ISC DHCP Users

Is there a way to declare static hosts more smartest?

classic Classic list List threaded Threaded
9 messages Options
Vladimir Skubriev
Reply | Threaded
Open this post in threaded view
|

Is there a way to declare static hosts more smartest?

Vladimir Skubriev
Is there a way to declare static hosts more smartest?

Now I used following config strings:

...
  host callisto {
    hardware ethernet 00:25:33:44:80:55;
    fixed-address callisto;
  }

  host earth {
    hardware ethernet 14:99:88:71:77;
    fixed-address earth;
  }
...

Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?

Something like this:

...
  host callisto {
    hardware ethernet 00:25:33:44:80:55;
    fixed-address [something];
  }

  host earth {
    hardware ethernet 14:99:88:71:77;
    fixed-address [something];
  }
...

Thank you.

--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Simon Hobson
Vladimir Skubriev <[hidden email]> wrote:

> Now I used following config strings:
>
> ...
>   host callisto {
>     hardware ethernet 00:25:33:44:80:55;
>     fixed-address callisto;
>   }
> ...
>
> Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?

Sorry, I don't understand the question.

> Something like this:
>
> ...
>   host callisto {
>     hardware ethernet 00:25:33:44:80:55;
>     fixed-address [something];
>   }
>
>   host earth {
>     hardware ethernet 14:99:88:71:77;
>     fixed-address [something];
>   }
> ...

That will work, assuming that [something] represents either an IP address, or something that resolves (via DNS lookup) to an IP address.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Vladimir Skubriev
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Vladimir Skubriev
[something] same for all hosts.

So not to duplicate host hostname in fixed-address.

As you can see host declaration composed of identical blocks.




2016-05-24 13:31 GMT+03:00 Simon Hobson <[hidden email]>:
Vladimir Skubriev <[hidden email]> wrote:

> Now I used following config strings:
>
> ...
>   host callisto {
>     hardware ethernet 00:25:33:44:80:55;
>     fixed-address callisto;
>   }
> ...
>
> Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?

Sorry, I don't understand the question.

> Something like this:
>
> ...
>   host callisto {
>     hardware ethernet 00:25:33:44:80:55;
>     fixed-address [something];
>   }
>
>   host earth {
>     hardware ethernet 14:99:88:71:77;
>     fixed-address [something];
>   }
> ...

That will work, assuming that [something] represents either an IP address, or something that resolves (via DNS lookup) to an IP address.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users



--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Simon Hobson
Vladimir Skubriev <[hidden email]> wrote:

> [something] same for all hosts.
>
> So not to duplicate host hostname in fixed-address.

No, fixed address is specific to that host.

For large installations, many people keep this information in a database (part of their systems management) and have code that pulls it out and generates a text file that is then "INCLUDE"d into the main config file.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
dave c
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

dave c
In reply to this post by Vladimir Skubriev
You could drop down to something like this:

host callisto {hardware ethernet 00:25:33:44:80:55; }
{repeating for all hosts}


And in your DHCP pools you can use the directive:

     allow known hosts;

Then only those hosts whose MAC addresses are predefined via host statements will get an address
from DHCP (or from a specific pool in your subnet declarations). You could then use a dynamic
dns update from the hosts back to your DNS server (or from DHCP to your DNS server) to make the
host register itself into DNS.

Second option I can think of, you could instead of using the system's hostname for the
fixed-address, you could instead use the dotted 4 IP address and again turn on DNS update. Then
you would only have to edit the DHCP hosts file instead of having to update DNS to predefine the
hostnames -> dotted 4 IP connection and then use that hostname in the DHCP config.

Other than that, we're not sure what it is you are trying to save.

