[Cialug] DHCP question - Vendor info.

Josh More morej at alliancetechnologies.net
Wed Aug 12 11:51:55 CDT 2009


I'm not an expert, but the few times I've needed to do vendor
identification on a network, I just use the first three bytes and that
gets the job done.

I don't think it's any more complex than that.

 
 

-Josh More, RHCE, CISSP, NCLP, GIAC 
 morej at alliancetechnologies.net 
 515-245-7701



>>> "Nathan C. Smith" <nathan.smith at ipmvs.com> 8/12/2009 11:48 AM >>> 
Really?  So I was reading way too much into it? like it was sending a
little more information somewhere else in the request.

-Nate 

> -----Original Message-----
> From: cialug-bounces at cialug.org 
> [mailto:cialug-bounces at cialug.org] On Behalf Of Josh More
> Sent: Wednesday, August 12, 2009 11:47 AM
> To: 'Central Iowa Linux Users Group'
> Subject: Re: [Cialug] DHCP question - Vendor info.
> 
> The vendor code is the first three bytes of the MAC address.
> 
>  
>  
> 
> -Josh More, RHCE, CISSP, NCLP, GIAC
>  morej at alliancetechnologies.net
>  515-245-7701
> 
> 
> 
> >>> "Nathan C. Smith" <nathan.smith at ipmvs.com> 8/12/2009 10:27 AM
>>>
> 
> It is my understanding that when a system initiates a DHCP 
> request it sends along a special code for vendor information. 
>  In dhcpd, with use of a special conditional statement, you 
> are supposed to be able to assign addresses based on this 
> vendor specific information.
> 
> So my question is, short of actually sniffing the wire, is 
> there a way to get the vendor-code that is sent?  Could it be 
> located in a log file somewhere?  I don't see it in my DHCP 
> logs but maybe I need to enable more detail?  I've also 
> searched Google and found codes for some hardware and 
> different versions of Windows.
> 
> My issue is this: I use DHCPD to assign static IP addresses 
> based on all my known MAC addresses.  Any new addresses go 
> into a special range. 
> Between this special range and arpwatch I can see new devices 
> and unwelcome visitors on my network.  Since the VPN creates 
> a special MAC address for each connection the addresses 
> always go into the special range and create an arpwatch 
> alert.  I'd like to be able to use the vendor info to place 
> vpn users into a trusted range and really lock down the 
> untrusted or visitor range.
> 
> If anyone can shed more light on the vendor info field in a 
> DHCP request I would really appreciate it.  Thanks.
> 
> -Nate
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
> 
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
> 
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug



More information about the Cialug mailing list