Watchutalkinboutwillis So, on a local broadcast domain, the dhcp request packet (I've never actually looked at one, I just assumed the recipient dhcp server/relay ascertains the mac based on the l2 communication) embeds the source Mac of the client?
I suspect there is sorcery involved at some point here. If this is on, and cent devices are getting their own ip addresses, would the next upstream device arp table have multiple ip addresses for the same Mac address then? This makes me wonder if the gap in my knowlege of all things ip, if this would explain a fortigate issue we had a long time ago. A customer fortigate was gratuitous arping every ip in the subnet for its ip, until we did an ip/Mac filter in the alvarion radio. If that firmware of the fortigate had been set to a bridge rather than router, and the unit assigned a /24 rather than /32, it would arp the whole /32. I can't remember what the mode was actually called, I think transparent, but it was a l2 firewall, I don't think is even an option now. Come to think about it, it's kind of a dick move to mess with the mac addresses On Apr 18, 2017 8:25 PM, "George Skorup" <[email protected]> wrote: No. The DHCP client ID/MAC is part of the DHCP REQUEST packet. Doesn't matter what the underlying L2 address is. Like I said before, last week, week before, I forget... You can use MAC-NAT aka translation bridging and MikroTik's DHCP server lease option "use-src-mac" to tie the DHCP request to the NAT'd/translated L2 address (it ignores the client ID). Thus restricting that customer to the same lease (IP) no matter what device they plug in. Then it does exactly what you say, Steve. On 4/18/2017 8:06 PM, Steve Jones wrote: But 2 or more dhcp clients will receive the same ip assignment and the device will revert to a link local ip when is sends out a conflicting gratuitous arp on the broadcast domain, or never actually ack a dhcp offer On Apr 18, 2017 6:53 PM, "George Skorup" <[email protected]> wrote: I think you mean MAC-NAT. Yes. It's essentially translation bridging just like Canopy. Every device behind the SM would show up as the SM's MAC on the upstream/wireless side. On 4/18/2017 6:37 PM, Gino Villarini wrote: So I get that the SM translates Macs into the SM MAC, this includes several devices? IF the SM is connected to a SW with several pcs ? � *Gino Villarini* President Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968
