Isc-Dhcp
isc-dhcp 選項82
我對正確的 isc-dhcp 配置有疑問。我想根據交換機埠向使用者租用 IP 地址。為此,我使用 DLink DES-3200 系列交換機。一切正常,但最近我決定將特定子網租給所有未知使用者,即未在 dhcpd.conf 文件中明確指定。這是一個配置範例:# dhcpd.conf
default-lease-time 30; max-lease-time 60; authoritative; log-facility local7; option domain-name-servers 8.8.8.8; include "/usr/local/etc/dhcpd/dhcpd.classes"; shared-network "clients" { subnet 10.5.20.0 netmask 255.255.255.0 {} include "/usr/local/etc/dhcpd/dhcpd.networks"; }dhcpd.classes
class "10.5.20.4_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); } class "10.5.20.4_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.4" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); } class "10.5.20.2_1" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "1" ); } class "10.5.20.2_3" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "3" ); } class "10.5.20.2_2" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "2" ); } class "10.5.20.2_4" { match if ( substring(option agent.remote-id,2,15)="10.5.20.2" and binary-to-ascii(10, 16, "", substring(option agent.circuit-id, 4, 2)) = "4" ); }dhcpd.networks
subnet 172.30.20.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option routers 172.30.20.1; pool {range 172.30.20.3; allow members of "10.5.20.4_2"; } pool {range 172.30.20.2; allow members of "10.5.20.4_1"; } } subnet 172.30.160.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option routers 172.30.160.1; pool {range 172.30.160.3; allow members of "10.5.20.2_1"; } pool {range 172.30.160.4; allow members of "10.5.20.2_3"; } pool {range 172.30.160.10; allow members of "10.5.20.2_2"; } pool {range 172.30.160.12; allow members of "10.5.20.2_4"; } }因此,如果添加添加讓我們說:
subnet 172.20.111.0 netmask 255.255.255.0 { option routers 172.20.111.1; max-lease-time 60; min-lease-time 30; range 172.20.111.10 172.20.111.20 ; }在 dhcpd.networks 文件的末尾(我將其包含在 shared-network ‘clients’ 子句中,見上文),我的所有客戶端都開始從 172.20.111.0 範圍獲取 IP 地址,無論它們是否為其埠指定了一個類。
有沒有辦法讓 dhcpd 伺服器先查看類聲明然後查看子網?
在閱讀 man dhcpd.conf 並玩弄之後,我設法通過對我的 dhcpd.networks 文件進行以下修改來實現我的目標:
subnet 172.20.111.0 netmask 255.255.255.0 { pool { option routers 172.20.111.1; max-lease-time 60; min-lease-time 30; range 172.20.111.10 172.20.111.20 ; deny members of "10.5.20.4_1"; deny members of "10.5.20.4_2"; deny members of "10.5.20.2_1"; # .... etc }}
現在它按照我想要的方式工作,雖然我不確定它是否會很好地擴展。
您寫道,您在 dhcpd.conf 文件的末尾添加了新子網。您需要將其添加到
shared-network,否則 dhcpd 不會將這些網路視為替代方案。