Infoblox NIOS 8.4

Search

Page tree

Contents

Expand all   Collapse all

DHCP options provide specific configuration and service information to DHCP clients. These options appear as variable-length fields at the end of the DHCP messages that DHCP servers and clients exchange. For example, DHCP option 3 is used to list the available routers in the network of the client and option 6 is used to list the available DNS servers.

An option space is a collection of options. ISC (Internet Systems Consortium) DHCP has five predefined option spaces: dhcp, agent, server, nwip, and fqdn. The NIOS appliance supports only the predefined DHCP option space, which contains the industry standard options as well as additional options you can configure as needed:

  • Predefined options: These are option codes 1 to 125. They are allocated by the IANA and defined by IETF standards. The DHCP server knows these standard options, and they are predefined on the server. You cannot redefine these options or delete them from the DHCP option space.
  • Custom options: These are option codes 126 to 254. They are not defined by IETF standards and are available for private use. You can use these option codes to provide configuration or service information that none of the predefined options provide.

You can also create option spaces to define new groups of options. For example, you can create additional option spaces to define vendor specific options, which are encapsulated in option 43. When a DHCP client requests vendor specific options, it makes a request using the vendor identifier set in option 60 and a list of requested vendor specific options (option 43). The DHCP server then responds with the list of replies for the various options encapsulated into option 43.
Note that custom options defined in the DHCP option space are included in the options section of the DHCP messages that DHCP servers and clients exchange. Custom options defined in a user-defined option space are always encapsulated in option 43 in DHCP messages.
You can apply options globally at the Grid level, or more specifically at the member, network, network container, range, host and roaming host levels.
A network inherits DHCP options from its parent object. You can override the inherited DHCP options configured at the Grid or Member level for the networks and shared networks. If a network has a parent network container and parent shared network and if you override the DHCP options on the shared network, then the network inherits the shared network values. If you override the DHCP options at the network container level, then the network inherits the network container values. Otherwise, the network continues to inherit DHCP options from its parent Grid or member. A shared network without a parent network container continues to inherit DHCP options from its parent Grid or member. The parent object is derived from the first network within the shared network. A network container inherits DHCP options from its parent and grandparent network containers. A network container does not inherit DHCP options defined at the Grid or member level.
To override an inherited value, click Override next to it and complete the appropriate fields. When you click Override, the appliance displays the value inherited from its parent object (if any). If you do not set any value at the higher level, the appliance displays the default DHCP options. The following table lists the default DHCP Options:
Table 26.1 Default DHCP Options


Name

Default Value

IPV4 Common DHCP Options

Enable PXE Lease Time

Disabled


Lease Time

43200


Routers

Empty List


Domain Name

Empty


DNS Servers

Empty List


Broadcast Address

127.0.0.1


Custom DHCP Options

""


Lease Scavenging

Disabled


Authoritative (Advanced)

Disabled


Lease Deletion (Advanced)

Disabled


Ignore Optionlist (Advanced)

Disabled




IPv4 DDNS

Enable DDNS Updates

Disabled


DDNS Domain Name

""


DDNS Update TTL

0


DDNS Update Method

Interim


Generate Hostname

Disabled

Fixed Address Updates

Disabled

Option 81 SupportDisabled

Lease Renewal UpdateDisabled



IPv4 Threshold OptionsEnable DHCP ThresholdsDisabled

High - Trigger95

High - Reset85

Low - Trigger0

Low - Reset10

Enable SNMP WarningsDisabled

Enable Email WarningsDisabled

Email AddressesEmpty List



IPv4 BOOTP/PXEEnable PXE Lease TimeDisabled

Lease Time (Value)0

Deny-BOOTP-RequestsDisabled

Boot File""

Next Server""

Boot Server""



IPv6 DHCP OptionsValid Lifetime43200

Preferred Lifetime27000

Domain Name""

DNS Servers

Custom DHCP Options

Lease DeletionEnabled

Lease ScavengingDisabled



IPv6 DDNS OptionsEnable DDNS Updates

DDNS Domain Name""

DDNS Update TTL0

DDNS Update MethodInterim

Generate HostnameDisabled

FQDN Support

  • DHCP server always updates DNS
  • DHCP server updates DNS if requested by client
Disabled

Lease Renewal UpdateDisabled


You can also create an option filter the appliance uses to filter address requests by the DHCP options of requesting hosts. The filter instructs the appliance to either grant or deny an address request if the requesting host matches the filter. For information, see Defining Option Filters.
The DHCP option configuration conforms to the following RFCs:

  • RFC 2132, DHCP Options and BOOTP Vendor Extension
  • RFC3046, DHCP Relay Agent Information Option. The supported options include option 60 (Client Identifier), 21 (Policy Filter), 22 (Maximum Datagram Reassembly Size), 23 (Default IP Time-to-Live), and 82 (Support for Routed Bridge Encapsulation).
  • RFC3925, Vendor-Identifying Vendor Options for Dynamic Host Configuration Protocol version 4 (DHCPv4)
  • RFC2939, Procedures and IANA Guidelines for Definition of New DHCP Options and Message Types

DHCP Option Data Types 

Each DHCP option is identified by a name and an option code number, and specifies a data type. The data type for some options is predefined. For example, in the DHCP option space, the data type for option 1: subnet-mask is an IP address. You cannot change the data type for this option. The data type for some options is user-defined and can be in one of the formats shown in Table 26.2.

Table 26.2 DHCP Option Data Types

Data typeSpecifies
String

An ASCII text string (the same as the text data type) or a list of hexadecimal characters separated by colons

Formatting to distinguish an ASCII text string from a hexadecimal string is important. For details, see the following section

BooleanA flag with a value of either true or false (or on or off )
IP addressA single IP address
Array of IP addresses

A series of IP addresses, separated by commas

You can optionally include a space after each comma

TextAn ASCII text string
8-, 16-, or 32-bit unsigned integer

A numeric range of the following possible values

8-bit unsigned integer: from 0 to 255

16-bit unsigned integer: from 0 to 65,535

32-bit unsigned integer: from 0 to 4,294,967,295

8-, 16-, or 32-bit signed integer

A numeric range of the following possible values

8-bit signed integer: from -128 to 127

16-bit signed integer: from -32,768 to 32,767

32-bit signed integer: from -2,147,483,648 to 2,147,483,647

Domain-listA list of domain names, separated by spaces


When defining a hexadecimal string for a DHCP option (such as option 43, vendor encapsulated options), use only hexadecimal characters (0-9, a-f, or A-F) without spaces and separated by colons. The accepted form for a hexadecimal string, as presented in a regular expression, is [0-9a-fA-F]{1,2}(:[0-9a-fA-F]{1,2})*

Two examples of correctly written hexadecimal strings:

  • aa:de:89:1b:34
  • 1C:8:22:A3 (Note that the DHCP module treats a single hexadecimal character, such as "8" as "08".)

A few examples of incorrectly written hexadecimal strings:

  • :bb:45:d2:1f – Problem: The string erroneously begins with a colon.
  • bb:45:d2:1f: – Problem: The string erroneously ends with a colon.
  • bb:4 5:d2:1f – Problem: The string erroneously includes a space between two characters ("4" and "5").
  • bb:45:d2:1g – Problem: The string erroneously includes a nonhexadecimal character ("g").

The DHCP module treats incorrectly written hexadecimal strings as simple text strings, not hexadecimal strings. If the string appears in quotes, it is a text string.

Configuring IPv4 DHCP Options

To use DHCP options, you can do the following:

Defining IPv4 DHCP Options

You can define basic DHCP options that the DHCP server uses to provide configuration information to DHCP clients. The server includes these options in its DHCP messages.
To define DHCP options:

  1. Network: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network check box, and then click the Edit icon.
    Network Container: From the Data Management tab, select the IPAM tab -> network_container check box, and then click the Edit icon.
    DHCP Range: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network-> DHCP_range check box, and then click the Edit icon.
    Fixed Address: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network-> fixed_address check box, and then click the Edit icon.
    Reservation: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network -> reservation check box, and then click the Edit icon.
    Host Address: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network -> host_record check box, and then click the Edit icon. Select the host IP address, and then click the Edit icon.
    Roaming Host: From the Data Management tab, select the DHCP tab -> Networks tab -> Roaming Hosts -> roaming_host check box, and then click the Edit icon.
  2. In the DHCP Properties editor, select the IPv4 DHCP Options tab and complete the following:
    • Routers: Click the Add icon. Grid Manager adds a row to the table. In the table, enter the IP address of the router that is connected to the same network as the DHCP client. When configuring this for a template, enter the offset value of the IP address of the router. The DHCP server includes this information in its DHCPOFFER and DHCPACK messages.
    • DomainName: Enter the name of the domain for which the Grid serves DHCP data. The DHCP server includes this domain name in Option 15 when it responds with a DHCPOFFER packet to a DHCPDISCOVER packet from a client. If DDNS is enabled on the DHCP server, it combines the host name from the client and this domain name to create the FQDN (fully-qualified domain name) that it uses to update DNS. For information about DDNS, see Configuring DDNS Updates.
      When overriding the domain name already set by a parent object, enter the new value for the selected option or use "" to clear the value.
    • DNS Servers: Click the Add icon. Grid Manager adds a row to the table. In the table, enter the IP address of the DNS server to which the DHCP client sends name resolution requests. The DHCP server includes this information in the DHCPOFFER and DHCPACK messages.
    • Broadcast Address: Enter the broadcast IP address of the network to which the DHCP server is attached. When configuring this for a template, enter the offset value of the broadcast IP address of the network.

