How to not allocate any address to a specific host?

David Landgren david at landgren.net
Mon Mar 13 11:45:37 UTC 2006 

List,

I have a number of "retired" PCs (e.g. Windows 95/Windows 98) that 
people insist on putting back into service, which then translates into 
support calls because things don't work. Yes, the idea is to recover the 
PCs and dispose of them, but we carry out that operation only once or 
twice a year.

I can identify these hosts by their MAC address. What I would like to do 
is to either refuse to allocate them any address, or allocate them an 
address from a bogus address space, in order to disable the host. In 
other words, if I don't know anything in particular about a MAC address, 
I grant an allocation, but refuse an allocation to a specific MAC address.

The attempts I've made don't appear to generate DHCPNAKs and/or the host 
continues to use its last-known good address. Here's the config that 
seems to me to be the closest to what I want to achieve:

# dhcpd.conf -- configuration file for dhcpd server

authoritative;
ddns-update-style none;

log-facility local6;

class "obsolete-hosts" {
     match pick-first-value (option dhcp-client-identifier, hardware);
}

# i000003492
subclass "obsolete-hosts" 00:0a:e4:36:7b:4b;

shared-network example-net {

     subnet 172.17.0.0 netmask 255.255.224.0 {
         range               172.17.16.0 172.17.17.255;
         option ntp-servers  172.17.0.8;
         option time-servers 172.17.0.8;
         option routers      172.17.0.6;

         option domain-name          "example.com";
         option domain-name-servers  172.17.0.8, 172.17.0.18;
         option netbios-node-type    2;
         option netbios-name-servers 172.17.0.8;

         default-lease-time  86400; #  1 days
         max-lease-time     864000; # 10 days
     }

     subnet 10.2.0.0 netmask 255.255.255.252 {
         pool {
             allow members of "obsolete-hosts";
             deny unknown-clients;

             default-lease-time  15;
             max-lease-time      10;
             range 10.2.0.0 10.2.0.3;
         }
     }
}

======= end dhcpd.conf =======

So, what am I missing here? I've scoured the man page, the archives and 
the web. Surely someone else has needed to do this before, but my search 
terms seem to have come to naught, or rather the examples I've come 
across don't appear to work. (I even found one example config that 
causes dhcpd to segfault on startup!)

Thanks,
David
-- 
"It's overkill of course, but you can never have too much overkill."

More information about the dhcp-users mailing list