To have various IP ranges in the same subnet and assign the IP Address depending of the device type that sends the request.

Juan Antonio García Moreno jagarcia at emergya.com
Fri Aug 16 07:27:51 UTC 2019


Hi Bob,

I think too that that works but I was thinking to do with only one "Class"
and a include file with all of "subclass". I'm test it later.

To classify, I am doing now this:

------------------------------------------------------------------------------------------------------------
#*** WORKS ***
class "smartphones" {

  match if (

    # ************************ ANDROID ****************************
    substring(option vendor-class-identifier,0,13) = "android-dhcp-" or
    substring(option vendor-class-identifier,0,7) = "HUAWEI:" or
    substring(option vendor-class-identifier,0,7) = "dhcpcd-" or
    # ************************ IOS ****************************
    substring(option host-name,0,6) ~~ "iphone" or
    substring(option host-name,0,4) ~~ "ipod" or
    substring(option host-name,0,4) ~~ "ipad" or
    # ********************* Windows-Phone *********************....
    substring(option host-name,0,13) ~~ "windows-phone"

    );

}
------------------------------------------------------------------------------------------------------------

The most Android phones sends the "Option 62" and I think that I haven't
problems to classific them.

The problem that I have found is that Windows-Movile phones and the iPhones
not send the "Option 62" and I need do the classifi by the "Host Name
(Option 12)".

With "substring(option host-name,0,6) ~~ "iphone" I can classify, by
example, these phones by Host Name:

---------------------------------------------------
iphone-John
iPhone-John
Iphone-Sam
Iphone Administration
...
---------------------------------------------------

But I have found situations like these:

---------------------------------------------------
Bod-iphone
JohnyiPhone
Samuel-Iphone
Contability Iphone
...
---------------------------------------------------

Then I think that I would need add a line by each different situation, by
example:

---------------------------------------------------
substring(option host-name,5,6) ~~ "iphone"
substring(option host-name,6,6) ~~ "iphone"
substring(option host-name,8,6) ~~ "iphone"
substring(option host-name,13,6) ~~ "iphone"
---------------------------------------------------

Would I can classify the iPhone phones and the Windows phones otherwise?


Are there any way to summarize these lines, for example, in:

---------------------------------------------------
substring(option host-name) "<CONTAINING>" "iphone"
---------------------------------------------------

or similary?


Best regards


El jue., 8 ago. 2019 a las 22:33, Bob Harold (<rharolde at umich.edu>)
escribió:

