That’s easy enough; a big pool of dynamic addresses and a small pool of static.
The issue, though, is when people are throwing up devices all willy nilly, and the courts ask you ‘who had IP x.x.x.x on jan 5, 2015?’ Translation bridging is one answer. Authenticated DHCP is another. From: Af [mailto:[email protected]] On Behalf Of Sterling Jacobson Sent: Thursday, May 28, 2015 2:51 PM To: [email protected] Subject: Re: [AFMUG] dhcpatriot Probably. But then what about those customers that want a “permanently” assigned IP? Maybe you and I should hire out someone to engineer a solution we can both use. If the change in MAC is tracked, it can (eventually) be re-assigned to the public IP that belongs to them in that case. From: Af [mailto:[email protected]] On Behalf Of Chuck McCown Sent: Thursday, May 28, 2015 12:47 PM To: [email protected] Subject: Re: [AFMUG] dhcpatriot I presume a log could be created each time an IP is handed out tying it to a MAC. From: Cassidy B. Larson <mailto:[email protected]> Sent: Thursday, May 28, 2015 12:39 PM To: [email protected] Subject: Re: [AFMUG] dhcpatriot As long as you can track a particular user to an IP for things such as subpoenas, copyright infringement emails, I think you’ll be fine. On May 28, 2015, at 12:35 PM, Chuck McCown <[email protected]> wrote: I am trying to convince myself that this is not a good idea. I can’t seem to find a compelling reason to authenticate or limit leases. From: Simon Westlake <mailto:[email protected]> Sent: Thursday, May 28, 2015 12:33 PM To: [email protected] Subject: Re: [AFMUG] dhcpatriot Or you could even just run wide open DHCP at that point if you don't care about authentication or limiting leases. On May 28, 2015 1:16 PM, "Chuck McCown" <[email protected]> wrote: Yeah, trying to eliminate the user having to authenticate. We know the MAC of the fiber terminal. We have control over the DLS lines. We have to enable either the fiber or the phone for them to get service, in my mind that is plenty of authentication. Like to have a user plug and play with no extra steps. Like to not have any more databases. I really don’t care who the user is etc. If they can get service they are supposed to get service. From: Simon Westlake <mailto:[email protected]> Sent: Thursday, May 28, 2015 12:08 PM To: [email protected] Subject: Re: [AFMUG] dhcpatriot You could probably do a really short DHCP lease on the initial walled garden IP, I don't know how short DHCP Patriot supports, but I would imagine the shortest would probably still be 60 seconds. On 5/28/2015 12:58 PM, Chuck McCown wrote: Be nice to make it so that a DSL modem/router could power up and just start working without any power cycling. From: Charles Boening <mailto:[email protected]> Sent: Thursday, May 28, 2015 11:28 AM To: [email protected] Subject: Re: [AFMUG] dhcpatriot We have had a DHCPatriot system for about 5 years. We love it. It’s essentially a captive portal. When a user first connects, they get a private IP and policy routing forces them to the portal. When the user authenticates, the system uses a local user database or RADIUS to authenticate the them and if successful, ties the MAC address to a username. Now that the user is known, they reboot their device (or release/renew or wait a few minutes) and the system assigns an IP address from the authenticated address pool. Infoblox looks like it has a few more features (some DNS and IPAM stuff). If you’re in the market for something like the DHCPatriot system, I recommend getting a demo. __________________________________ Charles Boening Network Manager 800-858-2399 | Office [email protected] <http://www.cot.net/> www.cot.net | Find us on <https://www.facebook.com/pages/Cal-Ore/205066716227707> Facebook __________________________________ Cal-Ore | Real. Local. Trusted. Professional. From: Af [mailto:[email protected]] On Behalf Of Simon Westlake Sent: Thursday, May 28, 2015 6:31 AM To: [email protected] Subject: Re: [AFMUG] dhcpatriot I thought it was pretty interesting. Infoblox has a nice DHCP server too. On May 27, 2015 4:34 PM, "Chuck McCown" <[email protected]> wrote: Anyone know anything about this product? http://www.network1.net/products/dhcpatriot/
