classify by MAC address

Glenn Satchell glenn.satchell at uniq.com.au
Sun Jan 22 04:57:52 UTC 2012 

You are not matching on the same thing. The hardware address does not 
have a '1' in the first octet.

     DHCPDISCOVER from 52:54:00:03:5d:62

     match if substring(hardware, 0, 4) = 1:52:54:0;

So you probably want (and similar for the other classes)

match if substring(hardware, 0, 3) = 52:54:0;

In the first three pools, you only need the allow - it implicitly denies 
everything else. In the fourth pool, you need three denies, one for each 
of the classes, and that allows everything else.

regards,
-glenn

On 01/21/12 04:01, Ruzsinszky Attila wrote:
> Hi Simon,
>
> Thanks for your help!
>
>
> Jan 20 17:50:32 wspc7 dhcpd: DHCPDISCOVER from 6e:81:65:bd:6c:99 via eth0: netwo
> rk 192.168.52.0/24: no free leases
> Jan 20 17:52:20 wspc7 dhcpd: DHCPDISCOVER from 52:54:00:03:5d:62 via eth0: netwo
> rk 192.168.52.0/24: no free leases
>
> dhcpd.conf
> ...
>
> class "KVM-vms" {
> #    match if binary-to-ascii (16,8,":",substring(hardware, 0, 4)) = "1:52:54:0"
>      match if substring(hardware, 0, 4) = 1:52:54:0;
>      log (debug, binary-to-ascii (16,8, ":", hardware));
> }
>
> class "VBox-vms" {
> #    match if binary-to-ascii (16,8,":",substring(hardware, 0, 4)) = "1:8:0:27";
>      match if substring(hardware, 0, 4) = 1:8:0:27;
>      log (debug, binary-to-ascii (16,8, ":", hardware));
> }
>
> class "VMware-vms" {
> #    match if binary-to-ascii (16,8,":",substring(hardware, 0, 4)) = "1:0:c:29";
>      match if substring(hardware, 0, 4) = 1:0:c:29;
>      log (debug, binary-to-ascii (16,8, ":", hardware));
> }
> ...
>
>          pool {
>              allow members of "KVM-vms";
>              range 192.168.52.180 192.168.52.199;
>              deny members of "VBox-vms";
>              deny members of "VMware-vms";
>              deny unknown-clients;
>              }
>          pool {
>              allow members of "VBox-vms";
>              range 192.168.52.170 192.168.52.179;
>              deny members of "KVM-vms";
>              deny members of "VMware-vms";
>              deny unknown-clients;
>              }
>          pool {
>              allow members of "VMware-vms";
>              range 192.168.52.160 192.168.52.169;
>              deny members of "KVM-vms";
>              deny members of "VBox-vms";
>              deny unknown-clients;
>              }
>          pool {
>
>              range 192.168.52.21 192.168.52.29;
>              deny members of "KVM-vms";
>              deny members of "VBox-vms";
>              deny members of "VMware-vms";
>              }
>
> No any other pool or range definied for that subnet.
>
> What is wrong?
>
> TIA,
> Ruzsi

More information about the dhcp-users mailing list