class/subclass issues

Wed May 26 14:35:50 UTC 2010

Hi Adam

On 05/26/10 23:51, aedhcp wrote:
> I am trying to get some class/subclass issues worked out, but I am
> having difficulties. Here is what I have in my config:
>
> class "Z" { match option agent.remote-id; }

This is a series of hexadecimal character s, not a string match, so the 
leading 0 is optional. Hence both of these statements are equivalent.

> subclass "Z" 00:0b:06:b1:ca:d4;
> subclass "Z" 0:b:6:b1:ca:d4;

You are not matching "hardware ethernet", so a leading 1 is not 
required. These two statements would never match.

> subclass "Z" 1:00:0b:06:b1:ca:d4;
> subclass "Z" 1:0:b:6:b1:ca:d4;

This all looks ok. You could test your different subclasses but having 
four different classes, eg "w", "X", "Y" and "Z" - one for each match, 
and four pools so you could see which one of the 4 was working.

> shared-network X {
> subnet X.X.X.0 netmask 255.255.255.0 {
> option subnet-mask 255.255.255.0;
> option routers X.X.X.1;
> max-lease-time 43200;
> min-lease-time 43200;
> default-lease-time 43200;
> pool {
> deny members of "Z";
> range X.X.X.5 X.X.X.244;
> }
> pool {
> allow members of "Z";
> range X.X.X.245 X.X.X.254;
> }
> }
> }
>
> ALL of devices that hit this DHCP server are getting public IP
> addresses, so the only thing I can use to key off of is the option
> agent.remote-id. My problem is that no matter what device I boot ALWAYS
> gets an IP in the second pool (245-254). It seems as though my
> class/subclass statements are an ALL MATCH type of scenario no matter
> what cable modem boots. I have tried this on 3.1.2 and 4.1.1 with the
> same results. As you can see from the subclass statements above I have
> tried all 4 scenarios for mac address. Here is what the lease file shows
> after it gets the wrong IP:
>
> lease X.X.X.247 {
> starts 3 2010/05/26 13:25:39;
> ends 4 2010/05/27 01:25:39;
> tstp 4 2010/05/27 01:25:39;
> cltt 3 2010/05/26 13:25:39;
> binding state active;
> next binding state free;
> hardware ethernet 00:12:3f:14:51:54;
> uid "\001\000\022?\024QT";
> option agent.circuit-id 0:2:80:0:0:1;
> option agent.remote-id 0:b:6:b1:ca:d4;
> client-hostname "XXXXX";
> }
>
> Am I doing this incorrectly? Any help is greatly appreciated. Thank you.

Are you sure there isn't a second relay agent closer to the dhcp server 
that is re-writing the agent.remote-id value to be identical for all 
clients? Or is the remote-id part of the firmware image, and they all 
send the same value?

If you want to match on ethernet then you need something like:

class "Z" { match hardware ethernet; }
subclass "Z" 1:00:12:3f:14:51:54;

Alternatively you could try matching on agent.circuit-id.

regards,
-glenn