Assigning fixed and dynamic addresses via DHCP based on Option 82 and vendorclass

Anders Rosendal anders at rosendal.nu
Sun Apr 13 14:42:38 UTC 2008


On Mon, 2008-04-14 at 00:07 +1000, Glenn Satchell wrote:
> >Subject: Assigning fixed and dynamic addresses via DHCP based on Option 82 and 
> vendorclass
> >From: Anders Rosendal <anders at rosendal.nu>
> >To: dhcp-users at isc.org
> >Date: Sat, 12 Apr 2008 20:24:49 +0200
> >
> >Hi
> >I have been struggling getting a configuration where IP-leases is based
> >on option 82 to work.
> >
> >I have a network with Cisco-switches able to insert option 82
> >information in the dhcp-packets.
> >On the switch-ports both computers, and VoIP devices are connected. When
> >a VoIP device is connected I want a rfc1918 adress to be assigned (I
> >don't care exactly which in the range, but, when a device that is not a
> >VoIP-device is connected I want a for the port fixed public IP to be
> >assigned.
> >The VoIP-devices are detected based on the Vendor-class.
> >
> >i have no problem getting either of these configurations to work, but
> >not at the same time.
> >
> >This is the configuration used to match on option 82, i.e. I match on
> >the remote-id and circuit-id, and create a separate class and pool for
> >each port:
> >
> >-------------------------------
> >class "as07-Fa0/1" {
> >	match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
> >}
> >
> >subnet 1.2.3.0 netmask 255.255.255.0 {
> >	option routers 1.2.3.1;
> >	option subnet-mask 255.255.255.0;
> >	option broadcast-address 1.2.3.255;
> >	pool {
> >		range 1.2.3.20;
> >		allow members of "as07-Fa0/1";
> >	}
> >}
> >-------------------------------
> >
> >This is the configuration used for detecting VoIP-devices:
> >
> >class "VOIP_TA2S" {
> >        match if substring(option vendor-class-identifier, 0, 4) =
> >"VOIP";
> >}
> >
> >subnet 172.31.4.0 netmask 255.255.254.0 {
> >	option routers                  172.31.4.1;
> >        option subnet-mask              255.255.254.0;
> >        option broadcast-address        172.31.5.255;
> >        default-lease-time 14400;
> >        max-lease-time 28800;
> >        min-lease-time 3600;
> >        pool {
> >        	allow members of "VOIP_TA2S";
> >                option tftp-server-name "1.2.3.254";
> >                option bootfile-name "configfile.dat";
> >                range 172.31.5.128 172.31.5.252;
> >        }
> >}
> >----------------------------------
> >
> >
> >
> >
> >I have tried class-configurations like the one below, where I create two
> >class-statemanets for each port, matching both option 82 and
> >vendor-class:
> >
> >class "as07-Fa0/1" {
> >	match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
> >and not substring(option vendor-class-identifier, 0, 4) = "VOIP");
> >}
> >
> >class "as07-Fa0/1-VoIP" {
> >	match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
> >and substring(option vendor-class-identifier, 0, 4) = "VOIP");
> >}
> >
> >(There may be syntax-errors in the lines above)
> >
> >
> >Does anyone have any idéas on how this could be done?
> >
> >I've been reading dhcp-eval, dhcpd.conf, dhcp-options and some
> >googeling.
> >
> >Is it possible? Am I looking in the right direction?
> >
> >
> >Best Regards Anders Rosendal
> >
> Hi Anders
> 
> Actually you are very close ... What you are describing, two
> different IP ranges in the one network segnet is a shared
> network (in DHCP speak). So you configuration could look like
> this:
> 
> class "as07-Fa0/1" {
> 	match if(substring (option agent.remote-id, 2, 4) = "as07" and
> binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
> }
> 
> class "VOIP_TA2S" {
> 	match if substring(option vendor-class-identifier, 0, 4) = "VOIP";
> }
> shared-network "my_network" {
> 	subnet 1.2.3.0 netmask 255.255.255.0 {
> 		option routers 1.2.3.1;
> 		option subnet-mask 255.255.255.0;
> 		option broadcast-address 1.2.3.255;
> 		pool {
> 			range 1.2.3.20;
> 			allow members of "as07-Fa0/1";
> 		}
> 	}
> 	subnet 172.31.4.0 netmask 255.255.254.0 {
> 		option routers                  172.31.4.1;
> 		option subnet-mask              255.255.254.0;
> 		option broadcast-address        172.31.5.255;
> 		default-lease-time 14400;
> 		max-lease-time 28800;
> 		min-lease-time 3600;
> 		pool {
> 			allow members of "VOIP_TA2S";
> 			option tftp-server-name "1.2.3.254";
> 			option bootfile-name "configfile.dat";
> 			range 172.31.5.128 172.31.5.252;
> 		}
> 	}
> }
> 
> Unrelated tothe above, but in terms of code efficiency, this line can
> be expressed in a slightly simpler form:
> 
> binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
> 
> is equivalent to
> 
> suffix (option agent.circuit-id, 1) = 3;
> 
> regards,
> -glenn
> 
> 
> 
Hi
I have configured a "shared-network" but did not put that in the config
since I regarded it as given for my configuration.

The problem is when using the proposed configuration the VoIP-devices
matches my classes like "as07-Fa0/1", and assigns a public IP. 
I would like to either add a third conditional statement matching, or
not matching the "voip vendor-class". 

Can a client belong to more then one class?

Are there a predictable order in which classes are assigned to a
request, or a class is mapped into a pool?

Regards Anders R

ps. Glenn, thanks for the efficiency note ds.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner on mars.rosendal.nu,
and is believed to be clean.



More information about the dhcp-users mailing list