{"id":178,"date":"2018-01-17T00:26:30","date_gmt":"2018-01-17T00:26:30","guid":{"rendered":"https:\/\/www.kuncar.net\/blog\/?p=178"},"modified":"2018-01-17T00:28:14","modified_gmt":"2018-01-17T00:28:14","slug":"dhcp-option-82-and-dhcp-relay","status":"publish","type":"post","link":"https:\/\/www.kuncar.net\/blog\/2018\/dhcp-option-82-and-dhcp-relay\/","title":{"rendered":"DHCP option 82 and DHCP relay"},"content":{"rendered":"<div class=\"entry\">\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-thumbnail wp-image-149\" src=\"https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/logo_huawei-150x150.jpg\" alt=\"\" width=\"150\" height=\"150\" srcset=\"https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/logo_huawei-150x150.jpg 150w, https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/logo_huawei-300x300.jpg 300w, https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/logo_huawei-100x100.jpg 100w, https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/logo_huawei.jpg 577w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><span style=\"font-size: 14px;\">I was actually playing with DHCP relay and what I did find out is kind of interesting. For what is DHCP relay look for\u00a0<a href=\"https:\/\/web.archive.org\/web\/20080921192039\/http:\/\/www.ietf.org\/rfc\/rfc3046.txt\">rfc3046\u00a0<\/a>.<\/span><\/span><br \/>\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> In short it is when the client sends a DHCP a broadcast message (discover) some device \u00a0&#8211; usually the switch that is the client directly connected to &#8211; intercepts the packet and sends a unicast discover instead of it to remote server over L3. The advantage is that the amount of boadcasts in the networks drops and secondly the DHCP server can be in different subnet. This is great because you can now use centralised dhcp server for all networks.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">But this advantage of using the single DHCP brings one big problem &#8211; user identification. The unicast relay will use the appropriate IP (usually a gw or the subnet) but if you need more more information about the supplicant that is where option 82 of DHCP comes to play.<\/span><br \/>\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> In short the DHCP option 82 is here to convey some additional and more detailed user-related information to the DHCP server. The definition by ietf is very vague and the content of the fields is vendor-specific. What must be said is that option 82 has two\u00a0most widely used\u00a0sub-options: \u00a0\u201cagent circuit id\u201d sub-option and \u201cagent remote ID\u201d<\/span><br \/>\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> The basic structure of option 82 by ietf looks like this:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">agent circuit id<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> SubOpt|Len|Circuit ID<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> +\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2013<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> | \u00a0\u00a01  \u00a0 |\u00a0 \u00a0n   | \u00a0c1\u00a0  |   c2\u00a0|\u00a0 \u00a0c3\u00a0 | \u00a0c4   |  c5  | \u00a0c6   | \u2026<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> +\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2013<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">and for the other sub-option it is defined this way<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">agent\u00a0remote id<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> SubOpt Len Agent Remote ID<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> +\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2013<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> |\u00a0 \u00a02\u00a0   |\u00a0\u00a0\u00a0r   \u00a0| \u00a0 r1\u00a0\u00a0|\u00a0\u00a0r2  \u00a0|\u00a0\u00a0r3  \u00a0|\u00a0\u00a0r4   \u00a0|\u00a0 r5   |\u00a0\u00a0r6   | \u2026<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> +\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2014\u2014+\u2013<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">This seems like a pure theory with no real information inside so lets have a look at some real stuff.<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Option: (t=82,l=18) Agent Information Option<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> Option: (82) Agent Information Option<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> Length: 18<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> Value: 01060004000A00000208000600E0FC490D22<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> Agent Circuit ID: 0004000A0000<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> Agent Remote ID: 000600E0FC490D22<\/span><\/pre>\n<\/blockquote>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">This is a real capture from WireShark for Huawei switch S3900 with option 82 enabled. In this case while using standard, pre-defined values for the sub-options, sub-option 1 receives L2 port No. of the packet and vlan No.; whereas sub-option 2 receives MAC address of the packet device.<\/span><br \/>\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> In our case it is the received string deciphered like this:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">01 06 00 04 000A 0000 02 08 00 06 00E0FC490D22<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 01\u2013CIRCUIT_ID<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 06\u2013length ( \u201c00 04 0005 0080\u2033 length)<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00\u2013CIRCUIT_ID type<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 04\u2013length ( \u201c0005 0080\u2033 length)<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 000A\u2013vlan No. (10 in dec.)