58 messages in net.nether.puck.cisco-nsp[c-nsp] Excluding MAC address from DHCP
FromSent OnAttachments
Jay HenniganJan 24, 2005 8:17 pm 
Jay HenniganJan 24, 2005 10:13 pm 
Matt HillJan 24, 2005 10:18 pm 
Jay HenniganJan 24, 2005 11:15 pm 
Koen PeetermansJan 25, 2005 4:08 am 
r.sahneyJan 25, 2005 10:24 am 
Koen PeetermansJan 25, 2005 10:46 am 
Koen PeetermansJan 25, 2005 10:49 am 
Steven BertschJan 25, 2005 11:18 am 
Tim JacksonJan 25, 2005 1:25 pm 
Chris CappuccioJan 26, 2005 4:13 am 
MADMANJan 26, 2005 10:14 am 
John NeibergerJan 26, 2005 10:16 am 
Rodney DunnJan 26, 2005 10:25 am 
John NeibergerJan 26, 2005 10:36 am 
Dave TemkinJan 26, 2005 10:46 am 
Rodney DunnJan 26, 2005 10:52 am 
John NeibergerJan 26, 2005 10:54 am 
MADMANJan 26, 2005 10:57 am 
Gert DoeringJan 26, 2005 11:00 am 
Brian VowellJan 26, 2005 11:05 am 
John NeibergerJan 26, 2005 11:06 am 
Rodney DunnJan 26, 2005 11:07 am 
Rodney DunnJan 26, 2005 11:09 am 
Gert DoeringJan 26, 2005 11:13 am 
james edwardsJan 26, 2005 11:23 am 
David PrallJan 26, 2005 11:45 am 
Dave TemkinJan 26, 2005 11:46 am 
MADMANJan 26, 2005 11:46 am 
Rodney DunnJan 26, 2005 12:01 pm 
Rodney DunnJan 26, 2005 2:00 pm 
MADMANJan 26, 2005 2:58 pm 
Rodney DunnJan 26, 2005 3:21 pm 
james edwardsJan 26, 2005 5:06 pm 
MADMANJan 26, 2005 5:19 pm 
Jay HenniganJan 26, 2005 7:03 pm 
Jay HenniganJan 26, 2005 7:10 pm 
Jay HenniganJan 26, 2005 8:40 pm 
Kevin GrahamJan 26, 2005 10:44 pm 
Jay HenniganJan 26, 2005 11:29 pm 
Ryan O'ConnellJan 27, 2005 3:23 am 
Dave TemkinJan 27, 2005 4:59 am 
Rodney DunnJan 27, 2005 11:03 am 
lis...@hojmark.orgJan 27, 2005 6:35 pm 
lis...@hojmark.orgJan 27, 2005 6:46 pm 
Rodney DunnJan 27, 2005 8:04 pm 
Ted MittelstaedtJan 28, 2005 12:41 am 
Tantsura, JeffJan 28, 2005 5:41 am 
Per CarlsonJan 28, 2005 6:14 am 
Dave TemkinJan 28, 2005 7:17 am 
Joe MaimonJan 28, 2005 8:14 am 
Cheung, RickJan 28, 2005 8:30 am 
Gert DoeringJan 28, 2005 1:16 pm 
Tantsura, JeffJan 31, 2005 4:59 am 
Gert DoeringJan 31, 2005 5:05 am 
Elmar K. BinsJan 31, 2005 5:37 am 
Tantsura, JeffJan 31, 2005 6:01 am 
Gert DoeringJan 31, 2005 6:29 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[c-nsp] Excluding MAC address from DHCPActions...
From:james edwards (hack@cybermesa.com)
Date:Jan 26, 2005 5:06:15 pm
List:net.nether.puck.cisco-nsp

Cool, thanks. A few questions, though. I have a nasty multipoint interface for DSL and a DHCP pool is attached to the BVI. All pvc's will be moved to individual if's doing "atm routed-bridge" shortly but for now I need a better way to take down infected users. We do not auth here as the LEC does not supply routers that support PPPoX.

Here is the present conifg:

ip dhcp pool foobar network a.b.c.0. 255.255.255.0 domain-name cybermesa.com default-router a.b.c.d lease 0 2

! interface ATM4/ima0.1 multipoint description Espanola DSL Bridged IMA group no ip redirects no ip unreachables no ip mroute-cache pvc 0/36 ! pvc 0/37 ! pvc 0/38 ! pvc 0/39 ///////// ! bridge-group 1 bridge-group 1 spanning-disabled ! interface BVI1 ip address a.b.c.d 255.255.255.0 ip verify unicast source reachable-via rx allow-self-ping no ip redirects no ip unreachables no ip proxy-arp arp timeout 3600 clns mtu 1514 hold-queue 150 in

So if I add:

ip dhcp pool infected host 1.1.1.1 hardware-address 02c7.f800.0422 ieee802

Will the pvc (on ATM4/ima0.1) which has hardware-address 02c7.f800.0422 ieee802 (client side) get address 1.1.1.1, while the others get assigned addresses out of dhcp pool foobar ?

Reading at CCO, it seems I need to do a "ip dhcp pool <whatever>" for each MAC address, correct ?

Thanks so much for the help !

James H. Edwards Routing and Security Administrator At the Santa Fe Office: Internet at Cyber Mesa jamesh at cybermesa.com noc at cybermesa.com http://www.cybermesa.com/ContactCM (505) 795-7101