On Fri, Aug 16, 2013 at 08:52:49AM +0100, Patrick Welche wrote: > On Fri, Aug 16, 2013 at 10:41:43AM +0300, Jukka Marin wrote: > > On Fri, Aug 16, 2013 at 08:38:38AM +0100, Patrick Welche wrote: > > > > > I haven't tried it, but in dhcpcd.conf(5), this looks promising: > > > > > > > > > > whitelist address[/cidr] > > > > > Only accept packets from address[/cidr]. blacklist is > > > > > ignored if > > > > > whitelist is set. > > > > > > > > Thanks, but in this case the clients don't know the server's address :( > > > > > > So how is it a "known DHCP server"? IPSEC on bootps/bootpc ports? > > > > It should supply a special option value or something like that to the > > clients, > > allowing the clients to recognize it as "our server". > > Something like a "vendor encapsulated option"?
Probably, but can you make dhclient require a certain option _and_ a certain value for the option (not just that the option exists - the option numbers may be used by some other dhcp server which would break the system unless a special unique value was also required). -jm
