Developers guide
Chapter 5
Copyright © 2008-2013 Inverse inc.
Configuration 23
dns PacketFence IP address in this network. In
inline type, set it to a valid DNS production
server
dhcp_start Starting IP address of the DHCP scope
dhcp_end Ending IP address of the DHCP scope
dhcp_default_lease_time Default DHCP lease time
dhcp_max_lease_time Maximum DHCP lease time
type vlan-registration or vlan-isolation or inline
named Is PacketFence the DNS for this network ?
(Enabled/Disabled) set it to enabled
dhcpd Is PacketFence the DHCP server for this
network ? (Enabled/Disabled) set it to
enabled
nat Is PacketFence route or NAT the traffic for this
network ? (yes/no) NAT enabled by default,
set to no to route
When starting PacketFence generates the DHCP configuration files by reading the information provided
in networks.conf:
The DHCP configuration file is written to var/conf/dhcpd.conf using conf/dhcpd.conf as a template.
Production DHCP access
In order to perform all of its access control duties, PacketFence needs to be able to map MAC addresses
into IP addresses.
For all the networks/VLANs where you want PacketFence to have the ability to isolate a node or to have
IP information about nodes, you will need to perform one of the techniques below.
Also note that this doesn’t need to be done for the registration, isolation VLANs and inline interfaces
since PacketFence acts as the DHCP server in these networks.
IP Helpers (recommended)
If you are already using IP Helpers for your production DHCP in your production VLANs this approach is
the simplest one and the one that works the best.
Add PacketFence’s management IP address as the last ip helper-address statement in your network
equipment. At this point PacketFence will receive a copy of all DHCP requests for that VLAN and will record
what IP were distributed to what node using a pfdhcplistener daemon.