In reply to<br>
<b>jeffrey j donovan</b>
<a href="mailto:dhcp-users%40lists.isc.org?Subject=Re%3A%20Diferent%20dhcp%20relay&In-Reply-To=%3C0383CF61-0699-42F5-A715-52DA844E9182%40beth.k12.pa.us%3E" title="Diferent dhcp relay">donovan at beth.k12.pa.us
</a><br>
<i>Tue Oct 11 15:12:20 UTC 2011<br><br></i>><br>
> Hello,<br>
><br>
> I'm running a dhcp server and recently I needed to add a second relay that will connect to this server.<br>
>> When you talk about relays,.. are you talking about UDP helper relays ?<br>Yes<br>
<br>>> [ dhcpd ]--A.x.x.x/24---[ relay1 ]---B.x.x.x/24 --{ client }<br>>> |--A.x.x.x/24---[ relay 2]---C.x.x.x/24 --{ client }<br>>><br>>> does your setup look similar to this ^ ?<br>
Yes, my setup is like that.<br>
<br>
><br>
> My relays are on the networks<br>
> 10.1<br>
> and 10.2<br>
><br>
> This is a cable network so cm's will be served from 10.1 and 10.2<br>
> Due to equipment restrictions I require to use the dhcp giaddr of 10.1.x.1 and 10.2.x.2 for all the hosts<br>
> requesting a IP address.<br>
<br>
<br>>> are these two subnets on the same physical broadcast zone ? or are the on separate VLANS ?<br>Same physical broadcast zone no vlans.<br>
<br>
<br>
><br>
> To solve this I created to shared networks<br>
> The cpe hosts in share net 1 work well no issues the cm's get online ok<br>
><br>
> My problem is in the new equipment in share net 2 cm's get online well,<br>
> cpe's don't they allways get<br>
> DHCPDISCOVER from 00:14:2a:xc:xx:xc via x.x.x.x: unknown client<br>
><br>
> My only way to distinct the hosts at this moment is<br>
> CM's have docsis vendor class and have a host { } declaration<br>
><br>
> CPE's use de remote-id that's obtained from the relay<br>
><br>
> I'm missing something in the config for the second shared-network or something is wrong<br>
><br>
> Any sugestions ?<br>
><br>
> Best regards,<br>
> FR<br>
><br>
<br>
greetings<br>
post your dhcpd.conf file<br><br><Dhcpd.conf><br><br>ddns-update-style none;<br>default-lease-time 1800;<br>max-lease-time 7200;<br>authoritative;<br>log-facility local7;<br>allow leasequery;<br>ddns-updates off;<br>
deny duplicates;<br>deny declines;<br>deny client-updates;<br>one-lease-per-client off;<br>update-static-leases on;<br>stash-agent-options true;<br><br>class "online" {<br> match option agent.remote-id;<br>}<br>
<br>include "/etc/dhcp3/online.conf";<br>include "/etc/dhcp3/hostscm.conf";<br>include "/etc/dhcp3/static.conf";<br><br>class "CM" {<br> # only match if first 6 chars of option 61 are docsis<br>
match if (substring(option vendor-class-identifier,0,6) = "docsis");<br> spawn with hardware;<br>}<br><br>class "MTA" {<br>match if (substring(option vendor-class-identifier,0,4) = "pktc");<br>
spawn with hardware;<br>}<br><br>class "Client" {<br>match if ((substring(option vendor-class-identifier,0,6) != "docsis") and (substring(option vendor-class-identifier,0,4) != "pktc"));<br>spawn with hardware;<br>
}<br><br>class "c3" {<br>match if binary-to-ascii(10, 16, "", substring( option agent.circuit-id,2 ,2)) = "99";<br>spawn with hardware;<br>}<br><br>if known {<br> log (info, concat ("HOSTNAME: ", host-decl-name, " on ",binary-to-ascii (10, 8, ".", leased-address)," at ", binary-to-ascii (16, 8, ":", substring (hardware, 1, 6))));<br>
}<br><br>on commit {<br> set ClientIP = binary-to-ascii(10, 8, ".", leased-address);<br> set ClientMac = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));<br> #set ClientRemoteId = binary-to-ascii(16, 8, ":", substring( option agent.remote-id, 2, 12));<br>
set ClientRemoteId = binary-to-ascii(16, 8, ":", option agent.remote-id);<br> set Via = binary-to-ascii(10, 16, "", substring( option agent.circuit-id,2 ,2));<br> log(concat("Commit: IP: ", ClientIP, " Mac: ", ClientMac," RemoteID: ",<br>
ClientRemoteId, " Via:", Via<br> ));<br> execute("/etc/dhcp3/<a href="http://record.pl">record.pl</a>", "commit", ClientIP, ClientMac, ClientRemoteId);<br>}<br><br>shared-network share1 <br>
{<br> option domain-name "cpe.domain";<br> option ntp-servers x.x.34.20, x.x.34.10;<br> option domain-name-servers x.x.34.10;<br> option time-servers x.x.34.20;<br> default-lease-time 1800;<br>
max-lease-time 1800;<br> option time-offset 0;<br><br> subnet x.x.35.0 netmask 255.255.255.0 {<br> allow unknown-clients;<br> option routers x.x.35.1;<br> pool {<br>
<br> allow members of "online";<br> deny members of "CM";<br><br> range x.x.35.2 x.x.35.26;<br> range x.x.35.28 x.x.35.254;<br> <br>
}<br> } <br><br> subnet 10.1.0.0 netmask 255.255.0.0 {<br> allow bootp;<br> deny unknown-clients;<br> default-lease-time 14400;<br> max-lease-time 14400;<br>
option domain-name-servers x.x.34.20;<br> option ntp-servers x.x.34.20;<br> option time-servers x.x.34.20;<br> option domain-name "cuda.cm.domain";<br>
option time-offset 0;<br><br> option subnet-mask 255.255.0.0;<br> option broadcast-address 10.1.255.255;<br> option routers 10.1.0.1;<br> option log-servers x.x.34.20;<br>
option tftp-server-name "x.x.34.20";<br> next-server x.x.34.20;<br> }<br><br> subnet x.x.34.0 netmask 255.255.255.192 {<br> # CORE NETWORK DONT TOUCH <br>
}<br> <br> subnet 192.168.0.0 netmask 255.255.0.0 {<br> # CORE MANAGEMENT DONT TOUCH<br> }<br><br>}<br><br>shared-network share-c3<br>{<br> option domain-name "c3.cpe.domain";<br>
option ntp-servers x.x.34.20, x.x.34.10;<br> option domain-name-servers x.x.34.20, x.x.34.10;<br> option time-servers x.x.34.20;<br> default-lease-time 800;<br> max-lease-time 800;<br> option time-offset 0;<br>
<br> subnet x.x.48.0 netmask 255.255.255.0 {<br> default-lease-time 800;<br> max-lease-time 800;<br> allow unknown-clients;<br> option routers x.x.48.1;<br> pool {<br> allow members of "online";<br>
range x.x.48.2 x.x.48.200;<br> range x.x.48.201 x.x.48.254;<br> }<br> }<br><br> subnet 10.2.0.0 netmask 255.255.0.0 {<br> deny unknown-clients;<br> allow bootp;<br> default-lease-time 14400;<br>
max-lease-time 14400;<br> option domain-name-servers 192.168.0.30;<br> option domain-name "c3.cm.domain";<br> option time-offset 0;<br> option ntp-servers 192.168.0.30;<br> option time-servers 192.168.0.30;<br>
option subnet-mask 255.255.0.0;<br> option broadcast-address 10.2.255.255;<br> option routers 10.2.0.1;<br> option log-servers 192.168.0.30;<br> option tftp-server-name "192.168.0.30";<br>
next-server 192.168.0.30;<br><br> pool {<br> allow members of "online";<br> range 10.2.0.2 10.2.254.253;<br> }<br> }<br>}<br><br><br>I removed comments for better readability.<br>
Also If I place the network x.x.48.x inside share1 I get ip's delivered to it from network for example x.x.35.x<br>regardless of setting the <br>dhcp-giaddr to policy ; # making the relay agent use the gateway of x.x.48.1 instead of 10.2.0.1 <br>
in the first equipment it looks like I can't specify the use of the normal network IP<br><br>I tryed using circuit-id of the equipments to try to deny them from being delivered from some subnets of share1.<br><br>Thank you for any help.<br>
<br>Best regards,<br>FR<br><br><div class="gmail_quote">On Tue, Oct 11, 2011 at 3:54 PM, André <span dir="ltr"><<a href="mailto:netriver@gmail.com">netriver@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5"><br><div class="gmail_quote">Hello,<br><br>I'm running a dhcp server and recently I needed to add a second relay that will connect to this server.<br><br>My relays are on the networks <br>
10.1<br>and 10.2<br><br>This is a cable network so cm's will be served from 10.1 and 10.2 <br>
Due to equipment restrictions I require to use the dhcp giaddr of 10.1.x.1 and 10.2.x.2 for all the hosts <br>requesting a IP address.<br><br>To solve this I created to shared networks<br>The cpe hosts in share net 1 work well no issues the cm's get online ok<br>
<br>My problem is in the new equipment in share net 2 cm's get online well,<br>cpe's don't they allways get <br>DHCPDISCOVER from 00:14:2a:xc:xx:xc via x.x.x.x: unknown client<br><br>My only way to distinct the hosts at this moment is <br>
CM's have docsis vendor class and have a host { } declaration <br><br>CPE's use de remote-id that's obtained from the relay<br><br>I'm missing something in the config for the second shared-network or something is wrong<br>
<br>Any sugestions ?<br><br>Best regards,<br>FR<br><br>
</div><br>
</div></div></blockquote></div><br>