Class definitions behavior

Simon Hobson simon at
Wed Sep 8 19:59:05 UTC 2010

Adam Moffett wrote:

>Thanks Simon.  If I understand you correctly then a client can 
>belong to many classes.


>In a pool let's say I allow one class and deny another like so:
>pool {
>   allow members of "foo";
>   deny members of "bar";
>   range x.x.x.x y.y.y.y;
>If a client belongs to both foo and bar will he be allowed or denied?
>I think you're going to tell me that the answer is "allowed" because 
>that's what I think I'm seeing.

Actually my answer is "dunno" ! Allow and Deny aren't done as a list, 
and the results aren't as intuitive as perhaps they could be in 
hindsight - but I assume the devs had a reason to do it as they did.

General advice is to avoid mixing allow and deny clauses.

Simon Hobson

Visit for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list