PXE Client configuration
Glenn Satchell
glenn.satchell at uniq.com.au
Fri Feb 19 22:50:34 UTC 2010
Jason Frisvold wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/16/2010 09:18 AM, Denis Laventure wrote:
>> That's not too complicated...
>> I did it with a global class and subclasses so I can choose which VLAN get PXE using option-82. You can also add match condition like if substring(option vendor-class-identifier, 0, 9) = "PXEClient"; to the class if you like.
>
> Can you provide an example subnet declaration for this? I'm not sure I
> follow how this works..
>
> I'm running into a few problems right now. If I merely add the
> PXEClients class and have no allow/deny statements in the pool
> declaration, it appears to work fine. If I put a "deny members of"
> message, then it denies anything declaring itself as a PXEClient from
> getting an address. This appears to be ok as well, though it would be
> nice if they could still get a DHCP address, just not the PXE server
> information.
>
> The big problem is that if I put an "allow members of" in the pool
> declaration, it then denies everything except PXEClients. I can remove
> the "allow" and leave it open, which would work, but we're looking to
> possibly have multiple PXE servers, so I need to be able to define the
> pxe server information for each matched class.
>
> I *think* the subclass declaration would help here, but I'm not 100%
> sure how to make it work.
>
>> Denis
>
> Thanks,
>
> - --
> - ---------------------------
> Jason Frisvold
> Network Engineer
> frisvolj at lafayette.edu
> - ---------------------------
Sub-classes is quite a clever idea. There's an explanation in the
dhcpd.conf man page, but the general idea is that in the class you
specify the variable you want to match against, then in the sub-class
entry you specify the value to compare with the class match variable.
Something like this:
class "foo" {
match some-expression;
}
sub-class "foo" "value-of-the-expression";
If "value-of-the-expression" matches some-expression then that client is
a member of class "foo".
In the VLAN example, some-expression extracted the vlan number out of
the circuit-id. Then in the sub-class definitions various VLAN numbers
were matched with the class.
If we were to take this further you would need one class for each PXE
server. Then use subclasses to match each VLAN to the appropriate class.
So in this example VLANs 298 and 123 would match class PXE1, while VLAN
428 woul dmatch class PXE2.
class "PXE1" {
match binary-to-ascii (10, 16, "", substring( option
agent.circuit-id, 2, 2));
next-server pxe1.domain.com;
filename "\\Tftpboot\\Menu.pxe";
}
class "PXE2" {
match binary-to-ascii (10, 16, "", substring( option
agent.circuit-id, 2, 2));
next-server pxe2.domain.com;
filename "\\Tftpboot\\Menu.pxe";
}
subclass "PXE1" "298";
subclass "PXE1" "123";
subclass "PXE2" "428";
You could match against subnets by extracting the first three octets
from the leased-address.
Alternatively you could put an "if" statement in every subnet with the
appropriate server, eg:
subnet ... {
if substring(option vendor-class-identifier, 0, 9) = "PXEClient" {
next-server pxe.example.com;
filename "x86pc/undi/wpemenu/startrom.0";
}
option routers ...
pool { ... }
}
This method requires an entry for every subnet, so if there are a lot of
subnets then there's a lot of work to set it up. The class is nice
because you only set it up once and it covers all subnets.
--
regards,
-glenn
--
Glenn Satchell | Miss 9: What do you
Uniq Advances Pty Ltd, Sydney Australia | do at work Dad?
mailto:glenn.satchell at uniq.com.au | Miss 6: He just
http://www.uniq.com.au tel:0409-458-580 | types random stuff.
More information about the dhcp-users
mailing list