<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 0000\u2013global port No.<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 02\u2013REMOTE_ID<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 08\u2013length (\u201d00 06 00E0FC6AE332\u2033 length)<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00\u2013REMOTE_ID type<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 06\u2013length<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00E0FC490D22\u2013system bridge MAC<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In this case everything is seems to be quite clear. But there is a catch &#8211; the global port number. It\u2019s value is counted by this formula:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">52*slotnumber (0) + present port index (0) = 0<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Note that in huawei&#8217;s case:<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">the port index starts from 0<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">the constant is different for various devices and is probably connected to maximum numbers of ports in one slot or card (I was unable to verify why the number is different<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">So this means that global port 0000 is actually port 1\/0\/1 in VRP command line.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Ok that was the light stuff but what if the S3900s are in stack? How the global port number will be influenced?<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> For S3900 it is like this:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">01<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 06<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 04<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 000a<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 016d = 365 (in dec)<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 02<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 08<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 06<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> 00e0fc490d22<\/span>\r\n\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">52*slot number (7) + present port index (1) = 365<\/span><\/pre>\n<\/blockquote>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">The slot number is actually the number of the device in the stack starting from 0 as the port.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">So this is complete explanation of S3900\u2019s with basic configuration of option 82. It is necessary to say that if you have some special wishes for data transmitted in the string you can configure some (e.g. sysname instead of mac address, etc.). This option is possible only in newer VRP versions. When it is configured this information will be transmitted instead the MAC address value.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">There is one more interesting thing &#8211; the gigabit ports are not distinguished in the formula for the port index number so even thou you have\u00a0<em>interface GigabitEthernet 1\/1\/1\u00a0<\/em>the port index is using follow up numbering eth 1\/0\/48 (last FE interface) equals port index 47 and gig 1\/1\/1<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">There is one exception &#8211; S6503<\/span><br \/>\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"> This switch is kind of old and the software is working differently. Especially it is not possible to change any content of the last fields &#8211; so only MAC address can be transmitted as an identifier. The other thing to know is that the constant in the formula is not 52 but 48 so the global port number is counted like this:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">48*slot number + present port index = global port number<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In this case<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">the slot numbering starts from 1<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">the port index starts from 0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">The default behavior of option 82 is different across devices and vendors. In order to decode\/use it properly on the dhcp server you need to obtain the right documentation or play guessing game with WireShark but hopefully the example above could be of some use in what direction should you take if you decide to do the investigation yourselves or if there is no documentation available.\u00a0<\/span><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>I was actually playing with DHCP relay and what I did find out is kind of interesting. For what is DHCP relay look for\u00a0rfc3046\u00a0. In short it is when the client sends a DHCP a broadcast message (discover) some device \u00a0&#8211; usually the switch that is the client directly connected to &#8211; intercepts the packet &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.kuncar.net\/blog\/2018\/dhcp-option-82-and-dhcp-relay\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;DHCP option 82 and DHCP relay&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,5,13],"tags":[],"class_list":["post-178","post","type-post","status-publish","format-standard","hentry","category-huawei","category-networks","category-recovered"],"_links":{"self":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/comments?post=178"}],"version-history":[{"count":4,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/178\/revisions"}],"predecessor-version":[{"id":183,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/178\/revisions\/183"}],"wp:attachment":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/media?parent=178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/categories?post=178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/tags?post=178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}