if-match

Use if-match to configure a match rule for a DHCP user class.

Use undo if-match to delete a match rule for a DHCP user class.

Syntax

if-match rule rule-number { hardware-address hardware-address mask hardware-address-mask | option option-code [ ascii ascii-string [ offset offset | partial ] | hex hex-string [ mask mask | offset offset length length | partial ] ] | relay-agent gateway-address }

undo if-match rule rule-number

Default

No match rules are configured for the DHCP user class.

Views

DHCP user class view

Predefined user roles

network-admin

mdc-admin

Parameters

rule rule-number: Assigns the match rule an ID in the range of 1 to 16. A smaller ID represents a higher match priority.

hardware-address hardware-address: Specifies a hardware address, a string of 4 to 39 characters. The string contains hyphen-separated hexadecimal numbers. The last hexadecimal number can be a two-digit or four-digit number, and the other hexadecimal numbers must be four-digit numbers. For example, aabb-ccdd-ee is valid, and aabb-c-dddd or aabb-cc-dddd is invalid.

mask hardware-address-mask: Specifies the mask to be ANDed with the specified hardware address for the match operation. The length of the mask must be the same as that of the hardware address.

option option-code: Specifies a DHCP option by its number in the range of 1 to 254.

ascii ascii-string: Specifies an ASCII string of 1 to 128 characters.

offset offset: Specifies the offset in bytes after which the match operation starts. The value range is 0 to 254. If you specify an ASCII string, a packet matches the rule if the option content after the offset is the same as the ASCII string. If you specify a hexadecimal number, a packet matches the rule if the option content of the specified length after the offset is the same as the hexadecimal number.

partial: Enables partial match. A packet matches a rule if the specified option in the packet contains the ASCII string or hexadecimal number specified in the rule. For example, if you specify abc in the rule, option content xabc, xyzabca, xabcyz, and abcxyz all match the rule.

hex hex-string: Specifies a hexadecimal number. The length of the hexadecimal number must be an even number in the range of 2 to 256.

mask mask: Specifies a hexadecimal mask for the match operation. The mask length must be an even number in the range of 2 to 256 and be the same as the hex-string length. The DHCP server selects option content of the mask length from the start and ANDs the selected option content and the specified hexadecimal number with the mask. The packet matches the rule if the two AND operation results are the same.

length length: Specifies the length of the option content to be matched, in the range of 1 to 128 bytes. The length must be the same as the hex-string length.

relay-agent gateway-address: Specifies a giaddr field value. The value is an IPv4 address in the dotted decimal notation. A packet matches the rule if its giaddr field value is the same as that in the rule.

Usage guidelines

If a DHCP request sent by a DHCP client matches a rule in a DHCP user class, the DHCP client matches the user class.

You can configure multiple match rules for a DHCP user class. Each match rule is uniquely identified by a rule ID within its type (hardware address, option, or relay agent address).

When you configure an if-match hardware-address rule, follow these guidelines:

When you configure an if-match option rule, follow these guidelines:

To match a hexadecimal number directly, specify the option option-code hex hex-string [ offset offset length length | partial ] options. If you do not specify the offset, length, or partial parameter, a packet matches a rule if the option content starts with the hexadecimal number.

To match an ASCII string, specify the option option-code ascii ascii-string [ offset offset | partial ] options. If you do not specify the offset or partial parameter, a packet matches a rule if the option content starts with the ASCII string.

Examples

# Configure match rule 1 for DHCP user class exam to match DHCP requests in which the hardware address is six bytes long and begins with 0094.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 1 hardware-address 0094-0000-0101 mask ffff-0000-0000

# Configure match rule 2 for DHCP user class exam to match DHCP requests that contain Option 82.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 2 option 82

# Configure match rule 3 for DHCP user class exam. The rule matches DHCP requests in which the highest bit of the fourth byte in Option 82 is the hexadecimal number 1.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 3 option 82 hex 00000080 mask 00000080

# Configure match rule 4 for DHCP user class exam. The rule matches DHCP requests in which the first three bytes of Option 82 are the hexadecimal number 13ae92.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 4 option 82 hex 13ae92 offset 0 length 3

# Configure match rule 5 for DHCP user class exam. The rule matches DHCP requests in which the Option 82 contains the hexadecimal number 13ae.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 5 option 82 hex 13ae partial

# Configure match rule 6 for DHCP user class exam to match DHCP requests in which the giaddr field is 10.1.1.1.

<Sysname> system-view
[Sysname] dhcp class exam
[Sysname-dhcp-class-exam] if-match rule 6 relay-agent 10.1.1.1

Related commands

dhcp class