How to not allocate any address to a specific host?
David Landgren
david at landgren.net
Mon Mar 13 11:45:37 UTC 2006
List,
I have a number of "retired" PCs (e.g. Windows 95/Windows 98) that
people insist on putting back into service, which then translates into
support calls because things don't work. Yes, the idea is to recover the
PCs and dispose of them, but we carry out that operation only once or
twice a year.
I can identify these hosts by their MAC address. What I would like to do
is to either refuse to allocate them any address, or allocate them an
address from a bogus address space, in order to disable the host. In
other words, if I don't know anything in particular about a MAC address,
I grant an allocation, but refuse an allocation to a specific MAC address.
The attempts I've made don't appear to generate DHCPNAKs and/or the host
continues to use its last-known good address. Here's the config that
seems to me to be the closest to what I want to achieve:
# dhcpd.conf -- configuration file for dhcpd server
authoritative;
ddns-update-style none;
log-facility local6;
class "obsolete-hosts" {
match pick-first-value (option dhcp-client-identifier, hardware);
}
# i000003492
subclass "obsolete-hosts" 00:0a:e4:36:7b:4b;
shared-network example-net {
subnet 172.17.0.0 netmask 255.255.224.0 {
range 172.17.16.0 172.17.17.255;
option ntp-servers 172.17.0.8;
option time-servers 172.17.0.8;
option routers 172.17.0.6;
option domain-name "example.com";
option domain-name-servers 172.17.0.8, 172.17.0.18;
option netbios-node-type 2;
option netbios-name-servers 172.17.0.8;
default-lease-time 86400; # 1 days
max-lease-time 864000; # 10 days
}
subnet 10.2.0.0 netmask 255.255.255.252 {
pool {
allow members of "obsolete-hosts";
deny unknown-clients;
default-lease-time 15;
max-lease-time 10;
range 10.2.0.0 10.2.0.3;
}
}
}
======= end dhcpd.conf =======
So, what am I missing here? I've scoured the man page, the archives and
the web. Surely someone else has needed to do this before, but my search
terms seem to have come to naught, or rather the examples I've come
across don't appear to work. (I even found one example config that
causes dhcpd to segfault on startup!)
Thanks,
David
--
"It's overkill of course, but you can never have too much overkill."
More information about the dhcp-users
mailing list