Assign subnet's per group
Glenn Satchell
Glenn.Satchell at uniq.com.au
Fri Oct 23 00:53:11 UTC 2009
>From: Hugo Ferreira <hugoferreira at gmail.com>
>Date: Thu, 22 Oct 2009 17:22:58 +0100
>Subject: Re: Assign subnet's per group
>To: Users of ISC DHCP <dhcp-users at lists.isc.org>
>X-BeenThere: dhcp-users at lists.isc.org
>
> By Jason's example, before trying others:
>
> group xpto {
> filename "xpto";
> host xpto1 { hardware ethernet 00:c0:c3:49:2b:57; }
> host xpto2 { hardware ethernet 00:c0:c3:80:fc:32; }
> host xpto3 { hardware ethernet 00:c0:c3:22:46:81; }
> }
>
> shared-network Vlan1{
> subnet 10.1.0.0 netmask 255.255.240.0 {
> option routers 10.1.0.1;
> option subnet-mask 255.255.240.0;
> allow unknown-clients;
> }
>
>
> subnet 10.1.64.0 netmask 255.255.255.0 {
> option routers 10.1.64.253;
> option subnet-mask 255.255.255.0;
> filename "DDI";
> deny unknown-clients;
> }
> }
>
> I guess this should work. Any suggestion or notice regarding this
> configuration?
>
You need a pool to have allow or deny lists, otherwise the basic idea
is fine. You can also have more than one pool in a given subnet if that
makes it easier to divide up your address space.
So something like this, where x and y are appropriate numbers for the
IP address range:
shared-network Vlan1{
subnet 10.1.0.0 netmask 255.255.240.0 {
option routers 10.1.0.1;
option subnet-mask 255.255.240.0;
pool {
range 10.1.0.x 10.1.0.y;
allow unknown-clients;
}
}
subnet 10.1.64.0 netmask 255.255.255.0 {
option routers 10.1.64.253;
option subnet-mask 255.255.255.0;
filename "DDI";
pool {
range 10.1.64.x 10.1.64.y;
deny unknown-clients;
}
}
}
Because the clients have "host" statements they match the
"known-clients" settings and thus don't match "unknown-clients". So
they will match the 10.1.64.0 subnet where you deny unknown-clients.
This means that known-clients are allowed.
You can define the next-server and filename in the grooup, subnet or
pool as appropriate.
Sometimes it is easier to write allow known-clients
regards,
-glenn
More information about the dhcp-users
mailing list