      3. Save the configuration and click Restart if it appears at the top of the screen.

Defining IPv4 Option Spaces

DHCP members support the DHCP option space by default. You can create additional option spaces to provide additional configuration or service information. Note that custom options defined in a user-defined option space are always encapsulated in option 43 in DHCP messages
To add a custom option space:

  1. From the Data Management tab, select the DHCP tab -> Option Spaces tab.
  2. Click the Add icon -> IPv4 Option Space.
  3. In the Option Space wizard, do the following:
    • Name: Enter the name of the option space.
    • Comment: Enter useful information about the option space.
    • Options: Click the Add icon to add options. For additional information, see the next section, Configuring Custom DHCP Options.
  4. Save the configuration and click Restart if it appears at the top of the screen.

After you create an option space and add options to it, you can apply the options as described in Applying DHCP Options.

Configuring Custom DHCP Options

You can define custom options in the DHCP option space or in an option space that you configured, as follows:

  1. From the Data Management tab, select the DHCP tab -> Option Spaces tab.
  2. Select either the DHCP option space or an IPv4 option space that you configured, and then click the Edit icon.
  3. In the Option Space editor, click the Add icon to add a custom option. In the new row, complete the following:
    • Name: Enter the name of the custom DHCP option.
    • Code: Select an option code from the drop-down list. Select a number between 126 and 254 if you are adding custom options to the DHCP option space. If you are adding custom options to an IPv4 option space you configured, you can enter a number between 1 and 254.
    • Type: Select the option type (such as ip-address, text, boolean, and string as described in Table 26.2).
      For example, to create an option that defines the IP addresses of Solaris root servers, enter the name SrootIP4, select option code 126, and then select the type as ip-address.

Click the Add icon to add more options.

     4. Save the configuration.

Applying DHCP Options

Some options may apply to all networks and some may apply to specific ranges and even hosts. When you apply an option, you select the object to which the option is applied, such as the Grid member, or network, and then specify a value for the option.
Use the following guidelines when specifying option values:

  • Enter false or true for a Boolean Flag type value.
  • Enter an ASCII text string, or enter a series of octets specified in hex, separated by colons.
  • Separate multiple values by commas. For example, to enter multiple IP addresses for netbios-name-servers, enter a comma between each IP address.

Here are some examples of option names and correctly formatted values:

Option nameValueComment

option 61

dhcp-client-identifier

MyPC

Double quotes are no longer needed for string type values

dhcp-client-identifier43:4c:49:45:54:2d:46:4f:4f

Series of octets specified in hex, separated by colons for a Data-string type value

netbios-name-servers10.1.1.5,10.1.1.10Multiple IP addresses separated by commas
option-80ABC123Custom option number 80 set to the string ABC123.

To apply DHCP options:

  1. Grid: From the Data Management tab, select the DHCP tab, and then click Grid DHCP Properties from the Toolbar.

Member: From the Data Management tab, select the DHCP tab -> Members tab -> Members -> member check box, and then click the Edit icon.
Network: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network check box, and then click the Edit icon.
Network Container: From the Data Management tab, select the IPAM tab -> network_container check box, and then click the Edit icon.
DHCP Range: From the DataManagement tab, select the DHCP tab -> Networks tab -> Networks -> network -> addr_range check box, and then click the Edit icon.
Fixed Address: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network ->  fixed_address check box, and then click the Edit icon.
Reservation: From the Data Management tab, select the DHCP tab -> Networks tab -> Networks -> network -> reservation check box, and then click the Edit icon.
Host Address: From the Data Management tab, select the DHCP tab tab -> Networks tab -> Networks -> network -> host_record check box, and then click the Edit icon. Select the host IP address, and then click the Edit icon.
Roaming Host: From the Data Management tab, select the DHCP tab tab -> Networks tab -> Roaming Hosts -> roaming_host check box, and then click the Edit icon.

