<html><head> <style type="text/css" title="rt_noDelete">
blockquote.rt {
margin: 0 0 15px;
border-left: 4px solid #81c784;
padding: 0 0 0 12px;
display: block;
}
p { margin: 0 0 0 0 }
.email-signature {font-family:"Arial"; font-size: 8pt; font-style: italic; font-weight: normal; text-decoration: none; }
</style></head><body><p class="norm">Glenn!</p><p class="norm">Thanks!</p><p> </p><p class="norm"></p><p class="norm">
I started down the road of moving and reserving leases via OMAPI - but I can't find a way to *create* leases in OMAPI. (I find no cases/threads where anyone has confirmed the ability to create a new lease, and quite a few threads claiming problems...so I think it's safe to say/assume, that you can't create leases in OMAPI.) So, that kills that approach. Simon's way of hand-editing was great, but it's too klunky/fragile for this use case.</p><p> </p><p>Since I run fail-over and hand-editing the leases file isn't a trivial exercise - the classes route seemed as good as it gets.</p><p>Honestly, I should have looked at it more carefully before I sunk the time into trying to do it in OMAPI. (I won't get those hours back! Ugh!)</p><p> </p><p>Frankly it's pretty easy.</p><p> </p><p>I have to try an actual live move of a host from the "regular" pool, to defining the host mac address and subclass - and then seeing what happens. (It should get a NAK on renewal and "move" into the special/subclass pool.)</p><p> </p><p>A big benefit is that I have a campus network, and we'll be defining pools for each location - with a similar set of pools at each location.</p><p>That means if a printer (for one example) gets picked up and moved from one building to another, it will end up in that building's printer pool.</p><p>We'll have to manage the sub-pool allocation carefully, but I think that's do-able. (So we don't run out of addresses available for devices in those pools.)</p><p> </p><p>But this makes it pretty easy - and doesn't require a lot of gyrations to work well.</p><p> </p><p>I can see putting lots more devices into classes and then letting them find their ways into the proper pools/blocks too.</p><p> </p><p>Thanks for helping teach this old dog new tricks! :)</p><p> </p><p>---</p><p>It looks something like this: (In case anyone wants a quick example.)</p><p> </p><p>---</p><p>class "Printers" {</p>
<p> match hardware;</p>
<p>}</p>
<p><br/></p>
<p>subclass "Printers" 1:00:00:00:00:00:01; #some printer</p>
<p> </p><p>subnet 10.116.1.0 netmask 255.255.255.0 {</p><p> </p>
<p> ignore bootp;</p>
<p> authoritative;</p>
<p> ignore client-updates;</p>
<p> option routers 10.116.1.1;</p>
<p> option subnet-mask 255.255.255.0;</p>
<p> </p>
<p> # Two blocks 31-60, 61-90</p>
<p> pool {</p>
<p> range 10.116.1.31 10.116.1.60;</p>
<p> deny members of "Printers";</p>
<p>#thus: allow all others;</p>
<p> }</p>
<p></p>
<p> pool {</p>
<p> range 10.116.1.61 10.116.1.90;</p>
<p> </p>
<p> allow members of "Printers";</p><p>#Thus: dis-allow all others;</p>
<p> }</p><p> </p>
<p> </p>
<p> }</p><p> </p><p>---</p><p>For anyone following along - I think the "allow" and "deny" statements can be tricky. </p><p>Make sure they actually do what you intend, not just what you _think_ they do.</p>
<p><br/></p><p>Again, thanks all!</p><p> </p><p>-Greg</p><p> </p><p class="norm"><br/></p><p class="norm"></p><blockquote class="rt">
<p>Hi Greg,</p>
<p>What about using a class for the 51-70 pool and use sub-classes to define the allowed mac addresses? There's an example in the dhcpd.conf man page, a bit like this. The leading 1 is added to the mac address to indicate hardware type 1 (ethernet).</p>
<p>class "allocation-class-2" {<br/>match pick-first-value (option dhcp-client-identifier, hardware);<br/>}</p>
<p>subclass "allocation-class-1" 1:8:0:2b:4c:39:ad;<br/>subclass "allocation-class-2" 1:8:0:2b:a9:cc:e3;<br/>subclass "allocation-class-1" 1:0:0:c4:aa:29:44;</p>
<p><br/></p>
<p>regards,</p>
<p>Glenn</p>
<p id="reply-intro">On 2021-08-27 13:37, Gregory Sloop wrote:</p>
<blockquote style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0" type="cite">
