Classifying clients based on FQDN in option 81
Glenn Satchell
glenn.satchell at uniq.com.au
Wed Feb 27 13:31:07 UTC 2013
In terms of the configuration language it is certainly possible.
class "example-com" {
match if option fqdn.domainname = "example.com";
}
However, you may need to do a simple packet capture to check that your
clients actually send that option in the DHCPDISCOVER packet. If it isn't
there then the server can't make the decision about what to offer.
regards,
-glenn
On Wed, February 27, 2013 8:50 pm, Niall O'Reilly wrote:
>
> On 27 Feb 2013, at 02:24, VithalPrasad Gaitonde wrote:
>
>> Can one configure the ISC DHCP server to define class(es) of clients
>> based on the DNS domain sent in option 81 by the client.
>
> I haven't tried that, but I'ld be surprised if it couldn't be done;
> the man pages for dhcpd.conf and dhcp-eval seem to contain the
> information you need.
>
> That said, I would ask two more basic questions:
>
> 1. Can one depend on the client to set option 81?
> 2. Can one trust the client not to spoof a "more attractive" DNS
> domain name than the "legitimate" one?
>
> Good luck!
>
>> Can you then use this class to set options and specific IP range for
>> such a class of clients.
>
> Surely.
>
> IHTH
> Niall O'Reilly
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
More information about the dhcp-users
mailing list