# dhcpd - trying to assign IP pools to groups in dhcpd.conf

## Ant P.

I've been trying to figure this one out for hours and now I'm wondering if it's even possible.

Is there a simple, straightforward way of applying a "pool{ }" block to the hosts in a "group{ }" block? Or do I have to use the class/subclass options (and maintain duplicated lists of MAC addresses)? Sorry if it sounds like an easy question, but the manpages are really lacking in this area...

----------

## darkphader

Not sure exactly what you're asking but I use a pool and multiple groups.

For clients that don't get a fixed IP address:

```
options <options for unknown clients getting dynamic IP address>;

        pool {

                deny known clients;

                range x.x.x.x x.x.x.y;

                }

```

For a particular group:

```
group corpsystems {

option <options for corporate owned systems getting fixed/known IP's>;

default-lease-time <longer than the pool>;

max-lease-time <longer than the pool>;

```

For a different group (in this case personally owned systems that are known and getting fixed IP's):

```
group other {

option <options may be different than the corp group>;

default-lease-time <ditto>;

max-lease-time <ditto>;
```

----------

## ccp

 *Ant_P wrote:*   

> I've been trying to figure this one out for hours and now I'm wondering if it's even possible.
> 
> Is there a simple, straightforward way of applying a "pool{ }" block to the hosts in a "group{ }" block? Or do I have to use the class/subclass options (and maintain duplicated lists of MAC addresses)? Sorry if it sounds like an easy question, but the manpages are really lacking in this area...

 I have not try this myself but from man page it seems to be possible to put subnet statement inside a group statement, have your try this?

----------

## Ant P.

I've tried that now, but the config file seems to not have scoping at all. The subnet statement is applying to the whole config file regardless of whether it's in a group or not.

----------

## darkphader

 *Ant_P wrote:*   

> I've tried that now, but the config file seems to not have scoping at all. The subnet statement is applying to the whole config file regardless of whether it's in a group or not.

 My group statements are outside of the subnet statement. The pool statement and its associated options are inside the subnet statement.

----------

## Ant P.

I think you misunderstood my first post. I want different groups to have different IP ranges on the same subnet, what you are describing is not what I want.

----------

## darkphader

 *Ant_P wrote:*   

> I think you misunderstood my first post. I want different groups to have different IP ranges on the same subnet, what you are describing is not what I want.

 I already alluded to that :)

However, I can say with absolute certainty that the pool and groups I posted a skeleton of are working and are all in the same subnet. The systems in the groups are receiving fixed IP addresses. But I doubt that has to be the case. If you want to stick known systems in a different dynamic range you can probably do it with classes or groups. Ex. with groups:

```
subnet 192.168.17.0 netmask 255.255.255.0 {

  option broadcast-address 192.168.17.255;

  option netbios-node-type 2;

  option netbios-scope "";

  pool {

        deny known-clients;

        option ip-forwarding false;

        option router-discovery false;

        range 192.168.17.21 192.168.17.25;

        }

  pool {

        deny unknown-clients;

        option ip-forwarding false;

        option router-discovery false;

        range 192.168.17.26 192.168.17.29;

        }

}

group mysystems {

  option netbios-node-type 8;

  default-lease-time 21600;

  max-lease-time 43200;

host system1.mydomain.soho {

  hardware ethernet 30:16:76:AA:BF:70;

  }

host system2.mydomain.soho  {

  hardware ethernet 30:10:a4:92:5d:23;

  }

}
```

As the systems in the group are "known" they should only get IP addresses from the "known" pool. I haven't tested this but it should work. Or you can use just classes and something like:

```
  pool {

        allow members of myclass;

        range 192.168.17.26 192.168.17.29;

        }
```

Don't see why you would have to define systems in both classes and groups. In my cases, when I'm concerned with a system enough to know its MAC address (or UID) I usually want to provide it a fixed IP for DNS purposes.

Chris

EDIT: tested the groups version - works fine, pretty sure the class version would as well.

----------

