[Kea-users] DHCP options order incompatibility

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Kea-users] DHCP options order incompatibility

Steve Teusch

Group,

 

I’ve ran across an issue with DHCP snooping on some of my switches with only KEA server.  The switches cannot track the DHCP responses from the server and I found the issue is that all of the other DHCP servers we have list DHCP options in numerical order.  Other such servers always start their options with (53) Message Type (54) DHCP Server Identifier (51) Lease time, then numerically sorted.  I edited the file libdhcp++.cc with the following method which changed the order and fixed my issue; I cannot find any RFC reference that this order is mandatory but for some reason ISC DHCP server also follows this other order:

 

void

LibDHCP::packOptions4(isc::util::OutputBuffer& buf,

                     const OptionCollection& options) {

    OptionPtr agent;

    OptionPtr end;

               

                //BEGINNING BLOCK I ADDED

                //DHO_DHCP_MESSAGE_TYPE = 53

                //DHO_DHCP_SERVER_IDENTIFIER  =54

                //DHO_DHCP_LEASE_TIME =51

                OptionPtr type;

                OptionPtr id;

                OptionPtr leaset;

    for (OptionCollection::const_iterator it = options.begin();

         it != options.end(); ++it) {

 

        // type, id, leaset options must be last.

        switch (it->first) {

                                                case DHO_DHCP_MESSAGE_TYPE:

                                                                type = it->second;

                                                                break;

                                                case DHO_DHCP_SERVER_IDENTIFIER:

                                                                id = it->second;

                                                                break;

                                                case DHO_DHCP_LEASE_TIME:

                                                                leaset = it->second;

                                                                break;

        }

    }         

               

                if (type){

                                type->pack(buf);

                }

                if (id){

                                id->pack(buf);

                }

                if (leaset){

                                leaset->pack(buf);

                }

                //ENDING BLOCK I ADDED

    for (OptionCollection::const_iterator it = options.begin();

         it != options.end(); ++it) {

 

        // RAI and END options must be last.

        switch (it->first) {

            case DHO_DHCP_AGENT_OPTIONS:

                agent = it->second;

                break;

            case DHO_END:

                end = it->second;

                break;

                                                case DHO_DHCP_MESSAGE_TYPE:  //ALSO ADDED

                                                                break;

                                                case DHO_DHCP_SERVER_IDENTIFIER:  //ALSO ADDED

                                                                break;

                                                case DHO_DHCP_LEASE_TIME:  //ALSO ADDED

                                                                break;

            default:

                it->second->pack(buf);

                break;

        }

    }

 

    // Add the RAI option if it exists.

    if (agent) {

       agent->pack(buf);

    }

 

    // And at the end the END option.

    if (end)  {

       end->pack(buf);

    }

}

 

///END OF CODE

 

Any comments?

 

 


_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Kea-users] DHCP options order incompatibility

Francis Dupont
Steve Teusch writes:
> Any comments?

=> fix the client (or the entity which does not support any order for
DHCP options) as it is clearly not RFC compliant.
 BTW the option 82 RAI has a SHOULD to be last, and END/255 must be the
very last one possibly followed by PAD/0 simply because anything after
is ignored... So there is *nothing* else in RFCs about option order
and as far as I know it is at implementor choice (which is different
for ISC DHCP and Kea BTW).

Thanks

Francis Dupont <[hidden email]>

PS: you can use a hook to pack options in your prefer order.
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Kea-users] DHCP options order incompatibility

Steve Teusch
Thank you very much for that.  I will implement my order with a hook for now and see if the switch manufacturer will patch this switch.

-----Original Message-----
From: Francis Dupont [mailto:[hidden email]]
Sent: Wednesday, July 5, 2017 9:02 PM
To: Steve Teusch <[hidden email]>
Cc: [hidden email]
Subject: Re: [Kea-users] DHCP options order incompatibility

Steve Teusch writes:
> Any comments?

=> fix the client (or the entity which does not support any order for DHCP options) as it is clearly not RFC compliant.
 BTW the option 82 RAI has a SHOULD to be last, and END/255 must be the very last one possibly followed by PAD/0 simply because anything after is ignored... So there is *nothing* else in RFCs about option order and as far as I know it is at implementor choice (which is different for ISC DHCP and Kea BTW).

Thanks

Francis Dupont <[hidden email]>

PS: you can use a hook to pack options in your prefer order.
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Kea-users] DHCP options order incompatibility

Joelson Vendramin
Hi Steve,

Just curiosity:
What's your switch brand/model?

Thanks,
--
Joelson Vendramin



De: Steve Teusch <[hidden email]>
Para: Francis Dupont <[hidden email]>
Cc: "[hidden email]" <[hidden email]>
Enviadas: Quarta-feira, 5 de Julho de 2017 9:24
Assunto: Re: [Kea-users] DHCP options order incompatibility

Thank you very much for that.  I will implement my order with a hook for now and see if the switch manufacturer will patch this switch.

-----Original Message-----
From: Francis Dupont [mailto:[hidden email]]
Sent: Wednesday, July 5, 2017 9:02 PM
To: Steve Teusch <[hidden email]>
Cc: [hidden email]
Subject: Re: [Kea-users] DHCP options order incompatibility

Steve Teusch writes:
> Any comments?

=> fix the client (or the entity which does not support any order for DHCP options) as it is clearly not RFC compliant.
BTW the option 82 RAI has a SHOULD to be last, and END/255 must be the very last one possibly followed by PAD/0 simply because anything after is ignored... So there is *nothing* else in RFCs about option order and as far as I know it is at implementor choice (which is different for ISC DHCP and Kea BTW).

Thanks

Francis Dupont <[hidden email]>

PS: you can use a hook to pack options in your prefer order.
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users



_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Loading...