Re: Assign Fix IP by Option 82

Billy Ng mondeo1055 at yahoo.com
Tue Nov 17 02:15:07 UTC 2009 

Hi Glenn,

After removed the quote from the dhcpd.conf, the client still obtained the 10.1.1.x address.

I've tried to log the agent.remote-id to syslog by:

if exists agent.remote-id {
        log ( info, concat( "DHCPAGENT for lease of ",
           binary-to-ascii (10, 8, ".", leased-address), " on agent ",
           substring(option agent.remote-id, 2, 6)));
}

But from the log, I can't see the agent.remote-id:

Nov 17 10:03:48 LRMAPP01 dhcpd: DHCPAGENT for lease of 10.1.1.51 on agent 

Any idea?

Best Regards,
Billy



________________________________
寄件人﹕ Glenn Satchell <Glenn.Satchell at uniq.com.au>
收件人﹕ dhcp-users at lists.isc.org
傳送日期﹕ 2009/11月/16 (一) 7:55:03 PM
主題: Re: Assign Fix IP by Option 82

Ugh, now I see it:

> class "fix-1" {
>         match if option agent.remote-id = "2:a:0:0:a:1:1:fe:b:0:0:0";
> }

the match line should not have the quotes, so it becomes:

    match if option agent.remote-id = 2:a:0:0:a:1:1:fe:b:0:0:0;

With the quotes there it's looking for the literal string: "2",
"colon", "a", "colon" and so on... Without the quotes it represents the
list of hexadecimal octet values.

So it wasn't matching.

