dhcp for 2 subinterface
Evans Lin ( 林佳保 )
EvansLin at taiwanmobile.com
Thu Oct 21 10:32:35 UTC 2010
Dear Sir,
We use cisco ubr10k for cable service, and it's config 2 sub interface ( bundle1.1 :10.10.20.1,bundle1.2 :10.106.0.1)
dhcpd version 4.2.0 & CentOS 5.3
we always saw the ip gw 10.10.20.1 bundle 1.1 broadcast and then dhcp server offer 10.10.20.x ...
how can I do for some mac to get bundle1.2 ip address in dhcp server
thanks very for your help
br,
evans
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-request at lists.isc.org
You can reach the person managing the list at
dhcp-users-owner at lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. dhcp reservation, apache and virtual hosts (tangonights at yahoo.it)
2. Re: Putting iPads in their own IP pool?
(Carsten Strotmann (Men & Mice))
3. ISC DHCP 4.0.3b1 is now available! (David W. Hankins)
----------------------------------------------------------------------
Message: 1
Date: Fri, 15 Oct 2010 16:38:23 +0200
From: tangonights at yahoo.it
Subject: dhcp reservation, apache and virtual hosts
To: dhcp-users at lists.isc.org
Message-ID: <201010151638.23181.tangonights at yahoo.it>
Content-Type: Text/Plain; charset="us-ascii"
hello everybody!,
My present configuration include a dhcp and 2 hosts. one of them is a server
apache running 2 virtual hosts and is now configured static.
gentoo linux:
192.168.1.250 -> pc-srv1.localarea.local -> dhcp + dns
dyn -> pc-dyna.localarea.local
192.168.1.252 -> pc-www1.localarea.local -> apache (www.vhost1.local,
www.vhost2.local)
- how can I configure dhcp, in order to switch the apache host to the dhcp pool
(even as fixed-address), considering the virtualhost zones? now my static dns
entries are configured with CNAMEs and different zones but it is not clear to me
how let dhcp manage them on behalf of the dns server.
- was it a viable solution, when possible, for a small LAN or was it better to
keep all the servers static?
thanks,
Stefano
here is my present dhcpd.conf:
server-identifier server;
ddns-updates on;
ddns-update-style interim;
ddns-domainname "localarea.local.";
ddns-rev-domainname "in-addr.arpa.";
ignore client-updates;
include "/etc/bind/rndc.key";
zone localarea.local. {
primary 127.0.0.1;
key rndc-key;
}
option domain-name "localarea.local.";
option domain-name-servers 192.168.1.250, 62.94.0.41,
62.94.0.42;
option ip-forwarding off;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.251 192.168.1.254;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
allow unknown-clients;
host pc-0252 {
hardware ethernet 8:00:27:54:fb:e3;
fixed-address 192.168.1.252;
}
zone localarea.local. {
primary 192.168.1.250;
key rndc-key;
}
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.250;
key rndc-key;
}
}
------------------------------
Message: 2
Date: Fri, 15 Oct 2010 13:58:43 +0200
From: "Carsten Strotmann (Men & Mice)"
<carsten.strotmann at menandmice.com>
Subject: Re: Putting iPads in their own IP pool?
To: dhcp-users at lists.isc.org
Message-ID: <4CB841F3.4060501 at menandmice.com>
Content-Type: text/plain; charset=ISO-8859-1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello David,
On 10/15/10 2:09 AM, David W. Hankins wrote:
> subclass "ParamIdent" 1:3:3:5:6:b:c:d:f:10:11:12:2b:36:3c:43:80:81:82:83:84:85:8"Apple"; }
this is interesting stuff. Unfortunatly one line was broken in your
E-Mail, can you re-send that line?
- -- Carsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAky4QfMACgkQElgUYvSqn/ResQCfVMKMYBXkvDaiPOhHp82AgoLK
ChYAoKEJEDZBTOedgx1uYKgKZqTX1csx
=xLtE
-----END PGP SIGNATURE-----
------------------------------
Message: 3
Date: Fri, 15 Oct 2010 14:07:33 -0700
From: "David W. Hankins" <dhankins at isc.org>
Subject: ISC DHCP 4.0.3b1 is now available!
To: df-announce at isc.org, dhcp-announce at isc.org,
dhcp-workers at lists.isc.org, dhcp-users at lists.isc.org
Message-ID: <20101015210732.GE6314 at isc.org>
Content-Type: text/plain; charset="us-ascii"
ISC DHCP 4.0.3b1 is now available for download.
This is the FIRST BETA of ISC DHCP 4.0.3, a maintenance release which
contains a number of bug fixes.
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:
http://www.isc.org/software/dhcp/403b1
This release, and its OpenPGP-signatures are available now from:
ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.3b1.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.3b1.tar.gz.sha512.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.3b1.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.0.3b1.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
http://www.isc.org/about/openpgp/
Changes since 4.0.2
- Cleaned up some compiler warnings
- Prohibit including lease time information in a response to a DHCP INFORM
Bug ticket 21092.
