How to not allocate any address to a specific host?
Glenn Satchell
Glenn.Satchell at uniq.com.au
Mon Mar 13 12:29:01 UTC 2006
The simple way is to use:
host obsolete1 {
hardware 00:0a:e4:36:7b:4b;
deny booting;
}
this is from the dhcpd.conf man page:
The booting keyword
allow booting;
deny booting;
ignore booting;
The booting flag is used to tell dhcpd whether or not to
respond to queries from a particular client. This keyword
only has meaning when it appears in a host declaration. By
default, booting is allowed, but if it is disabled for a
particular client, then that client will not be able to get
an address from the DHCP server.
deny and ignore disable getting an address from the dhcp server. Use of
deny will log the request in syslog, use of ignore won't even do that.
regards,
-glenn
>Date: Mon, 13 Mar 2006 12:45:37 +0100
>From: David Landgren <david at landgren.net>
>To: dhcp-users at isc.org
>Subject: How to not allocate any address to a specific host?
>
>List,
>
>I have a number of "retired" PCs (e.g. Windows 95/Windows 98) that
>people insist on putting back into service, which then translates into
>support calls because things don't work. Yes, the idea is to recover the
>PCs and dispose of them, but we carry out that operation only once or
>twice a year.
>
>I can identify these hosts by their MAC address. What I would like to do
>is to either refuse to allocate them any address, or allocate them an
>address from a bogus address space, in order to disable the host. In
>other words, if I don't know anything in particular about a MAC address,
>I grant an allocation, but refuse an allocation to a specific MAC address.
>
>The attempts I've made don't appear to generate DHCPNAKs and/or the host
>continues to use its last-known good address. Here's the config that
>seems to me to be the closest to what I want to achieve:
>
># dhcpd.conf -- configuration file for dhcpd server
>
>authoritative;
>ddns-update-style none;
>
>log-facility local6;
>
>class "obsolete-hosts" {
> match pick-first-value (option dhcp-client-identifier, hardware);
>}
>
># i000003492
>subclass "obsolete-hosts" 00:0a:e4:36:7b:4b;
>
>shared-network example-net {
>
> subnet 172.17.0.0 netmask 255.255.224.0 {
> range 172.17.16.0 172.17.17.255;
> option ntp-servers 172.17.0.8;
> option time-servers 172.17.0.8;
> option routers 172.17.0.6;
>
> option domain-name "example.com";
> option domain-name-servers 172.17.0.8, 172.17.0.18;
> option netbios-node-type 2;
> option netbios-name-servers 172.17.0.8;
>
> default-lease-time 86400; # 1 days
> max-lease-time 864000; # 10 days
> }
>
> subnet 10.2.0.0 netmask 255.255.255.252 {
> pool {
> allow members of "obsolete-hosts";
> deny unknown-clients;
>
> default-lease-time 15;
> max-lease-time 10;
> range 10.2.0.0 10.2.0.3;
> }
> }
>}
>
>======= end dhcpd.conf =======
>
>So, what am I missing here? I've scoured the man page, the archives and
>the web. Surely someone else has needed to do this before, but my search
>terms seem to have come to naught, or rather the examples I've come
>across don't appear to work. (I even found one example config that
>causes dhcpd to segfault on startup!)
>
>Thanks,
>David
>--
>"It's overkill of course, but you can never have too much overkill."
>
>
More information about the dhcp-users
mailing list