From: Calissa J Lazowicki (CLazowic@mnsfld.edu)
Date: Wed Dec 03 2003 - 12:10:47 CST
Robert,
I completely follow what you are explaining to me. I understand i
shouldn't use the shared-network statement, but then what statement should
i use. If i just do multiple subnet statements i get an error when
starting dhcp. How can i do this?
Calissa
On Wed, 03 Dec 2003 11:35:59 -0600, Robert Lowe
<Robert.H.Lowe@lawrence.edu> wrote:
>
> Calissa J Lazowicki wrote:
>
>> Patrick,
>>
>> Ok, i changed the subnet.dat file and i went over the other changes you
>> suggested... here is our problem, we can't change the netreg machine or
>> the router to the 236 network. they have to stay were they are, that
>> part is out of my hands, i was given the configuration below and told
>> we need to make this work.. subnet 236 is NOT going to be our only
>> subnet w/machines using the netreg system. in our subnet.dat file you
>> see all the other lines in there that are remarked out... well, they
>> are dorms, and one by one they will be brought up to go through netreg
>> as well. so were going to somehow need for all those other subnets to
>> work as well... i think this is where i am coming into a problem.. i am
>> not sure if you understand what i am trying to explain.. maybe this
>> will help:
>>
>> netreg box - 157.62.60.1
>>
>> router - 157.62.236.155 (this is the reason for the gap in the
>> registered pool area of dhcpd.conf, we want to use the ips before and
>> after it)
>> our dorm subnets needed to access netreg -
>> 157.62.234.0
>> 157.62.236.0
>> 157.62.238.0
>> 157.62.240.0
>> 157.62.230.0
>> 157.62.232.0
>> 157.62.225.0
>> 157.62.210.0
>> 157.62.211.0
>>
>> to us it doesn't matter what subnet the unregistered clients use just
>> as long as we can make the above configuration work.
>
> This is fine, although not what I would recommend. The note in
> subnet.dat regarding field #4 means that the counter on the subnet
> overview page from the admin script will not report the correct
> number of active unregistered clients -- it will see all of your
> registered clients as unregistered, along with any unregistered
> clients with active leases. You don't have to re-design your
> subnets or multinet to solve that problem, but you do have to be
> able to cover all of the unregistered IP addresses with a smaller
> subnet, i.e. it overlays on top of your 'real' subnet. So, as I
> explained before, without any changes to your configuration, other
> than perhaps shifting some of the IP addresses in your present
> subnet, this is quite easily done, but in a power of two, e.g. 64
> or 128 addresses.
>
> The line in subnet.dat might look like:
>
> 157.62.236.0/23:Laurel B:300:157.62.236.128/25
> ^^^ ^^^ ^^^
> real subnet (*) not a real subnet
>
> (*) this number is used only to scale the graph on the subnet
> overview page.
>
> When I say 'not a real subnet' above, I mean that no switch
> or router knows anything about this. It is only to distinguish
> unregistered clients from registered clients, only reflecting
> how you have organized your IP address space. If you don't care,
> then leave it blank, as you now have it.
>
> Regardless of that, you *should* fix your dhcpd.conf file to reflect
> your true network topology -- don't use shared-network statements
> unless you really have multiple layer 3 subnets on a single layer 2
> network.
>
> The "you are not in my allowable IP range" error should also include
> the subnet. Was it there, or not? If not, make sure you replaced
> register.cgi with the one from the CIDR kit (and variables.pl, etc.).
>
> My thanks to Patrick, and my apologies for not catching the fact
> that the allowable range isn't expressed as a variable any longer.
> I wrote the CIDR kit, but I certainly don't look at it much any
> more, unless someone reports some kind of issue.
>
> -Robert
>
>> Thank you again for all of your help, i can not explain to you how much
>> you have helped me already :) THANK YOU!
>>
>> Calissa
>>
>>
>>
>>
>> On Tue, 2 Dec 2003 23:37:12 -0500, Patrick Jaques <pjaques@comcast.net>
>> wrote:
>>
>>> Calissa J Lazowicki wrote:
>>>
>>>> I am using the standard variables.pl that comes w/the CIDR update...
>>>> w/the exception of our LDAP info for authentication... here is what i
>>>> have been told so far:
>>>
>>> ...
>>>
>>>> Now, i have also been told i need the $ALLOW_DOMAIN in the
>>>> variables.pl
>>>> file even w/the CIDR update, so i tried that... i still get the same
>>>> thing - ip not in my allowable ip range... any ideas would be
>>>> wonderful
>>>
>>>
>>> Hi Calissa,
>>>
>>> I don't think the variables.pl file is an issue in your problem
>>> because you
>>> are using NetReg v1.3rc2 with the latest CIDR update. The CIDR version
>>> of
>>> variables.pl and register.cgi does not use the $ALLOW_DOMAIN variable.
>>> All
>>> subnet information is stored in /etc/netreg/subnet.dat.
>>>
>>> I noticed a small problem in your subnet.dat. The 3rd parameter in
>>> subnet.dat should refer to the total number of leases allocated to your
>>> registered client pool, but instead it refers to total number hosts
>>> allowed
>>> on your entire subnet.
>>>
>>> Subnet.dat:
>>> 1st 2nd 3rd 4th (empty)
>>> 157.62.236.0/23:LaurelB:510::
>>>
>>> dhcpd.conf:
>>>
>>> Registered Host Pool
>>> -------------------------------------------------
>>> range 157.62.236.5 - 157.62.236.49 (45)
>>> range 157.62.236.156 - 157.62.236.229 (74)
>>> range 157.62.236.246 - 157.62.236.254 (9)
>>>
>>> Unregistered client pool
>>> -------------------------------------------------
>>> range 157.62.236.50 - 157.62.236.154 (105)
>>>
>>> The above ranges in your registered client pool are only 128 total
>>> leases,
>>> not 510 and your unregistered client pool has only 105 available
>>> leases. The
>>> third parameter should say 128, instead of 510. BTW, your lease pools
>>> are
>>> too small and should be increased. Since your subnet starts at
>>> 157.62.236.1
>>> and ends at 157.62.237.254, you should make use of the unused address
>>> space
>>> between 157.62.237.1 and 157.62.237.254 for your lease pools.
>>>
>>> -- Patrick Jaques
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
>
-- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ ********************************************************************** To unsubscribe from this list, send an e-mail message to majordomo@southwestern.edu containing a single line with the words: unsubscribe netreg Send requests for assistance to: owner-netreg@southwestern.edu **********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:42 CDT