How to restrict Windows XP DHCP clients to a specific subnet?
Ole Holm Nielsen
Ole.H.Nielsen at fysik.dtu.dk
Fri Jan 31 13:36:58 UTC 2014
Hi Wim,
W.J.M. Nelis Wim.Nelis at nlr.nl wrote:
> We are experimenting with an ISC DHCP configuration to achieve the goal you
> describe. Currently the following seems to do the job:
>
> class "Claudus" {
> match hardware ;
> set client-class= "Claudus" ;
> }
>
> subclass "Claudus" 1:00:21:70:6f:2f:78 ;
> subclass "Claudus" ......
Sounds really interesting! Can you give more specific examples of the
Claudus subclass definitions? For example, we have some Windows XP
client definitions like this one:
host camd-T61-25 { hardware ethernet 00:1A:6B:36:34:15; }
How would I incorporate this host into your subclass?
>
> subnet 10.0.0.0 netmask 255.255.255.0 { # Claudus-net
> option routers 10.0.0.1 ;
> pool {
> allow members of "Claudus" ;
> deny dynamic bootp clients ;
> range 10.0.0.8 10.0.0.127 ;
> }
> }
>
> On *all* other pools define 'deny members of "Claudus"'. The result is that
> if a machine, mentioned in the subclass definition, requests an IP address
> in an allowed (and regulated) VLAN, an IP address is assigned. If this
> machine requests an IP address from any other VLAN, it will not get an IP
> address.
Thanks,
Ole
--
Ole Holm Nielsen
Department of Physics, Technical University of Denmark
More information about the dhcp-users
mailing list