     2. In the DHCP Properties editor, select the IPv4 DHCP Options and complete the following:

    • The Custom DHCP Options section displays two fields. The first field displays Choose option. Click the arrow and select an option from the list. In the second field, enter a value for the selected option. Note that certain options have predefined data types and their values must be entered in a specific format. For information about the data types, see DHCP Option Data Types.
      Click + to add another option, or click - to delete a previously specified option. When overriding an option already set by a parent object, enter the new value for the selected option or use "" to clear the value.
      Note that if you created an option space as described in Defining IPv4 Option Spaces, this section displays a list of option spaces in the first drop-down menu, so you can select the option space of the option you want to define.

      3. Save the configuration and click Restart if it appears at the top of the screen.

Configuration Example: Defining a Custom Option

In this example, you configure two custom options in the DHCP option space, and apply them to a DHCP range in the network 192.168.2.0/24.
Add the custom options to the DHCP options space:

  1. From the Data Management tab, select the DHCP tab -> Option Spaces tab.
  2. Select the DHCP check box, and click the Edit icon.
  3. In the DHCP (Option Space) editor, click the Add icon. In the new row, complete the following:
    • Name: Enter tftp-server.
    • Code: Enter 150.
    • Type: Select array of ip-address.
  4. Click the Add icon to add another option.In the new row, complete the following:
    • Name: Enter pxe-configfile.
    • Code: Enter 209.
    • Type: Select text.
  5. Click Save & Close.

Enter values for the newly defined custom options and apply them to a DHCP range:

  1. From the Data Management tab, select the DHCP tab -> Networks tab -> Networks subtab, and click the 192.168.2.0/24 network.
  2. Click the 192.168.2.10 - 100 check box, and then click the Edit icon.
  3. In the DHCP Properties editor, select the DHCP tab and complete the following in the Custom DHCP Options section:
    • From the drop-down list of options, select tftp-server (150) array of address. In the second field, enter 192.168.1.2.
      Click + to add another option.
    • From the drop-down list of options, select pxe-configfile (209) text. In the second field, enter pxe.config, which is the file name of the boot image.

     4. Save the configuration and click Restart if it appears at the top of the screen.

The member then includes options 150 and 209 in its DHCP messages to clients that are allocated IP addresses from the DHCP range 192.168.2.10 - 100.

Defining Option 60 Match Rule s

The appliance uses option 60 (vendor-class-identifier) to forward client requests to the DHCP server for services that the clients require. You can define option 60 match rules and filter on these rules. You can set these rules for the Grid and override for a member.
To define option 60 for the Grid or member:

  1. Grid: From the Data Management tab, select the DHCP tab, and then click Grid DHCP Properties from the Toolbar.
    Member: From the Data Management tab, select the DHCP tab -> Members tab -> Members -> member check box, and then click the Edit icon.
  2. In the DHCP Properties editor, click Toggle Advanced Mode if the editor is in basic mode. When the additional tabs appear, click the DHCP Options tab -> Advanced tab and complete the following:
    To override the Grid configuration for a member, click Override next to the property. Grid Manager hides the Grid configuration. You can then add new values for the member.
    • Option60 (Vendor Class Identifier) Match Rules: Click the Add icon if you want to add a match rule to a vendor class option. The appliance adds a row to the table. Complete the following:
      • Option Space: Select an option space from the drop-down list. This field appears only when you have custom option spaces. The appliance uses the default DHCP option space if you do not have custom option spaces.
      • Match Value: Enter the value you want the appliance to use when matching vendor class options.
      • Is Substring: Select this check box if the match value is a substring of the option data.
      • Substring Offset: Enter the number of characters at which the match value substring starts in the option data. Enter 0 to start at the beginning of the option data, enter 1 for the second position, and so on. For example, when you enter 2 here and have a match value of RAS, the appliance matches the value RAS starting at the third character of the option data.
      • Substring length: Enter the length of the match value. For example, if the match value is SUNW, the length is 4.

     3. Save the configuration and click Restart if it appears at the top of the screen.

About the DHCP Relay Agent Option (Option 82)

A typical relationship between a DHCP client, relay agent, and the NIOS appliance on a network is as follows:

  1. A DHCP client broadcasts a DHCPDISCOVER message on its network segment.
  2. A DHCP relay agent on that segment receives the message and forwards it as a unicast message to one or more DHCP servers (such as NIOS appliances).
  3. If the NIOS appliance accepts the address request, it responds to the relay agent with a DHCPOFFER message. If the appliance denies the request, it does not send any response in case other DHCP servers that might be involved respond instead.
  4. The relay agent forwards the response to the client, usually as a broadcast message.

The situation is different for individual hosts connecting to the Internet through an ISP, usually over a circuit-switched data network.

