Date: Sun, 23 Apr 2000 11:44:07 -0500 From: Richard Wackerbarth <rkw@dataplex.net> To: Tomaz Borstnar <tomaz.borstnar@over.net> Cc: freebsd-net@FreeBSD.ORG Subject: Re: enforcing DHCP usage Message-ID: <00042311440700.14566@nomad.dataplex.net> In-Reply-To: <4.3.1.2.20000423174128.035fd280@193.189.189.100> References: <4.3.1.2.20000423174128.035fd280@193.189.189.100>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 23 Apr 2000, Tomaz Borstnar wrote: > Anyone know a solution where one can enforce usage of DHCP ie. nobody will > be able to communicate outside its physical ethernet if it doesn't acquire > proper address via DHCP server. There are some possible kludges where a > script would check DHCP leases and block traffic for all but properly > leased addresses Fundamentally, that is all that you can do. Remember that the purpose of DHCP is to assist a machine in getting configuration information. It is not an enforcement mechanism. Any host can attempt to use ANY IP address and there is nothing technical that you can do to stop it. Your only leverage is either "administrative edict" ( ... or else you're fired ) or some filter that refuses to accept unauthorized packets. Even in the latter case, you will have a lot of trouble and expense distinguishing between someone "squatting" on an IP address and the one who is using it properly. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00042311440700.14566>