authorized mac ONLY dhcp

Zhaohui Wang zwange at
Mon Nov 10 13:44:36 UTC 2008

Thank you Simon,
My point is, only known client will get a lease,
static or dynamic really doesn't matter.

Because there is another DHCP server in the subnet, I don't want make
conflicts with it.
The output when I type service dhcpd start is just failed.

For your sample configuration, will it assign all arriving DHCP request to address pool?
Or it will only answer MAC address 00:1e:0f:fa:75:2e and aa:bb:cc:dd:ee:ff
request? That's my question.

Should I put host mx{} and host dynamic{} inside the subnet delaration?

Many thanks

Best Regards
Zhao Wang

-----Original Message-----
From: dhcp-users-bounce at [mailto:dhcp-users-bounce at] On Behalf
Of Simon Hobson
Sent: Monday, November 10, 2008 3:14 AM
To: dhcp-users at
Subject: Re: authorized mac ONLY dhcp

Zhaohui Wang wrote:

>I am using isc dhcpd version3. Can anyone present a conf file 
>example showing that how to config dhcpd for autherized mac address 

'man dhcpd.conf'

>I need all other unknow MACs dhcp request ignored.
>Here is my draft dhcpd.conf file, but can not get dhcpd started. Any 
>correction or guide would be greatly appreciated.
>ddns-update-style interim;
>ignore client-updates;
>range dynamic-bootp;
>default-lease-time 21600;
>host mx {
>                 hardware ethernet 00:1e:0f:fa:75:2e;
>                 fixed-address;
>                 option routers        ;
>                 option subnet-mask    ;
>                 option broadcast-address;
>#               option nis-domain               "";
>#               option domain-name              "";
>         }

And what does it say when you try to start it - something about "No 
subnet declaration for w.x.y.z" perhaps ? That should have given you 
a clue.

Now, do you mean that you only want known clients to get a lease, but 
they can be dynamic address, or that they should all have fixed 
addresses, or a combination ?

Try this as an outline :

option domain-name-server a.b.c.d ;
<other global options here>

subnet subnet-mask {
   option routers        ;
   option subnet-mask    ;
   option broadcast-address;
   <other subnet specific options here>
   pool {
     allow known clients ;
     range ;

host mx {
   hardware ethernet 00:1e:0f:fa:75:2e;
host dynamic1 {
   hardware ethernet aa:bb:cc:dd:ee:ff ;

If you don't want any dynamically addressed clients then simply omit 
the whole pool declaration. But you must have the subnet 
declaration(s) that matches the subnet on the interface(s) you are 
serving - even if it has nothing in it but the subnet specific 

Simon Hobson

Visit for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list