1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
|
### Autogenerated by dhcp_server.py ###
# For options please consult the following website:
# https://www.isc.org/wp-content/uploads/2017/08/dhcp43options.html
#
# log-facility local7;
{% if hostfile_update is vyos_defined %}
on release {
set ClientName = pick-first-value(host-decl-name, option fqdn.hostname, option host-name);
set ClientIp = binary-to-ascii(10, 8, ".",leased-address);
execute("/usr/libexec/vyos/system/on-dhcp-event.sh", "release", "", ClientIp, "", "");
}
on expiry {
set ClientName = pick-first-value(host-decl-name, option fqdn.hostname, option host-name);
set ClientIp = binary-to-ascii(10, 8, ".",leased-address);
execute("/usr/libexec/vyos/system/on-dhcp-event.sh", "release", "", ClientIp, "", "");
}
{% endif %}
{{ 'use-host-decl-names on;' if host_decl_name is vyos_defined }}
ddns-update-style {{ 'interim' if dynamic_dns_update is vyos_defined else 'none' }};
option rfc3442-static-route code 121 = array of integer 8;
option windows-static-route code 249 = array of integer 8;
option wpad-url code 252 = text;
option rfc8925-ipv6-only-preferred code 108 = unsigned integer 32;
# Vendor specific options - Ubiquiti Networks
option space ubnt;
option ubnt.unifi-controller code 1 = ip-address;
class "ubnt" {
match if substring (option vendor-class-identifier , 0, 4) = "ubnt";
option vendor-class-identifier "ubnt";
vendor-option-space ubnt;
}
{% if global_parameters is vyos_defined %}
# The following {{ global_parameters | length }} line(s) have been added as
# global-parameters in the CLI and have not been validated !!!
{% for parameter in global_parameters %}
{{ parameter }}
{% endfor %}
{% endif %}
{% if failover is vyos_defined %}
# DHCP failover configuration
failover peer "{{ failover.name }}" {
{% if failover.status == 'primary' %}
primary;
mclt 1800;
split 128;
{% elif failover.status == 'secondary' %}
secondary;
{% endif %}
address {{ failover.source_address }};
port 647;
peer address {{ failover.remote }};
peer port 647;
max-response-delay 30;
max-unacked-updates 10;
load balance max seconds 3;
}
{% endif %}
{% if listen_address is vyos_defined %}
# DHCP server serving relay subnet, we need a connector to the real world
{% for address in listen_address %}
# Connected subnet statement for listen-address {{ address }}
subnet {{ address | network_from_ipv4 }} netmask {{ address | netmask_from_ipv4 }} { }
{% endfor %}
{% endif %}
# Shared network configration(s)
{% if shared_network_name is vyos_defined %}
{% for network, network_config in shared_network_name.items() if network_config.disable is not vyos_defined %}
shared-network {{ network }} {
{% if network_config.authoritative is vyos_defined %}
authoritative;
{% endif %}
{% if network_config.name_server is vyos_defined %}
option domain-name-servers {{ network_config.name_server | join(', ') }};
{% endif %}
{% if network_config.domain_name is vyos_defined %}
option domain-name "{{ network_config.domain_name }}";
{% endif %}
{% if network_config.domain_search is vyos_defined %}
option domain-search "{{ network_config.domain_search | join('", "') }}";
{% endif %}
{% if network_config.ntp_server is vyos_defined %}
option ntp-servers {{ network_config.ntp_server | join(', ') }};
{% endif %}
{% if network_config.ping_check is vyos_defined %}
ping-check true;
{% endif %}
{% if network_config.shared_network_parameters is vyos_defined %}
# The following {{ network_config.shared_network_parameters | length }} line(s)
# were added as shared-network-parameters in the CLI and have not been validated
{% for parameter in network_config.shared_network_parameters %}
{{ parameter }}
{% endfor %}
{% endif %}
{% if network_config.subnet is vyos_defined %}
{% for subnet, subnet_config in network_config.subnet.items() %}
{% if subnet_config.description is vyos_defined %}
# {{ subnet_config.description }}
{% endif %}
subnet {{ subnet | address_from_cidr }} netmask {{ subnet | netmask_from_cidr }} {
{% if subnet_config.name_server is vyos_defined %}
option domain-name-servers {{ subnet_config.name_server | join(', ') }};
{% endif %}
{% if subnet_config.domain_name is vyos_defined %}
option domain-name "{{ subnet_config.domain_name }}";
{% endif %}
{% if subnet_config.domain_search is vyos_defined %}
option domain-search "{{ subnet_config.domain_search | join('", "') }}";
{% endif %}
{% if subnet_config.ntp_server is vyos_defined %}
option ntp-servers {{ subnet_config.ntp_server | join(', ') }};
{% endif %}
{% if subnet_config.pop_server is vyos_defined %}
option pop-server {{ subnet_config.pop_server | join(', ') }};
{% endif %}
{% if subnet_config.smtp_server is vyos_defined %}
option smtp-server {{ subnet_config.smtp_server | join(', ') }};
{% endif %}
{% if subnet_config.time_server is vyos_defined %}
option time-servers {{ subnet_config.time_server | join(', ') }};
{% endif %}
{% if subnet_config.wins_server is vyos_defined %}
option netbios-name-servers {{ subnet_config.wins_server | join(', ') }};
{% endif %}
{% if subnet_config.ipv6_only_preferred is vyos_defined %}
option rfc8925-ipv6-only-preferred {{ subnet_config.ipv6_only_preferred }};
{% endif %}
{% if subnet_config.static_route is vyos_defined %}
{% set static_default_route = '' %}
{% if subnet_config.default_router is vyos_defined %}
{% set static_default_route = ', ' ~ '0.0.0.0/0' | isc_static_route(subnet_config.default_router) %}
{% endif %}
{% if subnet_config.static_route is vyos_defined %}
{% set rfc3442_routes = [] %}
{% for route, route_options in subnet_config.static_route.items() %}
{% set rfc3442_routes = rfc3442_routes.append(route | isc_static_route(route_options.next_hop)) %}
{% endfor %}
option rfc3442-static-route {{ rfc3442_routes | join(', ') }}{{ static_default_route }};
option windows-static-route {{ rfc3442_routes | join(', ') }};
{% endif %}
{% endif %}
{% if subnet_config.ip_forwarding is vyos_defined %}
option ip-forwarding true;
{% endif %}
{% if subnet_config.default_router is vyos_defined %}
option routers {{ subnet_config.default_router }};
{% endif %}
{% if subnet_config.server_identifier is vyos_defined %}
option dhcp-server-identifier {{ subnet_config.server_identifier }};
