Can't get class "match if" to actually match...
Sten Carlsen
stenc at s-carlsen.dk
Fri Apr 17 13:31:09 UTC 2015
Just a quick first check:
I assume you did check that the actual packets contain that exact string
for the vendor-class-identifier?
On 17/04/15 14:32, Peter Rathlev wrote:
> I can't get a "class" to actually match anything, and I'm not sure what
> I'm doing wrong.
>
> What I hope is the relevant config:
>
> # "Private" option to remember
> option X-Juniper-AP-Options code 250 = string;
>
> group {
> default-lease-time 604800; # 7 days
> max-lease-time 1209600; # 14 days
>
> option X-Juniper-AP-Options "Juniper-AP-Cluster-2";
> option Vendor-specific-information "ip:172.23.12.21,172.23.12.22,172.23.12.23,172.25.12.21,172.25.12.22";
> ping-check false;
> ddns-updates on;
> ddns-domainname "ap.net.example.com.";
> option domain-name "ap.net.example.com.";
> log(info, concat("test ", substring(vendor-class-identifier, 0, 12)));
> if (substring(vendor-class-identifier, 0, 12) = "WIRELESS-AP:") {
> if (config-option X-Juniper-AP-Options = "Juniper-AP-Cluster-2") {
> log(info, concat("this message appears in the log ", config-option X-Juniper-AP-Options));
> }
> }
> # G/E2, upper block
> subnet 10.227.52.0 netmask 255.255.255.0 { option routers 10.227.52.1; pool { range 10.227.52.10 10.227.52.239; failover peer "rmnet-failover"; } }
> }
>
> class "Juniper-WLC" {
> match if substring(vendor-class-identifier, 0, 12) = "WIRELESS-AP:";
> if (config-option X-Juniper-AP-Options = "Juniper-AP-Cluster-2") {
> log(info, "this message does not appear in the log");
> # option Vendor-specific-information "ip:172.23.12.21,172.23.12.22,172.23.12.23,172.25.12.21,172.25.12.22";
> option Vendor-specific-information "ip:172.23.12.21,172.23.12.22,172.23.12.23,172.25.12.21";
> }
> }
>
>
> I serve up the relevant option (Vendor-specific-information/43) in both
> the group block and the class in the configuration above, but when
> commenting out the one in the group block the device never receives the
> option at all.
>
> The complete configuration is ~3500 lines so I'd rather not post it all,
> but do tell me if something relevant is missing.
>
> When using "if" statements in the group where the subnet declaration
> resides, they match. When using similar "if" statements in a class
> ("match if ..." and a regular "if") they don't seem to match. The "log"
> statement is never executed and the option is never sent (if commented
> out in the group block).
>
> I use a "private" config-option; this is used to select what options to
> send in the class block. We use this approach in other places, though
> not in an "if" statement, just via e.g.:
>
> class "Nexans-mikroswitche" {
> # Vendor-class identifier "266:063" er Nexans Gigaswitch 4-ports
> match if option vendor-class-identifier = "266:063";
> option tftp-server-name "10.85.12.200";
> option bootfile-name = concat("/NEXANS/",
> pick-first-value( concat(config-option X-MS-Block-ID, "/") , "" ),
> "NEXANS-",
> ucase ( concat (
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2),
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2),
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2),
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2),
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2),
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2)
> ) ),
> ".cfg"
> );
> }
>
> This one works as expected.
>
> So how is it that something that matches in the group block does not
> match in the class statement? What am I doing wrong? :-)
>
> And can I do something to debug/test apart from throwing in log
> statements?
>
> Thank you in advance!
>
--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
More information about the dhcp-users
mailing list