How to not allocate any address to a specific host?

David Landgren david at
Mon Mar 13 11:45:37 UTC 2006


I have a number of "retired" PCs (e.g. Windows 95/Windows 98) that 
people insist on putting back into service, which then translates into 
support calls because things don't work. Yes, the idea is to recover the 
PCs and dispose of them, but we carry out that operation only once or 
twice a year.

I can identify these hosts by their MAC address. What I would like to do 
is to either refuse to allocate them any address, or allocate them an 
address from a bogus address space, in order to disable the host. In 
other words, if I don't know anything in particular about a MAC address, 
I grant an allocation, but refuse an allocation to a specific MAC address.

The attempts I've made don't appear to generate DHCPNAKs and/or the host 
continues to use its last-known good address. Here's the config that 
seems to me to be the closest to what I want to achieve:

# dhcpd.conf -- configuration file for dhcpd server

ddns-update-style none;

log-facility local6;

class "obsolete-hosts" {
     match pick-first-value (option dhcp-client-identifier, hardware);

# i000003492
subclass "obsolete-hosts" 00:0a:e4:36:7b:4b;

shared-network example-net {

     subnet netmask {
         range     ;
         option ntp-servers;
         option time-servers;
         option routers;

         option domain-name          "";
         option domain-name-servers,;
         option netbios-node-type    2;
         option netbios-name-servers;

         default-lease-time  86400; #  1 days
         max-lease-time     864000; # 10 days

     subnet netmask {
         pool {
             allow members of "obsolete-hosts";
             deny unknown-clients;

             default-lease-time  15;
             max-lease-time      10;

======= end dhcpd.conf =======

So, what am I missing here? I've scoured the man page, the archives and 
the web. Surely someone else has needed to do this before, but my search 
terms seem to have come to naught, or rather the examples I've come 
across don't appear to work. (I even found one example config that 
causes dhcpd to segfault on startup!)

"It's overkill of course, but you can never have too much overkill."

More information about the dhcp-users mailing list