Re: Re: Re: Re: Assign static IP by Option 82 agent.remote-id

Sten Carlsen stenc at s-carlsen.dk
Mon Jan 4 10:24:03 UTC 2010 

Hi

Good that it is working.

You may want to look closer at the allow/deny description in the man
pages. If you allow something, everything else is denied - might be a
way to do it.

Otherwise I think I would look at class and subclass. Defining one class
with subclasses for each static client has been recommended in the list
a number of times for similar tasks. This way you should have to deny
the class and the subclasses would also be denied.

I have not tried that myself, so I can not supply better detail. Search
the archives for subclass?

Billy Ng wrote:
> Hi Sten,
>
> Thanks for your help and the DHCP server is working fine. But just
> wonder if the server is serving over 100 static clients and I think it
> is not possible to configure the dynamic address pool with those
> static clients in the deny list.
>
> Best Regards,
> Billy
>
> ------------------------------------------------------------------------
> *寄件人﹕* Sten Carlsen <stenc at s-carlsen.dk>
> *收件人﹕* Users of ISC DHCP <dhcp-users at lists.isc.org>
> *傳送日期﹕* 2009/12/28 (一) 11:36:57 AM
> *主題:* Re: Re: Re: Re: Assign static IP by Option 82 agent.remote-id
>
> Hi
>
> First pool is ok, second pool forbids BOOTP clients but still allows all
> dhcp clients, including those from "Static-1".
>
> You may want to try adding:
> deny members of "Static-1"
> to the second pool, that way an address will only be given from first
> pool to any member of Static-1.
>
> Billy Ng wrote:
> > Hi Sten,
> >
> > Here is my dhcpd.conf:
> >
> >
> > class "Static-1" {
> > match if option agent.remote-id="VP123456";
> > }
> >
> > shared-network NET1 {
> >
> > subnet 192.168.10.0 netmask 255.255.255.192 {
> > option subnet-mask 255.255.255.192;
> > option routers 192.168.10.62;
> > pool {
> > range 192.168.10.10;
> > allow members of "Static-1";
> > }
> > pool {
> > range 192.168.10.20 192.168.10.55;
> > deny dynamic bootp clients;
> > }
> > }
> >
> > Best Regards,
> > Billy
> >
> > ------------------------------------------------------------------------
> > *寄件人﹕* Sten Carlsen <stenc at s-carlsen.dk <mailto:stenc at s-carlsen.dk>>
> > *收件人﹕* Users of ISC DHCP <dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>>
> > *傳送日期﹕* 2009/12/28 (一) 10:13:52 AM
> > *主題:* Re: Re: Re: Assign static IP by Option 82 agent.remote-id
> >
> > Hi
> >
> > Have you put the relevant allow and/or deny statements in the pools?
> >
> >
> > Specially, have you denied the dynamic pool to the class members?
> >
> > Billy Ng wrote:
> > > Hi All,
> > >
> > > Apperciate if someone can help to resolve this problem. Many thanks.
> > >
> > > Best Regards,
> > > Billy
> > >
> > >
> ------------------------------------------------------------------------
> > > *寄件人﹕* Billy Ng <mondeo1055 at yahoo.com
> <mailto:mondeo1055 at yahoo.com> <mailto:mondeo1055 at yahoo.com
> <mailto:mondeo1055 at yahoo.com>>>
> > > *收件人﹕* Users of ISC DHCP <dhcp-users at isc.org
> <mailto:dhcp-users at isc.org>
> > <mailto:dhcp-users at isc.org <mailto:dhcp-users at isc.org>>>
> > > *傳送日期﹕* 2009/12/23 (三) 2:35:09 PM
> > > *主題:* Re: Assign static IP by Option 82 agent.remote-id
> > >
> > > Hi Shunsuke,
> > >
> > > Seems the match if option agent.remote-id="VP111222" didn't work in my
> > > dhcpd.conf. The client still obtain the dynamic address pool. Thanks.
> > >
> > > Best Regards,
> > > Billy
> > >
> > >
> ------------------------------------------------------------------------
> > > *寄件人﹕* Shunsuke Otani <otanis555 at gmail.com
> <mailto:otanis555 at gmail.com>
> > <mailto:otanis555 at gmail.com <mailto:otanis555 at gmail.com>>>
> > > *收件人﹕* Users of ISC DHCP <dhcp-users at isc.org
> <mailto:dhcp-users at isc.org>
> > <mailto:dhcp-users at isc.org <mailto:dhcp-users at isc.org>>>
> > > *傳送日期﹕* 2009/12/23 (三) 12:39:34 PM
> > > *主題:* RE: Assign static IP by Option 82 agent.remote-id
> > >
> > > hi
> > >
> > > When I configured as below, it worked well.
> > >
> > > stash-agent-options true;
> > > class "01" { match if option agent.remote-id=56:50:31:31:31:32:32:32;}
> > >
> > > subnet 192.168.0.0 netmask 255.255.255.0 {
> > > option broadcast-address 192.168.0.255;
> > > option subnet-mask 255.255.255.0;
> > > option routers 192.168.0.1;
