Declaring subclasses on a per-subnet basis

Hristov, Tihomir H. thristov at odu.edu
Thu Aug 9 02:36:48 UTC 2012 

  Dear all,

 I an a Network engineer for Old Dominion University, Norfolk, Virginia and my team is looking into a future PXE configuration. We are trying to define classes with special options and have them applicable only to some special "lab" subnets of the environment.

 Based on research done so far, we have seen that classes and subclasses are parsed on a global level and thus would apply to all clients, and just the special "lab" subnets.

 Still in a post from June 2012 (https://lists.isc.org/pipermail/dhcp-users/2012-June/015558.html) we see an interesting configuration. Using it as an example, the configuration we have in mind would match on a substring of vendor-class-identifier (value AAPLBSDPC in this case) and set the root-path option (an example). It would look like this: 

class "vendor-class" {
		match substring(option vendor-class-identifier,0,9);
}

subnet 10.10.0.0 netmask 255.255.0.0 {

  subclass "vendor-class" "AAPLBSDPC"  {
     option root-path "nfs:192.168.1.1:/nbi:NetInstall-Restore.dmg";
  }
  pool {
		option routers 10.10.1.1;
		option domain-name-servers 10.101.21;
		range 10.10.7.1 10.10.7.254;
		option domain-name-servers 10.101.21;
  }
}

 The main question here is:
  1. Would this configuration work as we would like and the class declaration would affect only clients in the 10.10.0.0 subnet?
  2. Or would the ISC DHCP parser end up treating the subclass as a global declaration and thus set option root-path to "nfs:192.168.1.1:/nbi:NetInstall-Restore.dmg" for all clients, regardless of their subnet?


In case this would end up a global configuration, we were thinking of declaring a class that matches on 2 conditions.

 1. vendor-class-identifier substring
 2. giaddress

 Since we use DHCP Relay Agents all over our network, we would be able to use the giaddress and match it to the special "lab" subnets. We have seen some references to 

   match if (option dhcp-giaddress-field= 10.10.10.1)

 and we were wondering if that would work. If not, what is the way to check the Relay Agent IP Address?


 Your help and guidance would be greatly appreciated.

 Sincerely,

 Tihomir Hristov
 Senior Network Engineer 
 Old Dominion University
 Office of Computing and Communications Services

More information about the dhcp-users mailing list