[rhelv6-list] dhcpd question: limiting scope to mac address identifiers
solarflow99
solarflow99 at gmail.com
Fri Jan 4 02:20:15 UTC 2013
Thanks for the tip, I got it working, but still couldn't stop the dhcp
servers from interfering with each other. I see a lot of messages
like this in syslog:
DHCPDISCOVER from 1c:b0:94:31:20:98 via eth0: network 192.168.2.0/24:
no free leases
It might be a client side problem for not ignoring the NAK offer and
picking up the right one from the other dhcp server, since some
clients do work.
On Fri, Dec 28, 2012 at 9:21 AM, Greg Swift <greg at nytefyre.net> wrote:
>
>
>
> On Thu, Dec 27, 2012 at 7:41 PM, solarflow99 <solarflow99 at gmail.com> wrote:
>>
>> I have been testing with a second dhcp server on the same vlan, and
>> wanted to limit the scope to only serve out to clients that have mac
>> addresses that start with the same 3 octets, something like this
>> maybe?
>>
>>
>> class "custom-clients" {
>> match if substring (option dhcp-client-identifier, 00:50:56);
>> }
>>
>> deny unknown-clients;
>>
>
> you are very close. if you search for 'isc dhcp match vendor' you should
> get a lot of helpful information. You can simply use the hardware address
> rather than an option. Plus unknown-clients refers to systems that do not
> have a host entry in your file. In this case none do, so all clients would
> be denied. You can either do an allow block:
>
> or
>
> class "good" {
> match if substring(hardware,1,3) = AA:BB:CC;
> }
>
> allow members of "good";
>
>
>
>
> or a deny block
>
>
> class "bad" {
> match if not substring(hardware,1,3) = AA:BB:CC;
> }
>
> deny members of "bad";
>
>
> In an ideal world they work the same, but test it out and see how they do
> for your use case.
>
> -greg
>
>
> _______________________________________________
> rhelv6-list mailing list
> rhelv6-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rhelv6-list
More information about the rhelv6-list
mailing list