Send dhcp-users mailing list submissions to dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit https://lists.isc.org/mailman/listinfo/dhcp-users or, via email, send a message with subject or body 'help' to dhcp-users-requ...@lists.isc.org You can reach the person managing the list at dhcp-users-ow...@lists.isc.org When replying, please edit your Subject line so it is more specific than "Re: Contents of dhcp-users digest..." Today's Topics: 1. Re: Trouble matching hardware address with class, subclass and pools (Simon Hobson) ---------------------------------------------------------------------- Message: 1 Date: Thu, 17 Dec 2020 17:38:12 +0000 From: Simon Hobson <dh...@thehobsons.co.uk> To: Users of ISC DHCP <dhcp-users@lists.isc.org> Subject: Re: Trouble matching hardware address with class, subclass and pools Message-ID: <ea3c7a83-4eea-425c-9d76-c72c9c61a...@thehobsons.co.uk> Content-Type: text/plain; charset=utf-8 Fleming, Tony <t.flem...@tcu.edu> wrote: > My configuration looks like: > Class ?Allowed? { > match pick-first-value (option dhcp-client-identifier, > hardware); > } > > Subclass ?Allowed? 1:xx:xx:xx:xx:xx:01; > > shared-network "Restricted_Net" { > authoritative; > subnet 10.56.128.0 netmask 255.255.224.0 { > pool { > allow dynamic bootp clients; > allow members of "Allowed"; > option routers 10.56.128.1; > range 10.56.128.21 10.56.159.250; > } > pool { > option routers 10.56.128.1; > range 10.56.159.251 10.56.159.254; > } > } > } > > When using the device with the Ethernet xx:xx:xx:xx:xx:01, pool > 10.56.128.21-250 (members of ?Allowed?) is never used. It always falls > through to the second pool ?10.56.159.251-254?. > > I know I am doing something dumb, but I am completely missing it. Don't worry, we've all been there. You need to deny members of "Allowed" from the second pool. Without a deny, although the client might match the class and be allowed in one range/pool/subnet/whatever - it's not automatically excluded from anything else. So if the client already had a lease (whether current or expired) in the second pool, then it will still be able to use it - and the server will offer it in preference to anything else. Also, if the client hasn't been seen before (i.e. has no previous lease) then the implementation (undocumented, not guaranteed not to change) will allocate "top down" address wise - so clients will preferentially be offered addresses in the higher numbered range until it has no "not previously used" addresses. Simon ------------------------------ Subject: Digest Footer _______________________________________________ ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. dhcp-users mailing list dhcp-users@lists.isc.org https://lists.isc.org/mailman/listinfo/dhcp-users ------------------------------ End of dhcp-users Digest, Vol 146, Issue 6 ******************************************