From owner-freebsd-questions@FreeBSD.ORG Wed Oct 13 20:48:13 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C808F1065679 for ; Wed, 13 Oct 2010 20:48:13 +0000 (UTC) (envelope-from efinley.lists@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id 810EA8FC08 for ; Wed, 13 Oct 2010 20:48:13 +0000 (UTC) Received: by gxk4 with SMTP id 4so1349116gxk.13 for ; Wed, 13 Oct 2010 13:48:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=rwCxtBRf5woChWBQlU9HwwMpiv8W8bxL9yYZ2ni9maI=; b=RP+7eaaiAf3fEv2QDlMXJfIr+bj85NDxnAqPJZNGYAdxh8e3e2zzdbZkuwuLBkv00a zEy8DT5JoSd/Mfo9oEYK9PXW2S0CD3V/mhrMdVsaHJ5FuUdp6pE2ex74x52QuDBsN8uU 51F9nR01ZYJq9GA5W6j9CuVIuLH68TapKYLiY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=yEOnKwsh48II3X8rtIDeL0AI9YvhhcNY30EBQqEj6kdJ90RQTFUoK/u8OUGoB5y5Q+ RsJxLl09y80Hs75Zq7vJgrGHUv+5ZycII/aOa6cCMpoYHHy+fi6NMuifEUZpOllb5ydy YplWDrN/pw19Pc6Hix7/dTo8PGWnstbkk0eo8= MIME-Version: 1.0 Received: by 10.42.164.9 with SMTP id e9mr750294icy.337.1287001524826; Wed, 13 Oct 2010 13:25:24 -0700 (PDT) Received: by 10.231.34.75 with HTTP; Wed, 13 Oct 2010 13:25:24 -0700 (PDT) In-Reply-To: <4CB5C9FE.90101@dichotomia.fr> References: <4CB5C9FE.90101@dichotomia.fr> Date: Wed, 13 Oct 2010 14:25:24 -0600 Message-ID: From: Elliot Finley To: Jerome Herman Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Is it a good idea to use DHCP for point to point connections ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Oct 2010 20:48:13 -0000 we did this with DSL customers. But instead of using a unique gateway for each Client, just use IP Unnumbered and proxy arp for your loopback interface. On Wed, Oct 13, 2010 at 9:02 AM, Jerome Herman wrote: > Hello, > > Given the price (an tedious management) of layer 3 switches I was thinking > about using modified DHCP to distribute addresses with a /32 netmask > (255.255.255.255) > > The Idea : Create a cheap (and preferably not dirty) way to have client > isolation, without creating tons of vlan. > > Pratictal overview : The DHCP server will be serving IP addresses and > gateways with a /32 mask. > Client1 would recieve IP adress of 241.0.0.1 with a netmask of > 255.255.255.255 and a gateway of 240.0.0.1 > Client2 would recieve IP adress of 241.0.0.2 with a netmask of > 255.255.255.255 and a gateway of 240.0.0.2 > Client3 would recieve IP adress of 241.0.0.3 with a netmask of > 255.255.255.255 and a gateway of 240.0.0.3 > etc. > > Of course the gateway will have to have as many IP as there are clients > (Unless I am mistaken) > > The questions : > - Is there something similar already existing ? It must not require any > configuration on the client side other than activating DHCP. > - Would this work ? I do not see why it would not, though I am a little > anxious about having tens of point to point connections going to the same > physical port. > - I could not find anything forbidding it in RFC2131, but then again I > might be wrong. Am I ? > - One problem remains that is solved by vlan isolation but not by DHCP > isolation : rogue DHCP servers. Any Idea to crush those ? > > I hope it is not inappropriate to post this on this list. But it is an > interesting problem (I think). > > Jerome Herman > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >