<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFCC">
<br>
<br>
<div class="moz-cite-prefix">On 27/09/2019 15.59, Surya Teja wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+0Ac3w0KocoF79jv=1HWRquX3sb3gA=jT8M_zzSErwvO61GUQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Hi Bill,<br>
<div>Do you have 40,000 clients?</div>
<div>Yes some times the dhcp client traffic reaches nearly
40-50k in my environment.</div>
<div>What is you goal here? <br>
</div>
<div>I want to avoid the untrusted dhcp clients to request the
server and fill up the leases, So I went through internet and
found that option 82 can be a similar functionality.</div>
<div>Link I checked for: <a
href="https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=009391&lang=EN"
moz-do-not-send="true">https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=009391&lang=EN</a>
<br>
</div>
</div>
</blockquote>
This example has a few problems:<br>
It defines classes inside the subnet, this is not a good idea. Keep
declarations global.<br>
It does not prevent unknown-clients from getting an IP from any of
the pools, it is missing the deny unknown-clients; statement.<br>
allow members of "VLAN10"; denies other
classes but does not deny unknown-clients as you seem to want.<br>
<blockquote type="cite"
cite="mid:CA+0Ac3w0KocoF79jv=1HWRquX3sb3gA=jT8M_zzSErwvO61GUQ@mail.gmail.com">
<div dir="ltr">
<div> The set up is similar to my environment using relay agents
to forward the packets I want to replicate the setup in my
environment. The adobe techniques is like authenticating the
requests and then granting IP</div>
<div><br>
</div>
<div><br>
</div>
<div> <br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri, Sep 27, 2019 at 6:55
PM Bill Shirley <<a
href="mailto:bill@c3po.polymerindustries.biz"
moz-do-not-send="true">bill@c3po.polymerindustries.biz</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>Yeah, I had found that web page too. But note later on
that page he states about his patch:<br>
<font color="#993300"><tt>This has been tested on a Xeon
2.8 Ghz server, it uses just a few percent of CPU with
40.000 DHCP clients. </tt><tt><br>
</tt></font>Do you have 40,000 clients?<br>
<br>
I use many classes in my DHCP configurations on 15+
servers. I haven't had a problem<br>
with DHCP eating up all the resources.<br>
<br>
What is you goal here? Are you wanting to assign a fixed
address for each client?</p>
<p>Bill<br>
</p>
<div>On 9/27/2019 7:32 AM, Surya Teja wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi Bill Thanks for reply<br>
<div>Why are you avoiding the class statement? </div>
<div>In one of the google forum I have read the
statement saying like </div>
<div><span>The internal implementation in ISC DHCPD of
classes is such that it scales in a non-linar way -
O(N^2) or something. So suddenly you'll end up with
dhcpd eating 100% CPU.</span></div>
<div>So I just want to avoid the classes </div>
<div>While surfing I found that for the host declaration
statements we can use the syntax like </div>
<div>
<pre style="color:rgb(0,0,0)">EX: host client-name-1 {
<b>host-identifier option agent.circuit-id "dslam42.port22";</b>
hardware ethernet 00:e0:4c:a7:ca:de;
fixed-address 192.168.0.6;
}</pre>
</div>
<div> So I just want to know any
config statements similar like above applies for scope
sections<br>
</div>
<div><br>
</div>
<div>What does the agent.circuit-id and agent.remote-id
contain? I can't figure out why you're using substring
on these values (in your original post).</div>
<div>It is just sample example I found in the forum, I
don't have issue with directly checking without using
the substring function or <span
style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13.44px">binary-to-ascii</span> to
cross check the values </div>
<div><br>
</div>
<div>Thanks</div>
<div> <br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri, Sep 27, 2019
at 4:06 PM Bill Shirley <<a
href="mailto:bill@c3po.polymerindustries.biz"
target="_blank" moz-do-not-send="true">bill@c3po.polymerindustries.biz</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px
0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>Options in a pool are options to be <b>sent</b>
not matched.</p>
<p>Why are you avoiding the class statement? What
does the agent.circuit-id and agent.remote-id
contain?<br>
I can't figure out why you're using substring on
these values (in your original post).<br>
</p>
<p>Bill<br>
</p>
<div>On 9/27/2019 3:44 AM, Surya Teja wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi <br>
<div>It might be too many questions but I wan to
configure my dhcpd configuration file by
avoiding the classes as much as possible</div>
<div>If the subnet is configured as like below
snippet </div>
<div>subnet 192.168.10.0 netmask 255.255.255.0
{ </div>
<div> pool { </div>
<div> range 192.168.10.10
192.168.10.199; <br>
option subnet-mask 255.255.255.0;<br>
option routers 10.1.10.1;<br>
option domain-name "<a
href="http://test.com" target="_blank"
moz-do-not-send="true">test.com</a>";<br>
option agent.circuit-id "22";<br>
option agent.remote-id
"192.168.10.242";</div>
<div> } <br>
}<br>
</div>
<div>can we achieve the option 82 configuration
setup with above snippet</div>
<div> Thanks in advance and or if any reference
links to setup the option 82 functionality
without class can also be appreciated</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Sep
26, 2019 at 7:42 PM Surya Teja <<a
href="mailto:suryateja042@gmail.com"
target="_blank" moz-do-not-send="true">suryateja042@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Hi is the option 82 supported
by using class concept only ?
