Cleanup leases?
Jeff A. Earickson
jaearick at colby.edu
Thu Sep 28 17:02:02 UTC 2006
Y'all,
I went back and asked our network guy why he picked a 30 day lease,
since the rest of you made fun of our setting. He had two good
defenses for his number, noting that he really prizes the notion
that a machine should *really* get back the same IP number when
used in a stable subnet. He noted that faculty members might
be traveling and gone for a week or two; he wants them to get
back the same number even if that is the case. And we use
Retrospect
(http://www.emcinsignia.com/products/homeandoffice/retroformacintosh/)
to backup our Mac office clients. Retrospect really (stupidly!)
expects IP numbers not to change for backup clients. Since we
don't want to use static/bootp addresses for hundreds of Mac
clients, a long lease time is in our favor. We consider Retrospect's
keying in on IP numbers to be a defect in their product, BTW.
Jeff Earickson
Colby College
On Thu, 28 Sep 2006, Gene Rackow wrote:
> Date: Thu, 28 Sep 2006 10:46:39 -0500
> From: Gene Rackow <rackow at mcs.anl.gov>
> Reply-To: dhcp-users at isc.org
> To: dhcp-users at isc.org
> Subject: Re: Cleanup leases?
>
> Jeff,
> How often does this cleaning cause problems for you?
> With many systems now running local firewalls, there is the
> strong possibility that a machine can not be pinged.
> The result is that your system is going to remove them from
> the known leases and the IP is going to be up for re-use.
> I suspect this is becoming a bigger problem now that the use
> of host based firewalls is becoming an available free option.
>
>
> "Jeff A. Earickson" made the following keystrokes:
> >On Wed, 27 Sep 2006, Glenn Satchell wrote:
> >
> >> Date: Wed, 27 Sep 2006 22:08:19 +1000 (EST)
> >> From: Glenn Satchell <Glenn.Satchell at uniq.com.au>
> >> Reply-To: dhcp-users at isc.org
> >> To: dhcp-users at isc.org
> >> Subject: RE: Cleanup leases?
> >>
> >> The list software strips attachments. Jeff, you need to post the script
> >> in the body of the email.
> >>
> >> regards,
> >> -glenn
> >> --
> >> Glenn Satchell mailto:glenn.satchell at uniq.com.au | Some days we are
> >> Uniq Advances Pty Ltd http://www.uniq.com.au | the flies; some
> >> PO Box 70 Paddington NSW Australia 2021 | days we are the
> >> tel:0409-458-580 tel:02-9380-6360 fax:02-9380-6416 | windscreens...
> >>
> >>> From: "Atiqur Rahman Mohammed" <amohammed at velankani.com>
> >>>
> >>> Still did not find the attachment.
> >>>
> >>> Regards,
> >>>
> >>> Atiqur Rahman Mohammed
> >>> Software Engineer
> >
> >Glenn,
> >
> >I wondered what was going on... Here it is (round 3):
> >
> >---snip---snip---snip
> >#!/usr/bin/perl
> >#
> >#---script to remove leases for a given subnet from your DHCP lease file.
> >#---Removes free leases only in default mode (not really useful), or
> >#---"force clean" mode (-f) which will clean every free AND active
> >#---lease in the subnet EXCEPT for machines which answer a ping.