> > > pool { range 192.168.0.101; allow members of "01"; }
> > > }
> > >
> > >
> > > Probably, the following may also works I think.
> > > class "01" { match if option agent.remote-id="VP111222";}
> > >
> > >
> > > > -----Original Message-----
> > > > From: dhcp-users-bounces+otanis555=gmail.com at lists.isc.org
> <mailto:gmail.com at lists.isc.org>
> > <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>>
> > > <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>
> <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>>>
> > > > [mailto:dhcp-users-bounces+otanis555=gmail.com at lists.isc.org
> <mailto:gmail.com at lists.isc.org>
> > <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>>
> > > <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>
> <mailto:gmail.com at lists.isc.org <mailto:gmail.com at lists.isc.org>>>]
> > > > On Behalf Of Billy Ng
> > > > Sent: Wednesday, December 23, 2009 12:49 PM
> > > > To: dhcp-users at isc.org <mailto:dhcp-users at isc.org>
> <mailto:dhcp-users at isc.org <mailto:dhcp-users at isc.org>>
> > <mailto:dhcp-users at isc.org <mailto:dhcp-users at isc.org>
> <mailto:dhcp-users at isc.org <mailto:dhcp-users at isc.org>>>
> > > > Subject: Assign static IP by Option 82 agent.remote-id
> > > >
> > > > Dear All,
> > > >
> > > > I'd like to assign a static IP address to the client by the
> > > > agent.remote-id field "VP111222" as follow:
> > > >
> > > > lease 192.168.172.23 {
> > > > starts 3 2009/12/23 03:40:01;
> > > > ends 3 2009/12/23 04:10:01;
> > > > tstp 3 2009/12/23 04:25:01;
> > > > tsfp 3 2009/12/23 04:10:00;
> > > > cltt 3 2009/12/23 03:40:01;
> > > > binding state active;
> > > > next binding state expired;
> > > > billing subclass "AGENT_ID" "VP111222";
> > > > hardware ethernet 00:18:ba:33:dc:9a;
> > > > uid "\000cisco-0018.ba33.dc9a-Fa0";
> > > > option agent.circuit-id "JDNS504|99411010|5/2/6:2002.*";
> > > > option agent.remote-id "VP111222";
> > > > option agent.unknown-9 0:0:19:7f:a:5:8:56:50:32:32:32:31:31:31;
> > > > client-hostname "C1811-R";
> > > > }
> > > >
> > > > Would you please kindly recommend how to configure the class
> > > > match with the agent.remote-id = "VP111222" (in ascii format)
> > > > in the dhcpd.conf? Thanks a lot.
> > > >
> > > >
> > > > Best Regards,
> > > > Billy
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > ________________________________
> > > >
> > > > Yahoo!香港提供網上安全攻略,教你如何防範黑客!了解更多
> > > <http://hk.promo.yahoo.com/security/>
> > > >
> > >
> > >
> > >
> ------------------------------------------------------------------------
> > > Yahoo!香港提供網上安全攻略,教你如何防範黑客!*了解更多*
> > > <http://hk.promo.yahoo.com/security/>
> > >
> > >
> ------------------------------------------------------------------------
> > > Yahoo!香港提供網上安全攻略,教你如何防範黑客!*了解更多*
> > > <http://hk.promo.yahoo.com/security/>
> > >
> ------------------------------------------------------------------------
> > >
> > > _______________________________________________
> > > dhcp-users mailing list
> > > dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>>
> > > https://lists.isc.org/mailman/listinfo/dhcp-users
> >
> > --
> > Best regards
> >
> > Sten Carlsen
> >
> > No improvements come from shouting:
> >
> > "MALE BOVINE MANURE!!!"
> >
> > _______________________________________________
> > dhcp-users mailing list
> > dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>>
> > https://lists.isc.org/mailman/listinfo/dhcp-users
> >
> > ------------------------------------------------------------------------
> > Yahoo!香港提供網上安全攻略,教你如何防範黑客!*了解更多*
> > <http://hk.promo.yahoo.com/security/>
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > dhcp-users mailing list
> > dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> > https://lists.isc.org/mailman/listinfo/dhcp-users
>
> -- 
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
>
> "MALE BOVINE MANURE!!!"
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> ------------------------------------------------------------------------
> Yahoo!香港提供網上安全攻略,教你如何防範黑客!*了解更多*
> <http://hk.promo.yahoo.com/security/>
> ------------------------------------------------------------------------
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

-- 
Best regards

Sten Carlsen

No improvements come from shouting:

       "MALE BOVINE MANURE!!!"

More information about the dhcp-users mailing list