  1. A host connects to its ISP's circuit access concentration point, authenticates itself, and requests an IP address.
  2. The circuit access unit relays the address request to a DHCP server, which responds with a DHCPOFFER message.

To avoid broadcasting the DHCPOFFER over the network segment on which the host made the request, the relay agent sends the response directly to the host over the established circuit.

Option 82 assists the agent in forwarding address assignments across the proper circuit. When a relay agent receives a DHCPDISCOVER message, it can add one or two agent IDs in the DHCP option 82 suboption fields to the message.
The relay agent IDs are:

  • Circuit ID: This identifies the circuit between the remote host and the relay agent. For example, the identifier can be the ingress interface number of the circuit access unit (perhaps concatenated with the unit ID number and slot number). The circuit ID can also be an ATM virtual circuit ID or cable data virtual circuit ID.
  • Remote ID: This identifies the remote host. The ID can be the caller ID telephone number for a dial-up connection, a user name for logging in to the ISP, a modem ID, and so on. Because the remote ID is defined on the relay agent, which is presumed to have a trusted relationship with the DHCP server, and not on the untrusted DHCP client, the remote ID is also presumably a trusted identifier.

Note

For information about the relay agent option, refer to RFC3046, DHCP Relay Agent Information Option.

In addition to the relay agent IDs, NIOS also supports the Option 82 Link Selection and Server ID Override sub-options, which allow DHCPv4 to operate in a network architecture where direct communication between the DHCP server and DHCP client is undesirable or infeasible. You can configure these sub-options to direct DHCP traffic to go through the relay agent and have more control over your DHCP communications.

The Link Selection sub-option provides a mechanism to separate the subnet/link in which the DHCP client resides from the GIADDR (Gateway IP address). The GIADDR field in a DHCP message is populated by the relay agent and is typically used to inform the DHCP server about the subnet in which the DHCP client resides and to inform the DHCP server of the IP address to use to communicate with the relay agent. In situations where the GIADDR might not be the appropriate subnet from which IP addresses should be allocated, you can use the Link Selection sub-option to explicitly set the subnet from which IP addresses are allocated to the client.

The Server ID Override sub-option allows the relay agent to tell the DHCP server what IP address, instead of the server's address, must be used in the response. Generally, the response from the server contains the IP address of the DHCP server itself in the Server-ID option. You can use the Server ID Override sub-option to specify a new value for the server ID that is inserted in the reply packet by the DHCP server. Configuring the Server ID Override sub-option allows the relay agent to have the clients send all unicast messages to the relay agent instead of the DHCP server. 

Note

If you want the Link Selection and Server ID Override sub-options to be included in the DHCP relayed messages, you must configure them on the DHCP relay agent. You cannot configure them on NIOS. For more information about these sub-options, refer to https://tools.ietf.org/html/rfc3527 and https://tools.ietf.org/html/rfc5107.


On the NIOS appliance, you can do the following with option 82:

  • Screen address requests through a relay agent filter you set up using option 82. For more information, see About Relay Agent Filters.
  • Use the relay agent information (circuit ID or remote ID) as a host identifier when configuring a fixed address, though you cannot do so in a host record. For information about how to configure a circuit ID or remote ID as an identifier, see Adding IPv4 Fixed Addresses.
  • Define how Grid Manager displays the relay agent ID, circuit ID, and remote ID (when applicable) in the detailed lease information panel. For information about how to configure the logging format for option 82, see Defining Logging Format for DHCP Option 82.

Defining Logging Format for DHCP Option 82

When you define the circuit ID or remote ID of the relay agent as a host identifier, you can choose the logging format Grid Manager uses to display the IDs in the detailed lease information panel. For information about viewing lease information, see Viewing Detailed Lease Information.
To define logging format for the agent ID, circuit ID and remote ID, complete the following:

  1. Grid: From the Data Management tab, select the DHCP tab, and then click Grid DHCP Properties from the Toolbar.
    Independent Appliance: From the Data Management tab, select the DHCP tab, and then click System DHCP Properties.
  2. In the Grid DHCP Properties or System DHCP Properties editor, select the General tab -> Advanced tab.
  3. Select one of the following for Logging format for Option 82:
    • Hexadecimal: When you select this, Grid Manager displays the agent ID, circuit ID, and remote ID in hexadecimal format in the detailed lease information. This is the default format.
    • Plaintext: When you select this, Grid Manager displays the agent ID, circuit ID, and remote ID in plain text in the detailed lease information.

Note

You cannot override this Grid setting at the member level. Also, changing the logging format requires a DHCP service restart.

This page has no comments.

© 2022 Infoblox. All rights reserved.        Feedback        Terms & Conditions        Legal        Privacy Policy