Multiple subnets with classes - 'option routers' issue

Glenn Satchell Glenn.Satchell at uniq.com.au
Sun Jun 8 13:02:23 UTC 2008 

Hi Ivan

Your classes are defined within the 172.16.0.0 subnet definition, so the class 
membership inherits from the subnet and thus gets that default router.

The simplest solution is to move the class definitions into the global scope 
andonly have options router and the pool definitions within the subnet.

Within pools mixing allow and deny is not recommendeded due to the way these are 
parsed. Including an allow implicitly denies everything else, likewise, denying 
a class implicitly allows everything else.

It all worked fine before as there was only one subnet definition.

So you want something like:

<some 'global' options common for all types of cable modems>
<i.e. time server, time offset, log server, etc>
class "SB5100" {
..
}
class "EPX2203"
..
}
subnet 172.16.0.0 netmask 255.255.248.0 {
	option routers 172.16.0.1;
	pool {
		allow members of "SB5100";
		allow members of "EPX2203";
		range 172.16.0.50 172.16.7.254;
	}
	pool {
		allow members of "SB5100-UPG";
		range 172.16.0.10 172.16.0.49;
	}
}
subnet 172.17.0.0 netmask 255.255.248.0 {
	option routers 172.17.0.1;
	pool {
		allow members of "SB5100";
		allow members of "EPX2203";
		range 172.17.0.50 172.17.7.254;
	}
	pool {
		allow members of "SB5100-UPG";
		range 172.17.0.10 172.17.0.49;

	}
}

regards,
-glenn
--
Glenn Satchell     mailto:glenn.satchell at uniq.com.au | It's a dog  eat dog
Uniq Advances Pty Ltd         http://www.uniq.com.au | world, and by golly,
PO Box 70 Paddington NSW Australia 2021              | we better make sure
tel:0409-458-580  tel:02-9380-6360  fax:02-9380-6416 | we're the dog.

>Subject: Multiple subnets with classes - 'option routers' issue
>From: Gundares <vanchik at yandex.ru>
>To: dhcp-users <dhcp-users at isc.org>
>Date: Sat, 07 Jun 2008 20:15:48 +0400
>
>Dear dhcp-users,
>
>first, the essence - the isc-dhcpd provides the default router
>configured in the first subnet declaration for clients from other
>subnets.
>
>Here are the details.
>
>I'm using isc-dhcpd 3.0.5 under FreeBSD-6.3.
>
>There are two CMTSes at the customer site with three (total) cable
>interfaces, two IP-subnets on each interface (one for modems, another
>for PCs). So, CMTSes are acting as dhcp-relays (they are routers).
>
>Cable modems are getting IP and its config-files depending on classes
>Classes are declared like this:
>
>subnet 172.16.0.0 netmask 255.255.248.0 {
>
>.. <some 'global' options common for all types of cable modems>
>.. <i.e. time server, time offset, log server, etc>
>option routers 172.16.0.1;
>..
>..
>
>
>class "SB5100" {
>match if (MOTO.modnum = "SB5100"); # this is suboption 9 of option 43
>filename "sb5100.bin"
>}
>class "EPX2203"
>match if (MOTO.modnum = "EPX2203";
>filename "epx2203.bin";
>}
>pool {
>allow members of "SB5100";
>allow members of "EPX2203";
>deny  members of "SB5100-UPG";
>range 172.16.0.50 172.16.7.254;
>}
>pool {
>deny  members of "SB5100";
>deny  members of "EPX2203";
>allow members of "SB5100-UPG";
>range 172.16.0.10 172.16.0.49;
>}
>}
>
>This dhcpd-config was working fine for many years (for only one CMTS),
>but two days ago client bought the second one. So, I've added new
>subnets with the same class-definitions (now dhcpd logs error: 'too many
>classes match MODEM_MAC_ADDR'). After that, the cable modem connected
>with the second CMTS (subnet 172.17.0.0/18), gets all the options
>properly, except the default router option - 172.16.0.1 (this is the
>first CMTS' cable interface primary IP-address).
>
>tcpdump`ed OFFER packet looks like this:
>
>2008-06-07 18:23:09.001689
>IP (tos 0x0, ttl  64, id 53242, offset 0, flags [none], 
>proto: UDP (17), length: 336, bad cksum 0 (->fb94)!) 
><MY_SERVER'S_IP>.67 > 172.17.0.1.67: 
>[bad udp cksum 648!] BOOTP/DHCP, Reply, 
>length: 308, hops:1, xid:0x167cd60d, flags: [Broadcast] (0x8000)
>          Your IP: 172.17.31.254
>          Server IP: <MY_SERVER'S_IP>
>>>>>>>    Gateway IP: 172.17.0.1
>          Client Ethernet Address: 00:1a:ad:71:1a:b4
>          file "sb5100.bin"
>          Vendor-rfc1048:
>            DHCP:OFFER
>            SID:<MY_SERVER'S_IP>
>            LT:86400
>            SM:255.255.192.0
>            TZ:14400
>
>>>>>>>      DG:172.16.0.1
>
>            TS:<MY_SERVER'S_IP>
>            LOG:<MY_SERVER'S_IP>
>            NS:<MY_SERVER'S_IP>
>            ACKT:1.4.128.1.0.3.2.6.0.26.173.113.26.180
>
>So, how can I set the _proper_ default gateway address for clients?
>
>-- 
>Regards,
>Ivan V. Borodin <ivan at vimcom.ru>
>Computer Systems Engineer
>JSC "Vimcom Optic TS"
>p. +7(495)-737-37-57
>f. +7(495)-737-37-55
>
>

More information about the dhcp-users mailing list