Question about ISC-dhcp, subnet and options

Glenn Satchell glenn.satchell at uniq.com.au
Tue Oct 30 01:50:00 UTC 2012 

dhcpd is behaving correctly. Your configuration is not correct.

The client you showed requesting an address matches the pxe class. Because
the pxe class is defined inside the subnet it inherits the subnet defaults
(subnet mask, default gateway, etc) where it is defined. As class scope
overrides subnet scope the values inherited from the class override the
subnet values.

This is from the dhcpd.conf man page:
     When a client is to  be  booted,  its  boot  parameters  are
     determined  by consulting that client's host declaration (if
     any), and then consulting any  class  declarations  matching
     the  client, followed by the pool, subnet and shared-network
     declarations for the IP  address  assigned  to  the  client.
     Each  of  these declarations itself appears within a lexical
     scope, and all declarations at less specific lexical  scopes
     are  also consulted for client option declarations.   Scopes
     are never considered twice, and if parameters  are  declared
     in  more  than one scope, the parameter declared in the most
     specific scope is the one that is used.

Defining a class within a subnet does *not* limit the class to only
members of that subnet.

The way to fix this is to move the pxe class definition into global scope.

You may or may not want to override some of the pxe class values in each
subnet (eg different next-server) or deny it inside the pools in the
subnet.

regards,
-glenn

On Tue, October 30, 2012 11:52 am, Ulf Zimmermann wrote:
> I have a question about options inside of subnet definations. Part of my
> config is below:
>
> # VLAN 52 - 10.1.1.0/24
> subnet 10.1.1.0 netmask 255.255.255.0 {
>         authoritative;
>         option routers                  10.1.1.1;
>         option subnet-mask              255.255.255.0;
>         option domain-name              "example.com";
>         option domain-name-servers      10.2.0.5, 10.2.0.6;
>         option netbios-name-servers     10.3.0.71, 10.3.0.72;
>
>         option time-offset              -28800; # Pacific Standard Time
>         option ntp-servers              10.3.0.69, 10.4.0.40;
>
>         # PXE Kickstart section to be included from file
>         include "/etc/dhcp/includes.fremont/kickstart-10.1.1.0-24.conf";
>
> }
>
> # VLAN  2 - Network Management 10.3.0.0/22
> subnet 10.3.0.0 netmask 255.255.252.0 {
>         authoritative;
>         option routers                  10.3.0.1;
>         option subnet-mask              255.255.252.0;
>         option domain-name              "example.com";
>         option domain-name-servers      10.2.0.5, 10.2.0.6;
>         option netbios-name-servers     10.3.0.71, 10.3.0.72;
>
>         option time-offset              -28800; # Pacific Standard Time
>         option ntp-servers              10.3.0.69, 10.4.0.40;
>         default-lease-time              21600; # 6 hours
>         max-lease-time                  43200; # 12 hours
>
>         class "pxeclients" {
>                 match if substring(option vendor-class-identifier, 0, 9) =
> "PXEClient";
>                 next-server 10.3.0.12;
>                 filename "pxelinux.0";
>                 #if not exists gpxe.bus-id {
>                 #       filename "/gpxelinux.0";
>                 #}
>         }
>
>         # Kickstart config file for 10.3.0.0/22
>         include "/etc/dhcp/includes.fremont/kickstart-10.3.0.0-22.conf";
>
>         # Static IP assignments via DHCP
>         include "/etc/dhcp/includes.fremont/static-10.3.0.0-22.conf";
>
>         # Include the iLO config file for 10.137.8.0/22
>         include "/etc/dhcp/includes.fremont/ilo-10.3.0.0-22.conf";
>
> }
>
> # VLAN 10 - Corporate - 10.5.0.0/22
> subnet 10.5.0.0 netmask 255.255.252.0 {
>         authoritative;
>         option routers                  10.5.0.1;
>         option subnet-mask              255.255.252.0;
>         option domain-name              "example.com";
>         option domain-name-servers      10.2.0.5, 10.2.0.6;
>         option netbios-name-servers     10.3.0.71, 10.3.0.72;
>
>         option time-offset              -28800; # Pacific Standard Time
>         option ntp-servers              10.3.0.69, 10.4.0.40;
>         default-lease-time              21600; # 6 hours
>         max-lease-time                  43200; # 12 hours
>
>         # Kickstart config file for 10.5.0.0/22
>         include "/etc/dhcp/includes.fremont/kickstart-10.5.0.0-22.conf";
>
>         # Static IP assignments via DHCP
>         include "/etc/dhcp/includes.fremont/static-10.5.0.0-22.conf";
>
> }
>
> The problem I am running into is that on the VLAN 52 I am getting the
> following response from dhcpd:
>
> 10:47:24.273532 IP (tos 0x0, ttl 63, id 60694, offset 0, flags [none],
> proto UDP (17), length 576)
>     10.8.0.165.bootps > 10.3.0.21.bootps: BOOTP/DHCP, Request from
> 00:50:56:aa:46:c5, length 548, hops 1, xid 0x57aa46c5, secs 4, Flags
> [Broadcast]
>           Gateway-IP 10.1.1.1
>           Client-Ethernet-Address 00:50:56:aa:46:c5
>           Vendor-rfc1048 Extensions
>             Magic Cookie 0x63825363
>             DHCP-Message Option 53, length 1: Discover
>             Parameter-Request Option 55, length 24:
>               Subnet-Mask, Time-Zone, Default-Gateway, IEN-Name-Server
>               Domain-Name-Server, RL, Hostname, BS
>               Domain-Name, SS, RP, EP
>               Vendor-Option, Server-ID, Vendor-Class, BF
>               Option 128, Option 129, Option 130, Option 131
>               Option 132, Option 133, Option 134, Option 135
>             MSZ Option 57, length 2: 1260
>             GUID Option 97, length 17:
> 0.66.42.10.5.180.105.222.121.213.164.28.115.149.149.224.89
>             ARCH Option 93, length 2: 0
>             NDI Option 94, length 3: 1.2.1
>             Vendor-Class Option 60, length 32:
> "PXEClient:Arch:00000:UNDI:002001"
> 10:47:24.273997 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP
> (17), length 328)
>     10.3.0.21.bootps > 10.1.1.1.bootps: BOOTP/DHCP, Reply, length 300,
> hops 1, xid 0x57aa46c5, secs 4, Flags [Broadcast]
>           Your-IP 10.1.1.30
>           Server-IP 10.3.0.155
>           Gateway-IP 10.1.1.1
>           Client-Ethernet-Address 00:50:56:aa:46:c5
>           file "/rhel6server-x86_64/pxelinux.0"
>           Vendor-rfc1048 Extensions
>             Magic Cookie 0x63825363
>             DHCP-Message Option 53, length 1: Offer
>             Server-ID Option 54, length 4: 10.3.0.21
>             Lease-Time Option 51, length 4: 21600
>             Subnet-Mask Option 1, length 4: 255.255.252.0
>             Time-Zone Option 2, length 4: -28800
>             Default-Gateway Option 3, length 4: 10.3.0.1
>             Domain-Name-Server Option 6, length 8: 10.2.0.5,10.2.0.6
>             Domain-Name Option 15, length 8: "autc.com"
>
> The problematic parts are:
>
>             Subnet-Mask Option 1, length 4: 255.255.252.0
>             Default-Gateway Option 3, length 4: 10.3.0.1
>
> Shouldn't this return 255.255.255.0 and 10.1.1.1 based on the above subnet
> declaration? Should the "options routers" and "options subnet-mask" be
> local to the subnet declaration?
>
> Ulf.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>

More information about the dhcp-users mailing list