matching on giaddr field
Chuck Anderson
cra at WPI.EDU
Wed Jul 23 12:38:10 UTC 2008
On Wed, Jul 23, 2008 at 01:32:26PM +0200, fadey wrote:
> I have varios cisco routers that support dhcp relay. I'd like to use a
> single dhcpd to serve IPs to all devices behind those routers. The
> problem is that devices from a specific router have to get the IPs from
> specific range. Is there a way to do it with ISC dhcpd?
>
> For now, the only solution I see is keep adding a separate network card
> for every IP range I have to serve and creating a "shared network" for
> every range. However this doesn't scale well (I might run out of
> avaliable slots for network cards).
>
> I was wondering if it is possible to create a separate class for every
> range matching on giaddr field. However I'm neither sure if it is
> possible nor if that can guarantee that a DISCOVER came from a device
> behind the router that giaddr is stating it came from.
Matching on giaddr is an intrinsic functionality of DHCP servers.
Just define non-shared networks with multiple subnet statements, and
it will work automatically as long as the giaddr matches the subnet.
An issue arises if you wish to use different IP ranges for different
routers/giaddrs in the SAME subnets. Then you must use
shared-networks and some other classification method for clients. I
believe you can match on giaddr in a class for this, or use relay
agent information options. A problem may arise when the unicast part
of a DHCP exchange doesn't use the relay agent, thus not being
classified correctly based on giaddr (0.0.0.0 in the unicast case) or
relay agent information options (non-existent in the unicast case).
More information about the dhcp-users
mailing list