Restricting leases

Simon Hobson dhcp1 at thehobsons.co.uk
Thu Jan 29 21:26:46 UTC 2015


Everyone has to start somewhere ! If you want background reading, the "bible" is generally considered to be "The DHCP Handbook" by Ted Lemon and Ralph Droms, it covers the history, why, and how - though probably in much more detail than you need.

But, to expand on what Jason said, here are a few pointers :
1) You'll want to define a pool with appropriate "allow" conditions.
Don't try and mix allow and deny - it generally doesn't work as people expect !
If you have any allow statements, then anything not expressly allowed will be denied - and vice versa if you use a deny statement. You can use multiple allow statements which may well suit your needs.

2) If you simply want to permit every device with a particular OUI then you could use a class with a "match if" statement along the lines of "substring(hardware,1,3)=xx:yy:zz" (note that byte 0 of hardware will be 1 for an ethernet network and the MAC address is bytes 1 through 6).

If there are a lot of OUIs, then you could subclasses matching on the substring - I think. That would be "cleaner" and more efficient than multiple classes or a class with a long "if condition or condition or condition ...)" clause.

3) For the tech workstations, you could either use a class as above. Alternatively you could use a number of host statements and an "allow known hosts" in the pool. Note that hosts should be defined in the global scope (as should classes) - they are global in scope even if declared elsewhere which can cause some "interesting" inheritance problems.



More information about the dhcp-users mailing list