MacVendor-Based group reservation for DHCP

Yes, this could be evaluated as “useless computer-science fiction” feature.
But in some enviroment could be useful. Therefore, don’t shoot the pianist.

MAC is assigned to device by the producer, according to its OUI identifier. OUI List is available from IEEE site. DHCP Server assignes ip addresses according to it’s settings: into default network zone based pool or for the reserved IP Address if the MacAddress is already written into list.

What if there are a lot of devices, not all know during DHCP setup and Firewall rules deployment, that should be able to connect to specified services (deployment, configuration, application) for being managed or for being usefuls?
In my mind there are provisioned access points or switches, handhelds, mobile devices (rugged tablets), network-enabled measurement devices, roaming installed.
One way or another, the macaddress will be known, sooner or later.

But install a small appliance, already configured, into a remote warehouse, which will put the unknown maccaddress device exactly where it should be (close to, ok) asking to tech installers of devices to “DHCP Client” as default setting and without direct tech surveillance.

So “Honeywell/Intermec” devices will be assigned into a dedicated pool. Also Sartorius, Ubiquiti, Datalogic, Moxa.
I know, the effort can be vanished by MacAddress forgery, too many devices of the same vendor (exceeding the pool) or not so clear relationship between NIC brand and devices. Also… Intel, Atheros, Realtek and computer brands could not be the best choice.

Ok… This is my saturday morning crazy idea. Hope this helps :slight_smile:

Just to support this feature with a real world example: A long time ago I was working at a company where they did a mac override in the driver of the network interface. With this override all mac addresses were starting with the same set of characters.
This was just an aid to more easily administer the ip addresses on the network.
I can imagine that, if you have managed switches with port control and if there is another type of mac address than that is starting with the predefined characters, you can instantly block access to the network.
There must be other scenarios to think of.
/evil sysadmin modus If you realy hate apple (or your boss who has an apple device :face_with_symbols_over_mouth: ) you could block all apple devices on your network… :rofl:

For being evil it’s not necessary to add this suggested feature. MacAddress will be known, sooner or later therefore it’s a blink of the eye put the victim device into the wrong subnet (there’s no control for reserved ip address into DHCP reservation form).

29 views. Only 1 answer. Seems a bit more useless than seemed to me… :slight_smile: