To have various IP ranges in the same subnet and assign the IP Address depending of the device type that sends the request.

Bob Harold rharolde at umich.edu
Thu Aug 8 20:33:20 UTC 2019


On Thu, Aug 8, 2019 at 3:28 AM Juan Antonio García Moreno <
jagarcia at emergya.com> wrote:

> Hi again,
>
> I have tested this and work:
>
> --------------------------------------------------------------------------
> class "smartphones" {
>
>   match if substring(option vendor-class-identifier,0,13) =
> "android-dhcp-" or
>            substring(option vendor-class-identifier,0,7) = "HUAWEI:" or
>            substring(option vendor-class-identifier,0,7) = "dhcpcd-";
>
> }
> --------------------------------------------------------------------------
>
> But if I change it to:
>
> --------------------------------------------------------------------------
> class "smartphones" {
>
>   match if substring(option vendor-class-identifier,0,13) or
>            substring(option vendor-class-identifier,0,7);
>
> }
>
> subclass "smartphones" "android-dhcp-";
> subclass "smartphones" "HUAWEI:";
> subclass "smartphones" "dhcpcd-";
>

That won't work.  The syntax is wrong.  Look carefully at the examples
originally given for the two syntax that work.  "IF" requires a boolean
expression "a = b" or "a ~~ b" etc.

You might try:

class "smartphones13" {
  match substring(option vendor-class-identifier,0,13)  # note NO "if"
}
subclass "smartphones13" "android-dhcp-";

class "smartphones7" {
  match substring(option vendor-class-identifier,0,7)  # note NO "if"
}
subclass "smartphones7" "HUAWEI:";
subclass "smartphones7" "dhcpcd-";

I cannot say if it would work, but worth a try.  I think this is as close
as I can get to what you wanted.

