Declaring subclasses on a per-subnet basis
Hristov, Tihomir H.
thristov at odu.edu
Thu Aug 9 02:36:48 UTC 2012
Dear all,
I an a Network engineer for Old Dominion University, Norfolk, Virginia and my team is looking into a future PXE configuration. We are trying to define classes with special options and have them applicable only to some special "lab" subnets of the environment.
Based on research done so far, we have seen that classes and subclasses are parsed on a global level and thus would apply to all clients, and just the special "lab" subnets.
Still in a post from June 2012 (https://lists.isc.org/pipermail/dhcp-users/2012-June/015558.html) we see an interesting configuration. Using it as an example, the configuration we have in mind would match on a substring of vendor-class-identifier (value AAPLBSDPC in this case) and set the root-path option (an example). It would look like this:
class "vendor-class" {
match substring(option vendor-class-identifier,0,9);
}
subnet 10.10.0.0 netmask 255.255.0.0 {
subclass "vendor-class" "AAPLBSDPC" {
option root-path "nfs:192.168.1.1:/nbi:NetInstall-Restore.dmg";
}
pool {
option routers 10.10.1.1;
option domain-name-servers 10.101.21;
range 10.10.7.1 10.10.7.254;
option domain-name-servers 10.101.21;
}
}
The main question here is:
1. Would this configuration work as we would like and the class declaration would affect only clients in the 10.10.0.0 subnet?
2. Or would the ISC DHCP parser end up treating the subclass as a global declaration and thus set option root-path to "nfs:192.168.1.1:/nbi:NetInstall-Restore.dmg" for all clients, regardless of their subnet?
In case this would end up a global configuration, we were thinking of declaring a class that matches on 2 conditions.
1. vendor-class-identifier substring
2. giaddress
Since we use DHCP Relay Agents all over our network, we would be able to use the giaddress and match it to the special "lab" subnets. We have seen some references to
match if (option dhcp-giaddress-field= 10.10.10.1)
and we were wondering if that would work. If not, what is the way to check the Relay Agent IP Address?
Your help and guidance would be greatly appreciated.
Sincerely,
Tihomir Hristov
Senior Network Engineer
Old Dominion University
Office of Computing and Communications Services
More information about the dhcp-users
mailing list