From owner-freebsd-questions@FreeBSD.ORG Wed Oct 13 15:19:55 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6EEE0106566B for ; Wed, 13 Oct 2010 15:19:55 +0000 (UTC) (envelope-from jherman@dichotomia.fr) Received: from mail.dichotomia.fr (hydrogen.dichotomia.net [91.121.82.228]) by mx1.freebsd.org (Postfix) with ESMTP id 365458FC1C for ; Wed, 13 Oct 2010 15:19:55 +0000 (UTC) Received: from [192.168.0.22] (109.53-251-89.rdns.acropolistelecom.net [89.251.53.109]) (Authenticated sender: kha) by sslmail.dichotomia.fr (Postfix) with ESMTPSA id 20CAA3DD055 for ; Wed, 13 Oct 2010 17:00:41 +0200 (CEST) Message-ID: <4CB5C9FE.90101@dichotomia.fr> Date: Wed, 13 Oct 2010 17:02:22 +0200 From: Jerome Herman User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.12) Gecko/20100915 Thunderbird/3.0.8 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (sslmail.dichotomia.fr); Wed, 13 Oct 2010 17:00:42 +0200 (CEST) Subject: Is it a good idea to use DHCP for point to point connections ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Oct 2010 15:19:55 -0000 Hello, Given the price (an tedious management) of layer 3 switches I was thinking about using modified DHCP to distribute addresses with a /32 netmask (255.255.255.255) The Idea : Create a cheap (and preferably not dirty) way to have client isolation, without creating tons of vlan. Pratictal overview : The DHCP server will be serving IP addresses and gateways with a /32 mask. Client1 would recieve IP adress of 241.0.0.1 with a netmask of 255.255.255.255 and a gateway of 240.0.0.1 Client2 would recieve IP adress of 241.0.0.2 with a netmask of 255.255.255.255 and a gateway of 240.0.0.2 Client3 would recieve IP adress of 241.0.0.3 with a netmask of 255.255.255.255 and a gateway of 240.0.0.3 etc. Of course the gateway will have to have as many IP as there are clients (Unless I am mistaken) The questions : - Is there something similar already existing ? It must not require any configuration on the client side other than activating DHCP. - Would this work ? I do not see why it would not, though I am a little anxious about having tens of point to point connections going to the same physical port. - I could not find anything forbidding it in RFC2131, but then again I might be wrong. Am I ? - One problem remains that is solved by vlan isolation but not by DHCP isolation : rogue DHCP servers. Any Idea to crush those ? I hope it is not inappropriate to post this on this list. But it is an interesting problem (I think). Jerome Herman