Subject: Re: dns/dhcpd help
To: Michael Roark <roark@bitbox.org>
From: Jason R. Fink <jrf@diverge.org>
List: netbsd-users
Date: 03/19/2001 22:15:16
at last something i might be able to help with . . .

Michael,

| I have run into kind of a logistics problem that I hope someone out 
| there can help me with. I am fairly new to dhcpd as an 
| administrator, so I didn't expect to run into my current problem. I 
| am the admin for a k-12 school district. I tired of trying to keep up 
| with what ip's were available and putting new user nodes into dns, 
| so I setup dhcp services. Thus far it is the best thing for my 
| situation, except for one thing. I have to periodically review log 
| entries for squid, syslog, and (of course) the mail logs for various 
| transgressions against the acceptable use policy. Now that I am 
| using dhcp, I can't just look at the resolved name. Given the above, 
| what would be the best way, with the least amount of pain, to arrive 
| at intelligible log entries?

in /var/db/ is the leases file(s), u can easily write a script
to examine those. there is - of course - a catch. if the clients
do not have their own hostname, then u will have to use MAC
addresses. the way i do it is clients have model names and a
location description (which is pretty generic, i only have to change
a part of their hostname whn i move a system). so by looking at
the leases file i can map the leased address to a specific system.

| I noticed when watching from the console, that the node sends 
| what it thinks it's dns name is to the dhcpd server 
| (foo.domain.edu). Of course, dhcpd tries to resolve it, fails, and 
| goes on to assign the node it's network info with minimal 
| complaint. It would be nice if dhcpd would accept the machine 
| name (foo) as the descriptor for the log entry, but I do not know if 
| this is possible.

as i said above it should be possible. as a matter of fact i have never
set one up that did *not* accept machine names, however, i do not
bother with ddns either. maybe there is an issue there.

my suggestion is to really fine comb your dns and dhcpd settings.

	jrf

-- 
Jason R. Fink <jrf@diverge.org>