ISC DHCP ... dhcpd -6 and known clients

perl-list perl-list at network1.net
Fri Nov 18 20:49:31 UTC 2016 

The answer was that I totally missed pool6 {} being a thing in the man pages. So .. this works: 

shared-network SomeNetwork { 
subnet6 2001:0:50:e8::/64 { 
pool6 { 
range6 2001:0:50:e8::1 2001:0:50:e8:7fff:ffff:ffff:fffe; 
prefix6 2001:0:58:: 2001:0:59:: /48; 
min-lease-time 600; 
preferred-lifetime 600; 
default-lease-time 600; 
max-lease-time 600; 
deny unknown-clients; 
} 
} 
} 

host SomeClient { 

host-identifier option dhcp6.client-id 00:01:00:01:1d:52:eb:58:fc:c5:d5:34:ae:e0; 

} 

to allow only certain clients to get an address. 

> From: "Darren Ankney" <perl-list at network1.net>
> To: dhcp-users at lists.isc.org
> Sent: Thursday, November 17, 2016 4:07:48 PM
> Subject: ISC DHCP ... dhcpd -6 and known clients

> Folks,

> Is it not yet possible to allow/deny unkown clients in DHCPv6?

> In dhcpd for DHCPv4, it is possible to do something like this:
> ---
> shared-network SomeNetwork {
> subnet 10.0.0.0 netmask 255.255.255.0 {
> pool {
> range 10.0.0.2 10.0.0.254;
> deny unknown clients;
> }
> }
> subnet 10.160.0.0 netmask 255.255.255.0 {
> pool {
> range 10.160.0.2 10.160.0.254;
> }
> }
> }

> host SomeHost { hardware ethernet 00:01:02:03:04:05; }

> ---

> With the above config, the specified host of 00:01:02:03:04:05 would get an
> address out of the 10.0.0.0/24 range while a non-specified host of
> 00:10:20:30:40:50 would get an address out of 10.160.0.0/24

> Trying something similar in DHCPv6 (dhcpd -6) does not seem to produce the same
> behavior:

> ---

> shared-network FNGipv6Test {

> subnet6 2001:0:50:e8::/64 {

> range6 2001:0:50:e8::1 2001:0:50:e8:7fff:ffff:ffff:fffe;

> prefix6 2001:0:58:: 2001:0:59:: /48;

> min-lease-time 600;

> preferred-lifetime 600;

> default-lease-time 600;

> max-lease-time 600;

> deny unknown-clients;

> }

> }
> ---

> with no hosts defined, everyone can get an address. The first thing I noticed
> was that using 'deny unknown clients;' produced a config error:
> ---
> /etc/dhcpd6.conf line 9: expecting allow/deny key
> deny unknown
> ^
> ---

> but did not produce an error when specified as 'deny unknown-clients;'. It did
> not, however, deny clients. All clients were able to get addresses and prefix
> delegations with no problems despite having no declarations in the config
> causing them to be 'known'.

> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20161118/bcdd9473/attachment-0001.html>

More information about the dhcp-users mailing list