[Cialug] DHCP question - Vendor info.
Josh More
morej at alliancetechnologies.net
Wed Aug 12 11:46:43 CDT 2009
The vendor code is the first three bytes of the MAC address.
-Josh More, RHCE, CISSP, NCLP, GIAC
morej at alliancetechnologies.net
515-245-7701
>>> "Nathan C. Smith" <nathan.smith at ipmvs.com> 8/12/2009 10:27 AM >>>
It is my understanding that when a system initiates a DHCP request it
sends along a special code for vendor information. In dhcpd, with use
of a special conditional statement, you are supposed to be able to
assign addresses based on this vendor specific information.
So my question is, short of actually sniffing the wire, is there a way
to get the vendor-code that is sent? Could it be located in a log file
somewhere? I don't see it in my DHCP logs but maybe I need to enable
more detail? I've also searched Google and found codes for some
hardware and different versions of Windows.
My issue is this: I use DHCPD to assign static IP addresses based on
all my known MAC addresses. Any new addresses go into a special range.
Between this special range and arpwatch I can see new devices and
unwelcome visitors on my network. Since the VPN creates a special MAC
address for each connection the addresses always go into the special
range and create an arpwatch alert. I'd like to be able to use the
vendor info to place vpn users into a trusted range and really lock down
the untrusted or visitor range.
If anyone can shed more light on the vendor info field in a DHCP
request I would really appreciate it. Thanks.
-Nate
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list