Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Permit/deny lists and behavior (Marki)
2. Re: Permit/deny lists and behavior (perl-list)
3. Re: Permit/deny lists and behavior (perl-list)
----------------------------------------------------------------------
Message: 1
Date: Wed, 16 Nov 2022 15:15:28 +0100
From: Marki <dhcp-us...@lists.roth.lu>
To: dhcp-users@lists.isc.org
Subject: Permit/deny lists and behavior
Message-ID: <a36675d7-909f-9ed0-516d-f4c55961c...@lists.roth.lu>
Content-Type: text/plain; charset=UTF-8; format=flowed
Hello,
Maybe someone can enlighten me:
The default seems to be that
* dynamic address assignment to unknown clients is allowed ("allow
unknown-clients" is implicit) and
* at the same time static allocations are allowed as well ("allow
known-clients" is implicit).
This is kind of a contradiction to "If a pool has a permit list, then
only those clients that match specific entries on the permit list will
be eligible to be assigned addresses from the pool."
Or does that mean if I explicitly write "allow known-clients", then
unknown clients will be rejected?? Is "unknown-clients" a "list" in that
regard?
Best regards,
Marki
------------------------------
Message: 2
Date: Wed, 16 Nov 2022 11:23:51 -0500 (EST)
From: perl-list <perl-l...@network1.net>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: Permit/deny lists and behavior
Message-ID:
<125484247.62731.1668615831677.javamail.zim...@network1.net>
Content-Type: text/plain; charset=utf-8
the absence of any allow or deny keywords just means that the dhcp server does
not consider if a client is known or unknown for that subnet.
If you add allow known-clients or allow unknown-clients then the inverse
becomes true (deny known-clients and deny unknown-clients respectively).
You cannot have both an allow and a deny in the same subnet. It won't be
considered a syntax error but it also won't do what you expect.
Known clients are defined by having a host {} entry.
Unknown clients mean they have no host {} entry.
You can also allow/deny members of a class {}. These you might see multiple
allow lines like:
allow members of "class1";
allow members of "class2";
----- Original Message -----
> From: "Marki" <dhcp-us...@lists.roth.lu>
> To: "Users of ISC DHCP" <dhcp-users@lists.isc.org>
> Sent: Wednesday, November 16, 2022 9:15:28 AM
> Subject: Permit/deny lists and behavior
> Hello,
> Maybe someone can enlighten me:
> The default seems to be that
> * dynamic address assignment to unknown clients is allowed ("allow
> unknown-clients" is implicit) and
> * at the same time static allocations are allowed as well ("allow
> known-clients" is implicit).
> This is kind of a contradiction to "If a pool has a permit list, then
> only those clients that match specific entries on the permit list will
> be eligible to be assigned addresses from the pool."
> Or does that mean if I explicitly write "allow known-clients", then
> unknown clients will be rejected? Is "unknown-clients" a "list" in that
> regard?
> Best regards,
> Marki
> --
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
Message: 3
Date: Wed, 16 Nov 2022 11:27:24 -0500 (EST)
From: perl-list <perl-l...@network1.net>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: Permit/deny lists and behavior
Message-ID:
<1459986200.62749.1668616044952.javamail.zim...@network1.net>
Content-Type: text/plain; charset=utf-8
correction:
> If you add allow known-clients or allow unknown-clients then the inverse
> becomes
> true (deny known-clients and deny unknown-clients respectively).
the inverse would be: deny unknown-clients and deny known-clients respectively.
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 169, Issue 4
******************************************
