Dual DNS server farms in dhcpd.conf
John Tabasz (jtabasz)
jtabasz at cisco.com
Wed Apr 29 00:56:50 UTC 2009
Hi Glenn,
Dohh!
When snooping the packets coming from my designated client I see
something called "client-class-identifier" whose value is "MSFT 5.0".
But nothing called vendor-class-identifier.
Anyway, I deeply appreciate the help I have received on this issue. It
works after having separated the option and vendor-class-identifier in
the config file.
Where can I donate?
Thanks Again,
John
-----Original Message-----
From: dhcp-users-bounces at lists.isc.org
[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Glenn Satchell
Sent: Tuesday, April 28, 2009 4:51 PM
To: dhcp-users at lists.isc.org
Subject: RE: Dual DNS server farms in dhcpd.conf
Hi John
>Class "MSFT" {
> match is substring (option-vendor-class-identifier, 0, 4) = "MSFT";
That should be
option vendor-class-identifier
note that it is two words "option" and "vendor-class-identifier".
With the extra "-" in there the parser sees this as a new variable with
null value which will never match "MSFT".
If you use a packet capture program you can see the contents of the
various dhcp options, eg wireshark, snoop, tcpdump, etc.
The options (there are lots of them) are defined in the dhcp-options man
page.
regards,
-glenn
>Date: Tue, 28 Apr 2009 13:51:33 -0700
>From: "John Tabasz (jtabasz)" <jtabasz at cisco.com>
>
>Hi All,
>
>Thanks to all who have chimed in on this for me. I just tried it in the
>lab and my W2K SP4 PC failed to get the dns server addresses included
>in the class "MSFT"; declaration. It still gets the dns server IP
>addresses and domain name that are in the subnet declaration.
>
>I added this:
>
>Class "MSFT" {
> match is substring (option-vendor-class-identifier, 0, 4) = "MSFT";
> option domain-name "testdomain.mydomain.com";
> option domain-name-servers 128.104.107.239, 192.168.230.199; }
>
>Then the subnet declaration looks like this:
>
>Subnet 25.25.25.0 netmask 255.255.255.0 {
> option routers 25.25.25.1;
> option subnet-mask 255.255.255.0;
> option domain-name-servers 10.10.3.25, 10.10.4.25;
> option domain-name "mydomain.com";
> deny-unknown-clients;
>}
>
>Then the host declaration looks like this:
>
> host testhostPC01 {
> hardware ethernet 0:07:e9:e0:52:a0;
> fixed-address 25.25.25.96;
> option hostname "testhostPC01";
>}
>
>I restarted the dhcpd process between each set of changes to the
>dhcpd.conf file and got no syntax errors.
>
>Anything here look wrong or right?
>
>Thanks,
>
>John
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Randall C
>Grimshaw
>Sent: Tuesday, April 28, 2009 12:12 PM
>To: 'Users of ISC DHCP'
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>You are correct, but I think Vista has a habit of using info in some
>cases.
>
>Randy
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of John Tabasz
>(jtabasz)
>Sent: Tuesday, April 28, 2009 2:05 PM
>To: Users of ISC DHCP; Glenn Satchell
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>
>
>Randy,
>
>Thanks for the response.
>
>In which cases will dhcpd provide the global, and I'm assuming by
>global we are talking about the non PC specific dns entries, dns
addresses?
>What I'm assuming that you are saying is that the dhcpd will respond
>with the "class MSFT" defined dns server addresses when responding to a
>DHCPREQ and the client will come up with the correct dns entries. The
>problem comes in when a DHCPINFO is sent to the dhcpd, in which case
>the global dns entries are sometimes sent in response. Is this true?
>
>DHCPINFO is not something that will happen unless specifically
>initiated by the client. Under what circumstances will a DHCPINFO take
>place on a MSFT client?
>
>Just trying to understand,
>
>John
>
>
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Randall C
>Grimshaw
>Sent: Tuesday, April 28, 2009 10:32 AM
>To: Users of ISC DHCP; Glenn Satchell
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>This sounds like it should work fairly well for you, but one thing to
>follow-up on is the client behavior when issuing DHCPINFO requests.
>DHCPd will provide the global default DNS in such cases.
>
>We do something like this using the group method as someone else
>suggested to you, but the success is limited to a use case where it is
>non-critical that the users get the correct address every time.
>
>Randy
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of John Tabasz
>(jtabasz)
>Sent: Tuesday, April 28, 2009 1:12 PM
>To: Glenn Satchell; Users of ISC DHCP
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>Hi Glenn,
>
>This is almost exactly what I was looking for. Thanks for the reply.
>I'll test it out today.
>By the way, how would I have found this information on my own?
>
>Thanks,
>
>John
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Glenn Satchell
>Sent: Monday, April 27, 2009 9:21 PM
>To: dhcp-users at lists.isc.org
>Subject: Re: Dual DNS server farms in dhcpd.conf
>
>
>>Date: Mon, 27 Apr 2009 15:23:09 -0700
>>From: "John Tabasz (jtabasz)" <jtabasz at cisco.com>
>>
>>Hi All,
>>
>>I have a situation where I want to use dhcpd.conf to serve up
>>addresses
>
>>that are statically assigned. I have previously used the following to
>>do
>>this:
>>
>>shared-network TEST {
>>
>>subnet 192.168.200.0 netmask 255.255.255.0 { option routers
>>192.168.200.1;
>> option subnet-mask 255.255.255.0;
>> option domain-name-servers 10.1.1.25,10.1.2.25,10.1.3.25;
>> option domain-name "mydomain.com";
>>deny unknown-clients;
>>}
>>
>> host dev5c.mydomain.com {
>> hardware ethernet 0:3:ba:11:b1:75;
>> fixed-address 192.168.200.165;
>> option host-name "dev5c";
>> }
>>
>>}
>>
>>This worked fine until a new requirement came up that the PCs on the
>>network and the Unix workstations on the same subnet should receive a
>>different set of DNS server IP addresses.
>>
>>I wrote a couple of perl scripts that take the host info and massage
>>it
>
>>into the dhcpd.conf file. One way of getting what I want is to add
>>logic into the scripts that examine the hostname and if the name
>>indicates that the device is a PC, add the correct DNS server info
>>into
>
>>the host declaration. This rather than using the shared-network global
>>command to set the DNS servers for the whole subnet.
>>
>>Is there a DHCP option that returns the kernel that the client is
>>running? If so, is there a way to use this info to manipulate the DNS
>>entries?
>>
>>Suggestions?
>>
>
>This will identify the Windows PCs and override their dns servers. The
>subnet definition stays pretty much as it is, although you don't really
>need the shared-network around the subnet and host definitions.
>
>class "MSFT" {
> match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
> option domain-name-servers 10.1.1.26,10.1.2.26,10.1.3.26; }
>
>regards,
>-glenn
>
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
More information about the dhcp-users
mailing list