how respond only to specific clients
Douglas Sterner
DSterner at arnoldtrans.com
Thu Jun 22 14:03:44 UTC 2006
The error in my log file is no leases available.
# 192.168.70.X Network
class "Internal" {
match if option dhcp-client-identifier = "\0Internal";
}
subnet 192.168.70.0 netmask 255.255.254.0 {
pool {
option netbios-node-type 8;
ddns-updates on;
range 192.168.71.120 192.168.71.245;
option subnet-mask 255.255.254.0;
option routers 192.168.70.1;
allow members of "Internal";
authoritative;
#Dell 1700N Laser Jet Printer
host gptxa-1700n-1 {
hardware ethernet 00:04:00:c3:5c:04;
fixed-address 192.168.70.61;
}
#HP 4200 Laser Jet Printer
host gptxa-4200-1 {
hardware ethernet 00:30:c1:0c:6a:2f;
fixed-address 192.168.70.58;
}
Douglas Sterner
Glenn Satchell <Glenn.Satchell at uniq.com.au>
Sent by: dhcp-users-bounce at isc.org
06/22/2006 09:34 AM
Please respond to
dhcp-users at isc.org
To
dhcp-users at isc.org
cc
Subject
Re: how respond only to specific clients
>To: <dhcp-users at isc.org>
>Subject: how respond only to specific clients
>From: Douglas Sterner <DSterner at arnoldtrans.com>
>Date: Thu, 22 Jun 2006 08:44:24 -0400
>
>Trying to use the dhcp-client-identifier option to only give out IP's to
>authorized workstations. Well the short story is it doesn't work. My
>clients all have Internal as there DCI but are unable to get an address
>with this config. Do I need to use pools, the man pages have been vague
on
>examples. In addition dhcp-client-identifier, 0, 3 where can I find out
>what the 0 and 3 mean, I haven't found a good reference as of yet.
>#192.168.40.X Network
>class "Internal" {
> match if substring (option dhcp-client-identifier, 0, 3) = "Internal";
>}
>subnet 192.168.40.0 netmask 255.255.254.0 {
> pool {
> option netbios-node-type 8;
> ddns-updates on;
> range 192.168.41.120 192.168.41.245;
> option subnet-mask 255.255.254.0;
> option routers 192.168.40.1;
> allow members of "Internal";
> deny unknown-clients;
> authoritative;
> }
>
>
>
>Thanks
>
>Douglas Sterner
>
>
Hi Douglas,
You need to do a bit of reading, but the reasons why it doesn't work
are all to do with the configuration.
The substring operator is described in the dhcp-eval man page. The 0,3
describe the offset and length, so a substring of length 3 can never
equal "Internal". You probably want to just drop the whole substring bit
and use something like this:
#192.168.40.X Network
class "Internal" {
match if option dhcp-client-identifier = "Internal";
}
Note the warning in the dhcp-options page, though:
Please be aware that some DHCP clients, when configured
with client identifiers that are ASCII text, will prepend
a zero to the ASCII text. So you may need to write:
option dhcp-client-identifier "\0Internal";
The rest looks ok, but you don't need the 'deny unknown-clients;' as
the previous allow means that everything else is denied anyway.
The options are described in the dhcp-options man page, and general
configuration in the dhcpd.conf man page.
regards,
-glenn
More information about the dhcp-users
mailing list