-- 
Bob Harold



> --------------------------------------------------------------------------
>
> When I reload the config in the server, It shows me this error:
>
> --------------------------------------------------------------------------
> # service dhcp-server force-reload
> dhcpd self-test failed. Please fix the config file.
> The error was:
> Internet Systems Consortium DHCP Server 4.1.1-P1
> Copyright 2004-2010 Internet Systems Consortium.
> All rights reserved.
> For info, please visit https://www.isc.org/software/dhcp/
> /etc/dhcp/dhcpd.conf line 67: expecting boolean expressions
>            substring(option vendor-class-identifier,0,7);
>                                                         ^
> WARNING: Host declarations are global.  They are not limited to the scope
> you declared them in.
> Configuration file errors encountered -- exiting
> #
> --------------------------------------------------------------------------
>
> I can't do this or I am doint it wrong?
>
> Best regards
>
> El jue., 8 ago. 2019 a las 7:50, Bill Shirley (<
> bill at c3po.polymerindustries.biz>) escribió:
>
>> Here's a couple of classes you might find useful:
>> class "mobile_device" {
>>     match if (
>>         option vendor-class-identifier ~~ "android"
>>         or option host-name ~~ "android"
>>         or option host-name ~~ "iphone"
>>         or option host-name ~~ "samsung-"
>>         or option host-name ~~ "galaxy"
>>         or option host-name ~~ "ipod"
>>         or option host-name ~~ "ipad"
>>         or option host-name ~~ "watch"
>>         or option host-name ~~ "nintendo 3ds"
>>     );
>> }
>> class "Microsoft" {
>>     match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
>>     set member_of = "Microsoft";
>> }
>> The first class uses the regexp operator ~~ (case insensitive).  There is
>> also the
>> case sensitive operator ~=.
>>
>> On the subject of implicit deny for a pool with only "allow members":
>> I classify most of my devices (i.e. Panasonic, Ricoh, Canon, Linux,
>> Microsoft) to assign
>> them to a specific pool (i.e Printers, Linux, Microsoft, mobile_device).
>> Then I have an
>> "uncategorized" pool for those devices that aren't in a currently defined
>> class so that they
>> will get an address.  If later I change a class to include a device (say
>> Epson), that device
>> will request its previous address on renew and *will get it* if my
>> "uncategorized" pool doesn't
>> have a 'deny members of "Epson"' configuration line.
>>
>> TL;DR - If a device requests a renewal of an address and there is no
>> "deny members" for
>> the pool, it will be granted.
>>
>> dhcp-server-4.3.6-10.fc27.x86_64
>>
>> Bill
>>
>> On 8/7/2019 8:42 AM, Juan Antonio García Moreno wrote:
>>
>> Hi Simon,
>>
>> Too much thanks by your anotation about the Hosts Declarations. I will
>> keep them in mind and I will change it.
>>
>> About the Hosts Classifications, I have tested this and works for me:
>>
>>
>> ------------------------------------------------------------------------------
>> class "smartphones" {
>>   match if substring(option vendor-class-identifier,0,13) =
>> "android-dhcp-" or
>>            substring(option vendor-class-identifier,0,7) = "HUAWEI:" or
>>            substring(option vendor-class-identifier,0,7) = "dhcpcd-";
>> }
>>
>> ------------------------------------------------------------------------------
>>
>> That is the same that this:
>>
>>
>> ------------------------------------------------------------------------------
>> class "smartphones" {
>>   match option vendor-class-identifier;
>> }
>>
>> subclass "smartphones" "android-dhcp-9"
>> subclass "smartphones" "android-dhcp-8.1.0"
>> subclass "smartphones" "android-dhcp-7.0"
>> subclass "smartphones" "HUAWEI:android:FIG-L11"
>> subclass "smartphones" "HUAWEI:android:QC_Reference_Phone"
>> subclass "smartphones" "dhcpcd-5.5.6"
>>
>> ------------------------------------------------------------------------------
>>
>> And I can change it to:
>>
>>
>> ------------------------------------------------------------------------------
>> class "smartphones" {
>>   match option vendor-class-identifier;
>> }
>>
>> include smartphones.cfg
>>
>> * smartphones.cfg file containing the subclass lines.
>>
>> ------------------------------------------------------------------------------
>>
>> But, is there any way to minimize the number of lines to include in the
>> smartphones.cfg file using some kind of wildcard or expression/function
>> like "substring()" used in the Class Declaration?
>>
>> Another question:
>>
>> The iPhones and the iPads not send the "vendor-class-identifier" option
>> in the DHCP Discover Packet.
>>
>> Could I classify iPhones and iPads taking into account some other
>> parameter of the DHCP Discover Packet?
>>
>>
>> Best regards
>>
>>
>>
>> El lun., 5 ago. 2019 a las 19:35, Simon Hobson (<dhcp1 at thehobsons.co.uk>)
>> escribió:
>>
>>> Juan Antonio García Moreno <jagarcia at emergya.com> wrote:
>>>
>>> > I relly have some hosts declarations, but I don't have put these in
>>> the post.
>>>
>>> Ah yes, about that ... see below !
>>>
>>> > subnet 10.53.0.0 netmask 255.255.0.0 {
>>> >
>>> >   default-lease-time 86400;
>>> >   max-lease-time 172800;
>>> >
>>> >   option broadcast-address 10.53.255.255;
>>> >   option routers 10.53.1.1;
>>> >
>>> >   # Unknown Clients Range.
>>> >   pool {
>>> >     deny members of "smartphones";
>>> >     range 10.53.33.1 10.53.35.254;
>>> >   }
>>> >
>>> >   # Smartphones Range.
>>> >   pool {
>>> >     allow members of "smartphones";
>>> >     range 10.53.10.2 10.53.11.254;
>>> >   }
>>> >
>>> >   host PC-01 {
>>> >     hardware ethernet ff:ff:ff:ff:ff:01;
>>> >     fixed-address 10.53.100.5;
>>> >   }
>>> >
>>> >   host PC-02 {
>>> >     hardware ethernet ff:ff:ff:ff:ff:02;
>>> >     fixed-address 10.53.100.6;
>>> >   }
>>> >
>>> > }
>>>
>>> That is another common mistake. Host declarations are always global in
>>> scope even though you might think that putting them inside a subnet
>>> declaration would tie them to that subnet. So even though declared inside
>>> one subnet, they will be "known" in any subnet - which in itself can cause
>>> considerable confusion.
>>> But what really makes life "interesting" (see
>>> https://en.wikipedia.org/wiki/May_you_live_in_interesting_times) is
>>> that should a host be connected to a different network, it will inherit
>>> option values from the subnet where it is defined. Thus you find yourself
>>> with a client that's been given an address by DHCP, but the gateway address
>>> it's been given is in a completely different subnet !
>>>
>>>
>>> > And too, howto fill a text file with the "vendor-class-identifier" of
>>> the smartphones and include in the DHCP Server config to match the
>>> smartphones devices too.
>>>
>>> It's a simple scripting exercise to take a text file containing one
>>> string per line, and build a config file snippet. You can then use an
>>> include statement to incorporate that config snippet into the daemon config.
>>>
>>> _______________________________________________
>>> dhcp-users mailing list
>>> dhcp-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>>
>>
>>
>> --
>> [image: EMERGYA] <http://www.emergya.com/>
>> *Juan García*
>>
>> *Dto. de Soporte Interno*
>>
>> *EMERGYA INGENIERÍA*
>>
>> *m:* +34 954 517 577
>>
>> *p:* +34 954 517 577
>> *e:* jagarcia at emergya.com
>> [image: linkedin icon] <https://www.linkedin.com/company/emergya>  [image:
>> facebook icon] <https://www.facebook.com/Emergya>  [image: twitter icon]
>> <https://twitter.com/emergya>  [image: youtube icon]
>> <https://www.youtube.com/channel/UCU0ISPwk1pcOWwjpX63gN_A>
>>
>> _______________________________________________
>> dhcp-users mailing listdhcp-users at lists.isc.orghttps://lists.isc.org/mailman/listinfo/dhcp-users
>>
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
>
>
> --
> [image: EMERGYA] <http://www.emergya.com/>
> *Juan García*
>
> *Dto. de Soporte Interno*
>
> *EMERGYA INGENIERÍA*
>
> *m:* +34 954 517 577
>
> *p:* +34 954 517 577
> *e:* jagarcia at emergya.com
> [image: linkedin icon] <https://www.linkedin.com/company/emergya>  [image:
> facebook icon] <https://www.facebook.com/Emergya>  [image: twitter icon]
> <https://twitter.com/emergya>  [image: youtube icon]
> <https://www.youtube.com/channel/UCU0ISPwk1pcOWwjpX63gN_A>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20190808/8a0f1473/attachment-0001.html>


More information about the dhcp-users mailing list