Valeri Galtsev wrote: > > > On 06/08/18 10:27, m.roth at 5-cent.us wrote: >> John Hodrien wrote: >>> On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: >>> >>>> We've been required to encrypt h/ds, and so have been rolling that out >>>> over the last year or so. Thing is, you need to put in a password, of >>>> course, to boot the system. My manager found a way to allow us to >>>> reboot without being at the system's keyboard, a package called >>>> clevis. Works fine... except in a couple of very special cases. >>>> >>>> Those systems, the problem is that, due to older software, and *very* >>>> expensive licenses that are tied to a MAC address, I have to spoof the >>>> MAC address since my users got new(er) machines. >>>> >>>> Clevis is trying to contact its password server, using the *real* MAC >>>> address, but our DHCP has to serve the *spoofed* MAC address. I know, >>>> from trying, that I can't have two entries for the same system. Can >>>> anyone suggest a solution? >>> >>> Nothing wrong with having two MAC addresses listed for one IP. With >>> ISC DHCP the label for a host has to be unique, but the hostname doesn't. >> >> The IP's not the problem, it's dhcpd gagging on two entries, two MAC >> addresses, for the same server name - think dhcpd.conf.local > > When I have a machine that can comes with different MAC addresses, and I > have to give it the same IP, here is what I have in DHCP server > configuration (Mac addresses and IP address are obfuscated below): > > # tricky machine > host tricky { > hardware ethernet xx:xx:xx:xx:xx:xx; > fixed-address A.B.C.D; > } > > # tricky machine again > host tricky1 { > hardware ethernet yy:yy:yy:yy:yy:yy; > fixed-address A.B.C.D; > } > Hmmm... wonder if it will gag - we don't put the IP in that, that comes from DNS. The format we use is host <host <shortname> P hardware ethernet <MAC address>; fixed-address <fqdn>;} so if it would work, replace shortname with short and short1? mark