Find the answer to your Linux question:
Results 1 to 2 of 2
I am trying to get my dhcp server to issue IPs based on Option 82 information. I have tried several match statements without success. My dhcp config loads fine. Included ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2009
    Posts
    2

    DHCPD match option remote.agent-id


    I am trying to get my dhcp server to issue IPs based on Option 82 information. I have tried several match statements without success. My dhcp config loads fine. Included is a tcpdump header outlining the Option 82 information being sent by the requesting device. As you can see it includes agent.circuit-ID (suboption 1) and unknown (suboption 2) which is the agent.remote-ID.

    Since there is no match to the class statements my end device is pulling an IP out of the base pool. I can look up the IP pulled in the dhcpd.leases file shows both agent.circuit-ID and agent.remote-ID as the following MAC addresses:
    agent.circuit-ID 00:01:AA:01:B7:78
    agent.remote-ID 00:A0:0A:C4:CC:76

    I am would like to match the agent.remote-id, I just put the other in the subclass for a test. If anyone can show me how to match the patcket header I would greatly appreciate it.

    class "Pool1" {
    match option agent.remote-id ;
    }
    subclass "Pool1" 00:01:AA:01:B7:78;
    subclass "Pool1" 00:A0:0A:C4:CC:76;

    class "Pool2" {
    match substring (option agent.remote-id,2,6);
    }
    subclass "Pool2" 00:A0:0A:C4:CC:76;


    shared-network Public {

    subnet 64.71.222.0 netmask 255.255.254.0 {
    authoritative;
    option routers 64.71.222.1;
    option subnet-mask 255.255.254.0;
    option domain-name-servers 64.71.218.3,64.71.219.3;
    range dynamic-bootp 64.71.222.3 64.71.222.254;
    range dynamic-bootp 64.71.223.3 64.71.223.254;
    default-lease-time 21600;
    max-lease-time 43200;
    }

    subnet 24.248.109.192 netmask 255.255.255.224 {
    # DHCP Pool1
    pool {
    allow members of "Pool1";
    range 24.248.109.194 24.248.109.222;
    option routers 24.248.109.193;
    option subnet-mask 255.255.255.224;
    option domain-name-servers 64.71.218.3,64.71.219.3;
    default-lease-time 600;
    max-lease-time 600;
    }
    }

    subnet 24.248.109.224 netmask 255.255.255.224 {
    # DHCP Pool2
    pool {
    allow members of "Pool2";
    range 24.248.109.226 24.248.109.254;
    option routers 24.248.109.225;
    option subnet-mask 255.255.255.224;
    option domain-name-servers 64.71.218.3,64.71.219.3;
    default-lease-time 600;
    max-lease-time 600;
    }
    }
    }

    tcpdump:
    Agent-Information Option 82, length 38:
    Circuit-ID SubOption 1, length 17: 00:01:AA:01:B7:78
    Unknown SubOption 2, length 17:
    0x0000: 3030 3a41 303a 3041 3a43 343a 4343 3a37
    0x0010: 36
    0x0000: 4500 017d 1413 0000 8011 255e 0000 0000 E..}......%^....
    0x0010: ffff ffff 0044 0043 0169 f3f2 0101 0600 .....D.C.i......
    0x0020: b598 79f9 0000 0000 0000 0000 0000 0000 ..y.............
    0x0030: 0000 0000 0000 0000 0019 b958 da2c 0000 ...........X.,..
    0x0040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0070: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0080: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0090: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x00f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
    0x0100: 0000 0000 0000 0000 6382 5363 3501 033d ........c.Sc5..=
    0x0110: 0701 0019 b958 da2c 3204 4047 dffe 3604 .....X.,2.@G..6.
    0x0120: 4047 da10 0c06 4477 6967 6874 510a 0000 @G....DwightQ...
    0x0130: 0044 7769 6768 742e 3c08 4d53 4654 2035 .Dwight.<.MSFT.5
    0x0140: 2e30 370b 010f 0306 2c2e 2f1f 21f9 2b2b .07.....,./.!.++
    0x0150: 03dc 0100 5226 0111 3030 3a30 313a 4141 ....R&..00:01:AA
    0x0160: 3a30 313a 4237 3a37 3802 1130 303a 4130 :01:B7:78..00:A0
    0x0170: 3a30 413a 4334 3a43 433a 3736 ff :0A:C4:CC:76.


    dhcpd.leases file:
    lease 64.71.222.247 {
    starts 3 2009/02/04 20:12:32;
    ends 4 2009/02/05 02:12:32;
    binding state active;
    next binding state free;
    hardware ethernet 00:19:b9:58:da:2c;
    uid "\001\000\031\271X\332,";
    option agent.circuit-id "00:01:AA:01:B7:78";
    option agent.remote-id "00:A0:0A:C4:CC:76";

    Thanks,

  2. #2
    Just Joined!
    Join Date
    Feb 2009
    Posts
    2
    In case anyone else is trying to do this I thought I would post the solution. It was operator error as usual. I had it right on several attempts but as I had already pulled an IP from the base pool it was giving me the same IP back per the leases file instead of using the classes I had created. After optioning out the base pool ranges it finally worked. I further modified the base pool to deny classed requests.

    Working config:

    class "Pool1" {
    match option agent.remote-id;
    }

    subclass "Pool1" "00:A0:0A:C4:CC:76";
    # subclass "Pool1" "00:A0:0A:C5:E6:B4";

    class "Pool2" {
    match option agent.remote-id;
    }

    # subclass "Pool2" "00:A0:0A:C4:CC:76";
    subclass "Pool2" "00:A0:0A:C5:E6:B4";


    shared-network Public {

    subnet 64.71.222.0 netmask 255.255.254.0 {

    pool {
    deny members of "Pool1";
    deny members of "Pool2";
    option routers 64.71.222.1;
    option subnet-mask 255.255.254.0;
    option domain-name-servers 64.71.218.3, 64.71.219.3;
    range dynamic-bootp 64.71.222.3 64.71.222.254;
    range dynamic-bootp 64.71.223.3 64.71.223.254;
    default-lease-time 21600;
    max-lease-time 43200;
    }
    }

    subnet 24.248.109.192 netmask 255.255.255.224 {
    pool {
    allow members of "Pool1";
    range 24.248.109.194 24.248.109.222;
    option routers 24.248.109.193;
    option subnet-mask 255.255.255.224;
    option domain-name-servers 64.71.218.3,64.71.219.3;
    default-lease-time 21600;
    max-lease-time 43200;
    }
    }

    subnet 24.248.109.224 netmask 255.255.255.224 {
    pool {
    allow members of "Pool2";
    range 24.248.109.226 24.248.109.254;
    option routers 24.248.109.225;
    option subnet-mask 255.255.255.224;
    option domain-name-servers 64.71.218.3,64.71.219.3;
    default-lease-time 21600;
    max-lease-time 43200;
    }
    }
    }
    }

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •