Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. migrate from remotely located to central servers (Jason Brooks)
2. Re: migrate from remotely located to central servers
(Bill Shirley)
3. Re: migrate from remotely located to central servers
(Jason Brooks)
----------------------------------------------------------------------
Message: 1
Date: Wed, 29 Jul 2020 09:35:26 -0700
From: Jason Brooks <jasonbbro...@gmail.com>
To: dhcp-users@lists.isc.org
Subject: migrate from remotely located to central servers
Message-ID:
<CACsCLkfNgy=8WucvaUEg-=tW_is=_urD2BrmudjMu7VaT=j...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hello,
I am having trouble relocating and upgrading a number of dhcp servers. I
am upgrading from solaris running dhcpd 3.0.4 to centos 7's dhcp 4.2.5-77.
The problem: when I test the config on the new dhcp servers, I get the
following error: "No free leases".
As I am still testing, I have not copied the leases thus it is not clear
why there would be no free leases.
As I have no lab equipment to test against, I am generating similar
queries using the dhtest
<https://sargandh.wordpress.com/2012/02/23/linux-dhcp-client-simulation-tool/>tool.
I started with a packet capture on the live dhcp servers and constructed a
dhcp discovery packet based on it. I have also started small, with the
smallest configuration possible that should still work.
The queries originate from DSL customer premises equipment (CPE), and are
forwarded by a dsl shelf manager. The relevant fields in the forwarded
queries are as follows:
giaddr: <management ip of dsl shelf> (Please note this is NOT the ip
address facing the CPE)
chaddr: <mac of CPE>
option 82.1: circuit id
option 82.2: remote id
option 60: vendor class identifier (only on boot and management classes)
The current live system is running 8 pairs of dhcp servers in different
regions. They have been successfully running for more than 8 years. At
last count there are about 440,000 active leases.
I am attempting to build a pair of centrally located servers. I am not
trying to do HA yet.
I am including a sanitized dhcpd.conf file for you to look at.
Thank you all for your time!
--jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200729/054780ac/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sanitized-dhcpd.conf
Type: application/octet-stream
Size: 4038 bytes
Desc: not available
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200729/054780ac/attachment-0001.obj>
------------------------------
Message: 2
Date: Wed, 29 Jul 2020 14:51:35 -0400
From: Bill Shirley <b...@c3po.polymerindustries.biz>
To: dhcp-users@lists.isc.org
Subject: Re: migrate from remotely located to central servers
Message-ID:
<63f2ff52-7b99-e2e5-3ff9-f8d3b20a1...@c3po.polymerindustries.biz>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
So, the DISCOVER is not matching any of your classes.? Define another pool to
issue
leases from that doesn't match any class:
???? pool {
? ? ??? deny members of "RegionX-RGMGMT-CPE-MODELx";
?? ? ?? deny members of "RegionX-BOOT-CPE-MODELx";
? ?? ?? deny members of "RegionX-INET";
??? ??? deny dynamic bootp clients;
??? ?? ?authoritative;
??? ??? range 192.168.xxx.2 192.168.xxx.15;
??? }
This should issue a lease and trigger your 'on commit' log statement.
Bill
On 7/29/2020 12:35 PM, Jason Brooks wrote:
> Hello,
>
> I am having trouble relocating and upgrading a number of dhcp servers.? I am
> upgrading from solaris running dhcpd 3.0.4 to
> centos 7's dhcp 4.2.5-77.
>
> The problem: when I test the config on the new dhcp servers, I get the
> following error: "No free leases".
>
> As I am still testing, I have not copied the leases thus it is not clear why
> there would?be no free leases.
>
> As I have no lab equipment to test against,? I am generating similar queries
> using the dhtest
> <https://sargandh.wordpress.com/2012/02/23/linux-dhcp-client-simulation-tool/>tool.?
> I started with a packet capture on the
> live dhcp servers and constructed a dhcp discovery packet based on it.? I
> have also started small, with the smallest
> configuration possible that should still work.
>
> The queries originate from DSL customer premises equipment (CPE), and are
> forwarded by a dsl shelf manager.? The
> relevant?fields in the forwarded queries are as follows:
> giaddr: <management ip of dsl shelf>? (Please note this is NOT the ip address
> facing the CPE)
> chaddr: <mac of CPE>
> option 82.1: circuit id
> option 82.2: remote id
> option 60: vendor class identifier (only on boot and management classes)
>
> The current live system is running 8 pairs of dhcp servers in different
> regions.? They have been successfully running for more
> than 8 years.? At last count there are about 440,000 active leases.
>
> I am attempting to build a pair of centrally located servers.? I am not
> trying to do HA yet.
>
> I am including a sanitized dhcpd.conf file for you to look at.
>
> Thank you all for your time!
>
> --jason
>
> _______________________________________________
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200729/672a73d8/attachment-0001.htm>
------------------------------
Message: 3
Date: Wed, 29 Jul 2020 16:45:15 -0700
From: Jason Brooks <jasonbbro...@gmail.com>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: migrate from remotely located to central servers
Message-ID:
<CACsCLkdKZknzn0SdU29AX=kte85kpj2gw1vm59yvfskk9uw...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hello Bill,
At first I didn't understand, but now I do. Once I defined the pool
denying class members, I was able to get ip addresses in the
192.168.188.range. Thanks!
I began to run "dhcpd -d" and playing with the log output to see if my
substring statements were even making sense.
So with the circuit id substring statements, I wasn't comparing correctly.
It's not clear why 3.0.4 worked this way. I needed the two bytes on the
far right side of the circuit id...thus
the lines:
"and ( substring (option agent.circuit-id,2,2)="\x01\x2C" )"
became:
"and ( suffix ( option agent.circuit-id, 4) ="012C" )"
note the use of suffix rather than substring and the lack of "\x" inside
the double quotes.
So my next issue here is in the RegionX-BOOT-CPE-MODELx class declaration,
tftp-server-name is not being returned. Whereas the boot filename is. Why
not? Based on what I found 'tftp-server-name" should correspond to dhcp
option 66: defined in rfc2132.
I have noticed that it's hard to figure out which isc dhcpd options map to
those defined in the rfcs. I found THIS table
<http://www.ipamworldwide.com/ipam/isc-dhcpv4-options.html>, which helps.
Is there a cross-reference like this in the isc dhcpd docs somewhere?
Enclosed is my updated, sanitized dhcpd.conf file with your suggested
alterations and a few more of my own.
Thank you thus far for your time!
--jason
On Wed, Jul 29, 2020 at 11:51 AM Bill Shirley <
b...@c3po.polymerindustries.biz> wrote:
> So, the DISCOVER is not matching any of your classes. Define another pool
> to issue
> leases from that doesn't match any class:
> pool {
> deny members of "RegionX-RGMGMT-CPE-MODELx";
> deny members of "RegionX-BOOT-CPE-MODELx";
> deny members of "RegionX-INET";
>
> deny dynamic bootp clients;
> authoritative;
> range 192.168.xxx.2 192.168.xxx.15;
> }
>
> This should issue a lease and trigger your 'on commit' log statement.
>
> Bill
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200729/5ad05676/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sanitized-dhcpd.conf
Type: application/octet-stream
Size: 4640 bytes
Desc: not available
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200729/5ad05676/attachment.obj>
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 141, Issue 22
*******************************************
