Classes and lease limit problems

Claus Holm Christensen iscdhcp at claushc.dk
Sun Jan 6 14:18:41 UTC 2008


Hello,

I'm running a rather large network with a couple of hundred subnets
(small ISP), and I hope somebody here can help me figuring out a problem
I'm running into every now and then.

Basically I wish to limit my customers to one IP per switch port, which
should be a simple example of spawning classes with lease limits. We are
also using VLANs to distinguish between Internet and VoIP traffic, that
means that one port will get IP addresses from multiple subnets.

We have just upgraded to from 3.0.4 to 3.0.6 (from Debian stable to
Debian testing), since the changelog mention that an error was fixed
that caused some miscalculations of lease limits.

Stripped down to the relevant bits, my config is made up of a few
classes like the ones below and a number of subnets. The shared-networks
is used to make the logs easier to read:

class "iplimit-standard" {
        lease limit 1;
        spawn with concat("HSI:",
            binary-to-ascii(16, 8, "", suffix(option agent.remote-id,
6)), "-",
            binary-to-ascii(10, 8, "", suffix(option agent.circuit-id, 4))
        );
}
class "iplimit-VOIP" {
        lease limit 3;
        spawn with concat("VOIP:",
            binary-to-ascii(16, 8, "", suffix(option agent.remote-id,
6)), "-",
            binary-to-ascii(10, 8, "", suffix(option agent.circuit-id, 4))
        );
}

shared-network Vlan132_provATA {
        subnet 10.100.34.0 netmask 255.255.255.0 {
                option routers 10.100.34.1;
                max-lease-time 1209600;
                default-lease-time 604800;
                option tftp-server-name "10.100.X.X";
                option bootfile-name "atadefault.cfg";
                next-server 172.16.X.X;
                pool {
                        range 10.100.34.4 10.100.34.254;
                        allow members of "iplimit-VOIP";
                }
        }
}

The class "iplimit-standard" is used for public IP-adresses, and the
class "iplimit-VOIP" is used for our VoIP telephones. All the subnets
are based on the same template, just a few different options and other
allowed classes.

Now, a few of our customers can't get an IP address and the log claims
it's due to "no billing available". While investigating I found this in
the leases file:

lease 10.100.34.239 {
  starts 6 2008/01/05 21:04:34;
  ends 6 2008/01/12 21:04:34;
  binding state active;
  next binding state free;
  billing subclass "iplimit-standard" "HSI:0ff715640-00039";
  hardware ethernet XX:XX:XX:XX:c1:95;
  option agent.circuit-id 0:0:0:27;
  option agent.remote-id 0:f:f7:15:64:0;
}

A lease for an address of 10.100.34.239 that ended up in the
"iplimit-standard" subclass... How is that possible?

I have studied the documentation, and I have casually glanced through
the mailing list archives more than once, but I don't remember seeing
anything like this. I have checked the config of the switch and the
relay agent (Cisco router), but I can't find any errors there.



More information about the dhcp-users mailing list