SV: SV: lease limits, classes & subclasses

Lars Jacobsen lj at sydfynsel.dk
Mon Mar 19 07:28:17 UTC 2007


> G. Coles wrote:
> Hello Lars,
> 
> first of all thanks for your reply - very helpful indeed and you gave me
> new
> insights to try out :) Yes you assumed right the RID is a normal MAC
> address.
> 
> Meanwhile I was trying out some things & what I assumed before I started
> is
> that dhcpd parses the conf file sequentially - so i thought... if I
> defined
> the classes of those special (but few) RIDs for which I want multiple
> lease
> limits first then define a normal class that limits all the rest with
> lease
> limit 1 then I should work.
> 
> so i went about defining the classes as follows:
> 
> class "limited-to-2-lease" {
>              match if substring (option agent.remote-id , 0, 17);
>              lease limit 2;
> }
> subclass "limited-to-1-lease" "XX:XX:XX:XX:XX:XX";
> subclass "limited-to-1-lease" "YY:YY:YY:YY:YY:YY";


[Lars Jacobsen] 

If you want "XX:XX:XX:XX:XX:XX and "YY:YY:YY:YY:YY:YY" to have two leases you have to make them a subclass of "limited-to-2-lease" instead of a the subclass "limited-to-1-lease. 
Even though the sever parses the config file sequential and finds "XX:XX:XX:XX:XX:XX and "YY:YY:YY:YY:YY:YY" right after "limited-to-2-leases" they actually belongs to a class that hasn't been decleared yet. But if the server figures out that the class is being declared later, then no problem. Otherwice the server reports an error.

> 
> class "limited-to-1-lease" {
>              spawn with option agent.remote-id
>              lease limit 1;
> }
> 
> In fact when I tested it out dhcpd parses conf file sequentially so it
> worked for me
> What do you think? is there some caveat somewhere for which I should
> consider defining each and every RID for which I want a lease limit of 1
> or
> does my method always work?
> 

[Lars Jacobsen] 
I cant say that it always will work, but if you tested the setup and find it working then OK. The "spawn with" function will always create an subclass on the fly. 
Remember if you make a wide class match like OID of MAC and a more specific or use the "spawn" class, then a client can belong to more classes witch might cause problems when you make allow/deny statements in a pool. Just to make you aware.


> What I'm trying to do, I'm sure you noticed this, is that I'm trying to
> avoid defining each and every RID which I want to have a lease limit 1
> because of the huge number (thousands) of MACs that will need to be listed
> here.
> 
> Thanks for your link too Lars - extremely helpful
> 

[Lars Jacobsen] 
Hoped they would, that's why a made it ;-)
 

> GC
> 
> >From: "Lars Jacobsen" <lars-jacobsen at newmail.dk>
> >Reply-To: dhcp-users at isc.org
> >To: <dhcp-users at isc.org>
> >Subject: SV: lease limits, classes & subclasses
> >Date: Thu, 15 Mar 2007 20:55:41 +0100
> >
> > > G. Coles wrote:
> > >
> > > what i'm trying to do (hopefully this can be done) is to classify dhcp
> > > clients into 2 types: example:
> > > 1st type: takes 'lease limit 1;'
> > > 2nd type: takes 'lease limit 4;'
> > >
> > > now the only thing I can use in my scenario to classify clients is the
> > > option agent.remote-id
> > >
> >
> >Ok how is the struckture af the RID ?
> >To me it looks like you are using MAC addresses.
> >
> >If they are all random then I guess you have to add them one by one,
> >something like this:
> >
> >
> >class "limmited-to-1-lease" {
> >             match if substring (option agent.remote-id , 0, 17);
> >             lease limit 1;
> >         }
> >         subclass "limmited-to-1-lease" "XX:XX:XX:XX:XX:XX;
> >         subclass "limmited-to-1-lease" "YY:YY:YY:YY:YY:YY";
> >
> >
> >class "limmited-to-2-lease" {
> >             match if substring (option agent.remote-id , 0, 17);
> >             lease limit 2;
> >         }
> >         subclass "limmited-to-2-lease" "ZZ:ZZ:ZZ:ZZ:ZZ:ZZ;
> >
> >
> >class "limmited-to-4-lease" {
> >             match if substring (option agent.remote-id , 0, 17);
> >             lease limit 4;
> >         }
> >         subclass "limmited-to-4-lease" "AA:AA:AA:AA:AA:AA;
> >         subclass "limmited-to-4-lease" "BB:BB:BB:BB:BB:BB;
> >         subclass "limmited-to-4-lease" "CC:CC:CC:CC:CC:CC;
> >
> >
> >
> >Othervice if all the RID´s have something in common like the first 3
> bytes
> >you can do a match on just that part instead of the whole RID to match a
> >class and then use spawning to make a unique class for each RID.
> >
> >
> >class "XX:XX:XX" {
> >match if  substring ( (option agent.remote-id) , 0,8)= "XX:XX:XX";
> >spawn with option agent.remote-id;
> >lease limit 4;
> >}
> >
> >
> >class "ZZ:ZZ:ZZ:01-to-ZZ:ZZ:ZZ:02" {
> >match if  substring ( (option agent.remote-id) , 0,8)= "ZZ:ZZ:ZZ" AND
> >(substring ( (option agent.remote-id) , 8,2)= "01" OR
> >substring ( (option agent.remote-id) , 8,2)= "02");
> >spawn with option agent.remote-id;
> >lease limit 1;
> >}
> >
> >
> >class "AA:BB:CC:01-to-AA:BB:CC:04" {
> >match if  substring ( (option agent.remote-id) , 0,8)= "AA:BB:CC" AND
> >(substring ( (option agent.remote-id) , 8,2)= "01" OR
> >substring ( (option agent.remote-id) , 8,2)= "02"
> >substring ( (option agent.remote-id) , 8,2)= "03"
> >substring ( (option agent.remote-id) , 8,2)= "04");
> >spawn with option agent.remote-id;
> >lease limit 2;
> >}
> >
> >
> >
> >I made a little description on my own problems and how I solved them.
> >You can find it here:
> >www.strammelse.dk/dhcp
> >
> >
> >Regards
> >
> >/Lars
> >
> >
> 
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
> 



More information about the dhcp-users mailing list