multiple "match-values" in a subclass

Simon Hobson dhcp1 at
Thu Aug 9 07:25:00 UTC 2012

Please don't top post ...

Vijayakumar T. T. wrote:

>Am attaching dhcp configuration below kindly suggest the changes.

You like hard work don't you ! Have you never heard of formatting ? 
Let me format that so it's readable.

ignore client-updates;
update-static-leases on;
log-facility local6;
ddns-updates on;
ddns-update-style interim;

subnet netmask { #;
   option routers;
   default-lease-time 1800;
   max-lease-time 2700;

key "rndc-key"{#;
algorithm hmac-md5;
secret "ZMuBAUkZcqucayG2u6IoRg==";}
class "extern" { match hardware; }
subclass "extern" 1:00:1e:ec:63:44:11;
option wpad code 252=text;
option subnet-mask;
option domain-name "";
option domain-name-servers;
option time-offset -18000;
option ntp-servers;

subnet netmask {
   range dynamic-bootp;
   pool {
     allow members of "extern";
   default-lease-time 300;
   max-lease-time 360;
   ddns-updates on;

   zone {#;
   key "rndc-key";}
   zone {
     key "rndc-key";
   option routers;
   option subnet-mask;
   option domain-name "";
   option domain-name-servers;
   option time-offset -18000;

Right, now it's actually possible to see the structure - oh dear !

>1. When ever I connect using system having MAC address 
>"00:1e:ec:63:44:11", i get an IP from "dynamic-bootp 
>". Since this MAC falls in class "extern" the system 
>should actualy get an IP from "range", 
>which is not happening.

Incorrect. You have told the DHCP server that this client may get an 
address from either the extern pool, or the dynamic-bootp range. If 
that isn't what you want, then you must change your config so that 
the client is explicitly excluded from the range(s) you don't want it 
to get an address from.
In this case, that would mean :
   pool {
     range dynamic-bootp;
     deny members of "extern";

>  Kindly suggest the changes required to acheive it.
>2. If i delete "dynamic-bootp" 
>statement in dhcp configuration , the system is taking IP address 
>from "range" pool. Is that something 
>to do with order of configuration line ???

No, order is unimportant - the client may have any address you have 
told the server it must have. If you don't specify which clients may 
use an address, then all of them may.

>3. The DDNS updation for the said MAC address also enabled in dhcp 
>configuration.. Is it because of that the MAC address is not getting 
>IP from range ""

Sorry, I don't understand the question.
But, you should also define your DDNS zones in the global scope. I'd 
also suggest not scattering global options in multiple places - a 
natural tendency would be to stop reading for global options once you 
see the first subnet declaration.

Simon Hobson

Visit for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list