<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hello,<br>
<br>
Took this snippet from what I'm doing which I got from a colleague
who first pulled a working config together. See where you can
with this...<br>
<br>
<pre wrap="">'dhcp' folder resides in raddb/dhcp and the dhcp-config.txt file is raddb/sites-available/dhcp</pre>
<br>
<br>
# Main conf - dhcp-config.txt<br>
<br>
<font face="monospace">server dhcp {<br>
<br>
client any {<br>
ipaddr = 0.0.0.0<br>
#netmask = 0<br>
dhcp = yes<br>
}<br>
<br>
listen {<br>
ipaddr = *<br>
port = 67<br>
type = dhcp<br>
}<br>
<br>
dhcp DHCP-Discover {<br>
update reply {<br>
DHCP-Message-Type = DHCP-Offer<br>
}<br>
<br>
switch "%{DHCP-Gateway-IP-Address}" {<br>
<br>
case 192.168.60.1 {<br>
$INCLUDE dhcp/pool_system1<br>
}<br>
<br>
case 10.20.0.1 {<br>
$INCLUDE dhcp/pool_system2<br>
}<br>
<br>
case {<br>
# Do not reply to DHCP requests from subnets<br>
# which we are not authoriative<br>
update reply {<br>
DHCP-Message-Type !* 0<br>
}<br>
do_not_respond<br>
}<br>
}<br>
<br>
# Global DHCP parameters<br>
$INCLUDE dhcp/global<br>
<br>
dhcp_sqlippool<br>
<br>
if(notfound || noop) {<br>
reject<br>
}<br>
<br>
ok<br>
}<br>
<br>
dhcp DHCP-Request {<br>
update reply {<br>
DHCP-Message-Type = DHCP-Ack<br>
}<br>
<br>
switch "%{DHCP-Gateway-IP-Address}" {<br>
<br>
case 192.168.10.1 {<br>
$INCLUDE dhcp/pool_system1<br>
}<br>
<br>
case 10.20.0.1 {<br>
$INCLUDE dhcp/pool_system2<br>
}<br>
<br>
case {<br>
# Do not reply to DHCP requests from subnets<br>
# which we are not authoriative<br>
update reply {<br>
DHCP-Message-Type !* 0<br>
}<br>
do_not_respond<br>
}<br>
}<br>
<br>
# Global DHCP parameters<br>
$INCLUDE dhcp/global<br>
<br>
dhcp_sqlippool<br>
<br>
if(notfound || noop) {<br>
reject<br>
}<br>
<br>
ok<br>
}<br>
<br>
dhcp DHCP-Inform {<br>
}<br>
<br>
# If there's no named section for the packet type, then the
packet<br>
# is processed through this section.<br>
dhcp {<br>
# send a DHCP NAK.<br>
reject<br>
}<br>
}<br>
</font><br>
# End main conf<br>
<br>
# Global Conf<br>
# ./dhcp/global.conf<br>
<font face="monospace">update reply {<br>
DHCP-Domain-Name-Server = 8.8.8.8<br>
DHCP-Domain-Name-Server += 8.8.4.4<br>
DHCP-Domain-Name = "mydomain.com"<br>
DHCP-DHCP-Server-Identifier = <dhcp-server-ip><br>
}<br>
</font><br>
# System 1 devices - Cable Modems<br>
# ./dhcp/pool_system1.conf<br>
<font face="monospace">if(DHCP-Vendor-Class-Identifier =~
/^docsis[1-2].*$/){<br>
update control {<br>
Pool-Name := 'system_pool1'<br>
}<br>
}<br>
</font><br>
# System 2 devices<br>
# ./dhcp/pool_system2.conf<br>
<font face="monospace">if(DHCP-Vendor-Class-Identifier){<br>
update reply {<br>
DHCP-Subnet-Mask = 255.255.255.0<br>
DHCP-Router-Address = 10.20.0.1<br>
DHCP-Broadcast-Address = 10.20.0.255<br>
DHCP-IP-Address-Lease-Time = 3600<br>
}<br>
update control {<br>
Pool-Name := 'system_pool2'<br>
}<br>
}</font><br>
<br>
<br>
<br>
<div class="moz-signature">
<style type="text/css">
#links {
font-size: 12px;
}
#name_addr {
font-family : 'DejaVu Serif', FreeSerif, 'Liberation Serif';
font-size: 11px;
color: #306EFF;
}
table {
border-bottom-style: none;
border-left-style: none;
border-right-style: none;
border-top-style : none;
}
</style>
<br>
</div>
On 03/10/2014 12:38 PM, Alan DeKok wrote:<br>
</div>
<blockquote cite="mid:531E14C9.1020808@deployingradius.com"
type="cite">
<pre wrap="">Vyacheslav Maliev wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hello! I`ve tried to configure my freeradius installation like described
here <a class="moz-txt-link-freetext" href="http://wiki.freeradius.org/guide/dhcp-for-static-ip-allocation">http://wiki.freeradius.org/guide/dhcp-for-static-ip-allocation</a>
but it`s very simple case for only one subnet. Now we have two networks
which needs to get IP by DHCP server. So is there any possibility to
configure DHCP scopes for different networks? Thanks!
</pre>
</blockquote>
<pre wrap="">
Yes. It's not as easy as with a dedicated DHCP server. You'll need
to split the packets, so that some use subnet A, and some use subnet B.
Look at the packets (radiusd -X) to see how they're different. Usually
there will be a gateway IP address different, or perhaps something else.
It's probably best to use groups to assign the network parameters.
e.g. use the radgroupcheck and radgroupreply tables. For users in group
A, assign them options for network A, and users in group B should be
assigned options in network B.
i.e. separate the *common* configuration into group parameters. Thenm
each user should have only user-specific parameters. e.g. an IP
address, and a group membership.
For v3.1, we're looking at maybe coming up with DHCP-specific queries
for SQL. But getting help from other people would be useful, too.
Alan DeKok.
-
List info/subscribe/unsubscribe? See <a class="moz-txt-link-freetext" href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a>
</pre>
</blockquote>
<br>
</body>
</html>