Question about ISC-dhcp, subnet and options
Glenn Satchell
glenn.satchell at uniq.com.au
Tue Oct 30 01:50:00 UTC 2012
dhcpd is behaving correctly. Your configuration is not correct.
The client you showed requesting an address matches the pxe class. Because
the pxe class is defined inside the subnet it inherits the subnet defaults
(subnet mask, default gateway, etc) where it is defined. As class scope
overrides subnet scope the values inherited from the class override the
subnet values.
This is from the dhcpd.conf man page:
When a client is to be booted, its boot parameters are
determined by consulting that client's host declaration (if
any), and then consulting any class declarations matching
the client, followed by the pool, subnet and shared-network
declarations for the IP address assigned to the client.
Each of these declarations itself appears within a lexical
scope, and all declarations at less specific lexical scopes
are also consulted for client option declarations. Scopes
are never considered twice, and if parameters are declared
in more than one scope, the parameter declared in the most
specific scope is the one that is used.
Defining a class within a subnet does *not* limit the class to only
members of that subnet.
The way to fix this is to move the pxe class definition into global scope.
You may or may not want to override some of the pxe class values in each
subnet (eg different next-server) or deny it inside the pools in the
subnet.
regards,
-glenn
On Tue, October 30, 2012 11:52 am, Ulf Zimmermann wrote:
> I have a question about options inside of subnet definations. Part of my
> config is below:
>
> # VLAN 52 - 10.1.1.0/24
> subnet 10.1.1.0 netmask 255.255.255.0 {
> authoritative;
> option routers 10.1.1.1;
> option subnet-mask 255.255.255.0;
> option domain-name "example.com";
> option domain-name-servers 10.2.0.5, 10.2.0.6;
> option netbios-name-servers 10.3.0.71, 10.3.0.72;
>
> option time-offset -28800; # Pacific Standard Time
> option ntp-servers 10.3.0.69, 10.4.0.40;
>
> # PXE Kickstart section to be included from file
> include "/etc/dhcp/includes.fremont/kickstart-10.1.1.0-24.conf";
>
> }
>
> # VLAN 2 - Network Management 10.3.0.0/22
> subnet 10.3.0.0 netmask 255.255.252.0 {
> authoritative;
> option routers 10.3.0.1;
> option subnet-mask 255.255.252.0;
> option domain-name "example.com";
> option domain-name-servers 10.2.0.5, 10.2.0.6;
> option netbios-name-servers 10.3.0.71, 10.3.0.72;
>
> option time-offset -28800; # Pacific Standard Time
> option ntp-servers 10.3.0.69, 10.4.0.40;
> default-lease-time 21600; # 6 hours
> max-lease-time 43200; # 12 hours
>
> class "pxeclients" {
> match if substring(option vendor-class-identifier, 0, 9) =
> "PXEClient";
> next-server 10.3.0.12;
> filename "pxelinux.0";
> #if not exists gpxe.bus-id {
> # filename "/gpxelinux.0";
> #}
> }
>
> # Kickstart config file for 10.3.0.0/22
> include "/etc/dhcp/includes.fremont/kickstart-10.3.0.0-22.conf";
>
> # Static IP assignments via DHCP
> include "/etc/dhcp/includes.fremont/static-10.3.0.0-22.conf";
>
> # Include the iLO config file for 10.137.8.0/22
> include "/etc/dhcp/includes.fremont/ilo-10.3.0.0-22.conf";
>
> }
>
> # VLAN 10 - Corporate - 10.5.0.0/22
> subnet 10.5.0.0 netmask 255.255.252.0 {
> authoritative;
> option routers 10.5.0.1;
> option subnet-mask 255.255.252.0;
> option domain-name "example.com";
> option domain-name-servers 10.2.0.5, 10.2.0.6;
> option netbios-name-servers 10.3.0.71, 10.3.0.72;
>
> option time-offset -28800; # Pacific Standard Time
> option ntp-servers 10.3.0.69, 10.4.0.40;
> default-lease-time 21600; # 6 hours
> max-lease-time 43200; # 12 hours
>
> # Kickstart config file for 10.5.0.0/22
> include "/etc/dhcp/includes.fremont/kickstart-10.5.0.0-22.conf";
>
> # Static IP assignments via DHCP
> include "/etc/dhcp/includes.fremont/static-10.5.0.0-22.conf";
>
> }
>
> The problem I am running into is that on the VLAN 52 I am getting the
> following response from dhcpd:
>
> 10:47:24.273532 IP (tos 0x0, ttl 63, id 60694, offset 0, flags [none],
> proto UDP (17), length 576)
> 10.8.0.165.bootps > 10.3.0.21.bootps: BOOTP/DHCP, Request from
> 00:50:56:aa:46:c5, length 548, hops 1, xid 0x57aa46c5, secs 4, Flags
> [Broadcast]
> Gateway-IP 10.1.1.1
> Client-Ethernet-Address 00:50:56:aa:46:c5
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Discover
> Parameter-Request Option 55, length 24:
> Subnet-Mask, Time-Zone, Default-Gateway, IEN-Name-Server
> Domain-Name-Server, RL, Hostname, BS
> Domain-Name, SS, RP, EP
> Vendor-Option, Server-ID, Vendor-Class, BF
> Option 128, Option 129, Option 130, Option 131
> Option 132, Option 133, Option 134, Option 135
> MSZ Option 57, length 2: 1260
> GUID Option 97, length 17:
> 0.66.42.10.5.180.105.222.121.213.164.28.115.149.149.224.89
> ARCH Option 93, length 2: 0
> NDI Option 94, length 3: 1.2.1
> Vendor-Class Option 60, length 32:
> "PXEClient:Arch:00000:UNDI:002001"
> 10:47:24.273997 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP
> (17), length 328)
> 10.3.0.21.bootps > 10.1.1.1.bootps: BOOTP/DHCP, Reply, length 300,
> hops 1, xid 0x57aa46c5, secs 4, Flags [Broadcast]
> Your-IP 10.1.1.30
> Server-IP 10.3.0.155
> Gateway-IP 10.1.1.1
> Client-Ethernet-Address 00:50:56:aa:46:c5
> file "/rhel6server-x86_64/pxelinux.0"
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Offer
> Server-ID Option 54, length 4: 10.3.0.21
> Lease-Time Option 51, length 4: 21600
> Subnet-Mask Option 1, length 4: 255.255.252.0
> Time-Zone Option 2, length 4: -28800
> Default-Gateway Option 3, length 4: 10.3.0.1
> Domain-Name-Server Option 6, length 8: 10.2.0.5,10.2.0.6
> Domain-Name Option 15, length 8: "autc.com"
>
> The problematic parts are:
>
> Subnet-Mask Option 1, length 4: 255.255.252.0
> Default-Gateway Option 3, length 4: 10.3.0.1
>
> Shouldn't this return 255.255.255.0 and 10.1.1.1 based on the above subnet
> declaration? Should the "options routers" and "options subnet-mask" be
> local to the subnet declaration?
>
> Ulf.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
More information about the dhcp-users
mailing list