How To Include and Exclude Hardware Addresses Under DHCP On OES Linux

  • Document ID:7007009
  • Creation Date:06-Oct-2010
  • Modified Date:08-Apr-2014
    • Micro Focus Products:
      Open Enterprise Server

Environment

Novell DHCP
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2

Situation

Under NetWare, DHCP administrators can go to the 'Global Preferences' and exclude or include MAC addresses for IP address assignment. These excluded or included hardware addresses migrate to OES Linux as 'Classes' found under the 'Service' object. Restricting or granting access to dynamic IP addresses, based on MAC addresses, can be accomplished through classes.

The purpose of this TID is to show how to use classes on OES Linux to accomplish the same thing as using NetWare's Global Preferences.
 
Note: This is NOT describing how to exclude ip addresses from a DHCP pool for dynamic assignment. That can be found in TID: 7007122 -- Excluding DHCP Pool IP Addresses From Dynamic Assignment On OES
 
Note: There are probably more efficient ways of accomplishing the same task of MAC to IP address exclusion or inclusion. For instance, under NetWare, administrators can create IP address assignments and manually assign the IP address to a MAC address. These assignments will be stored in the same place as the dynamic assignments, but will just have a different type. Storing assignments in this way means that there is no need to process the extended function of the Global Preferences address exclusion or inclusion. All addresses are simply stored, retrieved, updated, and parsed in the same way.

Addresses can be manually assigned with OES Linux DHCP as well, and again this method is probably the most efficient way to exclude or include MAC addresses.

The method for accomplishing the exclude and include of hardware addresses on OES Linux is, again, accomplished through classes. Classes have a field to set a conditional statement that can be checked against. MAC addresses can be added to this conditional statement for the purpose of exclusion or inclusion. However, keep in mind that the more addresses that need to be excluded or included, the larger the statement will become, which must be checked against each DHCP DISCOVER request received by the DHCP server.

In most cases, Novell support recommends following TID 7003452 -- OES2 DHCP - How to add a Manual IP address assignments to novell-dhcp configuration to accomplish the same end goal.

Resolution

To exclude or include hardware addresses, do the following:
 
DNS/DHCP Management Console:
  1. Highlight the SERVICE object and click on the create button (3-D cube button), and select CLASS
  2. Assign a class name of 'excluded_hosts' or 'included_hosts', check the DEFINE ADDITIONAL PROPERTIES box, and click CREATE
  3. Under the CONDITIONAL STATEMENT field add a string similar to the following:
    • match if ((substring(hardware,1,6)=00:00:00:00:00:02) or (substring(hardware,1,6)=00:00:00:00:00:05))
  5. Continue to append to the string any address desired.  The statement will follow the same format for both classes (excluded_hosts or included_hosts)
  6. Click the SAVE button at the top of the console
  7. Next highlight the POOL and look at the options found under the GENERAL tab.  Notice the section regarding AVAILABLE DHCP CLASS.
  8. For included address, and the 'included_hosts' class to the ALLOWED DHCP CLASS area.  For excluded hosts, add the 'excluded_hosts' class to the DENIED DHCP CLASS area
  9. Click the SAVE button at the top of the console
iManager:
  1. Under iManager's ROLES AND TASKS button, select DHCP (OES LINUX) from the left-hand menu
  2. After setting the SCOPE SETTINGS from the same menu, select CLASS > CREATE CLASS > and assign a class name as stated in number 2 in the previous section
  3. Select CLASS again from the menu and then select VIEW/MODIFY CLASS.  Select the appropriate SERVICE and CLASS and click OK
  4. Under the CONDITIONAL EXPRESSION field, enter the appropriate string as stated under number 3 in the previous section.  The statement has the same format for both the included_hosts and excluded_hosts classes
  5. After applying the changes, select POOL from the menu, then select VIEW/MODIFY POOL.  After selecting the appropriate SERVICE, SUBNET, and POOL, click OK
  6. Follow steps 6 and 7 from the previous section
 

Additional Information


An example of a wildcard type exclusion for all mac addresses beginning with 00:AA:BB would be as follows:
  • match if ((substring(hardware,1,3)=00:AA:BB)
 
Note the major change is the numbers following the hardware string.  1,3 specifies to DHCP to review the first three values.