Option 82 problem

Patrick Trapp ptrapp at nex-tech.com
Fri Apr 17 16:21:06 UTC 2020


Hello, Alexander.

It's been a while since I've worked with this, but I believe your use of substring might be incorrect. I think the parameters should be indicating what position in the string to start matching and how many characters to match - your current substring is matching two characters starting on the second position, but it appears that the system is reporting the agent-id as six characters - if that's true, then your agent-id value is starting on position three rather than position 2. I would give that a test.

That said, my experiences with option-82 have been using a string, not a number, so my experiences may not apply.

Patrick
________________________________
From: dhcp-users <dhcp-users-bounces at lists.isc.org> on behalf of Александр Сандецкий <alexander.sandetsky at gmail.com>
Sent: Friday, April 17, 2020 9:18 AM
To: dhcp-users at lists.isc.org <dhcp-users at lists.isc.org>
Subject: Option 82 problem


CAUTION: This email originated from outside of the company. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hi!

I have a problem with option 82 configuration.

I have managed switch with IP 10.10.0.38 (managed VLAN 100). There is additional VLANs configured for clients: VLAN 3000 and 3010. There is option 82 and DHCP relay configured on the switch.

I have DHCP server placed in VLAN 3000 with IP 172.18.0.101

I want to DHCP server serves the VLAN 3010 (and other) on per-VLAN basis.

The part of dhcpd.conf

class "VLAN3010" {
        match if binary-to-ascii(10, 8, "", substring(option agent.circuit-id, 2, 2)) = "3010"
    }


subnet 172.18.10.0 netmask 255.255.255.0 {
    option routers  172.18.0.1;

    pool {
            range 172.18.10.51 172.18.10.250;
            allow members of "VLAN3010";
    }
}


The server receives request as
DHCPDISCOVER from 2c:27:d7:b1:a2:85 via 10.10.0.38<http://10.10.0.38>: network 10.10.0.0/24<http://10.10.0.0/24>: no free leases



I have checked with Wireshark

   Option: (82) Agent Information Option
        Length: 18
        Option 82 Suboption: (1) Agent Circuit ID
            Length: 6
            Agent Circuit ID: 00040bc20003
        Option 82 Suboption: (2) Agent Remote ID
            Length: 8
            Agent Remote ID: 00068026897b2b40

There is binary encoded agent circuit id that contains "0bc2" bytes that equal to "3010" in decimal.

Why my class definition does not accept this request? What is wrong?



--

Regards,
Alexander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20200417/7280f0e3/attachment.htm>


More information about the dhcp-users mailing list