my marriage.
[Agree]   [Disagree]
                 <http://www.slowlydownward.com/NODATA/data_enter2.html>

Reply to:

Follow-Ups:
- Re: DHCP Mac address
  - From: "M. Maas" <mark@menem.mine.nu>

References:
- DHCP Mac address
  - From: Mark Maas <mark@menem.mine.nu>

Prev by Date: Re: Re: Installing sarge with basedebs.tar
Next by Date: Re: On your upgrade from woody to sarge
Previous by thread: Re: DHCP Mac address
Next by thread: Re: DHCP Mac address
Index(es):
- Date
- Thread