I have a question about correct isc-dhcp configuration.
I want to lease ip addresses to users based on switch port. For this I use DLink DES-3200 series switches. Everything works well, but recently I've decided to lease particular subnet to all unknown user, i.e. not explicitly specified in dhcpd.conf file.
Here is a config example:
# dhcpd.conf
default-lease-time 30;
max-lease-time 60;
authoritative;
log-facility local7;
option domain-name-servers 8.8.8.8;
include "/usr/local/etc/dhcpd/dhcpd.classes";
shared-network "clients"
{
subnet 10.5.20.0 netmask 255.255.255.0 {}
include "/usr/local/etc/dhcpd/dhcpd.networks";
}
dhcpd.classes
class "10.5.20.4_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); }
class "10.5.20.4_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); }
class "10.5.20.2_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); }
class "10.5.20.2_3" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "3" ); }
class "10.5.20.2_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); }
class "10.5.20.2_4" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "4" ); }
dhcpd.networks
subnet 172.30.20.0 netmask 255.255.255.0
{
option subnet-mask 255.255.255.0;
option routers 172.30.20.1;
pool {range 172.30.20.3; allow members of "10.5.20.4_2"; }
pool {range 172.30.20.2; allow members of "10.5.20.4_1"; }
}
subnet 172.30.160.0 netmask 255.255.255.0
{
option subnet-mask 255.255.255.0;
option routers 172.30.160.1;
pool {range 172.30.160.3; allow members of "10.5.20.2_1"; }
pool {range 172.30.160.4; allow members of "10.5.20.2_3"; }
pool {range 172.30.160.10; allow members of "10.5.20.2_2"; }
pool {range 172.30.160.12; allow members of "10.5.20.2_4"; }
}
So if add add let's say:
subnet 172.20.111.0 netmask 255.255.255.0 {
option routers 172.20.111.1;
max-lease-time 60;
min-lease-time 30;
range 172.20.111.10 172.20.111.20 ;
}
at the end of dhcpd.networks file (which I include into shared-network 'clients' clause, see above), all my clients start getting ip addresses from 172.20.111.0 range, regardless if they have a class specified for their port.
Is there a way to make dhcpd server first look at class declarations and then subnet ?
Best Answer
You write that you added the new subnet at the end of the dhcpd.conf file. You need to add it to the
shared-network
, otherwise dhcpd will not consider these networks as alternatives.