I tried a different approach. I created a patch (attached) so that the tag "knownother" is applied if there is a host definition that applies to a different context. In our setup, we then added "dhcp-ignore=tag:knownother".
On Wed, Mar 15, 2017 at 1:14 PM, Todd Sankey <d...@lutean.com> wrote: > Our setup has two wifi networks with different network addresses, one for > employees and one for guests. On the employee network, the hosts all have > static host entries that include IP addresses. The guest network has no > static host entries. What we would like to do is prevent the employee > machines from getting any assignment on the guest network. > > We tried using "tag:!known" in the dhcp-range configuration, and we have > tried a tag-if statement that sets a tag based on the guest network > interface and known followed by a dhcp-ignore. Neither works. > > Looking through the code, I think it is because when looking for a > dhcp_config entry, the search is filtered by whether the assigned address > is valid for the interface the request was received on. Since the static > assignments are only valid for the employee network, when a request is > received on the guest network, the static assignments are not valid so the > "known" tag is never set. As a result, neither the dhcp-range tag filter > nor the tag-if filter has the desired effect. > > I next tried having dhcp-host entries for every employee machine, one with > a static assignment on the employee network, and one with a static > assignment on guest network and appending "ignore" to the guest network > entry. This seems to have the desired behaviour in that employee machines > cannot get on the guest network. However, this obviously doubles the work > of maintaining the host list. I am also not sure what this does to the > guest address range having these static but ignored assignments. > > Is there a better way to do this in the current version (2.76)? > > If not, would it be a reasonable feature request to extend the handling of > dhcp-host settings so that if there is an IP assignment and "ignore" is > specified, then the host is ignored on networks where the IP assignment is > not valid? >
knownother.patch
Description: Binary data
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