regards,
-glenn

>Date: Sun, 15 Nov 2009 20:13:54 -0800 (PST)
>From: Billy Ng <mondeo1055 at yahoo.com>
>Subject: Re: Assign Fix IP by Option 82
>To: Users of ISC DHCP <dhcp-users at lists.isc.org>
>X-BeenThere: dhcp-users at lists.isc.org
>
> Hi Glenn,
> 
> Thanks for your info. I've tried your recommendation in my dhcpd.conf. But the 
client still obtained the second pool IP address. Just wonder if the 
"agent.remote-id" matched to the class defined in the conf file.
> 
> DHCPD message:
> Nov 16 12:07:09 LRMAPP01 dhcpd: DHCPDISCOVER from 00:00:e8:00:99:b7 via eth1
> Nov 16 12:07:10 LRMAPP01 dhcpd: DHCPOFFER on 10.1.1.51 to 00:00:e8:00:99:b7 
(client) via eth1
> Nov 16 12:07:10 LRMAPP01 dhcpd: DHCPREQUEST for 10.1.1.51 (10.1.1.10) from 
00:00:e8:00:99:b7 (client) via eth1
> Nov 16 12:07:10 LRMAPP01 dhcpd: DHCPACK on 10.1.1.51 to 00:00:e8:00:99:b7 
(client) via eth1
> Nov 16 12:07:10 LRMAPP01 dhcpd: DHCPREQUEST for 10.1.1.51 (10.1.1.10) from 
00:00:e8:00:99:b7 (client) via 10.1.1.254
> Nov 16 12:07:10 LRMAPP01 dhcpd: DHCPACK on 10.1.1.51 to 00:00:e8:00:99:b7 
(client) via 10.1.1.254
> 
> DHCPD.lease:
> 
> lease 10.1.1.51 {
>   starts 1 2009/11/16 04:07:52;
>   ends 1 2009/11/16 05:07:52;
>   cltt 1 2009/11/16 04:07:52;
>   binding state active;
>   next binding state free;
>   hardware ethernet 00:00:e8:00:99:b7;
>   uid "\001\000\000\350\000\231\267";
>   client-hostname "client";
> }
> lease 10.1.1.51 {
>   starts 1 2009/11/16 04:07:52;
>   ends 1 2009/11/16 05:07:52;
>   cltt 1 2009/11/16 04:07:52;
>   binding state active;
>   next binding state free;
>   hardware ethernet 00:00:e8:00:99:b7;
>   uid "\001\000\000\350\000\231\267";
>   option agent.remote-id 2:a:0:0:a:1:1:fe:b:0:0:0;
>   client-hostname "client";
> }
> 
> DHCPD.conf:
> 
>   subnet 172.16.1.0 netmask 255.255.255.0 {
>     option broadcast-address 172.16.1.255;
>     option routers 172.16.1.1;
>     option domain-name "domain2.com";
>     option subnet-mask 255.255.255.0;
>     pool {
>         allow members of "fix-1";
>         range 172.16.1.10;
>         deny dynamic bootp clients;
>     }
>   }
> 
>   subnet 10.1.1.0 netmask 255.255.255.0 {
>     option domain-name "domain0.com";
>     option broadcast-address 10.1.1.255;
>     #range 10.1.1.51 10.1.1.60;
>     pool {
>         range 10.1.1.51 10.1.1.60;
>         deny members of "fix-1";
>     }
>   }
> 
> Best Regards,
> Billy
> 
> 
> 
> ________________________________
> 寄件人﹕ Glenn Satchell <Glenn.Satchell at uniq.com.au>
> 收件人﹕ dhcp-users at lists.isc.org
> 傳送日期﹕ 2009/11月/16 (一) 11:16:20 AM
> 主題: Re: Assign Fix IP by Option 82
> 
> Hi Billy
> 
> This is normal behaviour as that class is also allowed by default in
> the second range. You need to add
> 
>     pool {
>         range 10.1.1.51 10.1.1.60;
>         deny members of "fix-1";
>     }
> 
> in the second subnet.
> 
> As you can see, this works ok for a small number of hosts, but if you
> want to assign hundreds or more then it doesn't scale too well.
> 
> regards,
> -glenn
> 
> >Date: Sun, 15 Nov 2009 18:33:27 -0800 (PST)
> >From: Billy Ng <mondeo1055 at yahoo.com>
> >
> > Here is my dhcpd.conf:
> > 
> > ddns-update-style none;
> > default-lease-time 3600;
> > max-lease-time 7200;
> > deny bootp;
> > stash-agent-options true;
> > 
> > class "fix-1" {
> >         match if option agent.remote-id = "2:a:0:0:a:1:1:fe:b:0:0:0";
> > }
> > 
> > shared-network NET1 {
> >   subnet 172.16.1.0 netmask 255.255.255.0 {
> >     option broadcast-address 172.16.1.255;
> >     option domain-name "domain2.com";
> >     option subnet-mask 255.255.255.0;
> >     pool {
> >         allow members of "fix-1";
> >         range 172.16.1.10;
> >         deny dynamic bootp clients;
> >     }
> >   }
> > 
> >   subnet 10.1.1.0 netmask 255.255.255.0 {
> >     option domain-name "domain0.com";
> >     option broadcast-address 10.1.1.255;
> >     range 10.1.1.51 10.1.1.60;
> >   }
> > 
> > }
> > 
> > But the client still obtained the IP address from the pool 10.1.1.x.
> > 
> > lease 10.1.1.51 {
> >   starts 1 2009/11/16 02:14:42;
> >   ends 1 2009/11/16 03:14:42;
> >   cltt 1 2009/11/16 02:14:42;
> >   binding state active;
> >   next binding state free;
> >   hardware ethernet 00:00:e8:00:99:b7;
> >   uid "\001\000\000\350\000\231\267";
> >   client-hostname "client";
> > }
> > lease 10.1.1.51 {
> >   starts 1 2009/11/16 02:14:42;
> >   ends 1 2009/11/16 03:14:42;
> >   cltt 1 2009/11/16 02:14:42;
> >   binding state active;
> >   next binding state free;
> >   hardware ethernet 00:00:e8:00:99:b7;
> >   uid "\001\000\000\350\000\231\267";
> >   option agent.remote-id 2:a:0:0:a:1:1:fe:b:0:0:0;
> >   client-hostname "client";
> > }
> > 
> > Is the agent.remote-id value of the class match statement equal to the
> > dhcpd.leases file value? And refer to the dhcpd.leases, there're 2
> > records and the first one without the "agnent.remote-id". Just wonder
> > if it is a normal behavior. Thanks.
> > 
> > Best Regards,
> > Billy
> > 
> > 

_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users



      Yahoo!香港提供網上安全攻略,教你如何防範黑客! 請前往 http://hk.promo.yahoo.com/security/ 了解更多!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20091116/ecbdfe72/attachment.html>

More information about the dhcp-users mailing list