Dave



On 5/24/16 05:39, Vladimir Skubriev wrote:

> [something] same for all hosts.
>
> So not to duplicate host hostname in fixed-address.
>
> As you can see host declaration composed of identical blocks.
>
>
>
>
> 2016-05-24 13:31 GMT+03:00 Simon Hobson <[hidden email] <mailto:[hidden email]>>:
>
>     Vladimir Skubriev <[hidden email] <mailto:[hidden email]>> wrote:
>
>     > Now I used following config strings:
>     >
>     > ...
>     >   host callisto {
>     >     hardware ethernet 00:25:33:44:80:55;
>     >     fixed-address callisto;
>     >   }
>     > ...
>     >
>     > Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?
>
>     Sorry, I don't understand the question.
>
>     > Something like this:
>     >
>     > ...
>     >   host callisto {
>     >     hardware ethernet 00:25:33:44:80:55;
>     >     fixed-address [something];
>     >   }
>     >
>     >   host earth {
>     >     hardware ethernet 14:99:88:71:77;
>     >     fixed-address [something];
>     >   }
>     > ...
>
>     That will work, assuming that [something] represents either an IP address, or something that
>     resolves (via DNS lookup) to an IP address.
>     _______________________________________________
>     dhcp-users mailing list
>     [hidden email] <mailto:[hidden email]>
>     https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
>
>
> --
> Faithfully yours,
>
> CVision Lab System Administrator
> Vladimir Skubriev
>
>
>
> _______________________________________________
> dhcp-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/dhcp-users
>

--
Dave Calafrancesco
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Vladimir Skubriev
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Vladimir Skubriev
Thank you.

I don't want to use DDNS. I just got rid of it )

I want to bind host ip with ip resolved by dhcpd server from DNS.

I want to keep data about relation of host and ip address in static DNS zone. So to manually correct it, when neccessary.

To be honest my current ddns setup (you described it as second option) is not stable within a few years of operation. Errors occur frequently (YXDOMAIN, NXRRSET and so on). I have to constantly keep track of errors in syslog and manually edit zone to remove a,txt records if something is changed in the network (i.e client changed ip, not released ip an so on).

I can't find info what information is stored in txt records. It would be cool if someone suggested ))

So I was disappointed in ddns ((.

Excusme for bad english. )



2016-05-24 16:18 GMT+03:00 dave c <[hidden email]>:
You could drop down to something like this:

host callisto {hardware ethernet 00:25:33:44:80:55; }
 {repeating for all hosts}


And in your DHCP pools you can use the directive:

    allow known hosts;

Then only those hosts whose MAC addresses are predefined via host statements will get an address from DHCP (or from a specific pool in your subnet declarations). You could then use a dynamic dns update from the hosts back to your DNS server (or from DHCP to your DNS server) to make the host register itself into DNS.

Second option I can think of, you could instead of using the system's hostname for the fixed-address, you could instead use the dotted 4 IP address and again turn on DNS update. Then you would only have to edit the DHCP hosts file instead of having to update DNS to predefine the hostnames -> dotted 4 IP connection and then use that hostname in the DHCP config.

Other than that, we're not sure what it is you are trying to save.

Dave



On 5/24/16 05:39, Vladimir Skubriev wrote:
[something] same for all hosts.

So not to duplicate host hostname in fixed-address.

As you can see host declaration composed of identical blocks.




 2016-05-24 13:31 GMT+03:00 Simon Hobson <[hidden email] <mailto:[hidden email]>>:

    Vladimir Skubriev <[hidden email] <mailto:[hidden email]>> wrote:

    > Now I used following config strings:
    >
    > ...
    >   host callisto {
    >     hardware ethernet 00:25:33:44:80:55;
    >     fixed-address callisto;
    >   }
    > ...
    >
    > Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?

    Sorry, I don't understand the question.

    > Something like this:
    >
    > ...
    >   host callisto {
    >     hardware ethernet 00:25:33:44:80:55;
    >     fixed-address [something];
    >   }
    >
    >   host earth {
    >     hardware ethernet 14:99:88:71:77;
    >     fixed-address [something];
    >   }
    > ...

