bootp was based on MAC addresses to give IP's and dhcpd keeps track of
assigned IP's based on MAC addresses.
> -----Original Message-----
> From: Bois, Mathieu [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 27, 2000 8:20 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [expert] Re: Filter on MAC
>
>
> > AFAIK, MAC addresses do not get past our switches - so I
> suppose they
> > might get lost as soon as you leave your own LAN. Correct me
> > if I got this wrong.
>
> Yes, you're right, that's the base of ethernet.
> The source and destination IP addresses don't change,
> but the source
> and destination MAC addresses change and become routers
> addresses if you
> have to go another (other) LAN(s).
>
> > ISP-s can easily restrict access based on MAC address, since
> > you connect
> > them directly.
>
> I think that with cable ISP it is not the case since
> you access them
> through a router, or they filter accordingly to your router address.
>
> > Also DHCP can be configured to give the static
> > addresses based on MAC - our cable provider does it.
>
> Yes, it is easy to do this with ISC dhcpd or even with
> MS dhcp ! ;-)
>
> I don't know if you can forbid a client to get an
> address through
> DHCP according to its MAC address, but one can imagine to
> patch the ISC
> dhcpd server to add this feature...
>
> But since it is so easy under Linux to logically change the MAC
> address, one cannot *only* rely on the MAC address to do security! ;-)
>
> Mathieu
>
