In message <20020107191756.A492@noc.untraceable.net>, Andrew Brown writes:
>>> >It doesn't matter.  The client is required to put its MAC address in
>>> >the dhcp packet payload so it is always available there.
>>> 
>>> certainly, but i've often found it more informative to look at the
>>> ethernet header itself to find out exactly where packets are coming
>>> from.
>>
>>Since an dhcp can come from a relay agent, the mac address itself
>>isn't interesting.
>
>i was considering that, and thinking that the response from the server
>should be sent back to the relay instead of to the hardware address as
>specified in the dhcp message itself...
>

Not just "should" -- must.  If there's a relay agent, the server and 
client are probably on different networks; sending to the hardware 
address of the client won't work.  This is discussed in 2131.

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com