Assigning fixed and dynamic addresses via DHCP based on Option 82 and vendorclass

Glenn Satchell Glenn.Satchell at uniq.com.au
Sun Apr 13 14:07:24 UTC 2008 

>Subject: Assigning fixed and dynamic addresses via DHCP based on Option 82 and 
vendorclass
>From: Anders Rosendal <anders at rosendal.nu>
>To: dhcp-users at isc.org
>Date: Sat, 12 Apr 2008 20:24:49 +0200
>
>Hi
>I have been struggling getting a configuration where IP-leases is based
>on option 82 to work.
>
>I have a network with Cisco-switches able to insert option 82
>information in the dhcp-packets.
>On the switch-ports both computers, and VoIP devices are connected. When
>a VoIP device is connected I want a rfc1918 adress to be assigned (I
>don't care exactly which in the range, but, when a device that is not a
>VoIP-device is connected I want a for the port fixed public IP to be
>assigned.
>The VoIP-devices are detected based on the Vendor-class.
>
>i have no problem getting either of these configurations to work, but
>not at the same time.
>
>This is the configuration used to match on option 82, i.e. I match on
>the remote-id and circuit-id, and create a separate class and pool for
>each port:
>
>-------------------------------
>class "as07-Fa0/1" {
>	match if(substring (option agent.remote-id, 2, 4) = "as07" and
>binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
>}
>
>subnet 1.2.3.0 netmask 255.255.255.0 {
>	option routers 1.2.3.1;
>	option subnet-mask 255.255.255.0;
>	option broadcast-address 1.2.3.255;
>	pool {
>		range 1.2.3.20;
>		allow members of "as07-Fa0/1";
>	}
>}
>-------------------------------
>
>This is the configuration used for detecting VoIP-devices:
>
>class "VOIP_TA2S" {
>        match if substring(option vendor-class-identifier, 0, 4) =
>"VOIP";
>}
>
>subnet 172.31.4.0 netmask 255.255.254.0 {
>	option routers                  172.31.4.1;
>        option subnet-mask              255.255.254.0;
>        option broadcast-address        172.31.5.255;
>        default-lease-time 14400;
>        max-lease-time 28800;
>        min-lease-time 3600;
>        pool {
>        	allow members of "VOIP_TA2S";
>                option tftp-server-name "1.2.3.254";
>                option bootfile-name "configfile.dat";
>                range 172.31.5.128 172.31.5.252;
>        }
>}
>----------------------------------
>
>
>
>
>I have tried class-configurations like the one below, where I create two
>class-statemanets for each port, matching both option 82 and
>vendor-class:
>
>class "as07-Fa0/1" {
>	match if(substring (option agent.remote-id, 2, 4) = "as07" and
>binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
>and not substring(option vendor-class-identifier, 0, 4) = "VOIP");
>}
>
>class "as07-Fa0/1-VoIP" {
>	match if(substring (option agent.remote-id, 2, 4) = "as07" and
>binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
>and substring(option vendor-class-identifier, 0, 4) = "VOIP");
>}
>
>(There may be syntax-errors in the lines above)
>
>
>Does anyone have any idéas on how this could be done?
>
>I've been reading dhcp-eval, dhcpd.conf, dhcp-options and some
>googeling.
>
>Is it possible? Am I looking in the right direction?
>
>
>Best Regards Anders Rosendal
>
Hi Anders

Actually you are very close ... What you are describing, two
different IP ranges in the one network segnet is a shared
network (in DHCP speak). So you configuration could look like
this:

class "as07-Fa0/1" {
	match if(substring (option agent.remote-id, 2, 4) = "as07" and
binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
}

class "VOIP_TA2S" {
	match if substring(option vendor-class-identifier, 0, 4) = "VOIP";
}
shared-network "my_network" {
	subnet 1.2.3.0 netmask 255.255.255.0 {
		option routers 1.2.3.1;
		option subnet-mask 255.255.255.0;
		option broadcast-address 1.2.3.255;
		pool {
			range 1.2.3.20;
			allow members of "as07-Fa0/1";
		}
	}
	subnet 172.31.4.0 netmask 255.255.254.0 {
		option routers                  172.31.4.1;
		option subnet-mask              255.255.254.0;
		option broadcast-address        172.31.5.255;
		default-lease-time 14400;
		max-lease-time 28800;
		min-lease-time 3600;
		pool {
			allow members of "VOIP_TA2S";
			option tftp-server-name "1.2.3.254";
			option bootfile-name "configfile.dat";
			range 172.31.5.128 172.31.5.252;
		}
	}
}

Unrelated tothe above, but in terms of code efficiency, this line can
be expressed in a slightly simpler form:

binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"

is equivalent to

suffix (option agent.circuit-id, 1) = 3;

regards,
-glenn

More information about the dhcp-users mailing list