Diferent dhcp relay

André netriver at gmail.com
Wed Oct 12 00:03:38 UTC 2011 

I'm using gmail to reply to the list and I'm getting messages digest
so it get's dificult to
reply in a good method, I'll just remove the extra text sorry about this.

I tryed doing
class "c3" {
match if binary-to-ascii(10, 16, "", substring( option
agent.circuit-id,2 ,2)) = "99" and
     (
     binary-to-ascii(10, 16, "", substring( option agent.circuit-id,2
,2)) != "65" and
     binary-to-ascii(10, 16, "", substring( option agent.circuit-id,2
,2)) != "1"
     );
 log (info,
     concat (
     # "HOSTNAME: ", host-decl-name, " on ",binary-to-ascii (10, 8,
".", leased-address)," at ",
     binary-to-ascii(10, 16, "", substring( option agent.circuit-id,2
,2)), " + ",
     binary-to-ascii (16, 8, ":", substring (hardware, 1, 6))
     )
    );
}

My cable modem and cpe hit this class "c3"
my cable modem belongs also to "online" class and hist a "known
client" in the logs
I can confirm that cpe hits this.

In the pools I have deny members of "c3"
and in the pool for x.x.48.x I have
allow members of "c3";
allow members of "online";
deny members of "CM";

My cpe is getting a "unknown client" in the logs no longer get's a different IP
I'm not sure if I understoud what you explained bellow since I don't
fill that my
interpreation above is "correct". If agent circuit-id is 99 then it
can't be anything else
so it should match.

Should I be using spawn with option agent.remote-id ?
(didn't work)
Doing this will not associate class c3 and class online ?
Even if it does inside the pool of x.x.48.x I am allowing
both.

Best regards,
FR


André wrote:

>*And in the pool of the subnets I specified before allow members of "online";*>*deny members of "c3";*
That might be part of your problem, mixing allow
and deny generally doesn't work as you might
expect and general advice is just not to do it.

'allow members of "a"' will implicitly deny any
client not a member of a. If you want to allow
members of one class who aren't also members of
another, then you are better off creating a new
class. Eg :

class "a"
   match if "condition a"

class "b:
   match if "condition b"

pool
   allow members of "a"
   deny members of "b"

probably won't do what you want. You could rewrite that as :

class c
   match if "condition a and not condition b"

pool
   allow members of "c"

-- 
Simon Hobson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20111012/7973e414/attachment.html>

More information about the dhcp-users mailing list