Multiple vendor-encapsulated option spaces?

I'm facing a problem trying to define and use two different option
spaces. For some reason only the last defined option space actually
works. Swapping them makes the other work.

We're running isc-dhcpd-4.3.2 (vanilla from source) on CentOS 5+6 in a
text-book failover configuration.

The option space configuration that I can't get to work is:

  option space Cisco-WLC;
  option Cisco-WLC.ControllerIP code 241 = ip-address;
  option Cisco-WLC-encapsulation code 43 = encapsulate Cisco-WLC;
 
  option space ASCOM;
  option ASCOM.servicediscovery code 10 = text;
  option ASCOM-encapsulation code 43 = encapsulate ASCOM;
 
  class "Ascom-TeleCARE-IP" {
      match if option vendor-class-identifier = "1.3.6.1.4.1.27614.1.2";
      vendor-option-space ASCOM;
      option ASCOM.servicediscovery "192.0.2.50/RoomControllerDH";
  }
 
  class "Cisco-WLC" {
      match if substring(option vendor-class-identifier, 0, 8) = "Cisco AP";
      log(info, "inside Cisco-WLC class");
      vendor-option-space Cisco-WLC;
      option Cisco-WLC.ControllerIP 198.51.100.20;
  }

Apart from this there's of course the subnet definitions et cetera.

Both of these options spaces / vendor encapsulations work by themselves
with no problems. But if both are defined (as shown above) then only the
last "option space" defined (the ASCOM one above) works.

Traffic captures verifies that the clients (Cisco 2700 AP and Ascom
teleCARE IP) are sending what they should. Logging statements inside the
"Cisco-WLC" class actually fires, but for some reason dhcpd doesn't send
the option to the client, also verified with tcpdump.

Shouldn't I be able to have multiple option spaces in this way?

Or current work-around is to send the Cisco options as an opaque blob:

  option vendor-encapsulated-options F1:04:C6:33:64:14;

This works but is rather unelegant. And some day we might have a third
or fourth system that expects vendor encapsulated options that are much
less straightforward than the Cisco-WLC example.

Thanks a bunch for your time! :-)

--
Peter




_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

It's not clear that your definitions are correct here. You seem to be
doing some things you should not, and not doing some things you should.

Take a look at this page:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html#anc13


--
I am conducting an experiment in the efficacy of PGP/MIME signatures.
This message should be signed. If it is not, or the signature does not
validate, please let me know how you received this message (direct, or
to a list) and the mail software you use. Thanks!


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On Wed, 2015-05-27 at 13:30 -0700, Doug Barton wrote:
> It's not clear that your definitions are correct here. You seem to be
> doing some things you should not, and not doing some things you should.
>
> Take a look at this page:
>
> http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html#anc13

I'm not sure what part of that configuration you think I am missing or
what excess parts I have.

As far as I can tell we're doing exactly what the page says, except for
(re-)setting the vendor-class-identifier to what it was matched as,
which seems superflous to me.

Keep in mind that the DHCP configuration for each of my options spaces
works fine as long as it is the only one. When I have more than one then
only the last defined works.

But thanks for taking a look. :-)

--
Peter


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Try removing the lines stating that option 43 is encapsulating things.


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On Wed, 2015-05-27 at 14:16 -0700, Shawn Routhier wrote:
Ah, thanks! That was it! Everything works as intended now.

I'm not sure exactly why we had these in the configuration, but I'm
pretty sure I've looked at several examples on teh Intarnetz that
include a similar line. But then there are a lot of terrible examples
out there...

Reading the man pages I can now see that this "= encapsulate" thing is
only meant for options above 224 (or 128 or whatever) that the DHCP
server doesn't already know how to encapsulate.

And a nod to Doug, who was right if not elaborate. :-) That line isn't
mentioned in Ciscos (old-ish) LWAPP documentation.

Cheers all around!

--
Peter


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

I’ve seen some indications that they were needed in some older versions
of DHCP, but I’ve never felt the desire to figure out if they really were needed
or somebody was confused.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users