! Accept a client id of length 0 while hashing. Previously the server would
exit if it attempted to hash a zero length client id, providing attackers
with a simple denial of service attack. [ISC-Bugs #21253]
CERT: VU#541921 - CVE: CVE-2010-2156
- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
previously allocated (active) lease to a client that has changed subnets,
despite being on different shared networks. Dynamic prefixes specifically
allocated in shared networks also now are not offered if the client has
moved. [ISC-Bugs #21152]
- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472]
- Documentation cleanup covering multiple tickets
[ISC-Bugs #20265] [ISC-Bugs #20259] [ISC-Bugs #19536] minor cleanup
[ISC-Bugs #20263] add text describing some default values
[ISC-Bugs #20193] single quotes at the start of a line indicate a control
line to nroff, escape them if we actually want a quote.
[ISC-Bugs #18916] sync the pointer to web pages amongst the different docs
[ISC-Bugs #20245] clarify editing the failover state in a lease file to put
a server into the PARTNER-DOWN state.
- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
was also configured. The nature of this repair also fixes another
error; the host-name supplied by a client is no longer overridden by a
reverse lookup of the lease address. Thanks to a patch from Wilco Baan
Hofman supplied to us by the Debian package maintenance team.
[ISC-Bugs #21691] {Debian Bug#509445}
- The .TH tag for the dhcp-options manpage was typo repaired
thanks to a report from jidanni and the Debian package maintenance
team. [ISC-Bugs #21676] {Debian Bug#563613}
- More documentation changes - primarily to put the options in the dhclient
and dhcpd man pages into the standard form. Thanks in part to a patch
from David Cantrell at Red Hat.
[ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes
- Minor compilation errors - type mismatches, extra semi-colons after macros
[ISC-Bugs #20884] [ISC-Bugs #20953] [ISC-Bugs #20955]
- Add code to clear the pointer to an object in an OMAPI handle when the
object is freed due to a dereference. [ISC-Bugs #21306]
- Fixed a bug that leaks host record references onto lease structures,
causing the server to apply configuration intended for one host to any
other innocent clients that come along later. [ISC-Bugs #22018]
- Minor code fixes
[ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
the name to be at the apex of the zone.
[ISC-Bugs #19617] Restrict length of interface name read from command line
in dhcpd - based on a patch from David Cantrell at Red Hat.
[ISC-Bugs #20039] Correct some error messages in dhcpd.c
[ISC-Bugs #20070] Better range check on values when creating a DHCID.
[ISC-Bugs #20198] Avoid writing past the end of the field when adding
overly long file or server names to a packet and add a log message
if the configuration supplied overly long names for these fields.
Thanks to Martin Pala.
[ISC-Bugs #21497] Add a little more randomness to rng seed in client
thanks to a patch from Jeremiah Jinno.
- Correct error handling in DLPI [ISC-Bugs #20378]
- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
checked in configure. [ISC-Bugs #20443]
- Modify how the cmsg header is allocated the v6 send and received routines
to compile on more compilers. [ISC-Bugs #20524]
- When parsing a domain name free the memory for the name after we are
done with it. [ISC-Bugs #20824]
- Add an elapsed time option to the release message and refactor the
code to move most of the common code to a single routine.
[ISC-Bugs #21171].
- Parse date strings more properly - the code now handles semi-colons in
date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat.
[ISC-Bugs #21501, #20598]
- Fixes to lease input and output.
[ISC-Bugs #20418] - Some systems don't support the "%s" argument to
strftime, paste together the same string using mktime instead.
[ISC-Bugs #19596] - When parsing iaid values accept printable
characters.
[ISC-Bugs #21585] - Always print time values in omshell as hex
instead of ascii if the values happen to be printable characters.
- Minor changes for scripts, configure.ac and Makefiles
[ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
example conf file. Thanks to a patch from David Cantrell
at Red Hat.
[ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
[ISC-Bugs #19945] Properly close the quote on some arguments.
[ISC-Bugs #20952] Add 64 bit types to configure.ac
[ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable
! Handle pipe failures more gracefully. Some OSes pass a SIGPIPE
signal to a process and will kill the process if the signal isn't
caught. This patch adds code to turn off the SIGPIPE signal via
a setsockopt() call and to ignore the SIGPIPE signal in case the
OS doesn't support the necessary setsockopt() option. This problem
was found during internal testing when the two servers in a failover
pair were repeatedly unable to communicate for longer than the
max-response-delay value. Eventually one of the pair attempted a
write() call at just the same time as the other server killed the
connection and caused an uncaught SIGPIPE signal which caused the
OS to kill the server.
This is a minor security issue. It is a security issue as it can
cause a server to stop. It is minor as the attacker would need to
be able to interrupt traffic between the partners in a failover
pair for max-response-delay seconds at will - in which case the
defender has bigger problems than the DHCP server being killed.
Using the NIST CVSS security vulnerability rating system this
issue scored 1.2, meaning it is not a major risk for users.
[ISC-Bugs #22269]
--
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20101015/70da08f8/attachment-0001.bin>
------------------------------
_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
End of dhcp-users Digest, Vol 24, Issue 22
******************************************
未在傳入訊息中找到病毒。
已透過 AVG 檢查 - www.avg.com
版本: 8.5.448 / 病毒庫: 271.1.1/3189 - 發佈日期: 10/15/10 18:34:00
DISCLAIMER:
Sample Disclaimer added in a VBScript.
More information about the dhcp-users
mailing list