Content os deny unknown-clients in DHCPV6
Ted.Lemon at nominum.com
Tue Jul 3 16:07:24 UTC 2012
On Jul 3, 2012, at 3:06 AM, Simon Hobson wrote:
Even if clients use DUID-LLT, or even DUID-LL, then the RFCs expressly forbid "looking inside" the option (eg to extract MAC address which may not be for the same interface anyway) - you are only allowed to treat the value as an opaque string which you can match with another string.
To be clear, the purpose of this language is to prevent the server from using some subset of the DUID (e.g., the MAC address) as an identifier. It's perfectly fine to look at the guts of the DUID as long as you don't do that, but the language is strongly worded so that compliance with the spec means you really are using the DUID.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dhcp-users