[Dnsmasq-discuss] Fwd: Replicate "deny unknown-clients" from dhcpd
Simon Kelley
simon at thekelleys.org.uk
Wed Feb 28 07:41:37 GMT 2007
Didster wrote:
> Hi,
>
> I have been using dnsmasq for a while and it's great. I am trying to
> install it now on a friends machine who wants to replicate the
> behavior of dhcpd's "deny unknown-clients" for his server.
>
> I know you can do something like:
>
> dhcp-range=thelan,192.168.0.20,static,infinite
>
> And then:
>
> dhcp-host=01:30:46:51:ca:48,laptop,192.168.0.4
>
> To allow IPs to be given out to machines that have dhcp-host entires
> (this is what I do) and deny unknown clients.
>
> But he is not happy having to provide the IP address of each machine.
> Basically, he doesn't want each machines IP to be static, but only
> wants dnsmasq to hand out IPs to machines that have known MAC
> addresses. You can do this in dhcpd by having "deny unknown-clients"
> and then not having a fixed-address: for each host.
>
> Is this possiable in dnsmasq? I have tried removing the IP from the
> dhcp-host lines - I just get "no address available" errors in syslog.
>
> Is there a solution to this?
>
You can do this (at least in theory - I've not tested this particular
configuration.) It's not particularly pretty.
The trick is
dhcp-ignore=#known
which tells dnsmasq to ignore any DHCP request where the tag "known" is
not set.
Now, for each known host, set the tag
dhcp-host=11:22:33:44:55:66,net:known
dhcp-host=12:34:56:78:70:12,net:known
.
.
and finally, give a DHCP range as normal
dhcp-range=192.168.0.1,192.168.0.100
HTH
Simon.
More information about the Dnsmasq-discuss
mailing list