about concept "group", "shared-network", and "subnet", thanks.

Simon Hobson dhcp1 at thehobsons.co.uk
Tue Apr 19 08:42:54 UTC 2011 

Guo, Fei wrote:

>   what is the relationship between "group", "shared-network", and 
>"subnet" in ISC configuration?? can someone give me some clue?? 
>thank you very much in advance.

Have you read "man dhcpd-conf" yet ?

Group simply allows you to apply options collectively to a number of 
host statements like this :

group {
   option ...
   option ...
   host ...
   host ...
}
The option will apply to each host in the group without having to 
repeat them inside each host statement.

Groups are unconnected with subnet and shared-network. Note that you 
should always declare hosts at the global level (ie not inside any 
subnet declaration) as they are always global in scope but do inherit 
options from an enclosing subnet - this leads to very strange, and 
almost always incorrect, option inheritance.

"subnet" simply defines a subnet.

"shared-network" is used for the situation where you run multiple IP 
subnets on the same wire. Note - this is **NOT** the case for most 
users, and is also completely different to using VLANs to trunk 
several networks over one circuit.
Eg :
shared-network demo {
   subnet 192.168.1.0 ...
   subnet 10.0.0.0 ...
}
defines a case where computers on that physical network may use 
192.168.1.x or 10.0.0.x addresses interchangeably. The DHCP server 
will allocate addresses from either subnet (assuming you have ranges 
defined). In the case of a remote network, the GI Addr field filled 
in by the relay agent on the remote network may be in either subnet 
and the DHCP server can work out from the shared-network statement 
that both sets of IP addresses are valid.

DO NOT use shared-network where (for example) there are two remote 
networks. While the relayed request packets arrive at the server on 
the same interface, the subnets are still separate.
Similarly, do not use it where you have a VLAN capable switch and 
trunk multiple VLANs to your server. Each VLAN on the server acts as 
a separate ethernet interface as far as software is concerned.


So, inheritance rules go like this, going more specific from left to 
right, and with more specific option overriding the more general ones 
:

global - [shared-network] - subnet - pool

And for hosts with a host declaration (I think)
global - [group] - host - [shared-network] - subnet - pool


-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list