{% endif %}
{% if subnet_config.subnet_parameters is vyos_defined %}
# The following {{ subnet_config.subnet_parameters | length }} line(s) were added as
# subnet-parameters in the CLI and have not been validated!!!
{% for parameter in subnet_config.subnet_parameters %}
{{ parameter }}
{% endfor %}
{% endif %}
{% if subnet_config.tftp_server_name is vyos_defined %}
option tftp-server-name "{{ subnet_config.tftp_server_name }}";
{% endif %}
{% if subnet_config.bootfile_name is vyos_defined %}
option bootfile-name "{{ subnet_config.bootfile_name }}";
filename "{{ subnet_config.bootfile_name }}";
{% endif %}
{% if subnet_config.bootfile_server is vyos_defined %}
next-server {{ subnet_config.bootfile_server }};
{% endif %}
{% if subnet_config.bootfile_size is vyos_defined %}
option boot-size {{ subnet_config.bootfile_size }};
{% endif %}
{% if subnet_config.time_offset is vyos_defined %}
option time-offset {{ subnet_config.time_offset }};
{% endif %}
{% if subnet_config.wpad_url is vyos_defined %}
option wpad-url "{{ subnet_config.wpad_url }}";
{% endif %}
{% if subnet_config.client_prefix_length is vyos_defined %}
option subnet-mask {{ ('0.0.0.0/' ~ subnet_config.client_prefix_length) | netmask_from_cidr }};
{% endif %}
{% if subnet_config.lease is vyos_defined %}
default-lease-time {{ subnet_config.lease }};
max-lease-time {{ subnet_config.lease }};
{% endif %}
{% if network_config.ping_check is not vyos_defined and subnet_config.ping_check is vyos_defined %}
ping-check true;
{% endif %}
{% if subnet_config.static_mapping is vyos_defined %}
{% for host, host_config in subnet_config.static_mapping.items() if host_config.disable is not vyos_defined %}
host {{ host | replace('_','-') if host_decl_name is vyos_defined else network | replace('_','-') ~ '_' ~ host | replace('_','-') }} {
{% if host_config.ip_address is vyos_defined %}
fixed-address {{ host_config.ip_address }};
{% endif %}
hardware ethernet {{ host_config.mac_address }};
{% if host_config.static_mapping_parameters is vyos_defined %}
# The following {{ host_config.static_mapping_parameters | length }} line(s) were added
# as static-mapping-parameters in the CLI and have not been validated
{% for parameter in host_config.static_mapping_parameters %}
{{ parameter }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
{% if subnet_config.vendor_option.ubiquiti.unifi_controller is vyos_defined %}
option ubnt.unifi-controller {{ subnet_config.vendor_option.ubiquiti.unifi_controller }};
{% endif %}
{% if subnet_config.range is vyos_defined %}
{# pool configuration can only be used if there follows a range option #}
pool {
{% endif %}
{% if subnet_config.enable_failover is vyos_defined %}
failover peer "{{ failover.name }}";
deny dynamic bootp clients;
{% endif %}
{% if subnet_config.range is vyos_defined %}
{% for range, range_options in subnet_config.range.items() %}
range {{ range_options.start }} {{ range_options.stop }};
{% endfor %}
{% endif %}
{% if subnet_config.range is vyos_defined %}
{# pool configuration can only be used if there follows a range option #}
}
{% endif %}
}
{% endfor %}
{% endif %}
on commit {
set shared-networkname = "{{ network }}";
{% if hostfile_update is vyos_defined %}
set ClientIp = binary-to-ascii(10, 8, ".", leased-address);
set ClientMac = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));
set ClientName = pick-first-value(host-decl-name, option fqdn.hostname, option host-name, "empty_hostname");
if not (ClientName = "empty_hostname") {
set ClientDomain = pick-first-value(config-option domain-name, "..YYZ!");
execute("/usr/libexec/vyos/system/on-dhcp-event.sh", "commit", ClientName, ClientIp, ClientMac, ClientDomain);
} else {
log(concat("Hostname is not defined for client with IP: ", ClientIP, " MAC: ", ClientMac));
}
{% endif %}
}
}
{% endfor %}
{% endif %}
|