<div>or can it be defined as other general
options like domain-name server, router in
scope section ?</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue,
Sep 24, 2019 at 12:49 PM Surya Teja <<a
href="mailto:suryateja042@gmail.com"
target="_blank" moz-do-not-send="true">suryateja042@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Hi, <br>
I am trying to configure the dhcp option
82, went through the google forums and
one of it suggest the syntax like<br>
# vim /etc/dhcp/dhcpd.conf<br>
########################################################<br>
log-facility local7;<br>
<b>class "VLAN10" {<br>
match if
binary-to-ascii(10,16,"",substring(option
agent.circuit-id,2,2)) = "10";<br>
} # VLAN10<br>
class "VLAN20" { <br>
match if ( substring(option
agent.remote-id,2,15)="10.5.20.4" <br>
and binary-to-ascii(10, 16,
"",substring(option agent.circuit-id,
4, 2)) = "2" ); <br>
}</b><br>
subnet 192.168.10.0 netmask
255.255.255.0 {<br>
pool {<br>
<b>allow members of
"VLAN10";</b><br>
default-lease-time
600;<br>
max-lease-time
7200;<br>
range
192.168.10.1 192.168.10.199;<br>
option routers
192.168.10.254;<br>
option broadcast-address
192.168.10.255;<br>
option subnet-mask
255.255.255.0;<br>
option
domain-name-servers 4.2.2.2;<br>
}<br>
}<br>
subnet 192.168.20.0 netmask
255.255.255.0 {<br>
pool {<br>
<b> allow members of
"VLAN20";</b><br>
default-lease-time
600;<br>
max-lease-time
7200;<br>
range
192.168.20.20 192.168.20.199;<br>
option routers
192.168.20.254;<br>
option broadcast-address
192.168.20.255;<br>
option subnet-mask
255.255.255.0;<br>
option domain-name-servers
4.2.2.2;<br>
<br>
}<br>
(Just ignore ip values)<br>
can we configure this concept only by
using classes and make it allow or deny
like that?<br>
or can we use the option space concept
to get it worked(do we have any other
syntax). Thanks in advance<br>
</div>
</blockquote>
</div>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
dhcp-users mailing list
<a href="mailto:dhcp-users@lists.isc.org" target="_blank" moz-do-not-send="true">dhcp-users@lists.isc.org</a>
<a href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank" moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/dhcp-users</a>
</pre>
</blockquote>
</div>
_______________________________________________<br>
dhcp-users mailing list<br>
<a href="mailto:dhcp-users@lists.isc.org"
target="_blank" moz-do-not-send="true">dhcp-users@lists.isc.org</a><br>
<a
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
rel="noreferrer" target="_blank"
moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
dhcp-users mailing list
<a href="mailto:dhcp-users@lists.isc.org" target="_blank" moz-do-not-send="true">dhcp-users@lists.isc.org</a>
<a href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank" moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/dhcp-users</a>
</pre>
</blockquote>
</div>
_______________________________________________<br>
dhcp-users mailing list<br>
<a href="mailto:dhcp-users@lists.isc.org" target="_blank"
moz-do-not-send="true">dhcp-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/dhcp-users"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
dhcp-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/dhcp-users">https://lists.isc.org/mailman/listinfo/dhcp-users</a>
</pre>
</blockquote>
<br>
</body>
</html>