dhcp-users Digest, Vol 42, Issue 29

ching lsching17 at gmail.com
Sat Apr 21 13:01:53 UTC 2012

i am trying to tune a general purpose router (OpenWRT), which provide 
WAN access to VLANs.

In the point of view of a router, ISP's DHCP server cannot be full-trusted.

If those servers get compromised, they may assign some non-routable IP 
to the WAN interface, and my route table may be "polluted" by those IPs.

>> Does anyone knows how to validate an address offered by dhcp server?
>> e.g. i want dhclient to reject if offered address is in,
>>                                                 or offered IPv6
>> prefix is in fc::00/7
> Why ?
> I can see why you might want to reject accepting a non-routable
> address, but surely it's the job of the DHCP server (and the admin
> that configured it) to configure the network, not the client to
> second guess what it's connected to ?

More information about the dhcp-users mailing list