netreg Revisited
Jason Antman
jantman at oit.rutgers.edu
Thu Mar 24 17:18:40 UTC 2011
I've never even heard of netreg before, but we use a similar system
(well... vaguely, I guess... user connects, gets dynamic lease,
authenticates via web, lease is converted to a fixed lease, restart
DHCP, and push out a router ACL) here. DHCP config regeneration and
restart works pretty well for us, but we only use this in ResNet, so
aside from move-in week, there aren't many changes. I looked into OMAPI
about a year ago when we did a code overhaul on our current (in-house)
system... but it seemed too new and untested to me, not to mention the
changes not persisting over restarts. Every year we've got more or less
a 2-day move-in weekend with 15,000 students registering, so we need
something robust.
On the positive side, aside from IPv6, I have a MySQL schema that I
think pretty well covers most of the possibilities in dhcpd.conf, along
with scripts to build the configuration and check it before restarting
DHCPd (and fall back to last config if start fails).
Just as a comment, in the places that we have switch infrastructure new
enough to support it, we're very much leaning towards rolling out 802.1x
NAC (FreeRADIUS backed) with MAC Auth Bypass for devices that don't
support native 802.1x.
-Jason
--
Jason Antman
System Administrator
Rutgers University
OIT Central Systems & Services / NetOps
Office: 732-445-6363
Cell: 732-983-7256
jantman at oit.rutgers.edu
More information about the dhcp-users
mailing list