class member

Paolo Barbato paolo.barbato at
Fri Nov 21 07:54:45 UTC 2008

I'm really using a shared-network block to point to my VLAN : so it  
seems I was wrong!

I've corrected my config and, as Simon also mentioned, "automagic"  
come in place.

Thanks !


On 20/nov/08, at 19:21, Bruce Hudson wrote:

>> I'd like to restrict access to some specific pools, from some  
>> specific
>> VLAN,  by means of a class that take care of the source ip of the
>> request packet.
>> For example :
>> Nov 20 16:04:03 intranet dhcpd: DHCPDISCOVER from 00:1c:bf:92:d6:e0
>> via
>> Nov 20 16:04:03 intranet dhcpd: DHCPOFFER on to
>> 00:1c:bf:92:d6:e0 via
>> I mean the "via" IP address.
>> Is it possible ?
>    Your request is a bit amiguous. You mention "the source IP of the
> packet", which is one thing; then "the via IP address", which is a
> different thing altogether.
>    To start with the second option, the address logged above is the
> "giaddr" field that is part of the DHCP packet. Restricting offered
> addresses to match it is core functionality. The DHCP server will
> never give out an address that it thinks is wrong for what-ever
> broadcast domain (aka the VLAN) that the request came from; and the
> "giaddr" field (or the interface IP if the request is seen directly
> as a broadcast, without being relayed) is used to determine which
> broadcast domain that is.
>    The most common reason that this does not work is use of a
> "shared-network" block incorrectly.
>    If you do need the source IP address, for what-ever weird reason,
> there is no built-in way to look at it in the server but it is in a
> fixed place in the packet so the "packet" function should allow you
> to use it to determine your class membership. However, unless you are
> dealing with seriously broken relay devices, you should not need to
> use the source IP.
> --
> Bruce A. Hudson				| Bruce.Hudson at Dal.CA
> UCIS, Networks and Systems		|
> Dalhousie University			|
> Halifax, Nova Scotia, Canada		| (902) 494-3405
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at

Paolo Barbato               email: mailto:paolo.barbato at
Network Administrator   phone: (39-049)-829-5097
Corso Stati Uniti,4            www:
35127 Camin-Padova       PGP:
ITALY                      JabberID: rfx_paolo_barbato at

More information about the dhcp-users mailing list