[unisog] DHCP Address Reuse Questions

Jeff Kell jeff-kell at utc.edu
Wed Oct 12 18:24:04 GMT 2005


Gary Flynn wrote:

> We're concerned about informal or temporary servers
> that rely on DHCP services for dynamic addresses.

We require any specific IP involved in any access control or DNS entry have a DHCP reservation.  We allocate reservations outside the collective DHCP pool's scope.

We also use static NAT to remap disparate server internal addresses into a common external "subnet" to facilitate access controls on incoming traffic, rather than having to enumerate individual inside IPs that have "more open" access rights.

Jeff Kell
IT Security
University of Tennessee at Chattanooga



More information about the unisog mailing list