Hello,
I’m trying to find the appropriate logic to allow both Option 82 based static allocations to mix with dynamic allocations.
Right now, my setup looks like so and it works just fine. Nice and simple for dynamic allocations.
class “rgw01.lab” {
match if (substring(option agent.remote-id,2,9) = "rgw01.lab");
spawn with option agent.circuit-id;
}
shared-network RGW01_LAB-RESI_INET {
default-lease-time 180;
option ip-forwarding off;
subnet 192.168.63.192 netmask 255.255.255.248 {
option dhcp-server-identifier 192.168.63.193;
option routers 192.168.63.193;
pool {
allow members of "rgw01.lab";
range 192.168.63.194 192.168.63.198;
failover peer "failover";
}
}
}
shared-network blah {
subnet 1.1.1.0 netmask 255.255.255.0 {
pool{
allow members of "rgw01.lab”;
range 1.1.1.2 1.1.1.254
}
}
}
shared-network blah {
subnet 2.2.2.0 netmask 255.255.255.0 {
pool{
allow members of "rgw01.lab”;
range 2.2.2.2 2.2.2.254
}
}
}
Now, I have a requirement to add static allocations to this as well. I drew up a config, but I believe there is a logic conflict because technically a match for class “CustomerOnPort2/1” is also a match for class "rgw01.lab”, so a request that I intended to be managed by subnet 10.0.0.0 could very well be managed by subnet 192.168.63.192 instead.
Does anyone have any clues on what DHCP hooks I might be able to employ here in a simple and elegant way to remove this conflict, thus having the client managed from the intended pool?
My hope is that the solution can be much simpler and more elegant than having to add a 'ignore (or deny) members of CustomerOnPortX/X’ for each of those customer classes to the pool that allows members of “rgw01.lab”.
Here’s what I drew up..
class “CustomerOnPort2/1" {
match if (substring(option agent.remote-id,2,9) = "rgw01.lab") and
binary-to-ascii (10, 8, "", suffix ( option agent.circuit-id, 2)) = "21";
spawn with option agent.circuit-id;
}
class “CustomerOnPort2/2” {
match if (substring(option agent.remote-id,2,9) = "rgw01.lab") and
binary-to-ascii (10, 8, "", suffix ( option agent.circuit-id, 2)) = "22";
spawn with option agent.circuit-id;
}
class “rgw01.lab” {
match if (substring(option agent.remote-id,2,9) = "rgw01.lab");
spawn with option agent.circuit-id;
}
shared-network RGW01_LAB-RESI_INET {
default-lease-time 180;
option ip-forwarding off;
subnet 192.168.63.192 netmask 255.255.255.248 {
option dhcp-server-identifier 192.168.63.193;
option routers 192.168.63.193;
pool {
allow members of "rgw01.lab";
range 192.168.63.194 192.168.63.198;
failover peer "failover";
}
subnet 10.0.0.0 netmask 255.255.255.0 {
option dhcp-server-identifier 10.0.0.1;
option routers 10.0.0.1;
pool { range 10.0.0.2; allow members of "CustomerOnPort2/1"; }
pool { range 10.0.0.3; allow members of “CustomerOnPort2/2"; }
}
}
shared-network blah {
subnet 1.1.1.0 netmask 255.255.255.0 {
pool{
allow members of "rgw01.lab”;
range 1.1.1.2 1.1.1.254
}
}
}
shared-network blah {
subnet 2.2.2.0 netmask 255.255.255.0 {
pool{
allow members of "rgw01.lab”;
range 2.2.2.2 2.2.2.254
}
}
}
I trust this makes sense, and that I provided an appropriate amount of problem description and supporting work.
Thanks much in advance for your consideration.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Locked
