matchstring in dhcpd

Steve Alligood steve at betterlinux.com
Thu Sep 5 10:03:54 MDT 2013


Yes, you can set them all up as a class if you want to, though on a small network, I would do individual host assignments as has been suggested by Lonnie.

There are other things to match on in the vendor list, but that will really depend on what the client sends, and most of the vendor stuff is completely optional.

-Steve


class "fax-sips" {
 match if ( substring (hardware, 1, 3) = 00:40:36)
;}
class "not-cisco-phones" {
 match if ( substring (hardware, 1, 6) = 00:08:21:0c:3b:f3)
;}
class "cisco-phones" {
 match if ((substring (hardware, 1, 3) = 00:03:E3) or
        (substring (hardware, 1, 3) = 00:02:B9) or
        (substring (hardware, 1, 3) = 00:02:FD) or
        (substring (hardware, 1, 3) = 00:0D:BC) or
        ((substring (hardware, 1, 3) = 00:0D:BD) and (substring (hardware, 1, 6) != 00:0D:BD:12:AB:CD)) or
        (substring (hardware, 1, 3) = 00:0E:38) or
        (substring (hardware, 1, 3) = 00:30:94))
;}

subnet 10.10.0.0 netmask 255.255.224.0 {
       <snip>
                option routers                  10.10.0.1;
                option domain-name-servers      8.8.8.8;
                option tftp-server              1.2.3.4;
                option ntp-servers              10.10.0.1;
                option time-servers             10.10.0.1;
                option subnet-mask              255.255.240.0;
                next-server                     10.10.0.1;
        pool {
		allow members of "cisco-phones";
                range dynamic-bootp 10.10.1.10 10.10.1.50;
        }
        pool {
		allow members of "fax-sips";
                range dynamic-bootp 10.10.2.10 10.10.2.50;
        }
}



On Sep 5, 2013, at 9:47 AM, Lonnie Olson wrote:

> You can use functions like matchstring to apply different options to a
> class of devices.  One similar example I use is for my VoIP phones.
> It matches on the vendor part of the MAC address to identify which
> devices are phones.
> 
> ## Setup Phone options
> if binary-to-ascii(16,8,"-",substring(hardware,1,3)) = "8-0-f" {
>  option phone-tftp-server 10.49.2.21;
>  option phone-rtc-address 10.49.2.21;
>  option phone-dhcp-server "MITEL IP PHONE";
>  option phone-Vlan-ID 0x14;
>  option phone-qos-priority 0x6;
> }
> 
> Your example however seems tied directly to a specific device instead
> of a class of devices.  This is much easier and more clean to specify
> using a specific host stanza like this:
> 
> host pinky {
>  hardware ethernet b8:27:eb:4e:a9:9a;
>  fixed-address 10.49.220.45;
> }
> 
> Just put one of these host stanzas inside your subnet stanza to assign
> a specific IP (or any other DHCP options) to a specific device.  You
> can have as many of these as you want.  I would suggest picking IP
> addresses for these that are outside of the dynamic range, as well.
> 
> 
> On Thu, Sep 5, 2013 at 1:25 AM, Dan Egli <ddavidegli at gmail.com> wrote:
>> Hey all, here's a quick one. Does anyone know a list of strings that the
>> dhcpd matchstring function can parse? I know that a common thing is
>> searching for the PXE identifier: matchstring(option,
>> vendor-class-identifier, 0, 9) = "PXEClient", but besides
>> vendor-class-identifier what can I match against? I'm wondering if there's
>> a way I could setup a specific Class of machine, so that if, for example,
>> the DHCP client is the computer in my front room it gets an IP in one range
>> where as if it's a computer in the back of the house it gets an IP from a
>> whole different range (either different subnet, or different portion of the
>> same subnet). I'd rather not have to use multiple network adapters to
>> accomplish this and matchstring looks like it could be the answer, but I
>> don't know what else I can match against besides vendor-class-identifier.
>> Really great would be if I could somehow match a model number of the
>> motherboard or network adapter. Either a list, or just a URL where I could
>> find such a list is most welcome.
>> 
>> 
>> 
>> Thanks!
>> 
>> 
>> --- Dan
>> 
>> /*
>> PLUG: http://plug.org, #utah on irc.freenode.net
>> Unsubscribe: http://plug.org/mailman/options/plug
>> Don't fear the penguin.
>> */
> 
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */



More information about the PLUG mailing list