From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stephen Samuel Subject: Re: mac-ip pairs Date: Sun, 22 Jun 2003 09:56:27 -0700 Sender: linux-admin-owner@vger.kernel.org Message-ID: <3EF5DFBB.4030607@bcgreen.com> References: <5.1.1.6.0.20030619070800.00a97be8@mustang> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <5.1.1.6.0.20030619070800.00a97be8@mustang> List-Id: Content-Type: text/plain; charset="us-ascii"; format="flowed" To: Scott Taylor Cc: linux-admin@vger.kernel.org If the options are the same for all (or most) of the machines, then you can put them outside the host entry.. That would leave you with host entries consisting of only the haresare and fixed-address part. If all you really want to do is ensure that a host that gets assigned an IP address keeps it for a long period of time, then you could also assign a dynamic pool with a very long expiry time (months or years). Generally, even when a machine renews, they will usually get the same IP address as before. If you really want to enforce the use of specific IP addresses, then it'll take a lot more work -- ranging up to turning your box into an intelligent switch. with a bunch of multiport cards, you can put each user (or group of users) on a separate leg and set up the firewall to only pass packets with the correct IP/MAC pairs. You can actually do things like that in bridge mode such that packets would be forewarded transparently for users who don't violate your policies. Scott Taylor wrote: > At 06:54 06/19/03, you wrote: >> a network (something about half of a C class IPs) and some users who >> I'd like >> to "stick" them to only one IP; half of the computers get their IPs >> via dhcp, > > My DHCP server can set IP by MAC address. Running patched DHCP2.0 on > RedHat7.2. Maybe your OS and distro are different. > > This entry in my /etc/dhcpd.conf file, just before the subnet entry: > > host jimmy.dct.net { > option routers 192.168.1.200; > option domain-name-servers 192.168.1.211; > hardware ethernet 00:d0:b7:ad:17:37; > fixed-address 192.168.1.85; > } -- Stephen Samuel +1(604)876-0426 samuel@bcgreen.com http://www.bcgreen.com/~samuel/ Powerful committed communication. Transformation touching the jewel within each person and bring it to life.