Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Assigning specific IPs Dynamically based on certain criteria

New Member
Posts: 1
5074     0

Hi,

 

I was wondering if there is a way to assign specific IP addresses from a range, using the hostname of a host as a criterion. I am trying to find a solution to the following case:

 

I have a university lab whith 20 PCs. The PCs belong to a /24 network and due to other constrains (security, network access control) I cannot create a different subnet for them so I can control the network access of these PCs without affecting the rest of the network they belong. What I did, was to reserve a range of 20 IPs based on the PCs MAC address from the DHCP pool of the network they belong. I then use access lists on that network's router to block their access when the students have exams. So far so good. However, when our technical support replaces lab PCs, the MAC addresses change. As a result the replaced PCs do not get an IP within the controlled range. As the technical support does not communicate directly with our engineering we don't know of these incidents and problems arise when the control needs to be in place. On the other hand, the hostnames of the lab PCs have a specific structure and the replaced PCs (or even new additions) follow the hostname scheme (e.g. their hostnames are 7 characters long and start with the letters CES). So I was thinking, if there is a way to tell the Infoblox DHCP server to assign the IPs to hosts whose hostnames begin with CES**** rather than using their MAC address, would be great.

 

Any help and thoughts are appreciated.

Re: Assigning specific IPs Dynamically based on certain criteria

[ Edited ]
Superuser
Posts: 81
5074     0

Hello Gentleman,

 

Assuming that the clients are going to be sending the hostname via DHCP option 12, sounds like you may create an IPv4 option filter with match rule substring(option host-name,0,3)="CES")  to fulfil this requirement. To do this you may :

 

1) Go to Data management -> DHCP -> IPv4 filters -> Create an IPv4 Option filter with the following rule -> Save :

 

Host-name (12) string  --  substring equals  --  (Offset=0  ;  Length=3) --  CES

 

2) Create a DHCP range exclusively for these students with the range of IP addresses that you’re comfortable with.

 

3) Edit the above DHCP range from which the students are suppose to get a lease -> Under ‘IPv4 filters’ -> Add the filter created above under ‘Class Filter List’  -> Select the Action to be ‘Grant lease’. This should automatically deny leases for any clients whose hostname doesn’t begin with ‘CES’, from this specific range.

 

4) Now if there are any other DHCP ranges for the same network, you must ‘Deny’ the filter created above under ‘Class Filter List’. Else, the students may get a lease from that specific DHCP range.

 

Hope that’ll work out for you. I would recommend you to try this in a test environment -> Verify that this doesn’t break anything -> Then configure this in your production. Let me know if you have any questions.

 

Best regards.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You