Project

General

Profile

Actions
Copy link

Feature #6362

open

Allow specifying the client identifier hardware type

Added by Rob Gormley almost 9 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
DHCP (IPv4)
Target version:
-
Start date:
05/16/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

Situation: Mac OS X 10.11 client, wireless. DHCP is specified with 'myhostname' in DHCP Client ID.

In pfSense, DHCP Static Mapping for Client ID, IP address (outside pool, inside subnet - 10.78.0.28/23)

Renew DHCP lease, and a pool address is given, not the static mapping.

Looking at /var/dhcpd/etc/dhcpd.conf shows this:


host s_lan_13 {
option dhcp-client-identifier "myhostname";
fixed-address 10.78.0.28;
option host-name "myhostname";
}

So things appear configured correctly. No issues from dhcpd system logs:


May 16 21:25:16 dhcpd DHCPDISCOVER from f4:5c:89:8c:0d:f1 via em1
May 16 21:25:16 dhcpd icmp_echorequest 10.78.1.154: Host is down
May 16 21:25:17 dhcpd DHCPOFFER on 10.78.1.154 to f4:5c:89:8c:0d:f1 (myhostname) via em1
May 16 21:25:18 dhcpd DHCPREQUEST for 10.78.1.154 (10.78.0.2) from f4:5c:89:8c:0d:f1 (myhostname) via em1
May 16 21:25:18 dhcpd DHCPACK on 10.78.1.154 to f4:5c:89:8c:0d:f1 (myhostname) via em1

Actions
Copy link
 #1

Updated by Chris Buechler almost 9 years ago

  • Status changed from New to Confirmed
  • Affected Version changed from 2.3.1 to All

that is indeed the case. Appears it just doesn't work in dhcpd unless I'm missing something. Config is correct, and the dhcpd docs seem to indicate it can be used in that manner.

Actions
Copy link
 #2

Updated by Carlo Tognetti about 4 years ago

In pfSense, just pre-pending

\000

to the string specified in DHCP client configuration ( DHCP Client ID = myhostname as stated in Rob Gormley example )
it works correctly

My test:

Settings

on pfSense

Ver. 2.5.0-RELEASE (amd64)

Services/DHCP Server/LAN/Edit Static Mapping

MAC Address =
Client Identifier = \000test02
IP Address = 192.168.0.218
Hostname =

on raspbian

/etc/dhcpcd.conf

clientid test02
or
clientid "test02"
(it works either with and without quotes, all the other options in /etc/dhcpcd.conf left as default)

Results

on pfSense

/var/dhcpd/etc/dhcpd.conf

host s_lan_12 {
    option dhcp-client-identifier "\000test02";
    fixed-address 192.168.0.218;

}
subclass "s_lan" "\000test02";

on raspbian

I get the correct DHCP values among them IP is 192.168.0.218

Actions
Copy link
 #3

Updated by Carlo Tognetti almost 4 years ago

Request

To me, just prepending \000 to the text content of the GUI field

Services / DHCP Server / LAN / Edit Static Mapping ==> Client Identifier

which should contain the same text as specified in client's DHCP configuration (clientid on debian or MacOs) should solve (or at least work around) the issue and let the feature work flawlessly.

As stated in my previous post, I regularly use it by prepending \000 directly in psSense GUI, and it works fine (in this case the MAC Address filed have to be empty).

In my opinion solving the issue should be now a priority for many sysadmin because of the increasing number of notebooks, or other mobile devices, without a built-in ethernet card, using usb/thundebolt => ethernet adapters that are frequently interchanged between different users on different devices. This way it's not possible to apply specific firewall rules based on the IP Address, that apply to users.

Setting the DHCP clientid parameter on the user's os dhcp configuration it's possible to apply rules precisely to each single user, no matter which network device is used to connect to the network.
This is also the case where users connect either via WiFi or via Ethernet card.

Furthermore, there is the benefit of decreasing the number of IP reservations; 1 IP per client (user Operating Sistem), no more 1 IP per user/network card)

Actions
Copy link
 #4

Updated by Carlo Tognetti over 1 year ago

Still present in rel. 2.7.1
The bug have been persisting on all releases in the last 7 years.
While I'm grateful to everyone is working on this project, please, I'd like to know if there is any plan to fix it.

Actions
Copy link
 #5

Updated by Kris Phillips over 1 year ago

Carlo Tognetti wrote in #note-4:

Still present in rel. 2.7.1
The bug have been persisting on all releases in the last 7 years.
While I'm grateful to everyone is working on this project, please, I'd like to know if there is any plan to fix it.

Hello Carlo,

Have you tested this on 2.7.2 with Kea instead of ISC-DHCP? The formatting for DHCP leases in Kea is completely different and ISC-DHCP is eventually being deprecated.

Actions
Copy link
 #6

Updated by Marcos M over 1 year ago

  • Tracker changed from Bug to Feature
  • Subject changed from DHCP Client ID not used to Allow specifying the client identifier hardware type
  • Status changed from Confirmed to New
  • Affected Version deleted (All)

From what I've gathered so far, this is not a bug. RFC2132 states:

   The client identifier MAY consist of type-value pairs similar to the
   'htype'/'chaddr' fields defined in [3]. For instance, it MAY consist
   of a hardware type and hardware address. In this case the type field
   SHOULD be one of the ARP hardware types defined in STD2 [22].  A
   hardware type of 0 (zero) should be used when the value field
   contains an identifier other than a hardware address (e.g. a fully
   qualified domain name).

How the client ID is formatted depends on the client. Testing here shows:
  • pfSense does not include the hardware type
  • Windows includes the hardware type (type-value pair)

Prepending \000 to the client identifier field in the static mapping config sets the hardware type to 0 which allows dhcpd to match clients such as Windows.

If a hardware type field is added to the static mapping GUI, both cases would be covered. The field would have the options for setting it to "None" or an int as defined by IANA.

Actions
Copy link

Also available in: Atom PDF