Folks,
Is it not yet possible to allow/deny unkown clients in DHCPv6?
In dhcpd for DHCPv4, it is possible to do something like this:
---
shared-network SomeNetwork {
subnet 10.0.0.0 netmask 255.255.255.0 {
pool {
range 10.0.0.2 10.0.0.254;
deny unknown clients;
}
}
subnet 10.160.0.0 netmask 255.255.255.0 {
pool {
range 10.160.0.2 10.160.0.254;
}
}
}
host SomeHost { hardware ethernet 00:01:02:03:04:05; }
---
With the above config, the specified host of 00:01:02:03:04:05 would get an address out of the 10.0.0.0/24 range while a non-specified host of 00:10:20:30:40:50 would get an address out of 10.160.0.0/24
Trying something similar in DHCPv6 (dhcpd -6) does not seem to produce the same behavior:
---
shared-network FNGipv6Test {
subnet6 2001:0:50:e8::/64 {
range6 2001:0:50:e8::1 2001:0:50:e8:7fff:ffff:ffff:fffe;
prefix6 2001:0:58:: 2001:0:59:: /48;
min-lease-time 600;
preferred-lifetime 600;
default-lease-time 600;
max-lease-time 600;
deny unknown-clients;
}
}
---
with no hosts defined, everyone can get an address. The first thing I noticed was that using 'deny unknown clients;' produced a config error:
---
/etc/dhcpd6.conf line 9: expecting allow/deny key
deny unknown
^
---
but did not produce an error when specified as 'deny unknown-clients;'. It did not, however, deny clients. All clients were able to get addresses and prefix delegations with no problems despite having no declarations in the config causing them to be 'known'.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Locked
