Assigning fixed and dynamic addresses via DHCP based on Option 82 and vendorclass
Anders Rosendal
anders at rosendal.nu
Sun Apr 13 14:42:38 UTC 2008
On Mon, 2008-04-14 at 00:07 +1000, Glenn Satchell wrote:
> >Subject: Assigning fixed and dynamic addresses via DHCP based on Option 82 and
> vendorclass
> >From: Anders Rosendal <anders at rosendal.nu>
> >To: dhcp-users at isc.org
> >Date: Sat, 12 Apr 2008 20:24:49 +0200
> >
> >Hi
> >I have been struggling getting a configuration where IP-leases is based
> >on option 82 to work.
> >
> >I have a network with Cisco-switches able to insert option 82
> >information in the dhcp-packets.
> >On the switch-ports both computers, and VoIP devices are connected. When
> >a VoIP device is connected I want a rfc1918 adress to be assigned (I
> >don't care exactly which in the range, but, when a device that is not a
> >VoIP-device is connected I want a for the port fixed public IP to be
> >assigned.
> >The VoIP-devices are detected based on the Vendor-class.
> >
> >i have no problem getting either of these configurations to work, but
> >not at the same time.
> >
> >This is the configuration used to match on option 82, i.e. I match on
> >the remote-id and circuit-id, and create a separate class and pool for
> >each port:
> >
> >-------------------------------
> >class "as07-Fa0/1" {
> > match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
> >}
> >
> >subnet 1.2.3.0 netmask 255.255.255.0 {
> > option routers 1.2.3.1;
> > option subnet-mask 255.255.255.0;
> > option broadcast-address 1.2.3.255;
> > pool {
> > range 1.2.3.20;
> > allow members of "as07-Fa0/1";
> > }
> >}
> >-------------------------------
> >
> >This is the configuration used for detecting VoIP-devices:
> >
> >class "VOIP_TA2S" {
> > match if substring(option vendor-class-identifier, 0, 4) =
> >"VOIP";
> >}
> >
> >subnet 172.31.4.0 netmask 255.255.254.0 {
> > option routers 172.31.4.1;
> > option subnet-mask 255.255.254.0;
> > option broadcast-address 172.31.5.255;
> > default-lease-time 14400;
> > max-lease-time 28800;
> > min-lease-time 3600;
> > pool {
> > allow members of "VOIP_TA2S";
> > option tftp-server-name "1.2.3.254";
> > option bootfile-name "configfile.dat";
> > range 172.31.5.128 172.31.5.252;
> > }
> >}
> >----------------------------------
> >
> >
> >
> >
> >I have tried class-configurations like the one below, where I create two
> >class-statemanets for each port, matching both option 82 and
> >vendor-class:
> >
> >class "as07-Fa0/1" {
> > match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
> >and not substring(option vendor-class-identifier, 0, 4) = "VOIP");
> >}
> >
> >class "as07-Fa0/1-VoIP" {
> > match if(substring (option agent.remote-id, 2, 4) = "as07" and
> >binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
> >and substring(option vendor-class-identifier, 0, 4) = "VOIP");
> >}
> >
> >(There may be syntax-errors in the lines above)
> >
> >
> >Does anyone have any idéas on how this could be done?
> >
> >I've been reading dhcp-eval, dhcpd.conf, dhcp-options and some
> >googeling.
> >
> >Is it possible? Am I looking in the right direction?
> >
> >
> >Best Regards Anders Rosendal
> >
> Hi Anders
>
> Actually you are very close ... What you are describing, two
> different IP ranges in the one network segnet is a shared
> network (in DHCP speak). So you configuration could look like
> this:
>
> class "as07-Fa0/1" {
> match if(substring (option agent.remote-id, 2, 4) = "as07" and
> binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3");
> }
>
> class "VOIP_TA2S" {
> match if substring(option vendor-class-identifier, 0, 4) = "VOIP";
> }
> shared-network "my_network" {
> subnet 1.2.3.0 netmask 255.255.255.0 {
> option routers 1.2.3.1;
> option subnet-mask 255.255.255.0;
> option broadcast-address 1.2.3.255;
> pool {
> range 1.2.3.20;
> allow members of "as07-Fa0/1";
> }
> }
> subnet 172.31.4.0 netmask 255.255.254.0 {
> option routers 172.31.4.1;
> option subnet-mask 255.255.254.0;
> option broadcast-address 172.31.5.255;
> default-lease-time 14400;
> max-lease-time 28800;
> min-lease-time 3600;
> pool {
> allow members of "VOIP_TA2S";
> option tftp-server-name "1.2.3.254";
> option bootfile-name "configfile.dat";
> range 172.31.5.128 172.31.5.252;
> }
> }
> }
>
> Unrelated tothe above, but in terms of code efficiency, this line can
> be expressed in a slightly simpler form:
>
> binary-to-ascii (10, 8, "", suffix (option agent.circuit-id, 1)) = "3"
>
> is equivalent to
>
> suffix (option agent.circuit-id, 1) = 3;
>
> regards,
> -glenn
>
>
>
Hi
I have configured a "shared-network" but did not put that in the config
since I regarded it as given for my configuration.
The problem is when using the proposed configuration the VoIP-devices
matches my classes like "as07-Fa0/1", and assigns a public IP.
I would like to either add a third conditional statement matching, or
not matching the "voip vendor-class".
Can a client belong to more then one class?
Are there a predictable order in which classes are assigned to a
request, or a class is mapped into a pool?
Regards Anders R
ps. Glenn, thanks for the efficiency note ds.
--
This message has been scanned for viruses and
dangerous content by MailScanner on mars.rosendal.nu,
and is believed to be clean.
More information about the dhcp-users
mailing list