How to not allocate any address to a specific host?
Simon Hobson
dhcp at thehobsons.co.uk
Mon Mar 13 13:05:40 UTC 2006
David Landgren wrote:
>class "obsolete-hosts" {
> match pick-first-value (option dhcp-client-identifier, hardware);
>}
>
># i000003492
>subclass "obsolete-hosts" 00:0a:e4:36:7b:4b;
>
>shared-network example-net {
>
> subnet 172.17.0.0 netmask 255.255.224.0 {
> range 172.17.16.0 172.17.17.255;
> option ntp-servers 172.17.0.8;
> option time-servers 172.17.0.8;
> option routers 172.17.0.6;
>
> option domain-name "example.com";
> option domain-name-servers 172.17.0.8, 172.17.0.18;
> option netbios-node-type 2;
> option netbios-name-servers 172.17.0.8;
>
> default-lease-time 86400; # 1 days
> max-lease-time 864000; # 10 days
> }
>
> subnet 10.2.0.0 netmask 255.255.255.252 {
> pool {
> allow members of "obsolete-hosts";
> deny unknown-clients;
>
> default-lease-time 15;
> max-lease-time 10;
> range 10.2.0.0 10.2.0.3;
> }
> }
>}
>So, what am I missing here?
You don't have the right allow/deny statements.
Firstly, there is nothing to deny obsolete-hosts from the 172.17
subnet. So in here you want "deny members of "obsolete-hosts"".
Secondly, you have mixed allow & deny in the 10.2 subnet. I believe
this does NOT work as you might expect. Having "allow members of
"obsolete-hosts"" is sufficient to deny anything NOT in that class.
What is probably happening is that a client with a 172.17 address is
added to the obsolete-hosts class, but because it isn't denied from
having an address in that subnet, it can carry on leasing that
address.
So you probably want something like :
shared-network example-net {
subnet 172.17.0.0 netmask 255.255.224.0 {
other stuff
pool {
deny members of "obsolete-hosts";
range 172.17.16.0 172.17.17.255;
}
}
subnet 10.2.0.0 netmask 255.255.255.252 {
default-lease-time 15;
max-lease-time 10;
pool {
allow members of "obsolete-hosts";
range 10.2.0.0 10.2.0.3;
}
}
}
Simon
More information about the dhcp-users
mailing list