Selecting fixed or dynamic address based on vendor-class-identifier

Glenn Satchell glenn.satchell at uniq.com.au
Tue Oct 22 00:57:21 UTC 2013


On Tue, October 22, 2013 11:44 am, Sten Carlsen wrote:
>
> On 22/10/13 02.43, Sten Carlsen wrote:
>>
>> On 22/10/13 02.32, Glenn Satchell wrote:
>>> Hi Anders
>>>
>>> Without the host statement, ie assuming you were using a dynamic
>>> address
>>> in both subnets this would be easy. Allow pxeclient class in one pool
>>> and
>>> deny it in the other.
>> You would also need to allow/deny known-clients, allow members of ...
>> does not deny known clients.
> I was thinking if there was still a host statement.

:)

If there is a host statement then it is always a known-client, whether it
is doing pxe or not. Put in a deny known-clients and the pxe pool won't
match any more.

The approach below is to only apply the fixed-address when it is not a
pxe-client. But I don't know if that will work like I expect.

regards,
-glenn

>>> class "pxeclient" {
>>>     match if substring (option vendor-class-identifier, 0, 9) =
>>> "PXEClient";
>>> }
>>>
>>> shared-network all {
>>>     subnet 192.168.254.0 netmask 255.255.255.0 {
>>>     pool {
>>>       allow members of "pxeclient";
>>>       range 192.168.254.100 192.168.254.109;
>>>     }
>>>   }
>>>
>>>     subnet 192.168.255.0 netmask 255.255.255.0 {
>>>     pool {
>>>       deny members of "pxeclient";
>>>       range 192.168.255.100 192.168.255.109;
>>>     }
>>>   }
>>> }
>>>
>>> With the host statement, anything in there applies whether we are
>>> pxe-booting or normal booting, so need to be careful how we do things.
>>> That's why you can't put ignore-booting in the host statement as it
>>> will
>>> apply in both cases. I'm not entirely sure this will work, but it might
>>> give you an idea.
>>>
>>> host boottest {
>>>     hardware ethernet 02:13:10:07:11:58;
>>>     if substring (option vendor-class-identifier, 0, 9) != "PXEClient"
>>> {
>>>         fixed-address 192.168.255.12;
>>>     }
>>> }
>>>
>>> fixed-address has higher preference than dynamic address.
>>>
>>> Not sure if you can do this, it's only a siggestion, but maybe just let
>>> clients pxe-boot using their fixed ip-address? Add the details for boot
>>> server and filename to the pxeclient class. It would make the
>>> dhcpd.conf
>>> much simpler.
>>>
>>> regards,
>>> -glenn
>>>
>>> On Tue, October 22, 2013 2:24 am, Sten Carlsen wrote:
>>>> My take on this would be to test this:
>>>>
>>>> class "pxeclient" {
>>>>     match if substring (option vendor-class-identifier, 0, 9) =
>>>> "PXEClient";
>>>>   }
>>>>
>>>>   host boottest {
>>>>     hardware ethernet 02:13:10:07:11:58;
>>>>     fixed-address 192.168.255.12;
>>>>   }
>>>>
>>>>
>>>> shared-network all{
>>>>     subnet 192.168.254.0 netmask 255.255.255.0 {
>>>>     pool {
>>>>       allow members of "pxeclient";
>>>>       range 192.168.254.100 192.168.254.109;
>>>>     }
>>>>   }
>>>>
>>>>     subnet 192.168.255.0 netmask 255.255.255.0 {
>>>>       deny members of "pxeclient";   }
>>>> }
>>>>
>>>> The uncertain point here is that in a shared network there is really
>>>> nothing to tell which subnet the host belongs to, no DHCP-Relays etc.
>>>> This should work if a class has higher preference than a host
>>>> statement.
>>>>
>>>> I don't know the answer to that, I would have to test it.
>>>>
>>>> On 21/10/13 17.06, Anders Blomdell wrote:
>>>>> I would like the ISC dhcpd server to hand out either a dynamic ip
>>>>> address or
>>>>> a fixed address based on the vendor-class-identifier (I want a
>>>>> dynamic
>>>>> address
>>>>> from one subnet during pxeboots and a [possibly] fixed address from
>>>>> another
>>>>> subnet otherwise). I have been able to do it by running two instances
>>>>> of the
>>>>> dhcp server on the interface, but not by using shared-network.
>>>>>
>>>>> The working configuration consists of /tmp/254.conf:
>>>>>
>>>>>   class "pxeclient" {
>>>>>     match if substring (option vendor-class-identifier, 0, 9) =
>>>>> "PXEClient";
>>>>>   }
>>>>>
>>>>>   subnet 192.168.254.0 netmask 255.255.255.0 {
>>>>>     pool {
>>>>>       allow members of "pxeclient";
>>>>>       range 192.168.254.100 192.168.254.109;
>>>>>     }
>>>>>   }
>>>>>
>>>>> and /tmp/255.conf:
>>>>>
>>>>>   host boottest {
>>>>>     hardware ethernet 02:13:10:07:11:58;
>>>>>     fixed-address 192.168.255.12;
>>>>>     if substring(option vendor-class-identifier, 0, 9) = "PXEClient"
>>>>> {
>>>>>       ignore booting;
>>>>>     }
>>>>>   }
>>>>>   subnet 192.168.255.0 netmask 255.255.255.0 {
>>>>>   }
>>>>>
>>>>> when running both of them with:
>>>>>   /usr/sbin/dhcpd -d -cf /tmp/254.conf -lf /tmp/254.lease --no-pid
>>>>>   /usr/sbin/dhcpd -d -cf /tmp/255.conf -lf /tmp/255.lease --no-pid
>>>>>
>>>>> I get the following expected result:
>>>>>
>>>>>   # PXE-booting
>>>>>   DHCPDISCOVER from 02:13:10:07:11:58 via eth0
>>>>>   DHCPOFFER on 192.168.254.100 to 02:13:10:07:11:58 via eth0
>>>>>   # Ordinary boot
>>>>>   DHCPDISCOVER from 02:13:10:07:11:58 via eth0
>>>>>   DHCPOFFER on 192.168.255.12 to 02:13:10:07:11:58 via eth0
>>>>>
>>>>> But I'm not able to achieve it with just one instance of dhcpd,
>>>>> the reason seems to be that the 'ignore booting' will be active
>>>>> for both subnets when the machine is PXE-booting and hence it will
>>>>> not get an address from the pool.
>>>>>
>>>>> Anybody that has a good idea on how to solve this?
>>>>>
>>>>> Regards
>>>>>
>>>>> Anders
>>>>>
>>>> --
>>>> Best regards
>>>>
>>>> Sten Carlsen
>>>>
>>>> No improvements come from shouting:
>>>>
>>>>        "MALE BOVINE MANURE!!!"
>>>>
>>>> _______________________________________________
>>>> dhcp-users mailing list
>>>> dhcp-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>> _______________________________________________
>>> dhcp-users mailing list
>>> dhcp-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
>> --
>> Best regards
>>
>> Sten Carlsen
>>
>> No improvements come from shouting:
>>
>>        "MALE BOVINE MANURE!!!"
>>
>>
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> --
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
>
>        "MALE BOVINE MANURE!!!"
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users




More information about the dhcp-users mailing list