#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample  
#
ddns-update-style ad-hoc;
ddns-domainname "home.teaparty.net";
ddns-rev-domainname "in-addr.arpa";

# internal wireline
subnet 192.168.3.0 netmask 255.255.255.0 {
 range 192.168.3.200 192.168.3.210 ;
 default-lease-time 3600 ;
 max-lease-time 3600 ;
 option subnet-mask 255.255.255.0 ;
 option broadcast-address 192.168.3.255 ;
 option routers 192.168.3.1 ;
 option domain-name-servers 192.168.3.1 ;
 option domain-name "home.teaparty.net" ;
}

# wireless
subnet 192.168.2.0 netmask 255.255.255.0 {
 default-lease-time 3600 ;
 max-lease-time 3600 ;
 option subnet-mask 255.255.255.0 ;
 option broadcast-address 192.168.2.255 ;
 option domain-name-servers 192.168.3.1 ;

 # users i don't know, who need a default route
 pool {
  range 192.168.2.200 192.168.2.219 ;
  option routers 192.168.2.1 ;
  allow unknown-clients ;
  deny known-clients ;
 }

 # me and my wife, who might well use openvpn and should have no default route
 pool {
  range 192.168.2.100 192.168.2.109 ;
  option domain-name "home.teaparty.net" ;
  allow known-clients ;
  deny unknown-clients ;
 }

}

# our laptops
#  these get no more ip access rights than other clients
#  they also get no default route and must use openvpn to reach internet
#  hence evading bandwidth constraint
group {
 host anni.home.teaparty.net {
  hardware ethernet 00:11:22:33:44:55 ; }
 host tiananmen.home.teaparty.net {
  hardware ethernet 00:66:77:88:99:aa ; }
}