Jump to content

DHCP relay option 82

stealallsock
 Share

Recommended Posts

stealallsock

stealallsock

Posted
Posted

Здравствуйте!

Не срабатывает выдача адресов согласно классу ( порту )

В чем проблемы? помогите люди добрые

 

 

debian 7 wheezy

 

isc-dhcp-server ( dhcp3 )

 

Имею такой вот конфиг ( тестовый вариант )

 

option domain-name "foo.com";
local-address 192.168.254.249;
option subnet-mask 255.255.0.0;
default-lease-time 60000;
max-lease-time 62000;

subnet 192.168.0.0 netmask 255.255.0.0 {
 option broadcast-address 192.168.255.255;
 option subnet-mask 255.255.0.0;

 class "fixed6" {
       match if  binary-to-ascii(16, 8, ":", substring(option agent.remote-id, 2, 6)) = "0:22:B0:63:43:8F"
		and	binary-to-ascii (10, 8, "/", suffix ( option agent.circuit-id, 2)) = "0/1";
 }

 pool {
       range 192.168.30.54;
       allow members of "fixed6";
 } 


 class "fixed7" {
       match if  binary-to-ascii(16, 8, ":", substring(option agent.remote-id, 2, 6)) = "0:22:B0:63:43:8F"
		and	binary-to-ascii (10, 8, "/", suffix ( option agent.circuit-id, 2)) = "0/2";
 }

 pool {
       range 192.168.30.55;
       allow members of "fixed7";
 } 

 pool {
option domain-name-servers bogus.foo.com;
range 192.168.30.15 192.168.30.20;
default-lease-time 50000;
 }
}

if exists agent.circuit-id
{
 log (info, concat("Lease for ",
               binary-to-ascii (10, 8, ".", leased-address),
               " is connected to interface ",
               binary-to-ascii (10, 8, "/",
               suffix ( option agent.circuit-id, 2)),
               " (add 1 to port number!), VLAN ",
               binary-to-ascii (10, 16, "",
               substring( option agent.circuit-id, 2, 2)),
               " on switch ",
               binary-to-ascii(16, 8, ":",
               substring( option agent.remote-id, 2, 6))));
 log (info, concat("Lease for ",
               binary-to-ascii (10, 8, ".", leased-address), 
               " raw option-82 info is CID: ",
               binary-to-ascii (10, 8, ".", option agent.circuit-id),
               " AID: ",
               binary-to-ascii(16, 8, ".", option agent.remote-id)));
}

 

Настройки коммутатора des 3010g

 

DES-3010G:4#show dhcp_relay
Command: show dhcp_relay

DHCP/BOOTP Relay Status         : Enabled
DHCP/BOOTP Hops Count Limit     : 4
DHCP/BOOTP Relay Time Threshold : 0
DHCP Vendor class identifier option 60 State: Disabled
DHCP Client identifier option 61 State: Disabled
DHCP Relay Agent Information Option 82 State  : Enabled
DHCP Relay Agent Information Option 82 Check  : Disabled
DHCP Relay Agent Information Option 82 Policy : Replace

Interface     Server 1         Server 2         Server 3         Server 4
------------  ---------------  ---------------  ---------------  --------------
System        192.168.254.249

 

 

 

 

Получаем вот такой лог

 

Jul 25 03:11:11 mail dhcpd: DHCPREQUEST for 192.168.30.16 from 30:85:a9:b1:fc:90 via eth3
Jul 25 03:11:11 mail dhcpd: DHCPACK on 192.168.30.16 to 30:85:a9:b1:fc:90 (Hostname Unsuitable for Printing) via eth3
Jul 25 03:11:11 mail dhcpd: Lease for 192.168.30.16 is connected to interface 0/2 (add 1 to port number!), VLAN 1 on switch 0:22:b0:63:43:8f
Jul 25 03:11:11 mail dhcpd: Lease for 192.168.30.16 raw option-82 info is CID: 0.4.0.1.0.2 AID: 0.6.0.22.b0.63.43.8f
Jul 25 03:11:11 mail dhcpd: DHCPREQUEST for 192.168.30.16 from 30:85:a9:b1:fc:90 (Hostname Unsuitable for Printing) via 192.168.151.41
Jul 25 03:11:11 mail dhcpd: DHCPACK on 192.168.30.16 to 30:85:a9:b1:fc:90 (Hostname Unsuitable for Printing) via 192.168.151.41

vop

vop

Posted
Posted

Там в МАКах буковки маленькие должны быть в операциях match, не?

