Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface
To: Andrew Brown <firstname.lastname@example.org>
From: Steven M. Bellovin <email@example.com>
Date: 01/07/2002 19:27:47
In message <20020107191756.A492@noc.untraceable.net>, Andrew Brown writes:
>>> >It doesn't matter. The client is required to put its MAC address in
>>> >the dhcp packet payload so it is always available there.
>>> certainly, but i've often found it more informative to look at the
>>> ethernet header itself to find out exactly where packets are coming
>>Since an dhcp can come from a relay agent, the mac address itself
>i was considering that, and thinking that the response from the server
>should be sent back to the relay instead of to the hardware address as
>specified in the dhcp message itself...
Not just "should" -- must. If there's a relay agent, the server and
client are probably on different networks; sending to the hardware
address of the client won't work. This is discussed in 2131.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com