You are not logged in.

#1 2004-10-06 13:12:12

orjanp
Member
From: Tromsoe, Norway
Registered: 2004-07-03
Posts: 347

dhcp server config. How to filter hardware mac address?

How can I manually configure my dhcp server to allow only predefined MAC addresses? Have been searching the web for som time now without any luck.

Some tips or links would be appreciated.


Ørjan Pettersen

Offline

#2 2004-10-06 13:27:32

jochen
Member
From: Germany
Registered: 2004-06-01
Posts: 102

Re: dhcp server config. How to filter hardware mac address?

If you are referring to dhcpd, please give

man dhcpd.conf

a try. You should find every information you need in there.

Offline

#3 2004-10-06 13:49:49

orjanp
Member
From: Tromsoe, Norway
Registered: 2004-07-03
Posts: 347

Re: dhcp server config. How to filter hardware mac address?

dhcpd is correct.

I have breafly read the man pages, but I didn't find an answer to it there. I might have overlooked it since the file is so big. I'll give it a try again.

Some extra info. None of the clients should be assigned a fixed address.


Ørjan Pettersen

Offline

#4 2004-10-06 13:56:40

jochen
Member
From: Germany
Registered: 2004-06-01
Posts: 102

Re: dhcp server config. How to filter hardware mac address?

Please have a look at the section ADDRESS POOLS in the dhcpd.conf manpage. I think you'll find the necessary information there.

If you need more assistance to find a solution, let me know and i'll try to help.

Offline

#5 2004-10-06 14:21:06

itlain
Member
Registered: 2004-08-22
Posts: 12

Re: dhcp server config. How to filter hardware mac address?

Heres a sample part out of one of my networks:

ddns-update-style none;RN)
deny bootp;
authoritative;
subnet 192.168.100.0 netmask 255.255.255.0
{
        option subnet-mask 255.255.255.0;
        option domain-name "*****";
        option routers 192.168.100.1;
        option domain-name-servers ***.***.***.226, ***.***.***.12;
        default-lease-time 180;
        max-lease-time 7200;
}
host fix1
{
        hardware ethernet 00:02:3f:3d:73:b3;
        fixed-address 192.168.100.201;
        filename "ashby";
}
host fix2
{
        hardware ethernet 00:0b:db:08:14:49;
        fixed-address 192.168.100.202;
        filename "SFC Ford";
}

It only gives an IP out if the MAC address matches. Otherwise a machine can't grab an address. I believe this is what you were looking for. I use the filename part to put a user name to each MAC address. It is actually used for tftp booting but I've never noticed a side effect from it. Hope this helps.

Offline

#6 2004-10-06 19:11:28

orjanp
Member
From: Tromsoe, Norway
Registered: 2004-07-03
Posts: 347

Re: dhcp server config. How to filter hardware mac address?

jochen wrote:

Please have a look at the section ADDRESS POOLS in the dhcpd.conf manpage. I think you'll find the necessary information there.

If you need more assistance to find a solution, let me know and i'll try to help.

Yes, the address pool thing is what I need. This is from the man pages.

        # Known clients get this pool.
         pool {
           option domain-name-servers ns1.example.com, ns2.example.com;
           max-lease-time 28800;
           range 10.0.0.5 10.0.0.199;
           deny unknown clients;
         }

So I guess I need an allow instead of a deny, and list up all MAC addresses that should be allowed to connect. How is this done the best way? By defining all MAC addresses in an allow file(is it possible to use an external file to list up all MAC sddresses?). Or by defining a class thing where all MAC addresses is listed, and then use allow members of "<class name>"?

At first I guess I'll try an alow {list of MAC address}

Thanks for the help. smile


Ørjan Pettersen

Offline

#7 2004-10-06 19:44:40

orjanp
Member
From: Tromsoe, Norway
Registered: 2004-07-03
Posts: 347

Re: dhcp server config. How to filter hardware mac address?

When I tried the class thing I only got an error saying : "hardware parameter not allowed here".

My dhcpd.conf look like this now.

default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;

subnet 192.168.1.0 netmask 255.255.255.0 {
#   range 192.168.1.10 192.168.1.100;
  pool {
    range 192.168.1.110 192.168.1.150;
    allow hardware ethernet ***;
  }
}

It did work fine when I only had the commented out range line. But when I add the pool section, I get the error : "expecting a parameter or declaration", at the last '}'. So it does't work.


Ørjan Pettersen

Offline

#8 2004-10-06 21:36:03

jochen
Member
From: Germany
Registered: 2004-06-01
Posts: 102

Re: dhcp server config. How to filter hardware mac address?

Sorry, I ain't got no possibility to test it at the moment, but I thoght it would work that way:

 host myhost1 { hardware ethernet 0:c0:c3:88:2d:81; }
 host myhost2 { hardware ethernet 0:c0:c3:88:2d:82; }

  pool {
           option domain-name-servers ns1.example.com, ns2.example.com;
           max-lease-time 28800;
           range 10.0.0.5 10.0.0.199;
           deny unknown-clients;
  }

Please let me know if this does ist.

Offline

#9 2004-10-07 11:35:17

orjanp
Member
From: Tromsoe, Norway
Registered: 2004-07-03
Posts: 347

Re: dhcp server config. How to filter hardware mac address?

It works like a charm. Thanks smile


Ørjan Pettersen

Offline

Board footer

Powered by FluxBB