DHCP config

Glenn Satchell Glenn.Satchell at uniq.com.au
Sun Jun 24 12:22:29 UTC 2007

You could match a substring of the ethernet address, and then deny booting:

if substring( hardware, 0, 3 ) = 8:0:20 {
  ignore booting;

Replace the 8:0:20 with whatever the first three pairs of hex digits
are for the device you want to block.  Note that the substring of the
hardware address is not enclosed in quotes because we are matching the
binary values rather than string values.

Details on substring and the 'if' syntax in dhcp-eval man page. Info on
deny booting is in the dhcpd.conf man page.


>From: "Gideon" <ktcisg at kaplantel.net>
>To: <dhcp-users at isc.org>
>Thanks for the quick reply. We are deploying IPtv in the ILEC currently. The 
>scenario you mentioned is part of my problem. The second is with my FTTH 
>network. The system is designed to allow 2 DHCP servers to work on the same 
>VLAN (which is wrong IMO). We use Calix for transport. Calix only allows 
>Amino STB (110 and 500) to get an IP address from the STB dhcp server, so no 
>customer's PCs will get an IP there. However, the Aminos are grabbing public 
>IPs from the internet DHCP server and will not boot. The problem wasn't 
>there in the beginning, but now is eminent with more users.
>I am trying to block those requests at the server level without deploying 
>another router. I am well versed in router technology, but am mostly a 
>rookie when it comes to the Linux Redhat stuff. I will sift through the 
>documentation, but if someone could offer a sample config to block amino 
>OUIs i would appreciate it. Thanks again.
>IT Administrator
>----- Original Message ----- 
>From: "Frank Bulk" <frnkblk at iname.com>
>To: <dhcp-users at isc.org>
>Sent: Saturday, June 23, 2007 10:48 PM
>Subject: RE: DHCP config
>> Gideon:
>> We're a smaller-sized CLEC doing IP TV with Amino AmiNET 110 STBs...doing
>> the same thing?  I'm guessing you want to make sure that customers don't
>> plug their STBs into the wrong port on the DSL modem (probably in RFC
>> 1483/bridging mode) and get an IP address, is that right?
>> The listservs are here:
>> http://www.isc.org/index.pl?/sw/dhcp/dhcp-lists.php
>> You can find some documentation here:
>> http://www.bind9.net/manuals-dhcp
>> Basically you want to create a class or possibly a subclass that masks out 
>> a
>> certain string.  Between the listservs and the documentation you'll most
>> certainly find a solution.
>> Regards,
>> Frank
>> -----Original Message-----
>> From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On 
>> Behalf
>> Of Gideon
>> Sent: Saturday, June 23, 2007 9:32 PM
>> To: dhcp-users at isc.org
>> Subject: DHCP config
>> Hello,
>> I am using your DHCP software on Redhat Linux Enterprize edition. I am
>> trying to block DHCP requests from a certain brand of IP cable box called
>> Amino. I want to build an access list to block that company's OUI. Can you
>> help me or send me to the appropriate party? I am a member of your website
>> and forum. However, I cannot find the message board. Thank you.
>> Gideon Viator
>> IT Administrator
>> Kaplan Telephone Co.
>> 337-643-7171
>> -- 
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.472 / Virus Database: 269.9.6/863 - Release Date: 6/23/2007 
>> 11:08 AM

More information about the dhcp-users mailing list