DHCP option 82
OK I know what option 82 does, it included the port, switch and vlan id in the DHCP packet returned to the DHCP server
But what actuly use can you make of this ? Is there any way on say a 2003 dhcp server to view this information?
It jsut seems a great idea, and would allow you to build a database that ties ip address to specific ports on devices around you network. But as far as I can see actual pulling out the option 82 info is far from simple?
Any comments, or does any one make use of this option?
Cheers
Aaron
But what actuly use can you make of this ? Is there any way on say a 2003 dhcp server to view this information?
It jsut seems a great idea, and would allow you to build a database that ties ip address to specific ports on devices around you network. But as far as I can see actual pulling out the option 82 info is far from simple?
Any comments, or does any one make use of this option?
Cheers
Aaron
- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Do you have logging enabled? It might be listed in system32\dhcp\<log>
I don't think it shows anywhere in the GUI, but I've never used this. -
kalebksp Member Posts: 1,033 ■■■■■□□□□□Option 82 isn't supported on Windows DHCP, it's just ignored.
This blog post shows an example of collecting the information by hooking into the API, but it's more of a programming example than something meant for production: DHCP Server Callout API usage - Microsoft Windows DHCP Team Blog - Site Home - TechNet Blogs -
DevilWAH Member Posts: 2,997 ■■■■■■■■□□see it seems such a great thing to have, I see an ip and i want to know where it is,
open the dhcp leases and read of where it come from....
now I know there are much better way to do this from a network point of view, but I am thinking of Jo bolgs on the helpdesk. People are always asking me to locate an IP address, being able to say " go look at the DHCP server its all there" would be great.
if you say windows don't support it does that mean bind9 does ?
cheers- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
kalebksp Member Posts: 1,033 ■■■■■□□□□□BIND is DNS, I assume you mean ISC DHCP. I know that ISC DHCP will return the option 82 information in the offer and ack, as it is supposed to. I've never tried to do what you are doing.
Someone on here mentioned Netdisco a while back. I haven't gotten around to checking it out but it may do what you want. -
APA Member Posts: 959Perfect timing for my example.....
We are making use of Option-82 to perform authentication of PPP subscribers based on whether they have a specific option-82 string carried....
Works a treat..... we have a complex PPPoL2TP topology at the moment due to multiple companies being purchased..... and therefore multiple L2TP transit points for differring customers and we are migrating them in stages utilizing RADIUS proxying towards different RADIUS backend farms.....hence the need to identify users in a unique way and proxy their auth to the right farm....
and I can confirm that Windows DHCP ignores option-82..... as I found out when I first deployed dhcp snooping\arp inspection in a Windows environment quite some time ago...
CCNA | CCNA:Security | CCNP | CCIP
JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
JNCIS:SP | JNCIP:SP -
mo zee Registered Users Posts: 1 ■□□□□□□□□□Hello Everyone.
I have a new client that wants me to enable option 82 on windows 2008 DHCP servers. The network infrastructure is made up of CISCO applicances only and the reason they want to apply option 82 is becuase of security.
I cannot tell you much about the option but I really need some assistance. I have created the predefined settings under the dhcp server, but what value should I create it as?? a string? secondly, where do I get the data to insert into said string. Any help will be appreciated.