Page 1 of 1

ISC dhcp: known/unknown client settings

Posted: Thu Feb 12, 2015 3:08 pm
by ^rooker
[PROBLEM]
I'm administering a multi-subnet network with one central DHCP (isc-dhcpd on Debian 7 (wheezy)).
Some of the clients are multi-homed, so to avoid routing-confusion, I'd rather not hand out a default-gw to those known machines per DHCP. This allows to assign just one default gateway, which then works more reliably - especially on Windows clients.

[SOLUTION]
Thanks to a Wiki entry on "Macfreek.nl", about DHCP with known and unknown hosts, I've now added 2 pool blocks in the subnet-block of /etc/dhcp/dhcpd.conf. One for known- and one for unknown-clients:

Code: Select all

subnet 192.168.200.0 netmask 255.255.255.0 {
        # If this DHCP server is the official DHCP server for the local
        # network, the authoritative directive should be uncommented.
        authoritative;

        option domain-name "dva-profession.local";
        option domain-name-servers ns1.dva-profession.local, ns2.dva-profession.local;

        #range 192.168.200.200 192.168.200.250;     # OBSOLETE? handled in pool.
        option router-discovery false;              # Don't auto-detect routers (RFC 1256)

        # UNknown clients get this pool:
        pool {
            option routers inet.dva-profession.local;
            default-lease-time 216000;              # 2.5 days
            max-lease-time 259200;                  # 3 days
            range 192.168.200.200 192.168.200.250;
            allow unknown-clients;
        }

        # Known clients get this pool:
        pool {
            default-lease-time 216000;              # 2.5 days
            max-lease-time 259200;                  # 3 days
            range 192.168.200.1 192.168.200.199;
            deny unknown-clients;
        }
    }
Now, I can easily have unknown clients get everything they need: IP, mask - and default gateway, while known-clients can be grouped in "multi-homed" (=no gateway) and "single-network" (=assign gateway by DHCP).


Works like a charm! :)