vendor-encapsulated-options and Scope

Martin McCormick martin at dc.cis.okstate.edu
Thu Dec 11 17:49:56 UTC 2008 

	Any idea how the vendor-encapsulated-options in one
network could poison DHCP for many other subnets?

	We had the following test configuration for some Cisco
wireless access points in the following subnet configuration:

subnet 10.193.228.0 netmask 255.255.252.0 {
#v4082
#ap-uhs
option subnet-mask 255.255.252.0;
option routers 10.193.231.254;
option broadcast-address 10.193.231.255;
default-lease-time 28800;
max-lease-time 28800;
class "Cisco AP c1200" {
match if option vendor-class-identifier = "Cisco AP c1200";
option vendor-class-identifier "Cisco AP c1200";
option vendor-encapsulated-options f1:02:ac:11:8e:36; }
class "Cisco AP c1240" {
match if option vendor-class-identifier = "Cisco AP c1240";
option vendor-class-identifier "Cisco AP c1240";
option vendor-encapsulated-options f1:02:ac:11:8e:36; }
class "Cisco AP c1250" {
match if option vendor-class-identifier = "Cisco AP c1250";
option vendor-class-identifier "Cisco AP c1250";
option vendor-encapsulated-options f1:02:ac:11:8e:36; }
class "Cisco AP c1500" {
match if option vendor-class-identifier = "Cisco AP c1500";
option vendor-class-identifier "Cisco AP c1500";
option vendor-encapsulated-options f1:02:ac:11:8e:5a; }
} #end network 10.193.228.0

	This was a test setup but here's what happened:

	Access points all over our network in many different
ten-dot subnets began dying like flies as their leases expired.
When they renewed, they got the correct IP address for their
subnet plus the router address for the network config shown
above.

	Every single AP lost its proper router and was given
10.193.231.254 no matter what its subnet was.

	What we did was run WireShark on a single access point
and sniff the traffic. It's not practical to run WireShark on
every one on campus, but we assume that all the other dead AP's
were given 10.193.231.254 as the router.

	I had put about 20 new subnets in yesterday at the same
time so we pulled all the new nets back out and the Sun came out
and the birds began to sing again.:) Today, I put in 4 or 5
of the subnets at a time and a coworker would recycle the AP we
were monitoring. It worked perfectly even after we added subnet
10.193.228.0 but without the option 43 statements.

	We then put those option statements back in and the AP
got the same wrong router once again.

	Removal of the vendor-encapsulated-option statements
again restored proper operation.

	Any ideas as to why this effected every other ten-dot
network as far as I know?

Martin McCormick WB5AGZ  Stillwater, OK 
Systems Engineer
OSU Information Technology Department Telecommunications Services Group

More information about the dhcp-users mailing list