isc-dhcp option82
我有一个关于正确的isc-dhcp配置的问题。我想根据交换机端口将ip地址租赁给用户。为此,我使用DLink DES-3200系列交换机。一切运行良好,但最近我决定将特定的子网租给所有未知用户,即没有在dhcpd.conf文件中显式指定。下面是一个配置示例:# dhcpd.conf
default-lease-time 30;
max-lease-time 60;
authoritative;
log-facility local7;
option domain-name-servers 8.8.8.8;
include "/usr/local/etc/dhcpd/dhcpd.classes";
shared-network "clients"
{
subnet 10.5.20.0 netmask 255.255.255.0 {}
include "/usr/local/etc/dhcpd/dhcpd.networks";
}dhcpd.classes
class "10.5.20.4_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); }
class "10.5.20.4_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); }
class "10.5.20.2_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); }
class "10.5.20.2_3" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "3" ); }
class "10.5.20.2_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); }
class "10.5.20.2_4" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "4" ); }dhcpd.networks
subnet 172.30.20.0 netmask 255.255.255.0
{
option subnet-mask 255.255.255.0;
option routers 172.30.20.1;
pool {range 172.30.20.3; allow members of "10.5.20.4_2"; }
pool {range 172.30.20.2; allow members of "10.5.20.4_1"; }
}
subnet 172.30.160.0 netmask 255.255.255.0
{
option subnet-mask 255.255.255.0;
option routers 172.30.160.1;
pool {range 172.30.160.3; allow members of "10.5.20.2_1"; }
pool {range 172.30.160.4; allow members of "10.5.20.2_3"; }
pool {range 172.30.160.10; allow members of "10.5.20.2_2"; }
pool {range 172.30.160.12; allow members of "10.5.20.2_4"; }
}因此,如果添加add,比方说:
subnet 172.20.111.0 netmask 255.255.255.0 {
option routers 172.20.111.1;
max-lease-time 60;
min-lease-time 30;
range 172.20.111.10 172.20.111.20 ;
}在dhcpd.networks文件的末尾(我将其包含在共享-网络‘客户端’子句中,请参见上文),我的所有客户端都开始从172.20.111.0范围内获取ip地址,不管它们是否有为其端口指定的类。
是否有办法使dhcpd服务器首先查看类声明,然后查看子网?
回答 3
Server Fault用户
发布于 2012-06-01 12:08:50
在阅读man dhcpd.conf并四处游玩之后,我通过对我的dhcpd.networks文件进行以下修改,成功地实现了我的目标:
subnet 172.20.111.0 netmask 255.255.255.0 {
pool {
option routers 172.20.111.1;
max-lease-time 60;
min-lease-time 30;
range 172.20.111.10 172.20.111.20 ;
deny members of "10.5.20.4_1";
deny members of "10.5.20.4_2";
deny members of "10.5.20.2_1";
# .... etc
}}
现在它的工作方式是我想要的,虽然我不确定它是否能很好地扩展。
Server Fault用户
发布于 2012-05-29 13:40:20
您可以在dhcpd.conf文件的末尾添加新的子网。您需要将其添加到shared-network中,否则dhcpd将不会将这些网络视为替代方案。
Server Fault用户
发布于 2014-10-15 09:17:50
只是对这个旧的但仍然有效的线程的一个补充。它简化了子网部分,但每个固定IP增加一行。
class "FastIP"{
match pick-first-value (option agent.circuit-id);
}同以前一样:
class "IP-10.1.2.3" {
match if option agent.circuit-id = "YourOp82Value";
}为每个Op82值添加以下内容,将固定IP客户从自由池中排除在外:子类"FixedIP“"YourOp82Value";
在子网中:
deny members of "FixedIP";
pool {
allow members of "IP-10.1.2.3" ;
range 10.1.2.3 10.1.2.3;
}这样,您就不必用大量的拒绝行拥挤子网部分。一个就行了。
https://serverfault.com/questions/393547
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号