group and agent.circuit-id

Nick Urbanik nick.urbanik at optusnet.com.au
Thu Dec 8 11:09:17 UTC 2016 

Dear Niall,

On 04/12/16 16:06 +0000, Niall O'Reilly wrote:
>On 4 Dec 2016, at 5:01, Nick Urbanik wrote:
>
>>   Currently, we have more than 2000 classes of the
>> form:
>> class "a-circuit-id" {
>>        match if option agent.circuit-id = "a-circuit-id";
>>        set logged-class = "static";
>> }
>
>   From what I've read in the Handbook and man-pages, this configuration
>   will give you a mean of more than 1000 trips around the loop that
>   compares the value provided by the client with each in turn of your
>   configured values.
>
>> ...
>> that are then used to allocate static IPs like this, inside subnet 
>> declarations:
>> pool { failover peer "partner"; allow members of "a-circuit-id"; range 
>> 11.12.13.14; }
>> ...
>
>   I'm not sure that failover gains you anything for a singleton range,
>   as there isn't any arbitrary state to be communicated to the partner.
>
>   Without failover, you can gain resilience by having identical 
>configurations
>   on more than two servers; failover limits you to two (per pool).
>
>> I have some questions:
>> 1. Would this existing scheme clash with that you proposed?
>
>   I can't say for sure, as I've never used or even tested such a 
>combination
>   of schemes.  I don't know why they would cause each other problems 
>unless
>   you (mis-) configured the same value in a 'match if ...' statement as 
>in
>   a 'subclass' declaration.
>
>> 2. Could things work better if I changed the static allocation scheme
>>   to use subclasses?
>
>   The matching would be faster, as subclasses are implemented using a 
>hash
>   table rather than a comparison loop.
>
>> I'm not really sure how, since currently, each
>>   static assignment corresponds to a separate class, whereas
>>   subclasses provide a way to add multiple members to one class.
>
>   It's subtler than that: each subclass is a class of its own as well,
>   although without a distinct name to be referenced by.
>
>   This doesn't necessarily mean that the 'subclass' approach can meet 
>your
>   needs.  It's not clear from either the Handbook or the man-page 
>whether
>   a 'fixed-address' declaration is allowed or forbidden in a 'subclass'
>   declaration. If it's allowed, then I think there's a solution which 
>gives
>   the performance advantage of subclass hashing and avoids the 
>complexity
>   of failover, like this:
>
>     class "dns-by-circuit-id" {
>       match option agent.circuit-id;
>       option domain-name-servers 1.2.3.4, 5.6.7.8;
>     }
>
>     # per-circuit-id subclasses, each with its own IP address
>     subclass "dns-by-circuit-id" "whatever" { fixed-address 
>11.12.13.14; }
>
>   If 'fixed-address' isn't allowed here, then I think you have to
>   continue with multiple classes.  I expect you can drop failover 
>except
>   for customers (if any) for whom you assign a non-singleton pool.
>
>   I hope this helps.

Certainly, your suggestions are most informative and helpful.  I have
a plan of action now.
-- 
Nick Urbanik http://nicku.org 808-71011 nick.urbanik at optusnet.com.au
GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24  ID: BB9D2C24
I disclaim, therefore I am.

More information about the dhcp-users mailing list