    That will work, assuming that [something] represents either an IP address, or something that
    resolves (via DNS lookup) to an IP address.
    _______________________________________________
    dhcp-users mailing list
     [hidden email] <mailto:[hidden email]>
    https://lists.isc.org/mailman/listinfo/dhcp-users




--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev



_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users


--
Dave Calafrancesco

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users



--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Simon Hobson

On 24 May 2016, at 14:42, Vladimir Skubriev <[hidden email]> wrote:

> I can't find info what information is stored in txt records. It would be cool if someone suggested ))

It's a hash of various bits of information - including the client and server identity. It's purpose is to make DDNS "safe".

Consider this situation. You have a server which we'll just call "server" for simplicity. A client comes along, and it's user (whether through ignorance or malice) names his client "server". Without some protection, the DHCP server would just update the A and PTR records so that the new client took over the identity of "server" - with "very inconvenient" results for your network.

To avoid this, the DHCP server generates a hash of several bits of information - which includes the identity of the DHCP server. This hash is put in a TXT record for any host it does DDNS for - allowing the server to later confirm that any records it's about to overwrite or delete were actually created by that DHCP server when it was doing updates for a client. If there isn't a matching TXT record, then it won't touch any existing records.

You'll need to look in the DHCP server code to see exactly what information goes in the TXT record, and how the hash is generated.


Had to go looking, but I knew the exact update process had been discussed before
https://lists.isc.org/pipermail/dhcp-users/2006-September/001736.html
Just didn't realise it was quite so long ago.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Vladimir Skubriev
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Vladimir Skubriev
Thank you for detailed answer.

I fully agree with you about the security

I understand about what is stored in it.

But I still do not like the DDNS ))



2016-05-24 17:28 GMT+03:00 Simon Hobson <[hidden email]>:

On 24 May 2016, at 14:42, Vladimir Skubriev <[hidden email]> wrote:

> I can't find info what information is stored in txt records. It would be cool if someone suggested ))

It's a hash of various bits of information - including the client and server identity. It's purpose is to make DDNS "safe".

Consider this situation. You have a server which we'll just call "server" for simplicity. A client comes along, and it's user (whether through ignorance or malice) names his client "server". Without some protection, the DHCP server would just update the A and PTR records so that the new client took over the identity of "server" - with "very inconvenient" results for your network.

To avoid this, the DHCP server generates a hash of several bits of information - which includes the identity of the DHCP server. This hash is put in a TXT record for any host it does DDNS for - allowing the server to later confirm that any records it's about to overwrite or delete were actually created by that DHCP server when it was doing updates for a client. If there isn't a matching TXT record, then it won't touch any existing records.

You'll need to look in the DHCP server code to see exactly what information goes in the TXT record, and how the hash is generated.


Had to go looking, but I knew the exact update process had been discussed before
https://lists.isc.org/pipermail/dhcp-users/2006-September/001736.html
Just didn't realise it was quite so long ago.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users



--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Bob Harold
Reply | Threaded
Open this post in threaded view
|

Re: Is there a way to declare static hosts more smartest?

Bob Harold
In reply to this post by Vladimir Skubriev

On Tue, May 24, 2016 at 2:51 AM, Vladimir Skubriev <[hidden email]> wrote:
Is there a way to declare static hosts more smartest?

Now I used following config strings:

...
  host callisto {
    hardware ethernet 00:25:33:44:80:55;
    fixed-address callisto;
  }

  host earth {
    hardware ethernet 14:99:88:71:77;
    fixed-address earth;
  }
...

Is there a way not to be repeated in fixed-address and declaring only host-decl-names in host [hostname] directive?

Something like this:

...
  host callisto {
    hardware ethernet 00:25:33:44:80:55;
    fixed-address [something];
  }

  host earth {
    hardware ethernet 14:99:88:71:77;
    fixed-address [something];
  }
...

Thank you.

--
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


I think the 'host' line just needs to be unique, so you could do:

 ...
  host 1 {
    hardware ethernet 00:25:33:44:80:55;
    fixed-address [something];
  }

  host 2 {
    hardware ethernet 14:99:88:71:77;
    fixed-address [something];
  }
...

or a, b, or host1, host2 (not sure if plain numbers are allowed)
The 'host' line does not need to match the 'fixed-address' line.

-- 
Bob Harold


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Free forum by Nabble Edit this page