Retired > 2.1 Snapshot Feedback and Problems - RETIRED

TESTING NEEDED: Multiple DHCP pools within a subnet

(1/6) > >>

jimp:
I just committed initial support for multiple DHCP pools inside of a subnet, and you can set options specific to that pool to have the pools act differently.

https://github.com/bsdperimeter/pfsense/commit/cba980f6a4fafa55b1eb11621e33942f149061ff

For example, you can have:

Pool A deny MAC prefix of AA:BB, using one set of addresses with one gateway
Pool B allow MAC prefix of AA:BB, using a different set of addresses and a different gateway, and DNS, etc.

It would also allow you to have servers/static maps in the middle of a subnet by making the main range at the start of the subnet and a pool after the static addresses.

One thing it lacks yet is input validation to make sure that you are not entering overlapping subnets.

If you are already on the latest snapshot, apply the commit above using the system patches package, gitsync, or wait for the next new snapshot and give it a try.

It worked for me in a VM environment using the above scenario. I made two pools, watched the VM client pick up an IP from the first pool. Then I denied the VM's MAC access to the first pool, reconnected it, and it pulled an IP from the second pool, and so on. But of course people out in the real world can usually dream up more scenarios than I can possibly test myself. So have at it and reply here with what does or doesn't work.

There should effectively be no change for people running without pools. They're completely optional.

xbipin:
great, trying it out right now

jimp:
If someone is crazy enough to want to try this on 2.0.1/2.0.2, here is a patch that can be applied using the system patches package:

http://files.chi.pfsense.org/jimp/patches/pools-202.patch
(Path strip = 0, base = /)

GruensFroeschli:
Did some short tests.
I didn't see anything not working.

A suggestion: Could you allow subnets availlable with a VIP as well?
(usage scenario: provide a seperate DHCP-range/subnet for all "unknown" clients)

jimp:
OK.

Those subnets can't be done the same way they require special coding and syntax for "shared network" in the DHCP config. The pools I did this way are much easier and more often requested.

We do have code for the shared network way but it hasn't found its way into the open source repo yet, not sure what the ETA on that might be.

I do still need to code up the input validation for this though.

Navigation

[0] Message Index

[#] Next page

Go to full version