use of allow/deny to assign a specific attribute

Stier, Matthew Matthew.Stier at us.fujitsu.com
Mon Oct 28 12:09:17 UTC 2013


Covered in the documentation.

When a client is to be booted, its boot parameters are determined by consulting that client's host declaration
(if any), and then consulting any class declarations matching the client, followed by the pool, subnet and
shared-network declarations for the IP address assigned to the client. Each of these declarations itself
appears within a lexical scope, and all declarations at less specific lexical scopes are also consulted for
client option declarations. Scopes are never considered twice, and if parameters are declared in more than
one scope, the parameter declared in the most specific scope is the one that is used.

So the order is host, class, pool, subnet, shared-network.

In your example below, the contest is between class and pool, so class would win.

BTW: Your subnet has no brackets, and if your intent was for the subnet bracket to embrace the pool, the pool is not a subset of the subnet.


From: dhcp-users-bounces+matthew.stier=us.fujitsu.com at lists.isc.org [mailto:dhcp-users-bounces+matthew.stier=us.fujitsu.com at lists.isc.org] On Behalf Of Lanckmans Sven
Sent: Monday, October 28, 2013 6:58 AM
To: Users of ISC DHCP
Subject: Re: use of allow/deny to assign a specific attribute


Hi,

what if there's a filename attribute in the class *and* in the range? Which one will have priority?

class "class1" {
match if ((option agent.remote-id = substring(hardware, 1, 6));
filename "class.cm";
}
shared-network "NETWORK1" {
subnet 10.10.10.0 netmask 255.255.255.0
pool {
      range 10.10.10.2 10.10.10.254;
      allow-member class1;
      filename "pool.cm";
       }
}

Will the modem boot with class.cm or pool.cm?

Thanks,
Sven.



From: <Stier>, Matthew <Matthew.Stier at us.fujitsu.com<mailto:Matthew.Stier at us.fujitsu.com>>
Reply-To: Users of ISC DHCP <dhcp-users at lists.isc.org<mailto:dhcp-users at lists.isc.org>>
Date: Monday 28 October 2013 12:50
To: Users of ISC DHCP <dhcp-users at lists.isc.org<mailto:dhcp-users at lists.isc.org>>
Subject: RE: use of allow/deny to assign a specific attribute

Make ' filename' part of the class definition.

Here is an example:

class "pxeclients" {
   match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
   next-server TFTP server address;
   filename "/pxelinux.0";
}

Thus when class can be invoked, those options will be invoked.

From: dhcp-users-bounces+matthew.stier=us.fujitsu.com at lists.isc.org<mailto:dhcp-users-bounces+matthew.stier=us.fujitsu.com at lists.isc.org> [mailto:dhcp-users-bounces+matthew.stier=us.fujitsu.com at lists.isc.org] On Behalf Of Lanckmans Sven
Sent: Monday, October 28, 2013 5:19 AM
To: dhcp-users at lists.isc.org<mailto:dhcp-users at lists.isc.org>
Subject: use of allow/deny to assign a specific attribute


Hi,

is it possible to assign a specific attribute (for example "filename" which has the bootfile name) per class without having to use a seperate pool for each class.

Example:

class "class1" {
match if ((option agent.remote-id = substring(hardware, 1, 6))
}
class "class2" {
match if ((not(option agent.remote-id = substring(hardware, 1, 6)))
}
shared-network "NETWORK1" {
subnet 10.10.10.0 netmask 255.255.255.0
pool {
      range 10.10.10.2 10.10.10.254
       ** here I need some allow-code to give class1 the option filename = file1.cm
               ** here I need some allow-code to give class2 the option filename = file2.cm

       }
}

Currently we can only achieve this by splitting the shared-network up into multiple pools, but this seems overkill for changing just one attribute (and doesn't scale for us)

Thanks,
Sven.


Ce message transmis par voie électronique ainsi que toutes ses annexes contiennent des informations qui peuvent être confidentielles ou protégées. Ces informations sont uniquement destinées à l'usage des personnes ou des entités précisées dans les champs 'A', 'Cc' et 'Cci'. Si vous n'êtes pas l'un de ces destinataires, soyez conscient que toute forme, partielle ou complète, de divulgation, copie, distribution ou utilisation de ces informations est strictement interdite. Si vous avez reçu ce message par erreur, veuillez nous en informer par téléphone ou par message électronique et détruire les informations immédiatement. Ce message n'engage que son signataire et aucunement son employeur.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20131028/e9857018/attachment-0001.html>


More information about the dhcp-users mailing list