Feature #6362
openAllow specifying the client identifier hardware type
0%
Description
Situation: Mac OS X 10.11 client, wireless. DHCP is specified with 'myhostname' in DHCP Client ID.
In pfSense, DHCP Static Mapping for Client ID, IP address (outside pool, inside subnet - 10.78.0.28/23)
Renew DHCP lease, and a pool address is given, not the static mapping.
Looking at /var/dhcpd/etc/dhcpd.conf shows this:
host s_lan_13 {
option dhcp-client-identifier "myhostname";
fixed-address 10.78.0.28;
option host-name "myhostname";
}
So things appear configured correctly. No issues from dhcpd system logs:
May 16 21:25:16 dhcpd DHCPDISCOVER from f4:5c:89:8c:0d:f1 via em1
May 16 21:25:16 dhcpd icmp_echorequest 10.78.1.154: Host is down
May 16 21:25:17 dhcpd DHCPOFFER on 10.78.1.154 to f4:5c:89:8c:0d:f1 (myhostname) via em1
May 16 21:25:18 dhcpd DHCPREQUEST for 10.78.1.154 (10.78.0.2) from f4:5c:89:8c:0d:f1 (myhostname) via em1
May 16 21:25:18 dhcpd DHCPACK on 10.78.1.154 to f4:5c:89:8c:0d:f1 (myhostname) via em1
Updated by Chris Buechler over 8 years ago
- Status changed from New to Confirmed
- Affected Version changed from 2.3.1 to All
that is indeed the case. Appears it just doesn't work in dhcpd unless I'm missing something. Config is correct, and the dhcpd docs seem to indicate it can be used in that manner.
Updated by Carlo Tognetti over 3 years ago
In pfSense, just pre-pending
\000
to the string specified in DHCP client configuration ( DHCP Client ID = myhostname as stated in Rob Gormley example )
it works correctly
My test:¶
Settings¶
on pfSense¶
Ver. 2.5.0-RELEASE (amd64)
Services/DHCP Server/LAN/Edit Static Mapping
MAC Address =
Client Identifier = \000test02
IP Address = 192.168.0.218
Hostname =
on raspbian¶
/etc/dhcpcd.conf
clientid test02or
clientid "test02"(it works either with and without quotes, all the other options in /etc/dhcpcd.conf left as default)
Results¶
on pfSense¶
/var/dhcpd/etc/dhcpd.conf
host s_lan_12 { option dhcp-client-identifier "\000test02"; fixed-address 192.168.0.218; } subclass "s_lan" "\000test02";
on raspbian¶
I get the correct DHCP values among them IP is 192.168.0.218
Updated by Carlo Tognetti over 3 years ago
Request¶
To me, just prepending \000 to the text content of the GUI field
Services / DHCP Server / LAN / Edit Static Mapping ==> Client Identifier
which should contain the same text as specified in client's DHCP configuration (clientid on debian or MacOs) should solve (or at least work around) the issue and let the feature work flawlessly.
As stated in my previous post, I regularly use it by prepending \000 directly in psSense GUI, and it works fine (in this case the MAC Address filed have to be empty).
In my opinion solving the issue should be now a priority for many sysadmin because of the increasing number of notebooks, or other mobile devices, without a built-in ethernet card, using usb/thundebolt => ethernet adapters that are frequently interchanged between different users on different devices. This way it's not possible to apply specific firewall rules based on the IP Address, that apply to users.
Setting the DHCP clientid parameter on the user's os dhcp configuration it's possible to apply rules precisely to each single user, no matter which network device is used to connect to the network.
This is also the case where users connect either via WiFi or via Ethernet card.
Furthermore, there is the benefit of decreasing the number of IP reservations; 1 IP per client (user Operating Sistem), no more 1 IP per user/network card)
Updated by Carlo Tognetti about 1 year ago
Still present in rel. 2.7.1
The bug have been persisting on all releases in the last 7 years.
While I'm grateful to everyone is working on this project, please, I'd like to know if there is any plan to fix it.
Updated by Kris Phillips about 1 year ago
Carlo Tognetti wrote in #note-4:
Still present in rel. 2.7.1
The bug have been persisting on all releases in the last 7 years.
While I'm grateful to everyone is working on this project, please, I'd like to know if there is any plan to fix it.
Hello Carlo,
Have you tested this on 2.7.2 with Kea instead of ISC-DHCP? The formatting for DHCP leases in Kea is completely different and ISC-DHCP is eventually being deprecated.
Updated by Marcos M about 1 year ago
- Tracker changed from Bug to Feature
- Subject changed from DHCP Client ID not used to Allow specifying the client identifier hardware type
- Status changed from Confirmed to New
- Affected Version deleted (
All)
From what I've gathered so far, this is not a bug. RFC2132 states:
The client identifier MAY consist of type-value pairs similar to the 'htype'/'chaddr' fields defined in [3]. For instance, it MAY consist of a hardware type and hardware address. In this case the type field SHOULD be one of the ARP hardware types defined in STD2 [22]. A hardware type of 0 (zero) should be used when the value field contains an identifier other than a hardware address (e.g. a fully qualified domain name).How the client ID is formatted depends on the client. Testing here shows:
- pfSense does not include the hardware type
- Windows includes the hardware type (type-value pair)
Prepending \000
to the client identifier field in the static mapping config sets the hardware type to 0
which allows dhcpd to match clients such as Windows.
If a hardware type field is added to the static mapping GUI, both cases would be covered. The field would have the options for setting it to "None" or an int as defined by IANA.