Matching in a class based upon a variable
Þórhallur Hálfdánarson
tolli at tol.li
Thu Oct 19 14:05:18 UTC 2006
Hi,
I am trying to achive the following:
* Only offer an IP address from a specific pool if known device has a specific circuit ID, and the host belongs to the group assigned to the subnet
This is the config I've come up with to the following config.
# Group 1 declaration and hosts belonging to the group
group {
set AccessGroup = "Group1"
host Host1 { hardware ethernet 00:11:22:33:77:66:55:44; set ExpCID = "A/B/C"; }
}
# Do matching of known hosts in Group 1
class "Known-Group-1" {
match if AccessGroup = "Group1" and option agent.circuit-id = ExpCID;
}
# Subnet for Group 1 users
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.10.254;
# Pool for unknown hosts
pool {
max-lease-time 300;
range dynamic-bootp 10.10.10.10 10.10.10.20;
deny members of "Known-Group-1";
}
# Pool for known hosts
{
max-lease-time 7200;
range dynamic-bootp 10.10.10.128 10.10.10.250;
allow members of "Known-Group-1";
}
}
However, this is not working quite as expected, and I've traced the problem to the "match if" line in the class. If I change it to: 'match if "foo" = "foo";', the host is offered an address fromt he correct pool (known hosts). If th only try and match the group (not circuit id), i.e. with 'match if AccessGRoup = "Group1"', the device is not being matched with the class and the device is offered an addres from the incorrect pool (unknown hosts).
By using log() statements, I have been able to verify that the AccessGroup variable is being correctly set, so I'm suspecting the "match if <variable>" not to be working -- or I'm overseeing something important.
Any help is very much appreciated!
Best regards
Tolli
More information about the dhcp-users
mailing list