How can I configure a DHCP server to assign addresses based on the OS that is running

Fri May 21 19:53:48 UTC 2010

Thanks again Glenn for your help....

It took me some digging into the documentation and I figured out why I 
was not getting the -

  set vendor-string = "MSFT 5.0";

sort of response in the dhcpd.leases file. Apparently to get that I must 
use a very explicit specification in the dhcpd.conf file -

set vendor-string = option vendor-class-identifier;

The form you suggested -

myvendor = option vendor-class-identifier;

does not work for me... The "set vendor-string = option 
vendor-class-identifier; "  declaration does produce the expected 
response in the dhpcd.leases files and yes the string from the Windows 
clients I have so far tested does start with "MSFT"

That accomplished, I then tried the two variations of host declarations 
you suggested, using the conditional if expression, to wrap the host 
declarations, and within individual host declarations. Both forms failed 
with syntax errors. I fooled with it quite a bit, but it appears that 
the parser is just not going to allow using anything other than the 
hardware ethernet address or the option dhcp-client-identifier to match 
against when assigning a fixed IP address to a client. (The man pages 
seem to imply that as well...)

If indeed the dhcpd server is this restrictive about what is allowed 
when assigning fixed addresses, within host declarations, then IMHO it 
is a serious oversight on the designers part! Thoughts, ideas?

I have not tried the class declaration you suggested, as it is my 
understanding (and please correct me if I am wrong) that the class 
declaration is used in conjunction with the assignment of addresses to 
clients from a pool of addresses. And I am only interested in assigning 
a fixed address..  But I wonder, is it possible to define a pool of only 
one address? If so, I have not figured out how yet... Seems like that 
would be a back handed way to assign fixed addresses but I am willing to 
stand on my head if I have to.. LOL...

It may be that using the option dhcp-client-identifier along with the -

deny duplicates;

declaration you told me about will be sufficient, but it is damn hard to 
discover the value of the dhcp-client-identifier for some of our systems 
that are already configured to receive a static IP address based on 
their MAC address. If these systems go dual boot, then I will have to 
temporarily configure them to receive a dynamic IP address and look in 
the dhcpd.leases file to discover what they are sending as a client 
identifier. I tried to set up a log statement as you suggested -

log (info, option vendor-class-identifier);
log (info, option dhcp-client-identifier);

and discovered, much to my chagrin, that Microsoft sends a null byte as 
the second byte of the dhcp-client-identifier, so the log function 
truncates the string and only puts out the first byte. Linux puts out a 
leading null byte so nothing gets reported in the log file.  GROAN!!

How this gets properly put out in the dhcpd.leases files is an 
interesting question! Some engineer must have realized that 
dhcp-client-identifiers do not adhere to using normal string formats and 
compensated for it in the dhcpd.leases file, but not in the log 
facility. Why designers want to make life so hard is beyond me!

BTW the logging of the vendor-class-identifier does work for both Linux 
and Windows....

     Marc...

