{"id":198,"date":"2015-10-09T14:13:47","date_gmt":"2015-10-09T19:13:47","guid":{"rendered":"https:\/\/adamkuj.net\/blog\/?p=198"},"modified":"2021-05-11T08:59:49","modified_gmt":"2021-05-11T13:59:49","slug":"isc-dhcpd-putting-option-82-vendor-codes-to-use","status":"publish","type":"post","link":"https:\/\/adamkuj.net\/blog\/2015\/10\/09\/isc-dhcpd-putting-option-82-vendor-codes-to-use\/","title":{"rendered":"ISC DHCPD – Putting Option-82 Vendor Codes To Use To Reformat Cirtuit-ID and Remote-ID Values"},"content":{"rendered":"

The broadband access network I work with relies on DHCP Option-82 to manage DHCP leases, among other things.<\/p>\n

The primary access equipment vendor (Cambium — a spinoff of Motorola) is unfriendly, in that the Option-82 circuit-id (i.e. Access Point) and remote-id (i.e. Subscriber Module) fields are binary representations of the respective network element’s MAC addresses. Even `tcpdump’ has a hard time reading it:<\/p>\n

[code]Remote-ID SubOption 2, length 6: ^J^@>8ZM-`[\/code]<\/p>\n

That poses certain problems. For one, creating a static IP assignment (based on the customer SM’s MAC address, which is Option 82 remote-id) gets ugly in dhcpd.conf file. For example:<\/p>\n

[code]match if binary-to-ascii(16, 8, “:”, suffix( option agent.remote-id, 6)) = “a:0:3e:38:5a:e0″[\/code]<\/p>\n

… is a lot harder to read than<\/p>\n

[code]match if option agent.remote-id = “a:0:3e:38:5a:e0″[\/code]<\/p>\n

But since agent.remote-id is a binary-encoded MAC address, rather than human-readable string, the binary-to-ascii conversion is necessary. And, since the binary-to-ascii function strips leading zeros, we have to revisit a bunch of existing code that tracks CPE MAC addresses. What I wanted was a way to convert the remote-id (SM’s MAC address) and circuit-id (AP’s MAC address) to a human-readable MAC addresses, to make dhcpd.conf file easier to read and script.<\/p>\n

UPDATE:<\/strong> It turns out I could indeed match the agent.remote-id using a standard represtation of a MAC address for the remote-id. I just needed to leave out the quotes! For example:<\/em><\/p>\n

[code]match if option agent.remote-id = 0a:00:3e:38:5a:e0[\/code]<\/p>\n

Had I realized that, I never would have bothered with the decoding the Option 82 vendor string and all the other work I describe below. Oh well… at least I learned something.<\/em><\/p>\n

Because the DHCP server may be used for other vendors (i.e. GPON, etc), I wanted to only do these manipulations of the Option-82 data fields that are set by the Motorola\/Cambium radios. Fortunately, Cambium AP’s also set Option 82 Subclass 9, which a vendor specific entry.<\/p>\n

While `tcpdump’ doesn’t understand 82.9:<\/p>\n

[code]Unknown SubOption 9, length 11:
\n0x0000: 0000 00a1 0613 0401 020b b8[\/code]<\/p>\n

… Wireshark does!<\/p>\n

[code]Option 82 Suboption: (9) Vendor-Specific Information
\nLength: 11
\nEnterprise: Motorola (161)
\nData Length: 6
\nValue: 130401020bb8<\/p>\n

Hex: 090b000000a106130401020bb8[\/code]<\/p>\n

Reading this:<\/p>\n

82.9.1 is the 4-byte Vendor ID (i.e. IANA Enterprise assignments, like what is used in SNMP MIB’s)<\/p>\n

82.9.2 is an unspecified field that is 6-bytes long in this case (I can’t figure out what, if anything, it translates too)<\/p>\n

Unfortunately, as of dhcpd 4.3.1, there is no “option agent.vendor-id” field available — out of the 12 DHCP Option-82 subcodes currently defined<\/a>, ISC’s man page for `dhcp-options` only lists four possibilities for agent matching:<\/p>\n