Configuration question..
B. Cook
bcook at poklib.org
Wed Sep 13 12:50:33 UTC 2006
Glenn Satchell wrote:
>> To: dhcp-users at isc.org
>> Subject: Re: Configuration question..
>> From: Keith.Neufeld at wichita.edu
>> Date: Tue, 12 Sep 2006 09:20:54 -0500
>>
>>> . . .
>>>
>>> The webmin gui doesn't show us the defined hosts we have, and we can't
>>> figure out where/how to add them.. so I started to think that somehow
>>> our config is incorrect..
>>>
>>> . . .
>>>
>>> We use hosts in pools, b/c I have one setup for unknown clients and one
>>> for known clients.. and well, in the pools I can't see the defined hosts
>>> that we have in the webmin gui.
>> The fact that the host declarations are inside the pool declaration is
>> actually irrelevant to whether they can get a lease from that pool or
>> not--the determination is made (in your configuration) by whether they're
>> known (listed anywhere in the configuration) or unknown.
>>
>> To demonstrate that, take the host declaration for ronlapbop [sic] and
>> move it to the 10.0.0.0 "Public Network" section of your configuration,
>> then try to boot it on your 192.168.1.0 subnet. It'll still get an
>> address from one of your known-host ranges, _not_ from the 192.168.1.20-25
>> range for unknown clients.
>>
>> There's been a thread on the mailing list recently about proper placement
>> of host declarations; but the common wisdom is to put them _outside_ of
>> all blocks, in the global scope, UNLESS you specifically want them to use
>> some of the options from their "home" subnet even when they're roaming to
>> other subnets. [Did I say that about right?] Putting host declarations
>> inside subnet or pool declarations can lead people to think the hosts are
>> tied to getting addresses only from the subnet or pool (which isn't
>> actually the case), so it's nicer to put them globally and avoid the
>> confusion.
>>
>>
>> It may be just the way my browser is displaying the file, but I prefer
>> indenting blocks visually to match their syntactic nesting--so it'd be
>> easier for me to read quickly if e.g. the stuff inside the 10.0.0.65-94
>> pool were indented by another tabstop, and the hosts inside it (if they
>> stay there) indented two tabstops from where they appear now.
>>
>> My $.02.
>
> One other idea is to use the group { } function when you have some
> common options for different groups of hosts. See below.
>
> I also agree with the wisdom of moving the host declarations to the
> global scope. They will still pick up appropriate subnet and pool
> settings based on whichever subnet or pool they get assigned an address
> from. I would venture to say this seems to be the collective "best
> practice" of the mailing list.
>
> I would then move the option settings from the pool to the subnet scope.
>
> The file would start to look a bit like this:
>
> #global options
>
> group {
> option routers 0.0.0.0;
> host ... { }
> host ... { }
> }
> host ... { }
> host ... { }
>
> subnet 192.168.1.0 netmask 255.255.255.0 {
> option domain-name "adriance.poklib.org";
> option domain-name-servers 192.168.1.2;
> option netbios-name-servers 192.168.1.248;
> option netbios-node-type 8;
> #option netbios-node-type 4;
> option routers 192.168.1.3;
> #option routers 192.168.1.2;
>
> pool {
> deny unknown clients;
> range ...
> ...
> } # close pool
> } # close subnet
>
> subnet 10.0.0.0 netmask 255.255.255.128 {
> option ...
> range ...
> allow unknown clients;
> }
>
> You have authoritative in the global scope, so no need to repeat it in
> subnet or pool scopes.
>
> My two cents worth, hope it helps.
>
> regards,
> -glenn
> --
> Glenn Satchell mailto:glenn.satchell at uniq.com.au | Heard about
> Uniq Advances Pty Ltd http://www.uniq.com.au | the new Unix
> PO Box 70 Paddington NSW Australia 2021 | sports car?
> tel:0409-458-580 tel:02-9380-6360 fax:02-9380-6416 | The rwx
>
>
Ok,
I'm trying to understand this.. and thinking I'm still missing
something (as I'm still getting the warning..)
So here is the rough skeleton of what I'm doing..
# dhcpd.conf
authoritative;
other_global_options;
subnet 192.168.1.0 netmask 255.255.255.0 {
global_settings_for_this_subnet;
pool {
deny unknown clients;
range 192.168.1.100 192.168.1.105;
}
group {
option routers 0.0.0.0;
host one { hardware ethernet aa:bb:cc:dd:ee:f1; fixed-address
192.168.1.99; }
}
host two { hardware ethernet aa:bb:cc:dd:ee:f2; fixed-address
192.168.1.98; }
host three { hardware ethernet aa:bb:cc:dd:ee:f3; }
pool {
allow unknown clients;
range 192.168.1.20 192.168.1.25;
option domain-name-servers 0.0.0.0;
}
} # close subnet 192.168.1.0/24
# public network
subnet 10.0.0.0 netmask 255.255.255.128 {
other_options_here;
option router 10.0.0.87;
pool {
allow unknown clients;
range 10.0.0.95 10.0.0.125;
}
group {
option routers 10.0.0.62;
host something { hardware ethernet 11:22:33:44:55:61; fixed-address
10.0.0.5; }
}
host another { hardware 11:22:33:44:55:62; }
} # close subnet 10.0.0.0/25
This still gives me warnings:
WARNING: Host declarations are global. They are not limited to the
scope you declared them in
do I need to define the hosts outside the subnets even? but if I do that
how will it know what hosts to apply what to? how would it tell the
different between hosts one, two and another? Or am I just missing
something that should be glaringly obvious?
More information about the dhcp-users
mailing list