[c-nsp] Excluding MAC address from DHCP

MADMAN david.madland at qwest.com
Wed Jan 26 17:19:33 EST 2005 

   I think you are correct.  To be honest I have not used the feature 
but  simply recalled there was some MAC addresse related command for 
DHCP and looked it up.

   Dave

james edwards wrote:

> Cool, thanks. A few questions, though. I have a nasty multipoint interface
> for DSL and a DHCP pool
> is attached to the BVI. All pvc's will be moved to individual if's doing
> "atm routed-bridge" shortly
> but for now I need a better way to take down infected users. We do not auth
> here as the LEC does
> not supply routers that support PPPoX.
> 
> Here is the present conifg:
> 
> ip dhcp pool foobar
>    network a.b.c.0. 255.255.255.0
>    domain-name cybermesa.com
>    default-router a.b.c.d
>    lease 0 2
> 
> !
> interface ATM4/ima0.1 multipoint
>  description Espanola DSL Bridged IMA group
>  no ip redirects
>  no ip unreachables
>  no ip mroute-cache
>  pvc 0/36
>  !
>  pvc 0/37
>  !
>  pvc 0/38
>  !
>  pvc 0/39
> /////////
>  !
>  bridge-group 1
>  bridge-group 1 spanning-disabled
> !
> interface BVI1
>  ip address a.b.c.d 255.255.255.0
>  ip verify unicast source reachable-via rx allow-self-ping
>  no ip redirects
>  no ip unreachables
>  no ip proxy-arp
>  arp timeout 3600
>  clns mtu 1514
>  hold-queue 150 in
> 
> So if I add:
> 
> ip dhcp pool infected
> host 1.1.1.1
> hardware-address 02c7.f800.0422 ieee802
> 
> Will the pvc (on  ATM4/ima0.1) which has hardware-address 02c7.f800.0422
> ieee802 (client side)
> get address 1.1.1.1, while the others get assigned addresses out of  dhcp
> pool foobar ?
> 
> Reading at CCO, it seems I need to do a  "ip dhcp pool <whatever>" for each
> MAC address, correct ?
> 
> Thanks so much for the help !
> 
> James H. Edwards
> Routing and Security Administrator
> At the Santa Fe Office: Internet at Cyber Mesa
> jamesh at cybermesa.com  noc at cybermesa.com
> http://www.cybermesa.com/ContactCM
> (505) 795-7101
> 
> 
> 
> 

-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"Emotion should reflect reason not guide it"

More information about the cisco-nsp mailing list