Dual DNS server farms in dhcpd.conf

Glenn Satchell Glenn.Satchell at uniq.com.au
Tue Apr 28 23:51:11 UTC 2009 

Hi John

>Class "MSFT" {
>  match is substring (option-vendor-class-identifier, 0, 4) = "MSFT";

That should be

  option vendor-class-identifier

note that it is two words "option" and "vendor-class-identifier".

With the extra "-" in there the parser sees this as a new variable with null 
value which will never match "MSFT".

If you use a packet capture program you can see the contents of the
various dhcp options, eg wireshark, snoop, tcpdump, etc.

The options (there are lots of them) are defined in the dhcp-options man page.

regards,
-glenn

>Date: Tue, 28 Apr 2009 13:51:33 -0700
>From: "John Tabasz (jtabasz)" <jtabasz at cisco.com>
>
>Hi All,
>
>Thanks to all who have chimed in on this for me. I just tried it in the
>lab and my W2K SP4 PC failed to get the dns server addresses included in
>the class "MSFT"; declaration. It still gets the dns server IP addresses
>and domain name that are in the subnet declaration.
>
>I added this:
>
>Class "MSFT" {
>  match is substring (option-vendor-class-identifier, 0, 4) = "MSFT";
>  option domain-name "testdomain.mydomain.com";
>  option domain-name-servers 128.104.107.239,  192.168.230.199;
>}
>
>Then the subnet declaration looks like this:
>
>Subnet 25.25.25.0 netmask 255.255.255.0 {
>  option routers 25.25.25.1;
>  option subnet-mask 255.255.255.0;
>  option domain-name-servers 10.10.3.25, 10.10.4.25;
>  option domain-name "mydomain.com";
>  deny-unknown-clients;
>}
>
>Then the host declaration looks like this:
>
>  host testhostPC01 {
>    hardware ethernet   	0:07:e9:e0:52:a0;
>    fixed-address			25.25.25.96;  
>    option hostname 		"testhostPC01";
>}
>
>I restarted the dhcpd process between each set of changes to the
>dhcpd.conf file and got no syntax errors. 
>
>Anything here look wrong or right?
>
>Thanks,
>
>John
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Randall C
>Grimshaw
>Sent: Tuesday, April 28, 2009 12:12 PM
>To: 'Users of ISC DHCP'
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>You are correct, but I think Vista has a habit of using info in some
>cases.
>
>Randy
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of John Tabasz
>(jtabasz)
>Sent: Tuesday, April 28, 2009 2:05 PM
>To: Users of ISC DHCP; Glenn Satchell
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>
> 
>Randy,
>
>Thanks for the response.
>
>In which cases will dhcpd provide the global, and I'm assuming by global
>we are talking about the non PC specific dns entries, dns addresses? 
>What I'm assuming that you are saying is that the dhcpd will respond
>with the "class MSFT" defined dns server addresses when responding to a
>DHCPREQ and the client will come up with the correct dns entries. The
>problem comes in when a DHCPINFO is sent to the dhcpd, in which case the
>global dns entries are sometimes sent in response. Is this true?
>
>DHCPINFO is not something that will happen unless specifically initiated
>by the client. Under what circumstances will a DHCPINFO take place on a
>MSFT client? 
>
>Just trying to understand,
>
>John
>
>
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Randall C
>Grimshaw
>Sent: Tuesday, April 28, 2009 10:32 AM
>To: Users of ISC DHCP; Glenn Satchell
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>This sounds like it should work fairly well for you, but one thing to
>follow-up on is the client behavior when issuing DHCPINFO requests.
>DHCPd will provide the global default DNS in such cases.
>
>We do something like this using the group method as someone else
>suggested to you, but the success is limited to a use case where it is
>non-critical that the users get the correct address every time.
>
>Randy
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of John Tabasz
>(jtabasz)
>Sent: Tuesday, April 28, 2009 1:12 PM
>To: Glenn Satchell; Users of ISC DHCP
>Subject: RE: Dual DNS server farms in dhcpd.conf
>
>Hi Glenn,
>
>This is almost exactly what I was looking for. Thanks for the reply.
>I'll test it out today. 
>By the way, how would I have found this information on my own? 
>
>Thanks,
>
>John 
>
>-----Original Message-----
>From: dhcp-users-bounces at lists.isc.org
>[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Glenn Satchell
>Sent: Monday, April 27, 2009 9:21 PM
>To: dhcp-users at lists.isc.org
>Subject: Re: Dual DNS server farms in dhcpd.conf
>
>
>>Date: Mon, 27 Apr 2009 15:23:09 -0700
>>From: "John Tabasz (jtabasz)" <jtabasz at cisco.com>
>>
>>Hi All,
>>
>>I have a situation where I want to use dhcpd.conf to serve up addresses
>
>>that are statically assigned. I have previously used the following to 
>>do
>>this:
>>
>>shared-network TEST  {
>>
>>subnet 192.168.200.0 netmask 255.255.255.0 { option routers 
>>192.168.200.1;
>>  option subnet-mask 255.255.255.0;
>>  option domain-name-servers 10.1.1.25,10.1.2.25,10.1.3.25;
>>  option domain-name "mydomain.com";
>>deny unknown-clients;
>>}
>>
>>  host dev5c.mydomain.com                           {
>>   hardware ethernet              0:3:ba:11:b1:75;
>>   fixed-address                   192.168.200.165;
>>   option host-name                       "dev5c";
>>  }
>>
>>}
>>
>>This worked fine until a new requirement came up that the PCs on the 
>>network and the Unix workstations on the same subnet should receive a 
>>different set of DNS server IP addresses.
>>
>>I wrote a couple of perl scripts that take the host info and massage it
>
>>into the dhcpd.conf file. One way of getting what I want is to add 
>>logic into the scripts that examine the hostname and if the name 
>>indicates that the device is a PC, add the correct DNS server info into
>
>>the host declaration. This rather than using the shared-network global 
>>command to set the DNS servers for the whole subnet.
>>
>>Is there a DHCP option that returns the kernel that the client is 
>>running? If so, is there a way to use this info to manipulate the DNS 
>>entries?
>>
>>Suggestions?
>>
>
>This will identify the Windows PCs and override their dns servers. The
>subnet definition stays pretty much as it is, although you don't really
>need the shared-network around the subnet and host definitions.
>
>class "MSFT" {
>  match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
>  option domain-name-servers 10.1.1.26,10.1.2.26,10.1.3.26; }
>
>regards,
>-glenn
>
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list