Assigning host entries to diffrent subnets
Simon Hobson
dhcp1 at thehobsons.co.uk
Mon Oct 1 17:46:41 UTC 2007
Erik Bloodaxe wrote:
>>That's correct, you haven't told the server that these clients
>>CAN'T have an address from that pool. If it's an either/or
>>situation then you just need to add 'deny members of
>>"pxe-clients";' to the first pool. With more classes & pools then
>>it starts getting a bit more interesting !
>>
>Right thanks, but I will want to do this. I will have a number of
>set of mac addresses each set will need to be assigned to a subnet
>and then I will want to put all unknown macs into a special
>restricted access subnet.
>
>How do i go about this with out having to list all the classes in
>deny members of ... statements in all pools other than the one
>destined for them.
If you use an accept or deny statement, then anything you don't
explicitly accept or deny is denied or accepted. But don't mix accept
and deny as it doesn't work as you might expect !
Eg ...
pool {
...
allow members of "a" ;
}
pool {
...
allow members of "b" ;
}
pool {
...
allow members of "c" ;
}
pool {
...
deny members of "a" ;
deny members of "b" ;
deny members of "c" ;
}
The first pool is available only to members of class "a", everything
else is denied. The last pool is only available to clients that
aren't members of "a", "b", or "c" - ie everything else.
More information about the dhcp-users
mailing list