> >
> >#--- Jeff Earickson, Colby College (jaearick at colby.edu), 6/18/2004
> >
> >use Getopt::Std; # for command line parsing
> >use Net::Ping; # for pinging hosts
> >
> >###################
> >###--- subroutines
> >###################
> >sub usage
> >{
> > print STDERR "Usage: clean_leases.pl [-f] -i input -o output string\n";
> > print STDERR "\t-f\tremove ALL leases in a subnet, active or not\n";
> > print STDERR "\t\tEXCEPT machines that can be pinged\n";
> > print STDERR "\n";
> > print STDERR "\t-N\tNuke ALL leases in a subnet, active or not\n";
> > print STDERR "\t\tno questions asked.\n";
> > print STDERR "\n";
> > print STDERR "\"input\" is the existing dhcpd.leases file\n";
> > print STDERR "\"output\" is the new (cleaned) dhcpd.leases file\n";
> > print STDERR "\"string\" is a IP number string, eg subnet, that\n";
> > print STDERR "\tyou want to clean up, like 137.146.209\n";
> > print STDERR "\n";
> > print STDERR "Stop dhcp, run this program on dhcpd.leases, copy the old\n";
> > print STDERR "lease file to dhcpd.leases.last, put the new (cleaned)\n";
> > print STDERR "lease file in place, restart dhcp.\n";
> > exit 1;
> >}
> >
> >###################
> >###--- main routine
> >###################
> >
> >#---parse the command-line
> >getopts('fi:No:') || &usage;
> >
> >#---input and output files
> >open(FOO,"< $opt_i") || die "cannot open $opt_i";
> >open(BAR,"> $opt_o");
> >
> >if($opt_f)
> >{
> > print "Force cleaning $ARGV[0]. This requires pinging every\n";
> > print "machine in $ARGV[0], which is slow, please be patient...\n";
> >}
> >
> >if($opt_N)
> >{
> > print "NUCLEAR cleaning $ARGV[0]. ALL leases in this subnet REMOVED.\n";
> >}
> >
> >$cleanit = 0;
> >$freestate = 0;
> >$ncleaned = 0;
> >$fcleaned = 0;
> >$nsaved = 0;
> >$nunmatched = 0;
> >$buf="";
> >$lease = "";
> >while(<FOO>)
> >{
> > #---found a match on the IP string
> > if ($_ =~ /^lease $ARGV[0]/)
> > {
> > $ipnumber = $1 if /^lease (\S+) {/;
> > $cleanit = 1;
> > $lease = $_;
> > }
> >
> > #---lease state is free
> > if ($_ =~ / binding state free;/ )
> > {
> > $freestate = 1;
> > }
> >
> > #---append info to the buffer if not end-of-lease marker
> > if ($_ ne "}\n" )
> > {
> > $buf .= $_;
> > }
> > #---end of the lease info. Write to output or ignore?
> > else
> > {
> > #---matches IP string we are interested in
> > if($cleanit == 1)
> > {
> > #---zap all leases, except machines that ping
> > if($opt_f)
> > {
> > #---ping with ping timeout of one second
> > $p = Net::Ping->new();
> > if($p->ping($ipnumber,1))
> > {
> > print "lease $ipnumber answered ping, leaving alone.\n";
> > print BAR $buf."}\n";
> > $nsaved++;
> > }
> > else
> > {
> > #print "force cleaning lease in $ARGV[0]\n";
> > $fcleaned++;
> > }
> > $p->close();
> > }
> > #--- Nuclear cleaning option, even live machines
> > elsif($opt_N)
> > {
> > #print "Nuclear cleaning lease in $ARGV[0]\n";
> > $fcleaned++;
> > }
> > #---only zap free leases (default)
> > else
> > {
> > #---free state so do NOT save the lease info
> > if($freestate == 1)
> > {
> > #print "cleaning free lease in $ARGV[0]\n";
> > $ncleaned++;
> > }
> > #---active lease: save info to output file
> > else
> > {
> > #print "saving active lease in $ARGV[0]\n";
> > print BAR $buf."}\n";
> > $nsaved++;
> > }
> > }
> > }
> > #---no match to IP string, save info to output file
> > else
> > {
> > print BAR $buf."}\n";
> > $buf="";
> > $nunmatched++;
> > }
> > $cleanit=0;
> > $freestate=0;
> > $buf="";
> > $lease = "";
> > }
> >}
> >if($fcleaned > 0)
> >{
> > print "force cleaned $fcleaned leases in $ARGV[0], $nsaved saved\n";
> >}
> >else
> >{
> > print "$ncleaned leases in $ARGV[0] cleaned, $nsaved saved\n";
> >}
> >print "$nunmatched leases unmatched\n";
> >---snip---snip---snip
> >
> >Jeff Earickson
> >Colby College
> >
> >
>
More information about the dhcp-users
mailing list