DHCP Roaming

James Jalbert jjalbert at rsu39.org
Thu Feb 14 14:07:18 UTC 2013


Thank you Glenn, 

The only issue is that I have 300-400 machines in Subnet A, B, and C each. Also use a Ruby on Rail Webapp to input the host information in a mysql database, and a perl script that writes host information from the database to a file called ip.hosts that is setup as an include in the main dhcpd.conf file.

I work with a few challenged people, so this sounds confusing, and was a bear to set up, but it automated the process so that a tech could go to a webpage, insert the host name and mac address for the machine, click on update, and the magic happens in the background,(database update, export and format to ip.hosts file, the restart dhcp service). So due to this I almost think that using a class would be very difficult to do. I am thinking that maybe the easiest way would be to NOT set host decelerations up for subnet D, only do dynamic addresses, and deny unknown clients in all other subnets.

James Jalbert
Network Administrator
Eastern Aroostook RSU #39 
Phone: 207-493-4246
E-Mail: jjalbert at rsu39.org



>>> "Glenn Satchell" <glenn.satchell at uniq.com.au> 2/14/2013 8:55 AM >>>
Hi James

So you need to have a way to identify all your subnet D hosts. Then you
allow or deny the class in the particular pools.

One way to do this is to use host statements for all the allowed subnet A,
B and C hosts. Then you can put "permit known hosts;" in the pools. Subnet
D would not use host statements, so these systems would be unknown.

Another option is to create a host for all the subnet A, B and C hosts as
described in the dhcpd.conf man page - search down for subclass.

class "goodguys" {
  match hardware;
}
# repeat subclass lines, one for each host to include
subclass "goodguys" 1:8:0:2b:4c:39:ad;
subclass "goodguys" 1:a:b:c:d:e:f;

subnet a.a.a.0 ... {
  pool {
    allow members of "goodguys";
    range ...
  }
}
host "goodguy1" {
  hardware ethernet 8:0:2b:4c:39:ad;
  fixed-address a.a.a.99;
}

You need to list all the good hosts mac addresses in a subclass statement,
so it is kind of doubling up (they will be in host statements too). Note
that you also need the 1 at the start of the subclass as this represents
the network type, 1 is ethernet.

If you need more help, keep asking questions. There's a few ways to do
what you want.

regards,
-glenn


On Fri, February 15, 2013 12:34 am, James Jalbert wrote:
> Yeah, I looked at classes but did not look like an easy task. Thanks for
> all your help.
>
> James Jalbert
> Network Administrator
> Eastern Aroostook RSU #39
> Phone: 207-493-4246
> E-Mail: jjalbert at rsu39.org 
>
>
>
>>>> Steven Carr <sjcarr at gmail.com> 2/14/2013 8:31 AM >>>
> On 14 February 2013 13:21, James Jalbert <jjalbert at rsu39.org> wrote:
>> But Subnet D is also going to have fixed-address clients. is there a way
>> to stop them from roaming?
>
> Not easily, you would need to look at setting up a class and adding
> each allowed mac address to the class then restrict the pool to
> clients only in the defined class. It would be a lot easier to just
> separate out managed/unmanaged clients into different subnets (and
> from a security point of view would enable you to limit the damage
> unmanaged clients can do).
>
> Steve
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org 
> https://lists.isc.org/mailman/listinfo/dhcp-users 
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org 
> https://lists.isc.org/mailman/listinfo/dhcp-users 
>


_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org 
https://lists.isc.org/mailman/listinfo/dhcp-users



More information about the dhcp-users mailing list