Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: migrate from remotely located to central servers
(Bill Shirley)
2. Re: migrate from remotely located to central servers
(Jason Brooks)
3. Re: migrate from remotely located to central servers
(Jason Brooks)
----------------------------------------------------------------------
Message: 1
Date: Thu, 30 Jul 2020 09:51:19 -0400
From: Bill Shirley <b...@c3po.polymerindustries.biz>
To: dhcp-users@lists.isc.org
Subject: Re: migrate from remotely located to central servers
Message-ID:
<f2cff9b6-843a-f4a0-8912-5d4cbd3ba...@c3po.polymerindustries.biz>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
ISC documentation: https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcp-options
Looks like your domain-name-servers option is incorrect:
option domain-name-servers 8.8.8.8, *8.8*.4.4;
Add this to your log statement to see the options requested:
??? "? ReqOpt:", pick-first-value(binary-to-ascii(10, 8, ",", option
dhcp-parameter-request-list), "(none)"),
Make sure the client is requesting option 66.? BTW, if the dhcpd encounters a
null
in the log text, it will truncate the rest of the line.? That's why I use
'pick-first-value' a lot.
If it's not requesting option 66, you might try forcing the option.? I've never
used this:
if exists dhcp-parameter-request-list {
# Always send the local-pac-server (252) option (specified in hexadecimal, ie:
252 = 0xfc)
??? option dhcp-parameter-request-list = concat(option
dhcp-parameter-request-list, fc);
}
I have used this to replace the entire requested option list:
option dhcp-parameter-request-list = 01: 03: 06: 0c: 0f: 1c: 2a;
Bill
On 7/29/2020 7:45 PM, Jason Brooks wrote:
> Hello Bill,
>
> At first I didn't understand, but now I do. Once I defined the pool
> denying?class members, I was able to get ip addresses in
> the 192.168.188.range. Thanks!
>
> I began to run "dhcpd -d" and playing with the log output to see if my
> substring statements were even making sense.
>
> So with the circuit id substring statements, I wasn't comparing correctly.?
> It's not clear why 3.0.4 worked this way.? I
> needed the two bytes on the far right side of the circuit id...thus
>
> the lines:
> ? ? ?"and ( substring (option agent.circuit-id,2,2)="\x01\x2C" )"
> became:
> ? ? ?"and ( suffix ( option agent.circuit-id, 4) ="012C" )"
>
> note the use of suffix rather than substring and the lack of "\x" inside the
> double quotes.
>
> So my next issue here is in the?RegionX-BOOT-CPE-MODELx class declaration,
> tftp-server-name is not being returned. Whereas the
> boot filename is.? Why not? Based on what I found 'tftp-server-name" should
> correspond to dhcp option 66: defined in rfc2132.
>
> I have noticed that it's hard to figure out which isc dhcpd options map to
> those defined in the rfcs.? I found THIS table
> <http://www.ipamworldwide.com/ipam/isc-dhcpv4-options.html>, which helps.? Is
> there a cross-reference like this in the isc
> dhcpd docs somewhere?
>
> Enclosed is my updated, sanitized dhcpd.conf file with your suggested
> alterations and a few more of my own.
>
> Thank you thus far for your time!
>
> --jason
>
> On Wed, Jul 29, 2020 at 11:51 AM Bill Shirley
> <b...@c3po.polymerindustries.biz <mailto:b...@c3po.polymerindustries.biz>>
> wrote:
>
> So, the DISCOVER is not matching any of your classes. Define another pool
> to issue
> leases from that doesn't match any class:
> ???? pool {
> ? ? ??? deny members of "RegionX-RGMGMT-CPE-MODELx";
> ?? ? ?? deny members of "RegionX-BOOT-CPE-MODELx";
> ? ?? ?? deny members of "RegionX-INET";
>
> ??? ??? deny dynamic bootp clients;
> ??? ?? ?authoritative;
> ??? ??? range 192.168.xxx.2 192.168.xxx.15;
> ??? }
>
> This should issue a lease and trigger your 'on commit' log statement.
>
> Bill
>
>
>
>
> _______________________________________________
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200730/11fbdc4f/attachment-0001.htm>
------------------------------
Message: 2
Date: Thu, 30 Jul 2020 09:26:40 -0700
From: Jason Brooks <jasonbbro...@gmail.com>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: migrate from remotely located to central servers
Message-ID:
<CACsCLkdck=axZXYUdqpJWUdeyzbKO97Q-t=xcpzuqmh9uew...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hello Simon,
Funny you should ask. As I am constructing a test query, I didn't include
it in the request list. I didn't know that about dhcpd.
I have been basing my test queries on captured queries at my live servers,
but there haven't been any boot requests coming in, so there you have it...
Thanks!
