yes, I have multiple small pools in bit subnet...<div><br></div><div>Best Regards,<br>Konstantine Karosanidze,<br><br>CAUCASUS ONLINE ISP<br>System Administrator<br><br>
<br><br><div class="gmail_quote">On Tue, Sep 7, 2010 at 8:15 PM, Glenn Satchell <span dir="ltr"><<a href="mailto:glenn.satchell@uniq.com.au">glenn.satchell@uniq.com.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5">On 09/08/10 02:00, კონსტანტინე ქაროსანიძე wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello,<br>
<br>
I run dhcp for my clients (i'm sysadmin at ISP) and using option 82 to<br>
identify requests and assign corresponding ip to client but now i have<br>
case that I cant use option 82 (because of some network topology option<br>
82 is not added to request)<br>
<br>
Solution was to identify clients by source address from where request<br>
comes. (actually from ip assigned to that vlan on cisco switch, vlan<br>
gateway)<br>
<br>
after lots of tries I figured out following config:<br>
<br>
class "ADSL_Universal_34" {<br>
match if ( binary-to-ascii(16, 8, "", packet(24,4)) = "5e89bf1" );<br>
log(info, "matched class ADSL_Universal_34");<br>
log(info, concat("matched class gateway, IP: ",binary-to-ascii(16,<br>
8, "", packet(24,4))));<br>
log(info, concat("matched class gateway, No Binary: ",packet(24,4)));<br>
}<br>
<br>
class "ADSL_Universal_35" {<br>
match if ( binary-to-ascii(16, 8, "", packet(24,4)) = "5e89bf41" );<br>
log(info, "matched class ADSL_Universal_35");<br>
log(info, concat("matched class gateway, IP: ",binary-to-ascii(16,<br>
8, "", packet(24,4))));<br>
log(info, concat("matched class gateway, No Binary: ",packet(24,4)));<br>
}<br>
<br>
subnet 94.137.191.0 netmask 255.255.255.128<br>
{<br>
<br>
pool {<br>
option subnet-mask 255.255.255.192;<br>
option routers 94.137.191.1;<br>
option ip-forwarding FALSE;<br>
deny unknown-clients;<br>
allow members of "ADSL_Universal_34";<br>
range 94.137.191.2 94.137.191.5;<br>
}<br>
<br>
pool {<br>
option subnet-mask 255.255.255.192;<br>
option routers 94.137.191.65;<br>
option ip-forwarding FALSE;<br>
deny unknown-clients;<br>
allow members of "ADSL_Universal_35";<br>
range 94.137.191.66 94.137.191.70;<br>
}<br>
}<br>
<br>
where 5e89bf41 and 5e89bf1 are gateway ip addresses in hex. While using<br>
this config strange thing happens.<br>
<br>
when i use<br>
<br>
deny unknown-clients;<br>
allow members of "ADSL_Universal_35";<br>
<br>
this directives for matching class to pool nothing works but it's<br>
enought for me to remove this lines from config and in log file I see<br>
that incomming requests are matched to class.<br>
<br>
Sep 7 18:36:04 dhcp dhcpd: matched class ADSL_Universal_35<br>
Sep 7 18:36:04 dhcp dhcpd: DHCPINFORM from 94.137.191.2 via 94.137.191.65<br>
Sep 7 18:36:04 dhcp dhcpd: DHCPACK to 94.137.191.2 (d8:d3:85:21:3f:f3)<br>
via em0<br>
<br>
but if i uncomment above two lines I have nothing logged and no ip<br>
addresses assigned.<br>
<br>
I know that it is not good solution and is just a workaround of problem<br>
but I need to make it working.<br>
<br>
Any ideas how to fix?<br>
<br>
Best Regards,<br>
Konstantine Karosanidze,<br>
<br>
CAUCASUS ONLINE ISP<br>
System Administrator<br>
<br>
</blockquote>
<br></div></div>
It's enough to just say 'allow members of ...' and that will deny all other devices. A client identified by a class is still an unknown client.<br>
<br>
Also instead of<div class="im"><br>
<br>
match if ( binary-to-ascii(16, 8, "", packet(24,4)) = "5e89bf41" );<br>
<br></div>
you can be slightly more efficient and say:<br>
<br>
match if ( packet(24,4)) = 5e:89:bf:41 );<br>
<br>
But I am a bit confused by your subnet definition. In the subnet you set a /25 subnet mask, but then in the pool it's different?<br>
<br>
-- <br>
regards,<br>
-glenn<br><font color="#888888">
--<br>
Glenn Satchell | Miss 9: What do you<br>
Uniq Advances Pty Ltd, Sydney Australia | do at work Dad?<br>
mailto:<a href="mailto:glenn.satchell@uniq.com.au" target="_blank">glenn.satchell@uniq.com.au</a> | Miss 6: He just<br>
<a href="http://www.uniq.com.au" target="_blank">http://www.uniq.com.au</a> tel:0409-458-580 | types random stuff.</font><div><div></div><div class="h5"><br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a></div></div></blockquote></div><br></div>