Question about DOCSIS DHCP vs ARP
jfmezei_nanog at vaxination.ca
Sat Jan 12 00:50:09 UTC 2013
In the old days of DOCSIS, I was able, during failures of DHCP (for
various reasons) to self assign a "nearby" IP address in the same subnet
and this worked fine as long as that IP wasn't being used by someone
else at the time.
While this was done to cope with some failures or bad policy at the
cable company with no ill intent, I realise that I could have used this
technique to do bad stuff on the internet with DHCP logs pointing to
some neighbour (or poiting to nothing).
Has this "loophole" been plugged with the advent of DOCSIS2 and now
DOCSYS3 software ? Or is DHCP still just a "suggestion" of what IP to
use, with ARP being the authoritative mechanism used by the CMTS to know
the MAC address associated with an IP address ?
If this has been solved, at what level was it done ? is it the DOCSYS
modem that sets up a filter based on a DHCP response to only let traffic
"from" the assigned IP address through ? Or would it be done at the
CMTS (again based on the DHCP response being recorded) ?
I ask this in the context of the law where one party tries to sue
another based on IP address (such as Voltage Pictures suing thousands of
IP addresses). If B can use the IP address that DHCP assigned to A and A
gets sued, it becomes rather difficult to prove.
More information about the NANOG