Help with class match understanding.
Tom Greaser
tgreaser at hsc.wvu.edu
Thu Dec 13 19:57:54 UTC 2007
>>> Simon Hobson <dhcp1 at thehobsons.co.uk> 12/13/07 2:09 PM >>>
> Again, can't really comment as we can't read the config file. However
> (and this came up earlier this week), class statements are global in
> scope.
you caught me being lazy..I should have dont that in the first place since I knew i didnt have
something right / dont understand classes as well as i thought i did.. Ive even tried putting
the boot unknown false in group 1.. still shows phones getting IP.
server-identifier server;
option domain-name "domain";
default-lease-time 43200; # 12 hours
max-lease-time 43220; # 12 hours 2min
boot-unknown-clients false;
use-host-decl-names true;
option ieee802-3-encapsulation false;
option router-discovery false;
ddns-update-style interim;
ddns-updates on;
ddns-ttl 600;
log-facility local1;
option option-150 code 150 = array of ip-address;
option ip-forwarding false;
ddns-domainname "domain";
# ddns-rev-domainname "in-addr.arpa";
ignore client-updates;
update-optimization false;
set vendor-id = option vendor-class-identifier;
group {
## inside data
option domain-name-servers ;
option netbios-name-servers ;
authoritative;
option ntp-servers ;
option log-servers ;
option nds-tree-name ;
option nds-servers ;
option slp-directory-agent true ;
subnet 10.3.20.0 netmask 255.255.255.0 {
option routers 10.3.20.1;
range 10.3.20.4 10.3.20.254;
}
if exists agent.circuit-id
{
log ( info, concat( "Lease for ", binary-to-ascii (10, 8, ".", leased-address), " connected to interface ",
binary-to-ascii (10, 8, "/", suffix ( option agent.circuit-id, 2)), " (3750s subtract 2or4!), VLAN ",
binary-to-ascii (10, 16, "", substring( option agent.circuit-id, 2, 2)), " Hardware ",
binary-to-ascii(16, 8, ":", hardware)));
}
} # end inside group
group {
## phones
option domain-name-servers ;
authoritative;
option ntp-servers ;
option log-servers ;
option option-150 ;
option tftp-server-name "";
boot-unknown-clients true;
option dhcp-renewal-time 86400; ## 1day
default-lease-time 2592000; ##1 month
max-lease-time 2592000; #1 month
ddns-updates off;
### even though boot unkown is ture the allowed statement
## in the subnet pool will only allow devices that match vendor id to get an ip
class "voip-phones" {
match if substring (option vendor-class-identifier, 0, 28) = "Cisco Systems, Inc. IP Phone"
or
substring (option vendor-class-identifier, 0, 10) = "ATA188-H17";
} ## ends class
subnet 10.183.50.0 netmask 255.255.255.0 {
pool {
option routers 10.183.50.1;
range 10.183.50.4 10.183.50.254;
allow members of "voip-phones"; ## explicity denies non voip
} #ends pool
}
} #ends phone group
group {
### servers group
option domain-name-servers ;
option netbios-name-servers ;
authoritative;
default-lease-time 1209600; # 2 weeks
max-lease-time 1209620; # 2weeks 2min
option ntp-servers ;
option log-servers ;
### hsc-at vlan 29 ###
subnet 10.4.0.0 netmask 255.255.255.0 {
option routers 10.4.0.1;
# range 10.4.0.10 10.4.0.254;
}
} ## ends server group
### group outside
group {
server-identifier ;
option domain-name-servers ;
option netbios-name-servers ;
authoritative;
option log-servers public.200;
next-server ;
filename "pxelinux.0";
### (outside firewall) ###
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.10.1;
option domain-name-servers public.70,public.71;
}
} # end outside group
More information about the dhcp-users
mailing list