[Cialug] DHCP question - Vendor info.

Nathan C. Smith nathan.smith at ipmvs.com
Wed Aug 12 11:48:26 CDT 2009 

Really?  So I was reading way too much into it? like it was sending a little more information somewhere else in the request.

-Nate 

> -----Original Message-----
> From: cialug-bounces at cialug.org 
> [mailto:cialug-bounces at cialug.org] On Behalf Of Josh More
> Sent: Wednesday, August 12, 2009 11:47 AM
> To: 'Central Iowa Linux Users Group'
> Subject: Re: [Cialug] DHCP question - Vendor info.
> 
> The vendor code is the first three bytes of the MAC address.
> 
>  
>  
> 
> -Josh More, RHCE, CISSP, NCLP, GIAC
>  morej at alliancetechnologies.net
>  515-245-7701
> 
> 
> 
> >>> "Nathan C. Smith" <nathan.smith at ipmvs.com> 8/12/2009 10:27 AM >>>
> 
> It is my understanding that when a system initiates a DHCP 
> request it sends along a special code for vendor information. 
>  In dhcpd, with use of a special conditional statement, you 
> are supposed to be able to assign addresses based on this 
> vendor specific information.
> 
> So my question is, short of actually sniffing the wire, is 
> there a way to get the vendor-code that is sent?  Could it be 
> located in a log file somewhere?  I don't see it in my DHCP 
> logs but maybe I need to enable more detail?  I've also 
> searched Google and found codes for some hardware and 
> different versions of Windows.
> 
> My issue is this: I use DHCPD to assign static IP addresses 
> based on all my known MAC addresses.  Any new addresses go 
> into a special range. 
> Between this special range and arpwatch I can see new devices 
> and unwelcome visitors on my network.  Since the VPN creates 
> a special MAC address for each connection the addresses 
> always go into the special range and create an arpwatch 
> alert.  I'd like to be able to use the vendor info to place 
> vpn users into a trusted range and really lock down the 
> untrusted or visitor range.
> 
> If anyone can shed more light on the vendor info field in a 
> DHCP request I would really appreciate it.  Thanks.
> 
> -Nate
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
> 
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>

More information about the Cialug mailing list