Managing ISC DHCPd 4.x from scripts

It was necessary to implement the management of IP issuance in the network of one provider, linking it with the accounting system and other "chips". As a DHCP server, ISC DHCP 4.x was installed on the 9th Ubuntu Server.



For DHCPd, you had to implement:

1. adding a new static reservation (per Mac or switch port - option 82),
2. “Binding” of a user with IP issued dynamically (that is, from a pool of free IP) to a static reservation
3. removing static reservation
4. removal of dynamic lease before reservation expires
5. Various reports on subnets, mac addresses, free and busy addresses

I want to share the information collected in the implementation process, on what pitfalls I stumbled upon, as I went around, which I didn’t get around. Maybe someone will save a few hours of time.

Immediately make a reservation: this post is by no means the ultimate truth, an indication of the only right decision, and indeed any instruction. This is just some kind of working information. Use it or not, believe it or not, as well as solve a particular task - let everyone decide for himself in the context of his situation. My solutions were convenient for me in my case, but no more than that. So:

1. ISC DHCPd does not support and in the foreseeable future will not support updating the config via SIGHUP or some other signal. According to their assurances, this “requires too serious work for which they do not have and do not foresee time”
2. All static configuration is stored in dhcpd.conf, all dynamic dhcpd.leases. What is first written lease, flush is done on the disk, and only after that the answer is sent to the client. Together, these two files contain all the necessary information so that when restarted, the server returns to exactly the same state as it was before.
3. If dhcpd does something that is written in the config and does not imply any variations, conflicts (for example, static IP reservations on the MAC), nothing is written to dhcpd.leases.
4. As a result, the only way to trace when the last time a certain IP was statically linked to MAC was log analysis: dhcpd.leases does not contain this information, the server also does not write anything to the config.
5. dhcpd has its own API through which it is theoretically possible to manage the server in real-time. As well as the omshell command-line utility using this API. Through it, it is theoretically possible to control the server without down-time. In addition, it supports the ability to submit a sequence of commands to STDIN, which makes it a fairly convenient tool for many tasks. All data is written in dhcp.leases, do not touch the config.
6. There is no way to get lists of something in omshell. All work goes with one unique object. To get the lists, you will have to parse the config files / leases.
7. omshell does not support the removal of the existing lease, says “not implemented”. In addition, during one of the tests, the dhcp.leases file broke (some strange garbage appeared inside) and dhcpd because of this did not restart. It was not possible to reproduce the situation, but decided not to risk it and left omshell alone.
8. In the 4th version there is no possibility to control the order of dynamic issuance of addresses from several shared-network subnetworks. The type option to issue public addresses for all clients from the main network and private ones with NAT from another one only if there are no more free addresses in the main network at the moment. It will be issued from both in the order convenient dhcpd.
9. The ip-mac binding only means that this IP will be issued to this IP if it asks for it and the IP will be free. But at the same time, this IP can be issued to someone else, if at the moment it is free, it is located in the pool where it is allowed to issue IP to not statically registered clients and there are not enough free addresses.
10. I did not manage to find any ready clearly working tool capable of managing isc dhcd 4.x from under the web and a little bit extensible. All that is less workable - made under the 3rd version.
11. I did not find any fully implemented SQL connection project as a backend for storing dhcpd.conf and dhcpd.leases. All projects I have seen re-create a config, read and write dhcpd.leases and restart dhcpd

Further, as I solved some subtasks in my case:

• Deleting an already issued lease was decided by adding a copy of the required leasing to the end of dhcpd.leases, replacing the “binding state active” with “bindng state free” and restarting dhcpd. The server reads dhcpd.leases in order and records occurring later overrun previous ones.
• The data is stored in MySQL, with changes I re-generated the config and restarted dhcpd.
• The addresses that were currently occupied were received by reading dhcpd.leases (as mentioned above, its contents are always up to date, the file can be easily disassembled by retexp) + from the database: everything that is not in the file in 'active' status or in the database is considered free.
• Binding the IP to the switch port with a combination of class and pool as in this example:
  
  ... IP c ...

class "172.16.16.227:4" {

match if concat(

binary-to-ascii(10,8,".",packet(24,4)),":",binary-to-ascii(10,8,"",suffix(option agent.circuit-id,1))) = "172.16.16.227:4";

}

...

subnet 192.168.1.0 netmask 255.255.255.0 {

option routers 192.168.1.1;

... ...

pool { range 192.168.1.3; allow members of "172.16.16.227:4"; } # bind ip to port

pool { #static bindings

range 192.168.1.2; range 192.168.1.4; range 192.168.1.5;

.... IP , ...

deny unknown-clients;

}

pool { #free IPs

range 192.168.1.6; range 192.168.1.8; range 192.168.1.15;

.... c IP ...

allow unknown-clients;

}

}