[kea-dev] boot-unknown-clients equivalent?

Philip Prindeville philipp_subx at redfish-solutions.com
Tue May 16 18:23:30 UTC 2023



> On Apr 30, 2023, at 4:48 AM, Peter Davies <peterd at isc.org> wrote:
> 
> Hi Philip,
> 
>   If you only employ host reservations, then the built-in "KNOW" class may be use to restrict clients.
> 
> For example:
> 
>    "client-classes": [{
>            "name": "DROP",
>            "test": "not member('KNOWN')"} ],
> 
> ...
> 
> I advise caution, as this will drop all packet that are not associated with a host reservation.
> 
> /Peter


This goes where?  Inside the subnet definition?

Also, isn't the point of "boot-unknown-client false;" exactly that -- to drop requests that don't match a static host reservation if that's how your managing your subnets?

Thanks



More information about the kea-dev mailing list