On 5/20/2010 7:12 PM, Glenn Satchell wrote:
> On 05/21/10 07:41, Marc Chamberlin wrote:
>> Thanks Glenn for your reply, I am glad to hear you like "interesting"
>> questions! Please bear with me, I am struggling to learn as I go 
>> along....
>>
>> I inserted the line -
>>
>> myvendor = option vendor-class-identifier;
>>
>> near the top of my dhcpd.conf file and then took a close look at the
>> dhcpd.leases file, but I am not seeing that it is producing anything
>> different, and I got to admit I am confused about something else... The
>> only info in the dhcpd.leases files seem to be just reports/info
>> regarding dynamic dhcp IP address assignments. I do not see anything in
>> the lease file that has any info regarding those systems to which I
>> specify a static IP address. Is this correct? If so is there any way to
>> query the dhcpd server and ask it what IP address and other info
>> regarding assignments it has made? Or can this info be found somewhere
>> else..
>
> Ok, this is an example of what I get in my leases file:
>
>   set vendor-string = "MSFT 5.0";
>
> As you have seen dhcpd.leases only stores information about dynamic 
> leases. Static assignments using fixed-address go through a different, 
> optimised code path because that IP address can only ever be assigned 
> to one client. Alternatively you could use the log() function to send 
> lines directly to your log file.
>
> In my experience the "MSFT" part of the vendor string is consistent 
> across Windows clients.
>
> This is a Windows XP client:
>
> lease 192.168.14.235 {
>   starts 3 2010/05/19 05:52:08;
>   ends 3 2010/05/19 09:52:08;
>   tstp 3 2010/05/19 09:52:08;
>   cltt 3 2010/05/19 05:52:08;
>   binding state free;
>   rewind binding state active;
>   hardware ethernet 00:0e:7b:fe:d2:a0;
>   uid "\001\000\016{\376\322\240";
>   set vendor-string = "MSFT 5.0";
> }
>
> This is a Windows 7 client, same value for vendor-string:
>
> lease 192.168.14.238 {
>   starts 5 2010/05/21 02:08:03;
>   ends 5 2010/05/21 06:08:03;
>   cltt 5 2010/05/21 02:08:03;
>   binding state active;
>   next binding state free;
>   rewind binding state free;
>   hardware ethernet 00:0a:e4:fc:ce:49;
>   uid "\001\000\012\344\374\316I";
>   set vendor-string = "MSFT 5.0";
>   client-hostname "hammer";
> }
>
>> There is, for some systems but not all, a field called "client-hostname"
>> that is reported for some of the leases for dynamic IP addresses that
>> are assigned, but I have seen those reported before I added this new
>> line to retrieve the vendor-class-identifier. If the "client-hostname"
>> is what is supposed to be reported for the vendor-class-identifier then
>> I am really confused!
>
> "client-hostname" is the hostname the client would like to use. It 
> sends that to the dhcp server to allow it do optionally do dns 
> updates. Windows typically sends this, for Linux you may need to add 
> 'send client-hostname;' to /etc/dhclient.conf (or some equivalent if 
> your Linux distro uses a dhcp client other than the ISC one).
>
>> I reconfigured the logging of the dhcpd server so as to send all its log
>> output to a separate file, which seems to be working fine, and is much
>> easier to use than sifting through the messages log file from the syslog
>> daemon. But I am not seeing anything really useful in the log messages
>> either regarding a vendor-class-identifier...
>
> This is a good idea.
>
>> I read about, (didn't fully comprehend) the deny duplicates directive
>> and added it to my dhcpd.conf file. But have not tested it yet so cannot
>> say whether it is working or not.. Tricky trying to do some of this
>> without disrupting our network and some of the servers...
>
> Is it possible for you to set up a test dhcp server on a private 
> subnet? You should be able to get by with a box to run the dhcp 
> server, and one dual boot client. This will allow you to try different 
> configurations without upsetting your production network. This is very 
> useful while you are experimenting with new settings.
>
> You might like to try assigning dynamic address while you test out 
> things like the vendor-class-identifier. The idea is to use to dynamic 
> pools of IP addresses. This way you can see which pool you matched 
> based on the IP address assigned to the client, and the strings like 
> myvendor will be written to dhcpd.leases. You can then see what the 
> different Linux clients return.
>
> A test configuration could look like this:
>
> authoritative;
> myvendor = option vendor-class-identifier;
>
> class "MSFT" {
>   match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
> }
>
> subnet 192.168.2.0 netmask 255.255.255.0 {
>   option routers 192.168.2.1;
>   pool {
>     allow members of "MSFT";
>     range 192.168.2.20 192.168.2.29;
>   }
>   pool {
>     deny members of "MSFT";
>     range 192.168.2.30 192.168.2.39;
>   }
> }
>
> regards,
> -glenn
>
>> Marc...
>>
>>
>>
>>
>> On 5/19/2010 6:02 PM, Glenn Satchell wrote:
>>> Hi Marc
>>>
>>> Check out option vendor-class-identifier. You can see the values
>>> returned by each client by adding something like this to dhcpd.conf,
>>> then having a look at the values in dhcpd.leases for the value of
>>> myvendor within each lease.
>>>
>>> myvendor = option vendor-class-identifier;
>>>
>>> You can use it to set membership of a class, or perhaps in a host
>>> statement or group statement.
>>>
>>> class "MSFT" {
>>> match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
>>> ...
>>> }
>>>
>>> host foo {
>>> hardware ethernet a:b:c:d:e:f;
>>> if substring(option vendor-class-identifier, 0, 4) = "MSFT" {
>>> fixed-address 192.168.2.10;
>>> } else {
>>> fixed-address 192.168.2.15;
>>> }
>>> }
>>>
>>> if substring(option vendor-class-identifier, 0, 4) = "MSFT" {
>>> host foo-win-eth {
>>> ...
>>> }
>>> host foo-win-wl {
>>> ...
>>> }
>>> } else {
>>> host foo-linux-eth {
>>> ...
