Address from wrong pool
Siegenthaler Tina
tina at ieu.uzh.ch
Mon Feb 8 11:13:03 UTC 2010
> Include acts like it is in the global scope, so the deny doesn't
> really get put inside the pool.
I see. Then this won't work.
>
> You could create another class and make all your "fixed" hosts be a
> member of that,then deny it. For example:
>
> class "IEU_0024_L1" { match hardware; }
> class "IEU_0025_L1" { match hardware; }
> class "all_fixed_hosts" { match hardware; }
>
> subclass "IEU_0024_L1" 1:00:00:aa:9d:26:79;
> subclass "IEU_0025_L1" 1:00:10:83:41:ef:e4;
> subclass "all_fixed_hosts" 1:00:00:aa:9d:26:79;
> subclass "all_fixed_hosts" 1:00:10:83:41:ef:e4;
>
> subnet 130.60.33.32 netmask 255.255.255.224 {
> option routers 130.60.33.33;
> option broadcast-address 130.60.33.63;
> pool { allow members of "IEU_0024_L1" ; range 130.60.33.36; }
> pool { allow members of "IEU_0025_L1" ; range 130.60.33.37; }
> pool {
> failover peer "DHCP-IEU";
> deny dynamic bootp clients;
> allow known-clients;
> deny members of "all_fixed_hosts";
> range 130.60.33.40 130.60.33.50;
> }
> default-lease-time 21600;
> max-lease-time 21600;
> }
>
Yes, that's how we used to configure it, but it has always been a bit
complicated to generate from our database (we have more than one
subnet and thus had to create a "fixed" class for each subnet), so
we've been hoping to keep it more simple. We don't have a lot of fixed
address hosts, so at the moment, we are testing to "include" the
entire pools instead of just the deny statements, like this:
pool {
failover peer „DHCP-IEU“;
deny dynamic bootp clients;
allow known-clients;
deny members of "IEU_0057_L1";
deny members of "IEU_0501_L1";
range 130.60.79.200 130.60.79.220;
}
and then include it in the respecticve subnet. This seems to work and
is a bit less complicated than using the fixed address classes.
> Also where you have only a single host in a class you could use a
> more specific class and save on the subclass definition. Might make
> a difference if you have lots of these hosts.
>
> class "IEU_0024_L1" { match if hardware = 00:00:aa:9d:26:79; }
>
Thanks, that's cool, I didn't know about that. We are currently
creating a new database, so this will come in very handy and make
things much easier.
Thanks to everbody else who replied, too. I really appreciate this
list - people here are so helpful. Thanks a lot!
Tina
More information about the dhcp-users
mailing list