--jason
On Thu, Jul 30, 2020 at 12:31 AM Simon Hobson <dh...@thehobsons.co.uk>
wrote:
> Jason Brooks <jasonbbro...@gmail.com> wrote:
>
> > So my next issue here is in the RegionX-BOOT-CPE-MODELx class
> declaration, tftp-server-name is not being returned. Whereas the boot
> filename is. Why not?
>
> Have you checked the option request list sent by the client ? By default,
> the server will only return options the client asks for.
>
> Simon
>
> _______________________________________________
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200730/039f9de2/attachment-0001.htm>
------------------------------
Message: 3
Date: Thu, 30 Jul 2020 09:31:10 -0700
From: Jason Brooks <jasonbbro...@gmail.com>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: migrate from remotely located to central servers
Message-ID:
<cacsclkfqmk7bdcyqnkkjvagvwwemlneuc418nfddhz407ae...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hi Bill,
I will sit down and re-read the man pages: thank you for the reminder.
good to know about the dns servers.
and thanks or the log statement suggestions.
A note from Simon Hobson had me understand that the client must ask for the
information, so I am going to re-construct my test query to see if the tftp
information comes back. But thanks for the suggestions to force options.
--jason
On Thu, Jul 30, 2020 at 6:51 AM Bill Shirley <
b...@c3po.polymerindustries.biz> wrote:
> ISC documentation:
> https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcp-options
>
> Looks like your domain-name-servers option is incorrect:
> option domain-name-servers 8.8.8.8, *8.8*.4.4;
>
> Add this to your log statement to see the options requested:
> " ReqOpt:", pick-first-value(binary-to-ascii(10, 8, ",", option
> dhcp-parameter-request-list), "(none)"),
> Make sure the client is requesting option 66. BTW, if the dhcpd
> encounters a null
> in the log text, it will truncate the rest of the line. That's why I use
> 'pick-first-value' a lot.
>
> If it's not requesting option 66, you might try forcing the option. I've
> never used this:
> if exists dhcp-parameter-request-list {
> # Always send the local-pac-server (252) option (specified in hexadecimal,
> ie: 252 = 0xfc)
> option dhcp-parameter-request-list = concat(option
> dhcp-parameter-request-list, fc);
> }
>
> I have used this to replace the entire requested option list:
> option dhcp-parameter-request-list = 01: 03: 06: 0c: 0f: 1c: 2a;
>
> Bill
> On 7/29/2020 7:45 PM, Jason Brooks wrote:
>
> Hello Bill,
>
> At first I didn't understand, but now I do. Once I defined the pool
> denying class members, I was able to get ip addresses in the
> 192.168.188.range. Thanks!
>
> I began to run "dhcpd -d" and playing with the log output to see if my
> substring statements were even making sense.
>
> So with the circuit id substring statements, I wasn't comparing
> correctly. It's not clear why 3.0.4 worked this way. I needed the two
> bytes on the far right side of the circuit id...thus
>
> the lines:
> "and ( substring (option agent.circuit-id,2,2)="\x01\x2C" )"
> became:
> "and ( suffix ( option agent.circuit-id, 4) ="012C" )"
>
> note the use of suffix rather than substring and the lack of "\x" inside
> the double quotes.
>
> So my next issue here is in the RegionX-BOOT-CPE-MODELx class declaration,
> tftp-server-name is not being returned. Whereas the boot filename is. Why
> not? Based on what I found 'tftp-server-name" should correspond to dhcp
> option 66: defined in rfc2132.
>
> I have noticed that it's hard to figure out which isc dhcpd options map to
> those defined in the rfcs. I found THIS table
> <http://www.ipamworldwide.com/ipam/isc-dhcpv4-options.html>, which
> helps. Is there a cross-reference like this in the isc dhcpd docs
> somewhere?
>
> Enclosed is my updated, sanitized dhcpd.conf file with your suggested
> alterations and a few more of my own.
>
> Thank you thus far for your time!
>
> --jason
>
> On Wed, Jul 29, 2020 at 11:51 AM Bill Shirley <
> b...@c3po.polymerindustries.biz> wrote:
>
>> So, the DISCOVER is not matching any of your classes. Define another
>> pool to issue
>> leases from that doesn't match any class:
>> pool {
>> deny members of "RegionX-RGMGMT-CPE-MODELx";
>> deny members of "RegionX-BOOT-CPE-MODELx";
>> deny members of "RegionX-INET";
>>
>> deny dynamic bootp clients;
>> authoritative;
>> range 192.168.xxx.2 192.168.xxx.15;
>> }
>>
>> This should issue a lease and trigger your 'on commit' log statement.
>>
>> Bill
>>
>>
>>
> _______________________________________________
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing
> listdhcp-us...@lists.isc.orghttps://lists.isc.org/mailman/listinfo/dhcp-users
>
> _______________________________________________
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200730/50789170/attachment.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 141, Issue 24
*******************************************
