<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
Sorry for the lack of information<br><br>So hear the full situation<br><br>in my dhcpd.conf config i have set a group of static ips (192.168.1.1-180) and the rest is obtain via normal DHCP process. Clients who obtain IPs via the static IPs are internet enabled client whereas the rest is non-internet enabled clients.<br><br>I am wondering whether the statement <br><br>option domain-name-servers <br><br>can be repeated for the block of IPs pool i.e. 192.168.1.181-254<br><br><br>Thankx<br><br>> Date: Wed, 21 May 2008 10:29:12 +0100<br>> To: dhcp-users@isc.org<br>> From: dhcp1@thehobsons.co.uk<br>> Subject: Re: One dhcp server multiple DNS<br>> <br>> Suhaime Raeze wrote:<br>> <br>> >I have this situation I have two DNS server one for internal use <br>> >another for external access. I have users which can bypass the proxy <br>> >and using the IM such gtalk and yahoo messenger. Question is: Can I <br>> >have two set of dhcp settings in one server? One settings pointing <br>> >to internal DNS and another pointing to external DNS. Without <br>> >external access I can block the usage of IM in my environment<br>> <br>> Sorry, I just don't understand that question !<br>> <br>> What do you mean by "two set of dhcp settings" ?<br>> <br>> Do you mean give different settings to different clients ? The answer <br>> to that is yes, but you need to define what you want given to what.<br>> <br>> <br>> If you want to prevent users bypassing your proxy etc, then the way <br>> to do that is to block outbound access to DNS servers other than your <br>> own official ones. Once you do that, then you can control what the <br>> DNS hands out. But don't forget that people can bypass that by <br>> entering an IP address instead of a hostname.<br>> <br>> In general, if you want to control something like that, the firewall <br>> is the place to do it (or policies on the desktops) - DHCP is not a <br>> security tool and can be easily bypassed.<br>> <br><br /><hr />Enrich your blog with Windows Live Writer. <a href='http://get.live.com/writer/overview' target='_new'>Windows Live Writer</a></body>
</html>