How to restrict Windows XP DHCP clients to a specific subnet?

Ole Holm Nielsen Ole.H.Nielsen at fysik.dtu.dk
Fri Jan 31 13:36:58 UTC 2014


Hi Wim,

W.J.M. Nelis Wim.Nelis at nlr.nl wrote:
> We are experimenting with an ISC DHCP configuration to achieve the goal you
> describe. Currently the following seems to do the job:
>
> class "Claudus" {
>          match hardware ;
>          set client-class= "Claudus" ;
> }
>
> subclass "Claudus" 1:00:21:70:6f:2f:78 ;
> subclass "Claudus" ......

Sounds really interesting!  Can you give more specific examples of the 
Claudus subclass definitions?  For example, we have some Windows XP 
client definitions like this one:

host camd-T61-25    { hardware ethernet 00:1A:6B:36:34:15; }

How would I incorporate this host into your subclass?

>
> subnet 10.0.0.0       netmask 255.255.255.0   {  # Claudus-net
>          option routers                  10.0.0.1 ;
>          pool {
>                  allow members of "Claudus" ;
>                  deny dynamic bootp clients ;
>                  range 10.0.0.8      10.0.0.127 ;
>          }
> }
>
> On *all* other pools define 'deny members of "Claudus"'. The result is that
> if a machine, mentioned in the subclass definition, requests an IP address
> in an allowed (and regulated) VLAN, an IP address is assigned. If this
> machine requests an IP address from any other VLAN, it will not get an IP
> address.

Thanks,
Ole

-- 
Ole Holm Nielsen
Department of Physics, Technical University of Denmark


More information about the dhcp-users mailing list