[Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address
Geert Stappers
stappers at stappers.nl
Sun Jul 26 14:35:24 BST 2020
On Sun, Jul 26, 2020 at 06:07:52AM -0700, dev at lutean.com wrote:
> > > iOS 14
> >
> > CISCO provides an IOS, https://en.wikipedia.org/wiki/Cisco_IOS
> > My second guess on IOS is an Apple Computer Inc product.
> >
> >
> > > will by default use randomized, private MAC addresses.
> >
> > Yeah right, let's sell a depleted MAC address pool
> > as a privacy improvement ...
> >
>
> It is an upcoming feature of Apple products that will be on
> by default: https://support.apple.com/en-ca/HT211227
>
> It is already available through the public beta.
>
> So Apple devices as of October or sooner will be
> changing their MAC addresses by default
>
> >
> > > In my testing these devices use a MAC address with the LAA bit set
> > > (2nd least significant bit of the first byte of the MAC). It restricts
> > > this to host addresses (least significant bit is set to 0).
> >
> > Speaks about two bits
> >
> >
> > > This patch detects MAC addresses with this bit set and tags the request with
> > > the tag "laa-address". This would allow other rules to decide what to do
> > > with these requests (such as ignoring them).
> >
> > Speaks about one bit
> >
> >
> >
> > Speaking about bits, see
> https://en.wikipedia.org/wiki/MAC_address#/media/File:MAC-48_Address.svg
> > for the "exploded view"
> >
>
> https://en.wikipedia.org/wiki/MAC_address#Unicast_vs._multicast
>
> The reason two bits are tested is because:
> - one bit is the UAA / LAA bit
> - one bit is the unicast / multicast bit
>
> so this patch wouldn't tag LAA multicast MAC addresses should
> those happen to be in use somewhere.
>
> So specifically a device with an LAA unicast MAC address
> would get a tag. This requires testing two bits.
>
OK, thanks for elaborating
Groeten
Geert Stappers
--
Silence is hard to parse
More information about the Dnsmasq-discuss
mailing list