Authenticated DHCP really helps with this. The Patriot system keeps a log of all transactions.
__________________________________ Charles Boening Network Manager 800-858-2399 | Office charl...@calore.net<mailto:charl...@calore.net> www.cot.net<http://www.cot.net/> | Find us on Facebook<https://www.facebook.com/pages/Cal-Ore/205066716227707> __________________________________ Cal-Ore | Real. Local. Trusted. Professional. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Shayne Lebrun Sent: Thursday, May 28, 2015 12:40 PM To: af@afmug.com Subject: Re: [AFMUG] dhcpatriot That’s easy enough; a big pool of dynamic addresses and a small pool of static. The issue, though, is when people are throwing up devices all willy nilly, and the courts ask you ‘who had IP x.x.x.x on jan 5, 2015?’ Translation bridging is one answer. Authenticated DHCP is another. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Sterling Jacobson Sent: Thursday, May 28, 2015 2:51 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot Probably. But then what about those customers that want a “permanently” assigned IP? Maybe you and I should hire out someone to engineer a solution we can both use. If the change in MAC is tracked, it can (eventually) be re-assigned to the public IP that belongs to them in that case. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown Sent: Thursday, May 28, 2015 12:47 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot I presume a log could be created each time an IP is handed out tying it to a MAC. From: Cassidy B. Larson<mailto:c...@infowest.com> Sent: Thursday, May 28, 2015 12:39 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot As long as you can track a particular user to an IP for things such as subpoenas, copyright infringement emails, I think you’ll be fine. On May 28, 2015, at 12:35 PM, Chuck McCown <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: I am trying to convince myself that this is not a good idea. I can’t seem to find a compelling reason to authenticate or limit leases. From: Simon Westlake<mailto:simon.westl...@digitalgunfire.com> Sent: Thursday, May 28, 2015 12:33 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot Or you could even just run wide open DHCP at that point if you don't care about authentication or limiting leases. On May 28, 2015 1:16 PM, "Chuck McCown" <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: Yeah, trying to eliminate the user having to authenticate. We know the MAC of the fiber terminal. We have control over the DLS lines. We have to enable either the fiber or the phone for them to get service, in my mind that is plenty of authentication. Like to have a user plug and play with no extra steps. Like to not have any more databases. I really don’t care who the user is etc. If they can get service they are supposed to get service. From: Simon Westlake<mailto:simon.westl...@digitalgunfire.com> Sent: Thursday, May 28, 2015 12:08 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot You could probably do a really short DHCP lease on the initial walled garden IP, I don't know how short DHCP Patriot supports, but I would imagine the shortest would probably still be 60 seconds. On 5/28/2015 12:58 PM, Chuck McCown wrote: Be nice to make it so that a DSL modem/router could power up and just start working without any power cycling. From: Charles Boening<mailto:charl...@calore.net> Sent: Thursday, May 28, 2015 11:28 AM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot We have had a DHCPatriot system for about 5 years. We love it. It’s essentially a captive portal. When a user first connects, they get a private IP and policy routing forces them to the portal. When the user authenticates, the system uses a local user database or RADIUS to authenticate the them and if successful, ties the MAC address to a username. Now that the user is known, they reboot their device (or release/renew or wait a few minutes) and the system assigns an IP address from the authenticated address pool. Infoblox looks like it has a few more features (some DNS and IPAM stuff). If you’re in the market for something like the DHCPatriot system, I recommend getting a demo. __________________________________ Charles Boening Network Manager 800-858-2399<tel:800-858-2399> | Office charl...@calore.net<mailto:charl...@calore.net> www.cot.net<http://www.cot.net/> | Find us on Facebook<https://www.facebook.com/pages/Cal-Ore/205066716227707> __________________________________ Cal-Ore | Real. Local. Trusted. Professional. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Simon Westlake Sent: Thursday, May 28, 2015 6:31 AM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] dhcpatriot I thought it was pretty interesting. Infoblox has a nice DHCP server too. On May 27, 2015 4:34 PM, "Chuck McCown" <ch...@wbmfg.com<mailto:ch...@wbmfg.com>> wrote: Anyone know anything about this product? http://www.network1.net/products/dhcpatriot/
