Hello, in a current deployment in an isp style setup using standard layer 2 switches, we are mapping specific addresses to individual ports. Using the Classes below, and having each 48 port switch reside in a different subnet, we are able to map two private ips to each port. The second ip was actually an afterthought as after being deployed we found that even with a short lease time calls would still come into the helpdesk about not being able to get an ip. To minimize these calls we added a second ip to each port and changed all our usage reporting accordingly. We would like to now transition each subnet to public ips, and would rather only reserve a single ip to each port, so we need another function to minimize the calls when leases are not available. A couple of hack type ways of mitigating the calls would be.<br>
<br>1) Use log surfer+(<a href="http://www.crypt.gen.nz/logsurfer/">http://www.crypt.gen.nz/logsurfer/</a>) with this patch available at <a href="http://www.miquels.cistron.nl/isc-dhcpd/patch-server::02-log-agent-options">http://www.miquels.cistron.nl/isc-dhcpd/patch-server::02-log-agent-options</a>.<br>
Basically logsurfer uses regexp to watch logs, and if a particular log is found execute an external program, in our case this external program would use omshell to free the lease<br> The patch, basically adds option 82 information to the DHCPDISCOVER log entry, this way we would only have to watch for a single line in the log<br>
<br>2) Write a patch which creates an "on error" statement similar to on commit which would fire when no free leases are available.<br> This seems like it would be tedious, however would then be a lot better as we would not have to introduce a second daemon to the box. The on error could execute an external program with the agent-id and client-id directly when no free leases occurs.<br>
<br>3) Release ip on snmp trap "Port Down"<br> We haven't really investigated this too much, as we believe it would put undue stress on the server, in circumstances such as client rebooting or transitioning between port down and port up.<br>
<br>I would love to hear pros and cons of the 1st option, as this is the option I am currently investigating. Based upon my analysis, assuming that log surfer doesnt have too much of a footprint and can process the logs in a timely manner, it would work, and would only temporarily slow a clients dhcp process when the lease is unavailable.<br>
<br>I would also love to hear if the second option seems like a viable hack, I understand that the execute is called inline.<br><br><br>I have read many an article as how people are attempting to accomplish something very similar, and I am sure larger sites have tweaked there dhcp to do just that. <br>
<br>I then read this post <a href="https://lists.isc.org/pipermail/dhcp-users/2010-March/010965.html">https://lists.isc.org/pipermail/dhcp-users/2010-March/010965.html</a>, which says:<br><br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
<pre>If you don't require to maintain state on the assigned leases, the<br>best thing, as was suggested, is the new host record "option matching"<br>semantic in 4.2.0.<br></pre></blockquote><div><br>Now as I am new to the list I am not sure when this version is proposed to be stable, however I believe this is exactly the type of functionality I am looking to implement, as we will be limiting mac learning on the layer 2 switch to 1, and not allowing anything questionable.<br>
<br><br> <br></div>I know that I have asked a lot of questions and probably some of it doesnt make sense, but I would appreciate any feedback, suggestions or criticism on the subject, and what I propose.<br><br><br><br><br>
<br><br>class "Port1"<br>{<br> match if binary-to-ascii (10, 32, "", suffix ( option agent.circuit-id, 4) ) = "1";<br> spawn with option agent.remote-id;<br> <br>
}<br><br>class "Port2"<br>{<br> match if binary-to-ascii (10, 32, "", suffix ( option agent.circuit-id, 4) ) = "2";<br> spawn with option agent.remote-id;<br>}<br> <br><br>
...LINES OMITTED...<br>
<br>class "Port47"<br>{<br> match if binary-to-ascii (10, 32, "", suffix ( option agent.circuit-id, 4) ) = "47";<br> spawn with option agent.remote-id;<br> <br>}<br><br>class "Port48"<br>
{<br> match if binary-to-ascii (10, 32, "", suffix ( option agent.circuit-id, 4) ) = "48";<br> spawn with option agent.remote-id;<br> <br>}<br><br><br>#Sample Subnet Declaration<br>subnet 10.104.135.0 netmask 255.255.255.0{<br>
option routers 10.104.135.1;<br> pool{ allow members of "Port1"; range 10.104.135.11; } <br> pool{ allow members of "Port1"; range 10.104.135.201; }<br> pool{ allow members of "Port2"; range 10.104.135.12; } <br>
pool{ allow members of "Port2"; range 10.104.135.202; } <br> .....LINES OMITTED......<br> pool{<br> range 10.104.135.128 10.104.135.200;<br> allow members of "Port24";<br> allow members of "Port25";<br>
allow members of "Port26";<br> allow members of "Port27";<br> allow members of "Port28";<br> allow members of "Port29";<br> }<br>}<br>