dhcpd not processing broadcast DHCPDISCOVER

0

My DHCP server is handling two subnets. The first subnet is all host -> fixed-address sets for known hardware. The second subnet has a pool set up to handle virtual machines in a vCenter.

Now, if I've done this right, dhcpd matches the first three octets of the normal vCenter assigned MAC address, and assigns an address out of the subnet for virtual hosts, right?

Unfortunately, all I get is

Nov 15 12:42:44 dhcpserv dhcpd: DHCPDISCOVER from 00:50:56:aa:bb:cc via eth0: network XXX.YYY.22/23: no free leases

So, I know my dhcpd server is receiving the DHCPDISCOVER. I know I'm looking for the right three octets. (Do I know this?)

What I can't figure out is why my DHCP server isn't serving up an IP address out of the second subnet. What am I missing?

dafydd

Posted 2012-11-16T17:56:49.427

Reputation: 472

Answers

0

It turns out that I needed to do three things. Here are some snips from the final /etc/dhcpd.conf file:

class "virtual-hosts"
{
  match if substring(binary-to-ascii(16,8,":",hardware),2,7) = "0:50:56";
  log(info, "Hit for class virtual-hosts");
}

subnet XXX.YYY.22.0 netmask 255.255.254.0
{
}

subnet XXX.YYY.24.0 netmask 255.255.255.0
{
  option routers XXX.YYY.24.254;
  option domain-name-servers XXX.YYY.22.168, XXX.YYY.22.169;
  option ntp-servers XXX.YYY.22.168,XXX.YYY.22.169;
  default-lease-time 86400; # 1 day
  max-lease-time 604800;    # 7 days
  use-host-decl-names on;
  allow unknown-clients;

  option domain-name "example.com sub1.example.com sub2.example.com";
  next-server XXX.YYY.22.159;
  filename "pxelinux.0";

  pool
  {
    allow members of "virtual-hosts";
    get-lease-hostnames true;
    one-lease-per-client true;
    ping-check true;
    range XXX.YYY.24.11 XXX.YYY.24.60;
  }
}

First, look at that ugly string match in the class statement. The binary value hardware's first element is the hardware type and the second element is the address. I have to run hardware through binary-to-ascii to turn it into a searchable string, and then match the substring. The substring match starts at 2 to avoid the 1: that binary-to-string writes for the hardware type. And, the substring match is only 7 characters long because binary-to-string only uses a single digit for binary values less than 16.

Second, I have to declare allow unknown-clients; somewhere before dhcpd will even try to match an unspecified hardware address. Otherwise, I have to explicitly define the full MAC address in a host{} statement. But, I don't want allow unknown-clients; in the pool itself, because that's limited by ...

Third, the declaration allow members of "virtual-hosts"; in the pool statement.

So, the solution comes down to accurate parsing of binary-to-text and allowing unknown clients in the subnet statement, just to restrict them in the pool sub-statement.

dafydd

Posted 2012-11-16T17:56:49.427

Reputation: 472

Asked: 2012-11-16T17:56:49.427

Viewed: 4 851 times

Active: 2012-11-19T17:59:27.883