<div id="replybody1">
<style type="text/css">#replybody1 blockquote.v1rt {
margin: 0 0 15px;
border-left: 4px solid #81c784;
padding: 0 0 0 12px;
display: block;
}
#replybody1 p { margin: 0 0 0 0 }
#replybody1 .v1email-signature {font-family:"Arial"; font-size: 8pt; font-style: italic; font-weight: normal; text-decoration: none; }</style>
<div>
<p>I have a subnet in dhcpd - lets just assume 192.168.1.0/24</p>
<p>(It's a fail-over served pool - if that matters.)</p>
<p><br/></p>
<p>I have a pool where unknown-clients are allowed</p>
<p>192.168.1.21-40</p>
<p><br/></p>
<p>I'd like to add a new lease for a machine where the IP is outside the unknown pool above. (I don't want to use a host definition with an IP in the conf files, because I want the ddns name to get added via the DDNS mechanisms - which doesn't happen in that case. Plus, if this machine/device gets moved to another subnet, and the host def is still there, it won't get ANY lease in the new subnet - which is bad. I'd like the device to still function if it gets dropped into a new subnet, even if it's not getting a "special" ip any more.)</p>
<p><br/></p>
<p>This new machine/device may have already been added to the network and currently has an address in the 192.168.21-40 pool.</p>
<p><br/></p>
<p>Lets assume I'd like to assign it 192.168.1.51 - and set a reservation. </p>
<p>Lets assume that I'll have several machines I'd like set as "static" between 51-70. </p>
<p>But I don't want just "any" machine to get one of these "special" addresses in the 51-70 range.</p>
<p><br/></p>
<p>What's the best way to go about this?</p>
<p><br/></p>
<p>---</p>
<p>Some thoughts I've had, but this gets complicated.</p>
<p><br/></p>
<p>---</p>
<p>I don't believe I can just add or modify the lease without changing the pool, because even if there's a defined lease, this is still an unknown client. So, even if there's a reserved lease for 192.168.1.51 - the DHCP server won't give out that address because this is an unknown client. (Right?)</p>
<p><br/></p>
<p>Yet if I make a pool for 51-70 and allow unknown clients, then any client might (will) get one - not just the ones I want to "move" there.</p>
<p><br/></p>
<p>I've thought about pre-creating leases for 51-70 and essentially adding "bogus" information for those leases and reserving them. (While allowing unknown-clients for the 51-70 pool - but since they're all "taken" it won't hand one out), Then when I want to move something there, I can remove the "bogus" reservation and move the "real" lease to the appropriate IP in the 51-70 block/pool.</p>
<p><br/></p>
<p>---</p>
<p>Or define the MAC address in a host definition, without an IP definition. (I think DDNS works in this case.)</p>
<p>Then define the 192.168.51-70 pool as "known" hosts only. (And make sure no "other" known hosts accidentally grab one of the IP's in this pool. This part worries me.)</p>
<p><br/></p>
<p>But it seems like I must be making this too hard.</p>
<p>Am I missing something?</p>
<p><br/></p>
<p>Surely someone else has done this and can point me a tried-and-true solution that works without a ton of drama. :)</p>
<p><br/></p>
<p>(Yes, my pools are larger than those, but the details are essentially the same - this example is just more manageable.)</p>
<p><br/></p>
<p>Thanks!</p>
<p>-Greg</p>
<p><br/></p>
<p><br/></p>
</div>
</div>
<br/>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">_______________________________________________<br/>ISC funds the development of this software with paid support subscriptions. Contact us at <a href="https://www.isc.org/contact/" rel="noopener noreferrer" target="_blank">https://www.isc.org/contact/</a> for more information.<br/><br/>dhcp-users mailing list<br/><a href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a><br/><a href="https://lists.isc.org/mailman/listinfo/dhcp-users" rel="noopener noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a></div>
</blockquote>
</blockquote><br/>
<div class="email-signature"><br/>
</div></body>