I hoping there is a dhcpd wizard out there that can help me with a config question. I'm trying to set up a dhcpd server that will only hand out address to a specific OUI group Proxim (00:20:A6.) It would seem that you can do this but I haven't found a good example to work from. Any info or places to start would be great.

This is all I've found but don't know enough to implament.

group {
match if (substring(hardware,1,3)=00:0e:7b);
range 123.123.123.1 123.123.123.50;
deny unknown-clients;
}

Thanks,
Bruce

I am no wizard, but I can (and did) search on the phrase "match if (substring(hardware". See if the final post in this thread helps. I think it very similar to what you are trying to do. (And I think I just learned a little bit more about dhcpd! )

Thank you for the link it was very helpful, however I am still not able to get it working. Here's my dhcpd.conf:

#DHCP CONFIG

#ddns-update-style ad-hoc;


# option definitions common to all supported networks...
option domain-name "ntdom.cupdx";
option domain-name-servers 70.103.52.169;
default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;


class "access-points" {
match if substring(hardware,1,3) = 00:20:a6;
}

# 10.24.10.0
subnet 10.24.10.0 netmask 255.255.255.0 {
pool {
range 10.24.10.201 10.24.10.229;
allow members of "access-points";
deny unknown-clients;
}
}



This is what get when I test:


bhenderson@dhcpd-ap4000:~$ sudo dhcpd3 -d -f 2>&1
Internet Systems Consortium DHCP Server V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
Wrote 0 leases to leases file.
Listening on LPF/eth0/00:0c:29:ca:69:c6/10.24.10/24
Sending on LPF/eth0/00:0c:29:ca:69:c6/10.24.10/24
Sending on Socket/fallback/fallback-net
DHCPDISCOVER from 00:20:a6:7e:bd:70 via eth0: network 10.24.10/24: no free leases
DHCPDISCOVER from 00:20:a6:7e:bd:70 via eth0: network 10.24.10/24: no free leases
DHCPDISCOVER from 00:20:a6:7e:bd:70 via eth0: network 10.24.10/24: no free leases

If any one can see my error please let me know.
I assume that the client is not meeting the class requirement but I don't know why. Again any info or lead in the right direction would be great.

Bruce

EDIT: I am leaving this post here for historical (hysterical? ) purposes, but as I outline in my next post, I now believe what I suggest in this post to be neither needed nor helpful.

It looks to me like you did exactly the same as the page I linked to. Have you tried removing the restrictions to verify that is the problem?

I did some tests on my own DHCP server and might know what is going on here. As I am still learning this myself, please verify for yourself what I say. Let me also note that I used dhcpd version isc-dhcpd-V3.0pl1 which I believe is rather old.

I believe the problem is the deny unknown-clients statement. I don't understand why it worked for the poster on our reference page. I set up something analogous to your conf file except that I was working with 192.168.2.0/24. I also got the no free leases message. This went away if I either commented out the deny unknown-clients line or if I added a host declaration for the machine seeking an IP address. This seems consistent with what the dhcpd.conf man page says about unknown-clients. Namely, a client is "unknown" if it doesn't have a host declaration. So that statement prohibits dhcpd from leasing an address to such a machine (in your case, all machines).

Further, as I understand the man page, with the allow statement present, everything that is not specifically allowed will be denied. So an explicit deny statement is not necessary.

I hope this helps you get things working.

man dhcp-eval shows: substring (data-expr, offset, length)
The substring operator evaluates the data expression and returns the substring of the result of that evaluation that starts offset bytes from the beginning, continuing for length bytes. Offset and length are both numeric expressions. If data-expr, offset or length evaluate to null, then the result is also null. If offset is greater than or equal to the length of the evaluated data, then a zero-length data string is returned. If length is greater then the remaining length of the evaluated data after offset, then a data string containing all data from offset to the end of the evaluated data is returned.

This might indicate that "match if substring(hardware,1,3) = 00:20:a6;" is improperly defined, i.e. starts with 0, length is 8 or some such. I don't know what the actual expression storage is.....

In my tests, that worked fine. Specifically, I used:

Combined with

in the subnet specification. This allowed an interface whose MAC started with 00:17:31 and excluded one that didn't start with that. Note that I commented out the offending statement.

EDIT: BTW, no free leases seems to be the standard message when it is blocking. I guess because there aren't any free leases in the null set!

Thank you for the solution. I should have put more time into it before I posted again.

Thank you,
Bruce