PXE Client configuration
Glenn Satchell
glenn.satchell at uniq.com.au
Tue Feb 16 00:39:30 UTC 2010
Hi Jason
If you have any other "allow classes" in a subnet then every other class
is denied, so you might already have the condition you require.
Whether a class is allowed or denied is a property of the pool. The
membership of a class is a function of each request. So there is no way,
within the class, to allow or deny it from a global point of view. You
could add complex logic to determine if the address was from a
particular subnet and return a next-server value, but this would add
more work than adding an explicit deny to every pool where you don't
want this class.
There's no magic global setting to deny members of a class.
regards,
-glenn
Jason Frisvold wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Greetings,
>
> We're running dhcp 3.0.5, RHEL packages, and readying ourselves to
> deploy a configuration that will allow PXE booting. We have this
> working successfully in the lab, but we're looking to restrict this on
> some subnets. So, the question is, how?
>
> I have this class definition, but it matches on every subnet. I know I
> can add a deny members of "pxeclients" to each subnet, but there are far
> more subnets I want to deny than subnets to allow. Is there a way to
> deny by default and allow only where explicitly defined?
>
> class "pxeclients" {
> match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
> next-server pxe.example.com;
> filename "x86pc/undi/wpemenu/startrom.0";
> }
>
> Thanks,
>
> - --
> - ---------------------------
> Jason Frisvold
> Network Engineer
> frisvolj at lafayette.edu
> - ---------------------------
> "What I cannot create, I do not understand"
> - Richard Feynman
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.13 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkt5hR0ACgkQO80o6DJ8UvkGNwCeKvodkpnKFV2d9WfEJpjvCcVT
> UFQAnieQiooVyzAkfFDCrzjne3ifELhV
> =S6jr
> -----END PGP SIGNATURE-----
More information about the dhcp-users
mailing list