always use deny (was: How does DHCPD determine what IP address to assign and...)

Simon Hobson dhcp1 at
Wed Jan 2 17:30:32 UTC 2008

Keith Neufeld wrote:

>>So you may just as well always use deny...
>That seems counterintuitive to me.  _Almost_ always when I make a 
>pool, it's to permit access by one or a small number of classes and 
>deny everyone else, not to deny access by one or a small number of 
>classes and permit everyone else.  Semantically I'm doing an allow 
>by a small group, and it makes most sense to me to do so 
>syntactically as well.
>Am I in the minority?

If you are, then it's a minority group of 2 with me in it ;-)

I can't conceive of how the syntax could make sense without allow 
being a valid option - we'll simply end up having to craft a 
definition for "not <something>" and that's going to make things look 
silly !

More information about the dhcp-users mailing list