Limiting addresses per user for users with more than one circuit-id

[Simon Hobson]

Ilkka Virta <itvirta at iki.fi> wrote:

> We have users (student apartments) who get addresses from DHCP, and we need to limit the number of addresses given to each user, so that nobody can hoard all the addresses in the network. We have a somewhat convoluted system in place for doing this, but I was thinking if it could be made simpler with the built-in limiting in dhcpd.
> 
> I can tell the users apart by the physical connection
> (remote-id + circuit-id) but the problem is that a number of users
> have more than one circuit-id in their use, and the limit should still
> be per-user (and not per-circuit). For single circuit-id:s, spawning
> subclasses should be able to do this nicely, but since I need to
> "combine" (in a sense) the circuit-id:s, I don't think this can be done
> without creating (full) classes for each and every user?

I can't think of anything other than the external program options, or full classes per user, you've already described - at least at the server end.
The only other thought is whether it's possible to "tag" the interfaces - perhaps with custom IDs ?

I vaguely recall that on some kit, you can label ports - if that label makes it's way into the packet (in Option 82 ?) then you could do spawning subclasses off that.