Setting option 252

Andrew Wood andrew at
Sun Sep 8 12:26:10 UTC 2013

Thanks Glenn, thats got it working now with Windows at least. I read 
somewhere that it works with Mac OS X so I'll test that out. Just wish 
it would be made part of the standard!

On 06/09/13 14:11, Glenn Satchell wrote:
> This is what I've had in dhcpd.conf for years. Works well on Windows, less
> well on other operating systems. Note the second bit regarding DHCPINFORM.
> The dhcp client has to support it and stash the setting, second the
> browser has to take notice of it.
> # Windows systems accept the WPAD option for setting up their proxy server
> # (Autodetect proxy settings):
> # (According to Ted Lemon, "text" will get the Microsoft
> # NUL termination bug heuristic applied, and "string" won't!
> option wpad code 252 = text;
> option wpad "http://proxy/proxy.pac\000";
> # Special config for Windows ("MSFT 5.0") systems.
> # Note this does not catch Windows CE.
> class "MSFT" {
>    match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
>    # They put 252 on the DHCPINFORM's, but not on the DHCPREQUEST's
>    # PRL.  So we over-ride the PRL to include 252 = 0xFC, which will
>    # send the option at DHCPDISCOVER/DHCPREQUEST time, and wil also
>    # suppress the DHCPINFORMS!  They seem to cache it.
>    option dhcp-parameter-request-list = concat(option
> dhcp-parameter-request-list, fc);
> }
> Have you checked your web server access log to see if clients are trying
> to download the pac file?
> Second is to use something like wget or telnet to verify the content when
> you download the pac file.
> No idea regarding the IETF, but I agree with you.
> regards,
> -glenn
> On Fri, September 6, 2013 10:44 pm, Andrew Wood wrote:
>> Is it possible with ISC DHCPD to set option 252 to give a PAC file to a
>> client to set a web proxy server? I can find some examples of it online
>> yet I cannot get it to work with version 4.2 by setting this in the
>> global section of dhcpd.conf:
>> option web-proxy code 252 = text;
>> and this in the subnet section:
>> option web-proxy "\000";
>> Why has an official option to do this never been added to the DHCP
>> standard. There are loads of offical options defined in the RFCs for
>> setting all manner of things, a lot of which Im sure 99% of people are
>> never going to use these days yet something like setting an HTTP/HTTPS
>> proxy cant be done exept for an unofficial Microsoft kludge which is not
>> supported by all clients or servers. Surely these days this has got to
>> be one of the more common requirements. For example we run a public Wifi
>> network behind a proxy and need to be able to set HTTPS traffic to be
>> CONNECT tunnelled through it as interception can only be done for
>> ordinary HTTP. As its BYOD we cannot be manually configuring everyones
>> phone/tablet/laptop!
>> Has this ever been proposed to the IETF does anyone know?
>> _______________________________________________
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at

More information about the dhcp-users mailing list