On Monday 04 February 2008 09:04:22 pm richardvo...@gmail.com wrote: > > It's not a safeguard. It is *necessary* to ensure correct handling of > relays. > This basically sounds like a policy decision on relays. For instance, people in my situation would _like_ the 'incorrect handling' you speak of. While I appreciate the effort you took in coming up with the example, I think it muddies things more. Having 2 different sub-nets, with 2 different security requirements served via a single dhcp server just seems like asking for trouble (In my case, all the machine have the same security risks - all are public servers). Anyway, thanks for clarifying the thought process behind the behavior. I do appreciate all the time you've taken to explain things
> > Of course that will work. DHCP relays are always used to serve nodes > beyond the next-hop, never from the same subnet (in the same subnet no > relay is needed). > Ok - since I have to eat an address on every subnet, I might as well assign them directly to the DNSMasq interface, and skip the relays. Then DNSMasq should be happy. I was hoping to avoid this as it eats an I.P. address, and requires me to remember to add a new I.P. to the DNSMasq interface everytime I get a new sub-net. However, that would be less trouble then having to do that _and_ configure a relay for each new subnet. Thanks again for all the help, Steve