 

В идентификаторе в конфиге дхцп?

 

Ну да. Вот тут:

 

match if binary-to-ascii(16, 8, ":", substring(option agent.remote-id, 2, 6)) = "0:22:B0:63:43:8F"
xcme

xcme

Posted
Posted (edited)

match if binary-to-ascii(16, 8, ":", substring(option agent.remote-id, 2, 6)) = "0:22:B0:63:43:8F"

Напомните, что значит 2, 6? В свое время я использовал 2, 32:

#user50767
class "10-99-140-12:21:USER"          { match if (substring(option agent.remote-id,2,32)="10.99.140.12" and binary-to-ascii(10,8,"",suffix(option agent.circuit-id,1))="21"); }

P.S. RID ставили равным IP-адресу коммутатора.

Edited by xcme
stealallsock

stealallsock

Posted
  • Author
Posted (edited)

В данный момент я добавился выдачи адресов согласно классу,но почему-то происходит следующее:

 

И так он до бесконечности выдает и сбрасывает,выдает и сбрасывает.

 

 

ddns-update-style interim;
ignore client-updates;

class "matrosova43p2" {
match if option agent.circuit-id = "Vlan1+Ethernet1/8" and option
agent.remote-id=00:03:0f:40:3d:32;

}

class "matrosova43p2" {

match if option agent.circuit-id = "Vlan1+Ethernet1/7" and option 

agent.remote-id=00:03:0f:40:3d:32;

}

subnet 192.168.0.0 netmask 255.255.0.0 {

option routers 192.168.102.2;

option subnet-mask 255.255.0.0;

option domain-name "example.com.cn";

option domain-name-servers 192.168.10.3;

authoritative;

pool {

range 192.168.102.21 192.168.102.50;

default-lease-time 86400; #24 Hours

max-lease-time 172800; #48 Hours

allow members of "matrosova43p2";

}

pool {

range 192.168.102.51 192.168.102.80;

default-lease-time 43200; #12 Hours

max-lease-time 86400; #24 Hours

allow members of "matrosova43p2";

}

}

 

 

 

Aug  2 01:32:39 mail dhcpd: DHCPNAK on 192.168.102.21 to 30:85:a9:b1:fc:90 via eth3
Aug  2 01:32:39 mail dhcpd: DHCPDISCOVER from 30:85:a9:b1:fc:90 via eth3: network 192.168.0.0/16: no free leases
Aug  2 01:32:39 mail dhcpd: DHCPREQUEST for 192.168.102.21 (192.168.254.249) from 30:85:a9:b1:fc:90 via 192.168.1.71
Aug  2 01:32:39 mail dhcpd: DHCPACK on 192.168.102.21 to 30:85:a9:b1:fc:90 (Hostname Unsuitable for Printing) via 192.168.1.71

 

lease 192.168.102.21 {
 starts 0 2015/08/02 05:31:24;
 ends 1 2015/08/03 05:31:24;
 cltt 0 2015/08/02 05:31:24;
 binding state active;
 next binding state free;
 rewind binding state free;
 hardware ethernet 30:85:a9:b1:fc:90;
 uid "\0010\205\251\261\374\220";
 option agent.circuit-id "Vlan1+Ethernet1/8";
 option agent.remote-id 0:3:f:40:3d:32;
}
lease 192.168.102.21 {
 starts 0 2015/08/02 05:31:24;
 ends 0 2015/08/02 05:31:24;
 tstp 0 2015/08/02 05:31:24;
 cltt 0 2015/08/02 05:31:24;
 binding state free;
 hardware ethernet 30:85:a9:b1:fc:90;
 uid "\0010\205\251\261\374\220";
}

Edited by stealallsock

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.