a couple of match questions
Randall C Grimshaw
rgrimsha at syr.edu
Wed Sep 26 17:13:21 UTC 2012
<mailto:rgrimsha at syr.edu>
________________________________
From: dhcp-users-bounces+rgrimsha=syr.edu at lists.isc.org [dhcp-users-bounces+rgrimsha=syr.edu at lists.isc.org] on behalf of Adam Moffett [adamlists at plexicomm.net]
Sent: Wednesday, September 26, 2012 1:00 PM
To: Users of ISC DHCP
Subject: Re: a couple of match questions
2) Is it possible to match the lack of option 82 information?
eg:
class "foo" {
match if ((some condition) and (option agent.circuit-id=NULL));
...
}
On a more general note, would it be possible to make a class(A) on your "some condition" and a class(B) on the agent.circuit-id?
The question is then: can you use a more elaborate allow/deny scheme in the pools?
All coming down to:
deny B
allow A
I know this is complicated as the allow/deny rules are not immediately intuitive.
>>Maybe. Is there some big gotchya with allow/deny that makes it unintuitive? The man page sounds >>straightforward, but now you've got me worried.
One example is that it is written to be exclusive when allow is used - implicitly denying other matches... yet if you are steering users between transitional groups such as a registration portal, you do need to deny those groups or the server will happily continue renewing them. Thus it is important to architect a design and test it before promising anything to management.
Randall Grimshaw
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20120926/6d450f5e/attachment.html>
More information about the dhcp-users
mailing list