SV: Tracking IP-Usage
Anders Rosendal
anders at rosendal.nu
Sun Jan 25 21:25:44 UTC 2009
Hi
I've already solved the option-82 things, and yes, Cisco's infinite wisdom when it comes to interface indexes really makes things unnecessary difficult.
I got some help "offlist" with getting expiry messages in the log file. This can be useful someone else as well.
To get a log message when an IP has expired add the following to the config.
on expiry { log(info, concat("expiry", " ", binary-to-ascii(10, 8, ".", leased-address))); }
Again, thanks Jon for the info!
Regards Anders R
-----Ursprungligt meddelande-----
Från: dhcp-users-bounces at lists.isc.org [mailto:dhcp-users-bounces at lists.isc.org] För Claus Holm Christensen
Skickat: den 24 januari 2009 13:10
Till: Users of ISC DHCP
Ämne: Re: Tracking IP-Usage
Anders Rosendal skrev:
> I'm looking at creating a script that will parse the dhcpd-logfile and
> create start / stop records for when a IP is leased, and when a IP lease
> has expired or an IP release message is received from the client.
It's possible. We did it by parsing the dhcpd.leases backup file two
times every hour and extracting the requested information about all the
IP addresses, option-82 data and so on.
> The reason for this is to create a simple log of which customer had a
> specific IP at a specific time. The log is what will be saved a couple
> of years for abuse purposes. Customer im my case is a port in a switch
> which is extracted from the option-82 fields.
The european anti terror laws also require you to keep this log. You
may be lucky that you're only going to implement it later, but here in
Denmark we have been stuck with it for the last year.
> Log would contain lines like:
> Jan 23 18:23:09 2009 START 192.168.10.10 Fa0/3.as32.myname.com
> Jan 24 08:17:12 2009 STOP 192.168.10.10 Fa0/3.as32.myname.com
You will get a problem with converting the Option-82 information to real
interface names like that. Cisco switches uses different formats
between switches, IOS revisions and depends on configuration parameters
that was only available in a previous software release... It's a mess!
If you got the time, then work yourself through all your switches, and
configure each and every port to use it's own uniqe identifier. That's
also a mess, since replacements and user errors might leave a port
"unconfigured", but then at least you have something to search your logs
for.
> When parsing the log it would be a world of difference if the actual
> dhcp-logfile would contain logentries for when an IP-lease is expired.
That's difficult by watching the dhcpd.leases file, since active leases
do have an expiration time, but you don't know if it's being renewed
later...
It's easier to pull a lot of requests/renewals out of the leases file,
and then just assume that a customer has left his IP if nothing is heard
from him after the lease time has elapsed. You also know that the
previous customer has released his address if the address is issued to
somebody else...
> Is it possible to configure the dhcpd 3.0.6 to generate a logmessage
> when IP-leases expire, and the IP is considered "free"?
Too bad you requested 3.0.6, I think it should be possible to work it
out with the execute() parameter in later versions, but I'm too busy to
fix a system already working now :-)
--
Claus Holm Christensen
_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
--
This message has been scanned for viruses and
dangerous content by MailScanner on mars.rosendal.nu,
and is believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner on mars.rosendal.nu,
and is believed to be clean.
More information about the dhcp-users
mailing list