dhcp-users Digest, Vol 42, Issue 29
lsching17 at gmail.com
Sat Apr 21 13:01:53 UTC 2012
i am trying to tune a general purpose router (OpenWRT), which provide
WAN access to VLANs.
In the point of view of a router, ISP's DHCP server cannot be full-trusted.
If those servers get compromised, they may assign some non-routable IP
to the WAN interface, and my route table may be "polluted" by those IPs.
>> Does anyone knows how to validate an address offered by dhcp server?
>> e.g. i want dhclient to reject if offered address is in 10.0.0.0/8,
>> 172.16.0.0/12, 192.168.0.0/16
>> or offered IPv6
>> prefix is in fc::00/7
> Why ?
> I can see why you might want to reject accepting a non-routable
> address, but surely it's the job of the DHCP server (and the admin
> that configured it) to configure the network, not the client to
> second guess what it's connected to ?
More information about the dhcp-users