09-11-2020 03:57 AM - edited 09-11-2020 04:16 AM
Dear All,
I hope you guys are well.
I have configured IP to MAC and binding on Cisco 3845 Series Router. It is working fine.
But the thing is that I do not want anyone to get an IP address from the same DHCP server? If there MAC address is not binded with IP address.
Need suggestion.
09-11-2020 04:26 AM
- That sounds a bit contradictory , isn't the purpose of DHCP to provide ip address(es) ?
M.
09-11-2020 05:43 AM
Yes it is. But I want DHCP server to assign IP addresses to only those devices whose mac addresses are binded.
09-11-2020 07:45 AM
in that case make sure you reserv all the IP address - not to open pool for general allocation, add static reservation, so no IP address allocated not listed in theDHCP. is this make sense ?
09-11-2020 04:57 PM
Hello
The dhcp snooping binding database gets populated from dhcp allocations from the dhcp server, what you can do is to incorporate Dynamic Arp Inspection (DAI) (with or without the snooping enabled or Ip Source Guard (IPSG) with the latter being able to filter on either just ip address or ip address and mac address but requiring the dhcp snooping being enabled.
If then a host ip/mac entry populated in the snooping database and being used by either DAI or IPSG or just an DAI access doesn't have a correct binding then communication is dropped.
09-12-2020 12:05 AM
Hello,
how did you bind the MAC addresses to IP addresses ? Using static reservations such as the ones below ?
ip dhcp pool HOST_1
host 192.168.1.2 255.255.255.0
client-identifier 01c4.09ab.dfe2.c0
ip dhcp pool HOST_2
host 192.168.1.3 255.255.255.0
hardware-address c409.abdf.e2c0
10-27-2020 09:55 PM
Hi!
I have used the following method.
ip dhcp pool HOST_1
host 192.168.1.2 255.255.255.0
client-identifier 01c4.09ab.dfe2.c0
Is it okay?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide