Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Can I convince Infoblox DHCP server to violate the RFC? (vendor option 43 with encapsulated option 0

New Member
Posts: 1
1589     0

In the Juniper documentation for zero touch provisioning of their switches and on various sites on the web you can find a dhcpd.conf configuration like this to bootstrap Juniper switches:

option space ztp-ops;
option ztp-ops.image-file-name code 0 = text;
[...]
option ztp-ops-encapsulation code 43 = encapsulate ztp-ops;

So it encapsulates several ("sub-")options in vendor option 43, one of which using option code 0. However, RFC2132 states:

Codes other than 0 or 255 MAY be redefined by the vendor within the encapsulated vendor-specific extensions field

I still attempted to set this in Infoblox, but the GUI wouldn't let me define code 0 in a vendor option (i.e. it wouldn't let me violate the RFC):

xwcA0

Same with using the API:

$ curl -u user:pass -X POST -k "https://<gridIP>/wapi/v2.11.2/dhcpoptiondefinition" -d "space=Juniper&code=0&name=image-file-name&type=text"
{ "Error": "AdmConDataError: Invalid option code value",
"code": "Client.Ibap.Data",
"text": "Invalid option code value"
}

How can I convince Infoblox to serve the Juniper hardware its image-file-name in vendor option code 0?

Re: Can I convince Infoblox DHCP server to violate the RFC? (vendor option 43 with encapsulated opti

Expert
Posts: 184
1589     0

Seems like the problem is Juniper violating the RFC, not sure Infoblox should be expected to change their product to support this - did you log a ticket with Juniper yet?

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: Can I convince Infoblox DHCP server to violate the RFC? (vendor option 43 with encapsulated opti

[ Edited ]
Expert
Posts: 184
1589     0

Check out this URL, use sub-option 4 instead of 0:

 

https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade/topics/topic-map/ze...

 

  • Suboption 04: The name of the software image file to install.

     
    NOTE: 

    If the DHCP server does not support suboption 00, configure the image file using suboption 04. If both suboption 00 and suboption 4 are defined, suboption 04 is ignored.

     
    option NEW_OP.alt-image-file-name "/dist/images/jinstall-ex-4200-13.2R1.1-domestic-signed.tgz"; 
Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Did you mean: 

Recommended for You