[rhelv6-list] dhcpd question: limiting scope to mac address identifiers
Greg Swift
greg at nytefyre.net
Fri Dec 28 14:21:10 UTC 2012
On Thu, Dec 27, 2012 at 7:41 PM, solarflow99 <solarflow99 at gmail.com> wrote:
> I have been testing with a second dhcp server on the same vlan, and
> wanted to limit the scope to only serve out to clients that have mac
> addresses that start with the same 3 octets, something like this
> maybe?
>
>
> class "custom-clients" {
> match if substring (option dhcp-client-identifier, 00:50:56);
> }
>
> deny unknown-clients;
>
>
you are very close. if you search for 'isc dhcp match vendor' you should
get a lot of helpful information. You can simply use the hardware address
rather than an option. Plus unknown-clients refers to systems that do not
have a host entry in your file. In this case none do, so all clients would
be denied. You can either do an allow block:
or
class "good" {
match if substring(hardware,1,3) = AA:BB:CC;
}
allow members of "good";
or a deny block
class "bad" {
match if not substring(hardware,1,3) = AA:BB:CC;
}
deny members of "bad";
In an ideal world they work the same, but test it out and see how they
do for your use case.
-greg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhelv6-list/attachments/20121228/97f3c13f/attachment.htm>
More information about the rhelv6-list
mailing list