[Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address
dev at lutean.com
dev at lutean.com
Sun Jul 26 14:07:52 BST 2020
> > iOS 14
>
> CISCO provides an IOS, https://en.wikipedia.org/wiki/Cisco_IOS
> My second guess on IOS is an Apple Computer Inc product.
>
>
> > will by default use randomized, private MAC addresses.
>
> Yeah right, let's sell a depleted MAC address pool
> as a privacy improvement ...
>
It is an upcoming feature of Apple products that will be on
by default:
https://support.apple.com/en-ca/HT211227
It is already available through the public beta.
So Apple devices as of October or sooner will be
changing their MAC addresses by default
>
> > In my testing these devices use a MAC address with the LAA bit set
> > (2nd least significant bit of the first byte of the MAC). It restricts
> > this to host addresses (least significant bit is set to 0).
>
> Speaks about two bits
>
>
> > This patch detects MAC addresses with this bit set and tags the request
with
> > the tag "laa-address". This would allow other rules to decide what to do
> > with these requests (such as ignoring them).
>
> Speaks about one bit
>
>
>
> Speaking about bits, see
https://en.wikipedia.org/wiki/MAC_address#/media/File:MAC-48_Address.svg
> for the "exploded view"
>
https://en.wikipedia.org/wiki/MAC_address#Unicast_vs._multicast
The reason two bits are tested is because:
- one bit is the UAA / LAA bit
- one bit is the unicast / multicast bit
so this patch wouldn't tag LAA multicast MAC addresses should
those happen to be in use somewhere.
So specifically a device with an LAA unicast MAC address
would get a tag. This requires testing two bits.
More information about the Dnsmasq-discuss
mailing list