Question about logging Option 82
Anton
warm at stack.ru
Fri Mar 5 05:56:24 UTC 2010
Hi.
I have isc dhcp server to serve dhcp requests with option 82. Server works. The problem is that it does not
log circuit-id information when request can not be handled but it logs this information when request is
accepted. Very hard to debug switches settings.
When request is success log entry looks like:
----------------------------------------------------------------------------------------------------------------
Mar 5 11:25:40 myhost daemon.err dhcpd: SMAC:0.c.ce.47.7c.0 SWIP:206.71.124.0 VLAN:100 PORT:0 ip:192.168.70.18
# ^^^^^^ - right MAC ^^^^^^ - wrong ip because c2950 gives MAC in
# Remote-id
----------------------------------------------------------------------------------------------------------------
Here I can see switch mac (can find the switch), see the right vlan-id and port number (0 -- is a first port)
-- all is fine.
When request is failed log entry is:
--------------------------------------------------------------------------------------------------------------
Mar 5 11:45:54 myhost daemon.err dhcpd: DHCPDISCOVER from 00:02:44:1d:7e:ea via eth0: network
192.168.70.16/28: no free leases
--------------------------------------------------------------------------------------------------------------
and that is all
Yes, some switch is configured wrong but I can not see SMAC,VLAN,PORT. Switch sends circuit-id information --
it can be seen in tcpdump but information is not human readable.
I would like to see in logs option 82 information on every (success or no success) dhcp request if circuit-id
is presented. Is it possible ?
my dhcp.conf:
-----------------------------------------------------------------
option domain-name-servers 192.168.0.1, 192.168.10.1;
default-lease-time 43200;
max-lease-time 86400;
ddns-update-style none;
authoritative;
subnet 192.168.1.0 netmask 255.255.254.0 {
}
if exists agent.circuit-id
{
log ( error, concat(
# ^^^^^^ - tried here "info" and "debug" -- no result
"SMAC:",binary-to-ascii(16,8,".",suffix(option agent.remote-id,6)),
" SWIP:",binary-to-ascii(10,8,".",suffix(option agent.remote-id,4)),
" VLAN:",binary-to-ascii (10, 16, "", substring( option agent.circuit-id, 2, 2)),
" PORT:",binary-to-ascii(10,8,".",suffix(option agent.circuit-id,1)),
" ip:",binary-to-ascii (10, 8, ".", leased-address)
));
}
subnet 192.168.70.16 netmask 255.255.255.240 {
option routers 192.168.70.17;
option broadcast-address 192.168.70.31;
# c2950
class "192.168.70.18"{ match if binary-to-ascii (10, 8, "", suffix( option agent.circuit-id, 1)) = "0"
and binary-to-ascii(16, 8, ".", suffix ( option agent.remote-id,6)) = "0.c.ce.47.7c.0";}
class "192.168.70.19"{ match if binary-to-ascii (10, 8, "", suffix( option agent.circuit-id, 1)) = "1"
and binary-to-ascii(16, 8, ".", suffix ( option agent.remote-id,6)) = "0.c.ce.47.7c.0";}
class "192.168.70.20"{ match if binary-to-ascii (10, 8, "", suffix( option agent.circuit-id, 1)) = "2"
and binary-to-ascii(16, 8, ".", suffix ( option agent.remote-id,6)) = "0.c.ce.47.7c.0";}
...
pool { range 192.168.70.18; allow members of "192.192.70.18"; }
pool { range 192.168.70.19; allow members of "192.192.70.19"; }
pool { range 192.168.70.20; allow members of "192.192.70.20"; }
...
}
-----------------------------------------------------------------
More information about the dhcp-users
mailing list