How does DHCPD determine what IP address to assign and...

Ryan McCain Ryan.McCain at dss.state.la.us
Wed Dec 26 19:15:44 UTC 2007



>>> On Sat, Dec 22, 2007 at  3:58 AM, in message
<a06240823c3928dcd9cc7 at simon.thehobsons.co.uk>, Simon Hobson
<dhcp1 at thehobsons.co.uk> wrote: 
> Ryan McCain wrote:
>>I found a few posts in the archives but am a bit confused.  I don't 
>>know what the 0 and 9 are for and used the example I found as a 
>>template.  I am on the right track if I want all DHCP clients that 
>>connect w/ the UID containing ASYNC be assigned IP addresses between 
>>10.120.5.100-108 only??
>>
>>
>>class "DialUp" {
>>     match if substring(option vendor-class-identifier, 0, 9) = "ASYNC";
>>         log (info, " Matched Dialup Rule");
>>         range 10.120.5.100 10.120.5.108
>>}
> 
> See (IIRC) 'man dhcp-eval' for info on expressions - in this case, 
> the two numbers are start and length ...
> 
> 
> Ryan McCain wrote:
>>I might have figured it out.  Unfortunately there is no one here to 
>>test due to the holidays:
>>
>>class "DialUp" {
>>     match if substring(option vendor-class-identifier, 0, 9) = "ASYNC";
>>         log (info, " Matched Dialup Rule");
>>}
>>
>>subnet 10.116.6.0 netmask 255.255.255.0 {
>>     pool {
>>         allow members of "DialUp";
>>         range 10.116.6.1 10.116.6.8;
>>         option routers 10.116.6.1;
>>         }
>>}
>>
>><SNIP>
>>
>>#VPN
>>subnet 10.116.6.0 netmask 255.255.255.0 {
>>   range 10.116.6.9 10.116.6.179 ;
>>   option routers 10.116.6.1;
>>
>>...
>>
>>..Will this reserve IP addresses 10.116.6.1 - 10.116.6.8 for DHCP 
>>clients with a UID that contains ASYNC?
> 
> No, for two reasons.
> 
> Your expressions says to compare the first (starting at offset ZERO) 
> NINE bytes of the UID with the string "ASYNC". This will only match 
> if the UID is exactly "ASYNC". *See below for why that would be very 
> bad !
> 
> The substring function doesn't search for a string, it returns a 
> specific selection of the input. If your UIDs are of a fixed format 
> then you would be OK, eg :
> 
> ASYNC1234, ASYNC5678, etc would all be matchable with substring 0,5
> 12ASYNC345, 67ASYNC890, etc would all be matchable with substring 3,5
> 
> But if you have a mix, eg ASYNC123, 45ASYNC67, 8ASYNC9012, then the 
> string appears in different places - you would have to test for the 
> different options :
> 
> match if <expression>
>    or <expression>
>    or <expression>
>    or ...
> 
> 
> * Just in case you weren't aware, the UID must be unique to each 
> client - if present it is used as the primary key and if (for 
> example) you decided to make all dialup users have the UID of "ASYNC" 
> then to the DHCP server they would be the same client - and would get 
> the same address. This does happen, we once had a query from someone 
> who decided to identify all his Macs by setting their Client ID to 
> "MAC" and wondered why they all got the same address !


The UID always looks something like this in the lease file:: 

uid "\000cisco-10.116.6.251-Async32"

Would this then be the correct syntax:?

class "DialUp" {
    match if substring(option vendor-class-identifier, 3,5) = "Async";
        log (info, " Matched Dialup Rule");
}

subnet 10.116.6.0 netmask 255.255.255.0 {
     pool {
         allow members of "DialUp";
         range 10.116.6.1 10.116.6.8;
         option routers 10.116.6.1;
         }
}

..Am I "calling" the "DialUp" class correctly so that any UID that contains the string "Async" will be assigned an IP address between 10.116.6.1 - 10.116.6.8?

Thanks again,
Ryan



More information about the dhcp-users mailing list