Address from wrong pool

Siegenthaler Tina tina at ieu.uzh.ch
Mon Feb 8 11:13:03 UTC 2010 

> Include acts like it is in the global scope, so the deny doesn't  
> really get put inside the pool.

I see. Then this won't work.

>
> You could create another class and make all your "fixed" hosts be a  
> member of that,then deny it. For example:
>
> class "IEU_0024_L1" { match hardware; }
> class "IEU_0025_L1" { match hardware; }
> class "all_fixed_hosts" { match hardware; }
>
> subclass "IEU_0024_L1" 1:00:00:aa:9d:26:79;
> subclass "IEU_0025_L1" 1:00:10:83:41:ef:e4;
> subclass "all_fixed_hosts" 1:00:00:aa:9d:26:79;
> subclass "all_fixed_hosts" 1:00:10:83:41:ef:e4;
>
> subnet 130.60.33.32 netmask 255.255.255.224 {
>        option routers 130.60.33.33;
>        option broadcast-address 130.60.33.63;
>    pool { allow members of "IEU_0024_L1" ; range 130.60.33.36; }
>    pool { allow members of "IEU_0025_L1" ; range 130.60.33.37; }
>        pool {
>                failover peer "DHCP-IEU";
>                deny dynamic bootp clients;
>                allow known-clients;
> 		deny members of "all_fixed_hosts";
>                range 130.60.33.40 130.60.33.50;
>        }
>        default-lease-time 21600;
>        max-lease-time 21600;
> }
>

Yes, that's how we used to configure it, but it has always been a bit  
complicated to generate from our database (we have more than one  
subnet and thus had to create a "fixed" class for each subnet), so  
we've been hoping to keep it more simple. We don't have a lot of fixed  
address hosts, so at the moment, we are testing to "include" the  
entire pools instead of just the deny statements, like this:

pool {
failover peer „DHCP-IEU“;
deny dynamic bootp clients;
allow known-clients;
deny members of "IEU_0057_L1";
deny members of "IEU_0501_L1";
range 130.60.79.200 130.60.79.220;
}

and then include it in the respecticve subnet. This seems to work and  
is a bit less complicated than using  the fixed address classes.


> Also where you have only a single host in a class you could use a  
> more specific class and save on the subclass definition. Might make  
> a difference if you have lots of these hosts.
>
> class "IEU_0024_L1" { match if hardware = 00:00:aa:9d:26:79; }
>


Thanks, that's cool, I didn't know about that. We are currently  
creating a new database, so this will come in very handy and make  
things much easier.



Thanks to everbody else who replied, too. I really appreciate this  
list - people here are so helpful. Thanks a lot!


Tina

More information about the dhcp-users mailing list