I've been looking at the 'Parking' system and it seems to be entirely dependent
on using OMAPI and the PF
server acting as the DHCP server for our Registration subnets. Seeing as how we
are going to have multiple registration
subnets that is not going to be pretty.
It seems to me what I need is some way of getting the PF server to populate the
local DHCPD leases file (via OMAPI)
when a DHCP-ACK comes in from the production DHCP server via the UDP_Reflector
and actioned by the pfdhcpdlistener
process (It is already able to populate and update the iplog table after all).
This way the PF server has a copy of what the production server is generating
rather sending out DHCP offers itself to
devices on the registration VLAN.
Parking could then inter-operate with OMAPI (maintained by the pfdhcpdlistener
process) rather
than the PF server itself injecting unwanted DHCP offers into the production
network. It could make
out-of-band setup a lot simpler too.
The 'Monitored' subnets would be as defined in the existing network
configuration but no DHCP options would be created for
the subnet (in the dhcpd.conf file). The only requirement for the production
DHCP server would be the UDP-Reflector process
which is easy enough to set up.
This way it would remove the requirement for the PF server to be a DHCP server
and allow the registration portal
interface to be on any subnet rather than the same subnet as the registration
clients and all that would be needed then
would be DNS based capturing (set using the production DHCP server options).
I'd love to get this working like this but I am no PERL programmer - Yet!
I have turned off parking as it is no good on our production network in its
current form.
Andrew
PS. We are using PF 6.0.2 is it any better in 6.2?
-----------------------------
Falmouth University
-----------------------------
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
