Vendor-specific information class integration
Alex Moen
alexm at ndtel.com
Tue Sep 13 18:41:40 UTC 2016
Hi all,
I work for an ISP/telco. We are using DHCP to assign addresses to ONTs
at our customer locations. We are using class identifiers to deploy the
same address to the location, regardless of the MAC address of the ONT
installed. We are doing this using a class statement, based on the
agent.circuit-id. This results in a very large configuration (a pool of
one address is assigned to each class of one endpoint port), but works
flawlessly. Here's an example:
---------------------------------------------------------------
subnet 10.57.100.0 netmask 255.255.252.0 {
option routers 10.57.103.254;
option subnet-mask 255.255.252.0;
vendor-option-space CALIX-ONT-SERVER;
option CALIX-ONT-SERVER.cms-address 66.163.129.244;
option CALIX-ONT-SERVER.second-tftp-address 66.163.129.244;
option CALIX-ONT-SERVER.force-firmware on;
option CALIX-ONT-SERVER.syslog-address 66.163.129.244;
option CALIX-ONT-SERVER.validateMIC off;
server-name "66.163.129.244";
default-lease-time 259200;
max-lease-time 259200;
class "10.57.100.50/Ethernet1:Vlan2" {
match if option agent.circuit-id = "10.57.100.50/Ethernet1:Vlan2";
}
pool {
allow members of "10.57.100.50/Ethernet1:Vlan2";
filename "occam/DVLKND/DVLKND-2VOICE-1INET-3VIDEO.cfg";
range 10.57.100.1;
deny dynamic bootp clients;
}
class "10.57.100.50/Ethernet2:Vlan2" {
match if option agent.circuit-id = "10.57.100.50/Ethernet2:Vlan2";
}
pool {
allow members of "10.57.100.50/Ethernet2:Vlan2";
filename "calix/ge-2voice-1int-3video.cfg";
range 10.57.100.2;
deny dynamic bootp clients;
}
---------------------------------------------------------------
Obviously, the pool is not part of the class statement, even though the
indentations are indicating that they are. This is for readability for
us, to show each pool that is associated with the particular class. We
occasionally need to change the "filename" line, as shown above.
The vendor-specific information ("CALIX-ONT-SERVER") is defined in the
dhcpd.conf file:
---------------------------------------------------------------
option space CALIX-ONT-SERVER;
option CALIX-ONT-SERVER.cms-address code 1 = ip-address;
option CALIX-ONT-SERVER.second-tftp-address code 2 = ip-address;
option CALIX-ONT-SERVER.validateMIC code 3 = boolean;
option CALIX-ONT-SERVER.syslog-address code 4 = ip-address;
option CALIX-ONT-SERVER.firmware1 code 101 = text;
option CALIX-ONT-SERVER.firmware2 code 102 = text;
option CALIX-ONT-SERVER.firmware3 code 103 = text;
option CALIX-ONT-SERVER.firmware4 code 104 = text;
option CALIX-ONT-SERVER.firmware5 code 105 = text;
option CALIX-ONT-SERVER.force-firmware code 200 = boolean;
option CALIX-ONT-SERVER.cms-address 66.163.129.244;
option CALIX-ONT-SERVER.second-tftp-address 66.163.129.244;
option CALIX-ONT-SERVER.force-firmware on;
option CALIX-ONT-SERVER.syslog-address 66.163.129.244;
---------------------------------------------------------------
This config has been working great for many years.
Now, however, the wheels of change have rolled on, and we have a "new
and improved" ONT to start using. The problem is that the
vendor-specific information needs to be changed, but we continue to use
the "old and crappy" OG ONT as well. So we need both option 43
versions, deployed depending on the type of ONT being put in place.
Originally, we planned on using a different VLAN to do this:
dhcpd.conf:
---------------------------------------------------------------
option space CALIXGC;
option CALIXGC.acs-url code 1 = text;
option CALIXGC.acs-url-supp code 5 = text;
---------------------------------------------------------------
---------------------------------------------------------------
subnet 10.157.100.0 netmask 255.255.252.0 {
option routers 10.157.103.254;
option subnet-mask 255.255.252.0;
server-name "66.163.129.244";
default-lease-time 259200;
max-lease-time 259200;
vendor-option-space CALIXGG;
option CALIXGC.acs-url
"http://gcs.calix.com:8080/125053/8w9ZZJF9q4";
class "10.57.100.50/Ethernet1:Vlan12" {
match if option agent.circuit-id = "10.57.100.50/Ethernet1:Vlan12";
}
pool {
allow members of "10.57.100.50/Ethernet1:Vlan12";
range 10.157.100.1;
deny dynamic bootp clients;
}
class "10.57.100.50/Ethernet2:Vlan12" {
match if option agent.circuit-id = "10.57.100.50/Ethernet2:Vlan12";
}
pool {
allow members of "10.57.100.50/Ethernet2:Vlan12";
range 10.157.100.2;
deny dynamic bootp clients;
}
---------------------------------------------------------------
Configuration change requirements on almost 400 endpoint blades
(resulting in different procedures used by provisioners) and 30+ routers
have resulted in a question being asked: can DHCP become "intelligent"
and change the option 43 (vendor-specific information) depending on the
ONT doing the request?
I know how to build the different classes to make the distinction
between the two types of ONTs:
---------------------------------------------------------------
class "calix-ont" {
match if(option vendor-class-identifier = "CALIX ONT");
vendor-option-space CALIX-ONT-SERVER;
option CALIX-ONT-SERVER.cms-address 66.163.129.244;
option CALIX-ONT-SERVER.second-tftp-address 66.163.129.244;
option CALIX-ONT-SERVER.force-firmware on;
option CALIX-ONT-SERVER.syslog-address 66.163.129.244;
option CALIX-ONT-SERVER.validateMIC off;
}
class "calix-844ge" {
match if(substring(option vendor-class-identifier,0,5 = "844GE"));
vendor-option-space CALIXGG;
option CALIXGC.acs-url
"http://gcs.calix.com:8080/125053/8w9ZZJF9q4";
}
---------------------------------------------------------------
My question is how to integrate that class decision-making process into
my existing original pools/subnets and eliminate the requirement for the
second subnet?
TIA,
Alex
More information about the dhcp-users
mailing list