DHCP Reservation vs Mac address filtering. Are they the same security?

I am able to give an ip address to a wired/wireless device based on the mac address. Other automatic DHCP is turned off.

Is this as effective as a security measure as MAC filtering?

It just seems to be an extra step on MAC filtering. I dont know why the interfaces are not merged as one. Hence the question to make sure I do not make a security mistake.


Solution 1:

No, using DHCP reservations will not be as effective; while your router won't assign a DHCP address to a device whose MAC address it doesn't know, this does nothing to prevent an attacker simply assigning himself a static IP address in your range, and the router will happily communicate with him.

Solution 2:

MAC address is suppose to be like a unique ID for a device where IP address is place to send data to with an ambiguous ID.

Assigning a mac address allows you to ensure a device gets it's IP address reserved. Imagine a server @192.168.0.10 that shuts off, the IP address becomes available, a new devices uses it (192.168.0.10), then the server comes back on and is not allowed its address and either does not connect, or gets another address (say 192.168.0.11). But the other devices are still looking for 192.168.0.10 and they throw errors because the server isn't there.

By reserving the IP address, you make the ID static (not ambiguous), and now the server can get its address back at all times.

MAC filtering uses the theoretical unique ID to filter device access to the router. Problem is MAC address can be changed (spoofed) and a good hacker will be able to get around it even still. But it'll keep a bad hacker out :).