How do I assign hosts to classes in ISC DHCPD?

isc-dhcp dhcpd

Suppose I have a bunch of hosts set up like this:

host host2 { hardware ethernet 10:bf:48:xx:xx:xx; fixed-address 192.168.1.2; }
host host3 { hardware ethernet 10:bf:48:xx:xx:xx; fixed-address 192.168.1.3; }
# etc ...   

subnet 192.168.1.0 netmask 255.255.255.0 {
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.1.255;
  option routers 192.168.1.254;
  option domain-name-servers 8.8.8.8, 8.8.4.4;

  # Unknown test clients get this pool.
  pool {
    max-lease-time 1800; # 30 minutes
    range 192.168.1.100 192.168.1.250;
    allow unknown-clients;
  }

  # MyHosts nodes get this pool
  pool {
    max-lease-time 1800;
    range 192.168.1.1 192.168.1.20;
    allow members of MyHosts;
    deny unknown-clients;
  }
}

I want to put these into a class and assign them to a pool so that I can ensure that only those hosts are allowed on that pool.

I tried defining them as:

class "MyHosts" {
  host host2 { hardware ethernet 10:bf:48:xx:xx:xx; fixed-address 192.168.1.2; }
  host host3 { hardware ethernet 10:bf:48:xx:xx:xx; fixed-address 192.168.1.3; }
}

But this gave an error "host declarations not allowed here".

How do I do it?


As you discovered, you cannot declare hosts inside a class. The class declaration can only contain match or match if statements. If you want to group your client requests into classes using the class construct, you could do it something like this:

class "MyHosts" {
    match hardware;
}
subclass "MyHosts" 1:10:bf:48:xx:xx:xx;  # host2
subclass "MyHosts" 1:10:bf:48:xx:xx:xx;  # host3

In the above, the match statement in the class declares that subclasses will be matched by the hardware attribute. (hardware evaluates to the concatenation of the hardware type and the MAC address of the client; for ethernet clients, the hardware type is 1, thus the 1: prefix in the data string of the subclass statements.)

When a client is a member of a subclass, it is also a member of the parent class, so now you can use allow and deny clauses in your pool declarations to ensure that members of MyHosts are assigned IPs from the desired pool, e.g.:

subnet 192.168.1.0 netmask 255.255.255.0 {
    ...
    pool {
        range 192.168.1.101 192.168.1.250;
        ...
        deny members of "MyHosts";
        ...
    }
    pool {
        range 192.168.1.1 192.168.1.20;
        ...
        allow members of "MyHosts";
        ...
    }
}

Related

Replace permission entries on all child objects using icacls
Is it unwise to publish my server configuration?
RHEL 6.x - yum gives "ImportError: No module named cElementTree" errors
Load average is greater than the number of EC2 Compute Units
Task Scheduler: Login to a session at startup and start a desktop app?
Networking with VMware, physical adapters and iSCSI
Basic auth for a Tomcat app (JIRA) with Nginx as reverse proxy
How to install Mysql 5.6 on Debian 7 wheezy
Best practices to avoid Jenkins error: sudo: no tty present and no askpass program specified
Does kill -3 actually terminate a java process? Or just generate a thread dump?
How to allow SSH logins even when filesystem forced check fails
Transfer between two NFS shares on the same machine