enemieslist

Internet security & antispam

News

« Now this is just silly (WHOIS FAIL) | Main | new pats posted - 20090918 (maintenance pats release) »

September 18, 2009

DHCP doesn't necessarily mean dynamic

Any systems or network administrator who has worked with DHCP knows that it can be used to dole out fixed/static IP addresses to clients, but the far more common use in residential Internet service is for it to dole out dynamic IPs from a pool. The occasional exception arises now and again, and here's one:

stormlakeDHCP-225.216-16-93.iw.net [216.16.93.225]

A quick check of WHOIS shows this host is in a /22 block marked as "PrairieWave Static Host Assignment". Oddly, the IP in question is listed in the Spamhaus PBL, which is notorious for avoiding listing static generic IPs. So, who's right here? The ISP? Spamhaus?

I try a few more IPs, all marked as generic by Enemieslist some years ago, but containing the DHCP token, and they all fall into blocks marked in WHOIS as static. OK, then, let's try one marked explicitly as static in a token:

lennox-dsl-static-227.216-16-34.iw.net [216.16.34.227]

All WHOIS says is that these are "PrairieWave DSL DHCP". Well, let's try another. This one also has "static" in the name, and it's marked as static in WHOIS as well. Unfortunately, the IP whose name I'm trying to add a pattern for now also contains the "static" token, but the WHOIS output is mum as to its type (DSL?), so no way to tell that part; it looks like they offer cable, DSL, wireless, dialup and colocation as well. Their Support FAQ says that static IPs are available, but doesn't say anything about custom PTRs.

Probably the best bet we could make here is to assume that because they're using DHCP, but presumably want to reduce support costs, they're mixing their static and dynamic IPs within the same blocks (as we saw with the "DSL DHCP" remark in the WHOIS output for the host with the static token in the name), but as static IPs are clearly not the default, our default is to assume dynamic—especially because they are known to use "static" tokens in the names of statically assigned hosts.

A quick scan of a few subnets suggests that they will provide custom PTRs for their customers requesting statics, so we're sticking with "dynamic" for the DHCP hosts, WHOIS notwithstanding. In this case, though, we do it knowing we may well be wrong. Worst case scenario is that the IPs with those "DHCP" names are actually "mixed" static and dynamic.

Posted by schampeo at September 18, 2009 3:54 PM

Enemieslist is a product of hesketh.com/inc., based in beautiful downtown Raleigh, North Carolina, USA.

©2003-2021 hesketh.com/inc. All rights reserved.

Contact Us