>
> On Thu, Aug 8, 2019 at 3:28 AM Juan Antonio García Moreno <
> jagarcia at emergya.com> wrote:
>
>> Hi again,
>>
>> I have tested this and work:
>>
>> --------------------------------------------------------------------------
>> class "smartphones" {
>>
>>   match if substring(option vendor-class-identifier,0,13) =
>> "android-dhcp-" or
>>            substring(option vendor-class-identifier,0,7) = "HUAWEI:" or
>>            substring(option vendor-class-identifier,0,7) = "dhcpcd-";
>>
>> }
>> --------------------------------------------------------------------------
>>
>> But if I change it to:
>>
>> --------------------------------------------------------------------------
>> class "smartphones" {
>>
>>   match if substring(option vendor-class-identifier,0,13) or
>>            substring(option vendor-class-identifier,0,7);
>>
>> }
>>
>> subclass "smartphones" "android-dhcp-";
>> subclass "smartphones" "HUAWEI:";
>> subclass "smartphones" "dhcpcd-";
>>
>
> That won't work.  The syntax is wrong.  Look carefully at the examples
> originally given for the two syntax that work.  "IF" requires a boolean
> expression "a = b" or "a ~~ b" etc.
>
> You might try:
>
> class "smartphones13" {
>   match substring(option vendor-class-identifier,0,13)  # note NO "if"
> }
> subclass "smartphones13" "android-dhcp-";
>
> class "smartphones7" {
>   match substring(option vendor-class-identifier,0,7)  # note NO "if"
> }
> subclass "smartphones7" "HUAWEI:";
> subclass "smartphones7" "dhcpcd-";
>
> I cannot say if it would work, but worth a try.  I think this is as close
> as I can get to what you wanted.
>
> --
> Bob Harold
>
>
>
>> --------------------------------------------------------------------------
>>
>> When I reload the config in the server, It shows me this error:
>>
>> --------------------------------------------------------------------------
>> # service dhcp-server force-reload
>> dhcpd self-test failed. Please fix the config file.
>> The error was:
>> Internet Systems Consortium DHCP Server 4.1.1-P1
>> Copyright 2004-2010 Internet Systems Consortium.
>> All rights reserved.
>> For info, please visit https://www.isc.org/software/dhcp/
>> /etc/dhcp/dhcpd.conf line 67: expecting boolean expressions
>>            substring(option vendor-class-identifier,0,7);
>>                                                         ^
>> WARNING: Host declarations are global.  They are not limited to the scope
>> you declared them in.
>> Configuration file errors encountered -- exiting
>> #
>> --------------------------------------------------------------------------
>>
>> I can't do this or I am doint it wrong?
>>
>> Best regards
>>
>> El jue., 8 ago. 2019 a las 7:50, Bill Shirley (<
>> bill at c3po.polymerindustries.biz>) escribió:
>>
>>> Here's a couple of classes you might find useful:
>>> class "mobile_device" {
>>>     match if (
>>>         option vendor-class-identifier ~~ "android"
>>>         or option host-name ~~ "android"
>>>         or option host-name ~~ "iphone"
>>>         or option host-name ~~ "samsung-"
>>>         or option host-name ~~ "galaxy"
>>>         or option host-name ~~ "ipod"
>>>         or option host-name ~~ "ipad"
>>>         or option host-name ~~ "watch"
>>>         or option host-name ~~ "nintendo 3ds"
>>>     );
>>> }
>>> class "Microsoft" {
>>>     match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
>>>     set member_of = "Microsoft";
>>> }
>>> The first class uses the regexp operator ~~ (case insensitive).  There
>>> is also the
>>> case sensitive operator ~=.
>>>
>>> On the subject of implicit deny for a pool with only "allow members":
>>> I classify most of my devices (i.e. Panasonic, Ricoh, Canon, Linux,
>>> Microsoft) to assign
>>> them to a specific pool (i.e Printers, Linux, Microsoft,
>>> mobile_device).  Then I have an
>>> "uncategorized" pool for those devices that aren't in a currently
>>> defined class so that they
>>> will get an address.  If later I change a class to include a device (say
>>> Epson), that device
>>> will request its previous address on renew and *will get it* if my
>>> "uncategorized" pool doesn't
>>> have a 'deny members of "Epson"' configuration line.
>>>
>>> TL;DR - If a device requests a renewal of an address and there is no
>>> "deny members" for
>>> the pool, it will be granted.
>>>
>>> dhcp-server-4.3.6-10.fc27.x86_64
>>>
>>> Bill
>>>
>>> On 8/7/2019 8:42 AM, Juan Antonio García Moreno wrote:
>>>
>>> Hi Simon,
>>>
>>> Too much thanks by your anotation about the Hosts Declarations. I will
>>> keep them in mind and I will change it.
>>>
>>> About the Hosts Classifications, I have tested this and works for me:
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> class "smartphones" {
>>>   match if substring(option vendor-class-identifier,0,13) =
>>> "android-dhcp-" or
>>>            substring(option vendor-class-identifier,0,7) = "HUAWEI:" or
>>>            substring(option vendor-class-identifier,0,7) = "dhcpcd-";
>>> }
>>>
>>> ------------------------------------------------------------------------------
>>>
>>> That is the same that this:
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> class "smartphones" {
>>>   match option vendor-class-identifier;
>>> }
>>>
>>> subclass "smartphones" "android-dhcp-9"
>>> subclass "smartphones" "android-dhcp-8.1.0"
>>> subclass "smartphones" "android-dhcp-7.0"
>>> subclass "smartphones" "HUAWEI:android:FIG-L11"
>>> subclass "smartphones" "HUAWEI:android:QC_Reference_Phone"
