Wrong gateway when using class in a subnet
Simon Hobson
dhcp1 at thehobsons.co.uk
Fri Jun 1 12:58:33 UTC 2012
Nuno Marques wrote:
>subnet 10.99.112.0 netmask 255.255.255.0{
> option routers 10.99.112.1;
>
> class "Cisco-AP-c1140" {
> match if option vendor-class-identifier = "Cisco AP c1140";
> option vendor-class-identifier "Cisco AP c1140";
> vendor-option-space Cisco_LWAPP_AP;
> option Cisco_LWAPP_AP.server-address 10.99.4.221; }
>
>....
>}
>
>subnet 10.99.113.0 netmask 255.255.255.0{
> option routers 10.99.113.1;
>
> class "Cisco-AP-c1140" {
> match if option vendor-class-identifier = "Cisco AP c1140";
> option vendor-class-identifier "Cisco AP c1140";
> vendor-option-space Cisco_LWAPP_AP;
> option Cisco_LWAPP_AP.server-address 10.99.4.221; }
>
>....
>}
>
>The problem is, an AP on the second subnet will receive the gateway
>from the first (10.99.112.1).
>My guess is DHCP is giving the first 'option router' that matches the class.
You've hit (I think) a known inheritance "gotcha" - it also applies
to host declarations which is why standard advice is to put host
statements in the global scope.
Even though you have declared it within a subnet, the class statement
is global - hence anything that matches it may match it whatever
subnet they are in. If the client is in a different subnet, then they
will be given (by rules of inheritance) options from the subnet where
the class is defined.
I don't think we've come across a situation where this inheritance is
desired ! It's simple to avoid, just don't put your class (or host)
declarations within a subnet.
>If I put the class declaration on the top of the configuration and
>remove it from every subnet it works as expected, but I got several
>subnets that shouldn't have this configuration, so I want to keep it
>out of the general configuration.
The class declaration is global anyway, so putting it inside a subnet
doesn't limit it's scope.
As Jason Gerfen says, you need to use allow/deny statements in the
subnets to control access.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
More information about the dhcp-users
mailing list