netreg Revisited

John Wobus jw354 at cornell.edu
Fri Mar 25 14:34:42 UTC 2011


We rolled our own system years ago that's pretty
much as you describe netreg and we have never
changed from restarting dhcpd to using OMAPI.  I was
influenced by an on-list dhcpd developer comment that
they'd like to replace OMAPI, and also I was
uncomfortable with host configs in the lease file
rather than the config file.  Also, by regenerating
the entire config file, we easily eliminate the
possibility of dhcpd and our database getting out
of synch.  But obviously OMAPI's worked very
well for many sites, who probably laugh at the
hoops we jump through to avoid using it.

We run a redundant pair and we restart dhcpd every 2
minutes when there are config changes awaiting
deployment.  I think we assist ISC by exercising
dhcpd in a somewhat-extreme manner.

John Wobus
Cornell


On Mar 22, 2011, at 12:27 PM, Martin McCormick wrote:

> 	Some years ago, Carnegie Mellon University built a
> clever use of dhcp and DNS called netreg to authenticate clients
> who wanted to connect to their networks. It looks like nobody
> has done much to it since about 2005 and there is no mention of
> failover or omapi. All updates are done the old fashioned-way.
> Modify dhcpd.conf. Stop the server. Say a prayer and restart
> dhcpd.
>
> 	We've been asked to investigate netreg so I am asking
> whether there is a modernized version that exists and makes use
> of omapi for dynamic updates.
>
> 	The original idea was that each network had a small pool
> of dynamic leases with very short lifetimes. A client is sent to
> the authentication server and, if approved, he gets put in to
> the known pool. By using omapi, he could also be given a bootP
> entry if the magic between authentication and approval can do
> that.
> 	We are basically looking to make sure we don't re-envent
> any good wheels that have already been proven to roll.
>
> 	Thanks for all constructive ideas.
>
> Martin McCormick WB5AGZ  Stillwater, OK
> Systems Engineer
> OSU Information Technology Department Telecommunications Services  
> Group
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users




More information about the dhcp-users mailing list