>>> subclass "smartphones" "dhcpcd-5.5.6"
>>>
>>> ------------------------------------------------------------------------------
>>>
>>> And I can change it to:
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> class "smartphones" {
>>>   match option vendor-class-identifier;
>>> }
>>>
>>> include smartphones.cfg
>>>
>>> * smartphones.cfg file containing the subclass lines.
>>>
>>> ------------------------------------------------------------------------------
>>>
>>> But, is there any way to minimize the number of lines to include in the
>>> smartphones.cfg file using some kind of wildcard or expression/function
>>> like "substring()" used in the Class Declaration?
>>>
>>> Another question:
>>>
>>> The iPhones and the iPads not send the "vendor-class-identifier" option
>>> in the DHCP Discover Packet.
>>>
>>> Could I classify iPhones and iPads taking into account some other
>>> parameter of the DHCP Discover Packet?
>>>
>>>
>>> Best regards
>>>
>>>
>>>
>>> El lun., 5 ago. 2019 a las 19:35, Simon Hobson (<dhcp1 at thehobsons.co.uk>)
>>> escribió:
>>>
>>>> Juan Antonio García Moreno <jagarcia at emergya.com> wrote:
>>>>
>>>> > I relly have some hosts declarations, but I don't have put these in
>>>> the post.
>>>>
>>>> Ah yes, about that ... see below !
>>>>
>>>> > subnet 10.53.0.0 netmask 255.255.0.0 {
>>>> >
>>>> >   default-lease-time 86400;
>>>> >   max-lease-time 172800;
>>>> >
>>>> >   option broadcast-address 10.53.255.255;
>>>> >   option routers 10.53.1.1;
>>>> >
>>>> >   # Unknown Clients Range.
>>>> >   pool {
>>>> >     deny members of "smartphones";
>>>> >     range 10.53.33.1 10.53.35.254;
>>>> >   }
>>>> >
>>>> >   # Smartphones Range.
>>>> >   pool {
>>>> >     allow members of "smartphones";
>>>> >     range 10.53.10.2 10.53.11.254;
>>>> >   }
>>>> >
>>>> >   host PC-01 {
>>>> >     hardware ethernet ff:ff:ff:ff:ff:01;
>>>> >     fixed-address 10.53.100.5;
>>>> >   }
>>>> >
>>>> >   host PC-02 {
>>>> >     hardware ethernet ff:ff:ff:ff:ff:02;
>>>> >     fixed-address 10.53.100.6;
>>>> >   }
>>>> >
>>>> > }
>>>>
>>>> That is another common mistake. Host declarations are always global in
>>>> scope even though you might think that putting them inside a subnet
>>>> declaration would tie them to that subnet. So even though declared inside
>>>> one subnet, they will be "known" in any subnet - which in itself can cause
>>>> considerable confusion.
>>>> But what really makes life "interesting" (see
>>>> https://en.wikipedia.org/wiki/May_you_live_in_interesting_times) is
>>>> that should a host be connected to a different network, it will inherit
>>>> option values from the subnet where it is defined. Thus you find yourself
>>>> with a client that's been given an address by DHCP, but the gateway address
>>>> it's been given is in a completely different subnet !
>>>>
>>>>
>>>> > And too, howto fill a text file with the "vendor-class-identifier" of
>>>> the smartphones and include in the DHCP Server config to match the
>>>> smartphones devices too.
>>>>
>>>> It's a simple scripting exercise to take a text file containing one
>>>> string per line, and build a config file snippet. You can then use an
>>>> include statement to incorporate that config snippet into the daemon config.
>>>>
>>>> _______________________________________________
>>>> dhcp-users mailing list
>>>> dhcp-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>>>
>>>
>>>
>>> --
>>> [image: EMERGYA] <http://www.emergya.com/>
>>> *Juan García*
>>>
>>> *Dto. de Soporte Interno*
>>>
>>> *EMERGYA INGENIERÍA*
>>>
>>> *m:* +34 954 517 577
>>>
>>> *p:* +34 954 517 577
>>> *e:* jagarcia at emergya.com
>>> [image: linkedin icon] <https://www.linkedin.com/company/emergya>  [image:
>>> facebook icon] <https://www.facebook.com/Emergya>  [image: twitter icon]
>>> <https://twitter.com/emergya>  [image: youtube icon]
>>> <https://www.youtube.com/channel/UCU0ISPwk1pcOWwjpX63gN_A>
>>>
>>> _______________________________________________
>>> dhcp-users mailing listdhcp-users at lists.isc.orghttps://lists.isc.org/mailman/listinfo/dhcp-users
>>>
>>> _______________________________________________
>>> dhcp-users mailing list
>>> dhcp-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>>
>>
>>
>> --
>> [image: EMERGYA] <http://www.emergya.com/>
>> *Juan García*
>>
>> *Dto. de Soporte Interno*
>>
>> *EMERGYA INGENIERÍA*
>>
>> *m:* +34 954 517 577
>>
>> *p:* +34 954 517 577
>> *e:* jagarcia at emergya.com
>> [image: linkedin icon] <https://www.linkedin.com/company/emergya>  [image:
>> facebook icon] <https://www.facebook.com/Emergya>  [image: twitter icon]
>> <https://twitter.com/emergya>  [image: youtube icon]
>> <https://www.youtube.com/channel/UCU0ISPwk1pcOWwjpX63gN_A>
>> _______________________________________________
>> dhcp-users mailing list
>> dhcp-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>


-- 
[image: EMERGYA] <http://www.emergya.com/>
*Juan García*

*Dto. de Soporte Interno*

*EMERGYA INGENIERÍA*

*m:* +34 954 517 577

*p:* +34 954 517 577
*e:* jagarcia at emergya.com
[image: linkedin icon] <https://www.linkedin.com/company/emergya>  [image:
facebook icon] <https://www.facebook.com/Emergya>  [image: twitter icon]
<https://twitter.com/emergya>  [image: youtube icon]
<https://www.youtube.com/channel/UCU0ISPwk1pcOWwjpX63gN_A>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20190816/8df8e463/attachment-0001.html>


More information about the dhcp-users mailing list