dhcp config for 200 users via single file

Glenn Satchell Glenn.Satchell at uniq.com.au
Sun Jan 13 13:33:54 UTC 2008 

>From: "AA Inter.Network Services / SYED JAHANZAiB" <aacable at hotmail.com>
>To: <dhcp-users at isc.org>
>Subject: RE: dhcp config for 200 users via single file
>Date: Sun, 13 Jan 2008 07:29:59 +0000
>
>Dear nick,
> 
>First many thanks for the reply, I really appreciate it. Sorry being asking 
dumb questions, I am totally new to linux networking world.
> 
>Now let me explain my setup to you in detail.
> 
>I am running internet cable.net setup in my town, provinding internet access to 
users via cat5e cable using normal switches. I am running my server using 
WIN2003 and ISA SERVER 2004 connected wid 4mb link. I am also running windows 
base DHCP server assiging users dynamic ips with default gateway and dns 
pointing to ISA SERVER. I am filtering users by there mac addressess using LINUX 
BRIDGE between SERVER and USERS , e.g   
> 
>LAN USERS  --->   BRIDGE wid allowed macs only  ----> SERVER
>now I want to setup DHCP Server on LINUX Bridge, so only allowed mac address 
users should get the ip from the DHCP server, but every time he should get the 
fix ip address that I enter. its simple if there are few users only, But I have 
more then 200 users, so its difficult for me to enter 200+ entries manuallly in 
DHCP, even if if use WEBMIN bcoz i have to modify the mac addressess on daily 
basis. I want that there should be a single text file I have to edit like, e.g
>/etc/macip.allowed
> 
>00-08-74-4D-74-DE   10.0.0.10    # john flat 303 sunview appartment
>00-53-45-00-00-00   10.0.0.11    # david a43 aone banglows
> 
>and now the dhcp should read from the text file, and make automatic entries in 
dhcpd.conf file.
>I also want that these entries should be firewalled by by iptables MAC TO IP 
MATCHING security. I have the script that can read from the file like above to 
match mac to ip binding and deny any user whoes mac and ip is not the same as 
enter in the macip.allowed file.
> 
>So plz help me howto setup DHCP to read from the file to issue specific ip for 
specific mac.
> 
> 
>Regards, 
>
>SYED JAHANZAIB
> 

Your dhcpd.conf will need a subnet definition, some global defaults
such as default dns servers, and a bunch of host statements for each
mac address you wish to allow. something like this:

authoritative;
option domain-name "example.com";
option domain-name-servers ns.example.com;
default-lease-time 3600;
max-lease-time 86400;
ping-check true;
ddns-update-style none;
#
subnet 192.168.1.0 netmask 255.255.255.0 {
  option routers gateway.example.com;
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.1.255;
  pool {
    deny unknown-clients;
  }
}

host john {
  hardware ethernet 00:1a:4e:ac:ce:44;
  fixed-address 192.168.1.5;
}
# can also put them on one line
host fred { hardware ethernet 00:11:22:33:44:55; fixed-address 192.168.1.6; }

repeat the host statements, the label in the host line can be any unique 
identifier.

You must stop and start dhcpd when you change the file. If you can
write scripts in perl, shell, python, etc, then you could create a
script to take the text file you propose and generate the dhcpd.conf
from it, but it seems it would be easy to just edit the main file when
you add or lose a customer.

regards,
-glenn

More information about the dhcp-users mailing list