<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7654.12">
<TITLE>Re: [Cialug] DHCP question - Vendor info.</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>Are you talking about the vendor magic cookie in the dhcp request? It controls the format of the response returning a specific set of dhcp options.<BR>
<BR>
Johnl<BR>
<BR>
----- Original Message -----<BR>
From: cialug-bounces@cialug.org <cialug-bounces@cialug.org><BR>
To: 'Central Iowa Linux Users Group' <cialug@cialug.org><BR>
Sent: Wed Aug 12 09:48:26 2009<BR>
Subject: Re: [Cialug] DHCP question - Vendor info.<BR>
<BR>
Really? So I was reading way too much into it? like it was sending a little more information somewhere else in the request.<BR>
<BR>
-Nate<BR>
<BR>
> -----Original Message-----<BR>
> From: cialug-bounces@cialug.org<BR>
> [<A HREF="mailto:cialug-bounces@cialug.org">mailto:cialug-bounces@cialug.org</A>] On Behalf Of Josh More<BR>
> Sent: Wednesday, August 12, 2009 11:47 AM<BR>
> To: 'Central Iowa Linux Users Group'<BR>
> Subject: Re: [Cialug] DHCP question - Vendor info.<BR>
><BR>
> The vendor code is the first three bytes of the MAC address.<BR>
><BR>
> <BR>
> <BR>
><BR>
> -Josh More, RHCE, CISSP, NCLP, GIAC<BR>
> morej@alliancetechnologies.net<BR>
> 515-245-7701<BR>
><BR>
><BR>
><BR>
> >>> "Nathan C. Smith" <nathan.smith@ipmvs.com> 8/12/2009 10:27 AM >>><BR>
><BR>
> It is my understanding that when a system initiates a DHCP<BR>
> request it sends along a special code for vendor information.<BR>
> In dhcpd, with use of a special conditional statement, you<BR>
> are supposed to be able to assign addresses based on this<BR>
> vendor specific information.<BR>
><BR>
> So my question is, short of actually sniffing the wire, is<BR>
> there a way to get the vendor-code that is sent? Could it be<BR>
> located in a log file somewhere? I don't see it in my DHCP<BR>
> logs but maybe I need to enable more detail? I've also<BR>
> searched Google and found codes for some hardware and<BR>
> different versions of Windows.<BR>
><BR>
> My issue is this: I use DHCPD to assign static IP addresses<BR>
> based on all my known MAC addresses. Any new addresses go<BR>
> into a special range.<BR>
> Between this special range and arpwatch I can see new devices<BR>
> and unwelcome visitors on my network. Since the VPN creates<BR>
> a special MAC address for each connection the addresses<BR>
> always go into the special range and create an arpwatch<BR>
> alert. I'd like to be able to use the vendor info to place<BR>
> vpn users into a trusted range and really lock down the<BR>
> untrusted or visitor range.<BR>
><BR>
> If anyone can shed more light on the vendor info field in a<BR>
> DHCP request I would really appreciate it. Thanks.<BR>
><BR>
> -Nate<BR>
> _______________________________________________<BR>
> Cialug mailing list<BR>
> Cialug@cialug.org<BR>
> <A HREF="http://cialug.org/mailman/listinfo/cialug">http://cialug.org/mailman/listinfo/cialug</A><BR>
><BR>
> _______________________________________________<BR>
> Cialug mailing list<BR>
> Cialug@cialug.org<BR>
> <A HREF="http://cialug.org/mailman/listinfo/cialug">http://cialug.org/mailman/listinfo/cialug</A><BR>
><BR>
_______________________________________________<BR>
Cialug mailing list<BR>
Cialug@cialug.org<BR>
<A HREF="http://cialug.org/mailman/listinfo/cialug">http://cialug.org/mailman/listinfo/cialug</A><BR>
</FONT>
</P>
</BODY>
</HTML>