Reply
Accepted Solution

DHCP option by mac filtering

[ Edited ]
bmick1999
Techie
Posts: 1
7695     0

I am trying to create a DHCP option filter that only sends option 43 to certain vendor mac addresses (OUI).  The vendor does not send a vendor id in the DHCP request.  The harware vendor shows an example to use when using ISC DHCP and I included it below.  When creating the match option I don't have "hardware" as an option and can't seem to find if there is a place I can add it.  Any thoughts or other ideas on a way to get this done?

Thanks

 

 

class "VendorONT" {
match if substring (hardware,1,3) = 00:02:11;
vendor-option-space VendorGC;
option VendorGC.acs-url "http://test.mywebsite.com:8080/example1/example2";

Re: DHCP option by mac filtering

[ Edited ]
Expert
Posts: 226
7696     0

Hi, I don't have time to research this right now but have a gut feeling about this so just wanted to reply quickly to see if I could help. My gut tells me that "00:02:11" is the MAC OUI, I think "hardware" is referring to the MAC hardware type + MAC address - i.e. there's a single byte that prefixes the MAC address that is the hardware type, I think it's usually "01" for Ethernet. So if they are looking at the hardware field, a substring with offset of 1 + length=3 would indeed get you the MAC OUI.

 

So I think you just use whatever the MAC address field is called in Infoblox (this is the bit I don't know off the top of my head) and change the filter to use a substring of offset 0 and length 3, bypassing the hardware byte altogether, you will then still match on the MAC OUI.

 

Hope this helps.

 

Paul

 

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: DHCP option by mac filtering

Expert
Posts: 226
7696     0

Dagnabbit I'm such a nerd I just had to fire up a VM and check this.

 

So when you set up the option filter the Infoblox field I think you need is called "Hardware Operator", use the same offset and length you already have and here's an extract of what I got when I viewed the DHCP configuration:

 

option space VendorGC;
option VendorGC.acs-url code 1 = string;

# Option filter "test"
class "test" {
	match if (substring(hardware,1,3)=00:02:11);
	option VendorGC.acs-url "http://test.mywebsite.com:8080/example1/example2";
}

subnet 172.16.1.0 netmask 255.255.255.0 {
	pool {
		infoblox-range 172.16.1.10 172.16.1.20;
		range 172.16.1.10 172.16.1.20;
	}
}

 

 

Looks pretty similar doesn't it?

 

I'd paste in a screenshot of my option filter but I've not found a way to do that on this forum.

 

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: DHCP option by mac filtering

[ Edited ]
Adviser
Posts: 85
7696     0

@paulr gets all the credit. 

 

You should configure your option space first, called VendorGC. Then configure your option filter "VendorONT" and add the hardware substring match with offset 1, length 3, and attach the option space to the filter. The config file then looks like this:

 

option space VendorGC;
option VendorGC.acs-url code 43 = string;

# Option filter "VendorONT"
class "VendorONT" {
	match if (substring(hardware,1,3)=00:02:11);
	option VendorGC.acs-url "http://test.mywebsite.com:8080/example1/example2";

 The screenshots are - Option Space:

Screen Shot 2015-09-28 at 11.36.04 am.png

 

Option Filter:

Screen Shot 2015-09-28 at 11.35.54 am.png

 

Again, paulr took the initiative to test this out so a bit thank you to him!

Re: DHCP option by mac filtering

moandersson
Techie
Posts: 4
7696     0

Thanks alot for this great post! I have a follow up question on this. Is it possible to use Infoblox fingerprint function instead of MAC-addresses to filter the client who should recivie the DHCP option.

 

Also i wonder if i have a DHCP-scoop setup where im already using option 66 and 67 for example, but i want a specific client to get other values for these options. Does this solution override the original DHCP option settings in the scoop?

 

Cheers!

Re: DHCP option by mac filtering

Adviser
Posts: 85
7696     0

Yes, and please search for "DHCP Fingerprint Filters" in the Admin Guide.

Re: DHCP option by mac filtering

GHorne Community Manager
Community Manager
Posts: 254
7696     0

You can also just create a mac address filter that matches the vendor part (first 3 octets) if you don't want to configure a substring match (it kinda does the same thing under the hood)

Showing results for 
Search instead for 
Do you mean 

Recommended for You