>>> }
>>> host fpp-linux-wl {
>>> ...
>>> }
>>> }
>>>
>>> I haven't tested this out, but hopefully gives you some ideas to work
>>> with.
>>>
>>> To get around the problem of switching between wired and wireless and
>>> not releasing the old lease you can use the
>>>
>>> deny duplicates;
>>>
>>> statement, which is designed for this exact situation.
>>>
>>> Please let us know how you go, we love interesting questions like this!
>>>
>>> regards,
>>> -glenn
>>>
>>> On 05/20/10 07:49, Marc Chamberlin wrote:
>>>> I have a need to be able to assign fixed IP addresses to various
>>>> computers based on the operating system that is running, not based on
>>>> MAC addresses... The purpose of this is so that our backup server, 
>>>> which
>>>> automatically backs up files from each system, and can only work with
>>>> static IP addresses, has the ability to change it's behavior based on
>>>> which IP address/OS is used/running, when it connects to a particular
>>>> system. Our systems, are all dual boot, Linux and Windows (Vista or 
>>>> XP).
>>>> Laptops in particular are a problem because they can be connected
>>>> wirelessly or wired to our network, and it is unpredictable as to 
>>>> which
>>>> way they will be connected, or what operating system is in use, 
>>>> when the
>>>> backup occurs (usually late at night)....
>>>>
>>>> I am running a dhcp server on a Linux (SuSE11.2) system, - Internet
>>>> Systems Consortium DHCP Server V3.1.2p1
>>>>
>>>> So here is what I am after - For a given OS (Windows or Linux) running
>>>> on a client, I want the DHCP server to assign a particular IP 
>>>> address to
>>>> that client, regardless of which interface that client is using - 
>>>> wired
>>>> or wireless. But I want a different IP address assigned to that client
>>>> for each OS. For example, if the laptop is running Windows I want to
>>>> give the laptop the address of 192.168.2.15 regardless of whether 
>>>> it is
>>>> connected wirelessly or wired. If the laptop is running Linux I 
>>>> want to
>>>> give the laptop the address of 192.168.2.10, again regardless of 
>>>> how it
>>>> is connected to the network.
>>>>
>>>> I understand that I can configure the dhcpd.conf file so as to assign
>>>> the same IP address to a client, for each MAC address that it has, 
>>>> i.e.
>>>> as follows -
>>>>
>>>> host laptop_Vista_wireless {
>>>> hardware ethernet 00:1A:73:55:7D:0F;
>>>> fixed-address 192.168.2.15;
>>>> }
>>>>
>>>> host laptop_Vista_ethernet {
>>>> hardware ethernet 00:1B:24:3C:88:3E;
>>>> fixed-address 192.168.2.15;
>>>> }
>>>>
>>>> But that won't work for Linux since it will be using the same 
>>>> interfaces
>>>> with the same MAC addresses, and I need a different IP addressed 
>>>> assign
>>>> to that system when it is running Linux.
>>>>
>>>> With Linux I can set the dhcp client identifier, but I have never been
>>>> able to figure out how to do so in Windows XP or Vista. I have
>>>> discovered, by monitoring the dhcpd.leases file however, that there is
>>>> indeed a client identifier for each of the network interface cards 
>>>> when
>>>> running under Windows. Unfortunately it is not the same identifier for
>>>> both interfaces, nor is it human readable. But I can cut and paste 
>>>> it so
>>>> I have tried to configure the dhcpd.conf file as follows -
>>>>
>>>>
>>>> host laptop_Linux {
>>>> option dhcp-client-identifier "\000Linux-laptop";
>>>> fixed-address 192.168.2.10;
>>>> }
>>>>
>>>> host laptop_Vista_wireless {
>>>> option dhcp-client-identifier "\001\000\032sU}\017";
>>>> fixed-address 192.168.2.15;
>>>> }
>>>>
>>>> host laptop_Vista_ethernet {
>>>> option dhcp-client-identifier "\001\000\0266\302e\244";
>>>> fixed-address 192.168.2.15;
>>>> }
>>>>
>>>> And that gets me close but there is still a problem. If the user of 
>>>> the
>>>> laptop switches from using one of the interfaces to the other, the 
>>>> dhcp
>>>> server recognizes that there is still a lease on the IP address 
>>>> that it
>>>> assigned to the initial interface, used by the laptop, and it fails to
>>>> reassign that IP address to the new interface that the user 
>>>> switched to.
>>>> So some default IP address is assigned instead, which results in my
>>>> backup server failing to back up that system.
>>>>
>>>> I realize that there is an interesting question about what happens 
>>>> if a
>>>> user has both interfaces active when he/she connects to a network. 
>>>> I see
>>>> from log files that Linux will try and have the dhcp server assign 
>>>> an IP
>>>> address to each interface when it is activated/initialized. Since
>>>> Windows hides everything, I am not sure what it does or how it
>>>> prioritizes the usage of multiple interfaces. So I would appreciate 
>>>> some
>>>> insight here as well, if anyone really understands the behavior of 
>>>> these
>>>> operating systems.. But what I really want is that I have the 
>>>> ability to
>>>> assign a fixed IP address to whichever interface the OS will decide to
>>>> use.... And if I can assign the same IP address to each interface, 
>>>> then
>>>> it should not matter in the final analysis, since I would guess the OS
>>>> is only going to use one of the interfaces. (At least that is what it
>>>> appears Windows does, not so sure about Linux)
>>>>
>>>> I have tried to read the documentation and man pages, and fooled 
>>>> around
>>>> a bit with the conditional expressions but could never get that to 
>>>> work.
>>>> The documentation is pretty difficult and obtuse to understand so I 
>>>> give
>>>> up and decided to simply ask... So can some kind guru help me out and
>>>> show me how to configure dhcpd.conf so I can achieve what I am after?
>>>> Much appreciate it and many thanks in advance..
>>>>
>>>> Marc..
>>>>
>>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6464 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20100521/f9650612/attachment.bin>