ISC DHCP Users

Change dhcp-client-identifier

Classic

List

Threaded

2 messages Options

thomas.zenz@oenb.at

Change dhcp-client-identifier

Dear all,

We are running isc dhcp for years now.
In the last weeks the count of vpn clients is growing. We only planned a
/24 network. That would be ok if there wasn't the cisco logic of
creating the dhcp-client-identifier. Cisco takes his own Mac-address,
adds the PCName and here comes the problem, a random number...
So my Client uses 17 Leases!
I reduced the lease-time to 1h but still, if a usere reconnects 3 times
in one hour, it uses 3 addreses.

uid "\000cisco-881d.fc6f.affe-NB326973851-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973852-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973857-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973858-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973861-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973863-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973848-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973850-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973853-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973854-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973873-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973859-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973865-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973866-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973868-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973869-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973870-inside\000";

I tried to change the uid like this:
on commit {
set myClientID = pick (option dhcp-client-identifier,0);
log (info, concat ("ClientID: ",myClientID));
but it looks like the option is no string...
(from the log)
dhcpd: ClientID: HPs2,
dhcpd: ClientID: HPs2,
dhcpd: ClientID: fÚAi
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: lbmw&
dhcpd: ClientID: lbmw&
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPs3T
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: HPs\
dhcpd: ClientID: HPs\

I tried to do it like this:
if (binary-to-ascii(10,8,".",packet(24,3)) = "192.168.1" ) {
set vpnClientID = concat(substring(myClientID,26,6),"-inside");
set dhcp-client-identifier = vpnClientID;
log (info, concat ("vpnClientID: ",vpnClientID));
}
This is also not working. I use a similar option to choose the PXE Bootfile.

Please help
Kind Regards
Thomas

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Patrick Trapp

RE: Change dhcp-client-identifier

It sounds like something changed recently - new VPN appliance? More VPN clients?

It might be useful to include that in the conversation because it doesn't sound like ISC DHCP is the cause of the issue, just where it's become visible.

Patrick
________________________________________
From: dhcp-users [[hidden email]] on behalf of Thomas Zenz [[hidden email]]
Sent: Friday, November 18, 2016 10:22 AM
To: [hidden email]
Subject: Change dhcp-client-identifier

Dear all,

We are running isc dhcp for years now.
In the last weeks the count of vpn clients is growing. We only planned a
/24 network. That would be ok if there wasn't the cisco logic of
creating the dhcp-client-identifier. Cisco takes his own Mac-address,
adds the PCName and here comes the problem, a random number...
So my Client uses 17 Leases!
I reduced the lease-time to 1h but still, if a usere reconnects 3 times
in one hour, it uses 3 addreses.

uid "\000cisco-881d.fc6f.affe-NB326973851-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973852-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973857-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973858-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973861-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973863-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973848-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973850-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973853-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973854-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973873-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973859-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973865-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973866-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973868-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973869-inside\000";
uid "\000cisco-881d.fc6f.affe-NB326973870-inside\000";

I tried to change the uid like this:
on commit {
set myClientID = pick (option dhcp-client-identifier,0);
log (info, concat ("ClientID: ",myClientID));
but it looks like the option is no string...
(from the log)
dhcpd: ClientID: HPs2,
dhcpd: ClientID: HPs2,
dhcpd: ClientID: fÚAi
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: lbmw&
dhcpd: ClientID: lbmw&
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPsY
dhcpd: ClientID: HPs3T
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: HPsW¬
dhcpd: ClientID: HPs\
dhcpd: ClientID: HPs\

I tried to do it like this:
if (binary-to-ascii(10,8,".",packet(24,3)) = "192.168.1" ) {
set vpnClientID = concat(substring(myClientID,26,6),"-inside");
set dhcp-client-identifier = vpnClientID;
log (info, concat ("vpnClientID: ",vpnClientID));
}
This is also not working. I use a similar option to choose the PXE Bootfile.

Please help
Kind Regards
Thomas

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users