LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-29-2008, 08:08 AM   #1
vortmax
Member
 
Registered: Nov 2005
Posts: 91

Rep: Reputation: 17
updating DHCP


I'm putting together a DHCP server to sit on the back end of a CMTS (Cable Modem Termination System). I need the DHCP server to validate mac addresses against a database (or flat file) before handing out the IP. This is to only allow registered modems onto the network. So in short, you plug in a modem, it sends a DHCP discover request. When the dhcp server gets that request, it checks the MAC against its list of registered MAC addresses. If there is a match, it assigns an IP.

Is this easily doable with current opensource packages? I know it can be done, as we have commercial software that is doing it (that we are moving away from for other reasons). Should I be looking at something like ldap or radius instead?
 
Old 02-29-2008, 08:49 AM   #2
MS3FGX
Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 351Reputation: 351Reputation: 351Reputation: 351
Well, MAC-assigned leases are easy enough to do, but then you aren't actually doing dynamic addresses, clients will always get the same IP. I don't know if this is a problem in your case or not.

That would also require you to manually put in all of the whitelisted MACs and assign them TCP/IP info in the configuration file. Though you could put together a script to automate it for you if you have a lot of MACs to go through or need to add new ones quickly/regularly.
 
Old 02-29-2008, 09:34 AM   #3
vortmax
Member
 
Registered: Nov 2005
Posts: 91

Original Poster
Rep: Reputation: 17
Manually whitelisting MAC's is fine, and actually the idea behind it. That's how we allow users to subscribe to internet service. Once they subscribe, their MAC is added to the database and their modem is allowed to connect. I would ideally like to use a msyql backend, but flat file would work as well. I just can't reset the server every time a new mac is added.
 
Old 02-29-2008, 06:09 PM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 4,164

Rep: Reputation: 506Reputation: 506Reputation: 506Reputation: 506Reputation: 506Reputation: 506
Quote:
Originally Posted by vortmax View Post
I just can't reset the server every time a new mac is added.
The dhcp documentation is very clear about this: you have to restart dhcpd whenever you change the config file.

But with "reset the server" do you mean that you want to reboot the box? That won't be necessary. Just (depending on your distro)
Code:
/etc/init.d/dhcpd restart
It takes only a few seconds, no client is going to complain about that.

If you want to use a database to store your mac addresses, built a simple script which first writes the first part of the dhcpd.conf file, then retrieves the data from the database and append all the different entries to you dhcpd.conf file.

I would prefer TCL for this purpose over Bash because it has better string and array handling. I am sure Perl and Python have mysql connectors as well and are even better in string handling but I don't know them.

jlinkels
 
Old 02-29-2008, 10:59 PM   #5
eaglek96
LQ Newbie
 
Registered: Feb 2008
Location: Massachusetts
Distribution: Debian Linux and FreeBSD
Posts: 12

Rep: Reputation: 0
I'm the network manager at a college with about 1700 machines. What I do is use a mysql database backend, and isc-dhcpd. The process is fairly simple. All the allowed MAC addresses go into the database. A cron runs every 2 minutes to build a dhcpd.conf.generated file to be used as a config file for dhcp. Each MAC from the database goes into the DHCP scope definition within that file as a known host, but with no specified IP. The scope is configured to "deny unknown hosts". Another cron job runs every few minutes to see if the dhcpd.conf.generated file is newer than the existing dhcpd.conf file. If it is, it will replace the .conf file with the contents of the .generated file, and restart dhcp.

The entire process only takes a few seconds, and is harmless in the functionality of DHCP. My dhcp server restarts at least 15 times an hour with no ill effects.

If you wanted to get even simpler you could take out the mysql database, and just modify the dhcpd.conf file directly with the lines you need via a web interface and use a similar refresh script.

For some hints, you may want to look at http://netreg.sourceforge.net/. This is where I got a lot of my ideas from when I built my own.
 
Old 03-05-2008, 05:04 PM   #6
vortmax
Member
 
Registered: Nov 2005
Posts: 91

Original Poster
Rep: Reputation: 17
thanks, that is exactly what we want to be able to do.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Updating VMWare After Updating CentOS Linux31 Red Hat 2 09-18-2007 02:49 PM
Dhcp failed with error (Pump Told us : no dhcp reply recived.) alok.rhct Linux - Networking 3 03-24-2007 07:28 AM
cannot dhcp discover after updating kernel, hangs on inetd precision Debian 0 06-04-2006 09:58 PM
Updating DHCP - dynamic inet connection won't update lrt2003 Slackware 2 05-26-2004 12:57 AM
dhcp updating bind (not) dwater Linux - Networking 0 05-10-2004 03:17 AM


All times are GMT -5. The time now is 07:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration