DHCP option 82 and DHCP relay

I was actually playing with DHCP relay and what I did find out is kind of interesting. For what is DHCP relay look for rfc3046 .
In short it is when the client sends a DHCP a broadcast message (discover) some device (usually the switch that is the client directly connected to) intercepts the packet and sends a unicast discover instead of it. The advantage is that the the broadcast in the networks drops and secondly the DHCP server can be in different network (which is great because you can now use one dhcp server for all networks you have).

But this advantage of using the single DHCP brings one big problem – user identification. This is where option 82 of DHCP comes to play (which is in detail described in the same rfc).
So shortly the DHCP option 82 is here to say some user-related information to the DHCP server. The definition by ietf is very vague and the content of the fields is vendor-specific. What is needed to say is that option 82 has two most used sub options  which are “agent circuit id” sub option and “Agent remote ID” sub option.
Anyway the basic structure of option 82 by ietf is like this:

agent circuit id
SubOpt|Len|Circuit ID
|  1  |   n  | c1 |  c2 |  c3 |  c4 | c5 | c6 | …

and for the other sub option it is defined this way

agent remote id
SubOpt Len Agent Remote ID
|  2  |   r  | r1  |  r2 |  r3 |  r4  |  r5|  r6 | …

This seems like a pure theory with no real information inside so lets have a look at some real stuff.

Option: (t=82,l=18) Agent Information Option
Option: (82) Agent Information Option
Length: 18
Value: 01060004000A00000208000600E0FC490D22
Agent Circuit ID: 0004000A0000
Agent Remote ID: 000600E0FC490D22

This is a real capture from wireshark for Huawei switch S3900 with option 82 enabled. So in this case (using standard pre-defined values for the sub options) sub option 1 receives L2 port No. of the packet and vlan No.; whereas sub option 2 receives MAC address of the packet device.
In our case it is the received string deciphered like this:

01 06 00 04 000A 0000 02 08 00 06 00E0FC490D22
06–length ( “00 04 0005 0080” length)
00–CIRCUIT_ID type
04–length ( “0005 0080” length)
000A–vlan No. (10 in dec.)
0000–global port No.
08–length (“00 06 00E0FC6AE332” length)
00–REMOTE_ID type
00E0FC490D22–system bridge MAC

In this case everything is seems to be quite clear. But there is a catch – the global port number. It’s value is counted by this formula:

52*slot number (0) + present port index (0) = 0


  • the port index starts from 0
  • the constant is different for various devices and is probably connected to maximum numbers of ports in one slot or card (I was unable to verify why the number is different

So this means that global port 0000 is actually port 1/0/1 in VRP command line.

Ok that was the light stuff but what if the S3900s are in stack? How the global port number will be influenced?
For S3900 it is like this

016d = 365 (in dec)

52*slot number (7) + present port index (1) = 365

the slot number is actually the number of the device in the stack starting from 0 as the port.

So this is complete explanation of S3900’s with basic configuration of option 82. It is necessary to say that if you have some special wishes for data transmitted in the string you can configure some (e.g. sysname instead of mac address, etc.). This option is possible only in newer VRP software. This information will be transmitted instead the MAC address value.

There is one more interesting thing – the gigabit ports are not distinguished in the formula for the port index number so even thou you have interface GigabitEthernet 1/1/1the port inex is using follow up numbering eth 1/0/48 (last FE interface) equals port index 47 and gig 1/1/1

There is one exception – S6503
This switch is kind of old and the software is working differently. Especially it is not possible to change any content of the last fields – so only MAC address can be transmitted as an identifier. There is also one more remark you should notice. The constant in the formula is not 52 but 48 so the global port number is counted like this:

48*slot number + present port index = global port number


  • the slot numbering starts from 1
  • the port index starts from 0

There is a dedicated post about how to configure this stuff on various devices and their options.

6 thoughts on “DHCP option 82 and DHCP relay

  1. Looking to use option 82 on Huawei, and have the DHCP server assign fixed IP addresses based on the Remote ID & Circuit ID information. Any thoughts on which DHCP servers would do this, and how? maybe ISC DHCP 3.x?

  2. Hello sorry for long-time delay in my reply. Well it depends on what you want to know… I can answer most of your questions probably, but to be honest I did not plan to return to that topic anytime soon as I feel I covered pretty much everything about opt 82 on Huawei equipment. Anyway if you think I left out something or just want to know something please ask and I will try to answer :)

  3. hi,

    i am trying to established option 82 features on my network. But I could not understand hex value.
    how they are combined this value for option 82:relay-information
    hex 01030a0b0c02050000000123

    • Hi you should be able to decode the value based on the description in this article. The problem is that each vendor does encode the string differently and you need to have documentation which describes it. I know for fact that S3900 and S6500 from old Huawei switches were creating different strings with the same settings. As you haven’t mentioned any details about what you are doing and how or on what equipment I cannot really help with this…

Leave a Reply

Your email address will not be published. Required fields are marked *