Using Option 43 Info FROM a Cable Modem Client to Define a Class
Perry, Keith
Keith.Perry at sciatl.com
Wed Oct 17 21:11:02 UTC 2007
I finally got this working based on a key piece of information gleaned
after searching the List Server. Below is the configuration snippet
that works. I created an option space and defined the sub option types
but had to add the encapsulate command shown below. I could not find
this in either the MAN pages or the DHCP handbook.
Message thread with needed info:
http://marc.info/?l=dhcp-users&m=114417510913325&w=2
***************************************
option space SA;
option SA.devtype code 2 = text;
option SA.esafetype code 3 = text;
option SA.sernum code 4 = text;
option SA.hwver code 5 = text;
option SA.swver code 6 = text;
option SA.bootrom code 7 = text;
option SA.OUI code 8 = string;
option SA.modnum code 9 = text;
option SA.vendor code 10 = text;
option SA-43 code 43 = encapsulate SA; <---------- Won't work without
this!
# Create a class for embedded cable modems
class "eCM" {
match if option SA.devtype = "ECM";
}
# Cable Modem Subnet
subnet 10.5.128.0 netmask 255.255.192.0 {
option subnet-mask 255.255.192.0;
option routers 10.5.128.254;
option broadcast-address 10.5.191.255;
option time-offset 19800;
option time-servers 10.253.0.10;
option log-servers 10.253.0.10;
next-server 10.253.0.10;
authoritative;
pool {
range 10.5.129.1 10.5.129.250;
filename "eCM.cfg";
allow members of "eCM";
deny dynamic bootp clients;
}
pool {
range 10.5.128.1 10.5.128.250;
filename "CM.cfg";
deny members of "eCM";
deny dynamic bootp clients;
}
}
***************************************
-----Original Message-----
From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
Behalf Of Perry, Keith
Sent: Tuesday, October 16, 2007 5:35 PM
To: dhcp-users at isc.org
Subject: RE: Using Option 43 Info FROM a Cable Modem Client to Define a
Class
Thanks for the feedback. I was so hoping it would be something simple
like the first position being 0 instead of 1. None of the 3 match
statements below work either for the class I call "embeddedCM" :
match if substring (vendor-encapsulated-options, 2, 3) = "ECM";
match if substring (vendor-encapsulated-options, 2, 3) = 45:43:4D;
match if substring (vendor-encapsulated-options, 0, 5) = 02:03:45:43:4d;
All three result in all clients being placed in the pool which is
supposed to deny the embedded clients (10.5.128.x)
****************************************
pool {
range 10.5.128.1 10.5.128.250;
filename "CM.cfg";
deny members of "embeddedCM";
deny dynamic bootp clients;
}
pool {
range 10.5.129.1 10.5.129.250;
filename "embeddedCM.cfg";
allow members of "embeddedCM";
deny dynamic bootp clients;
}
*****************************************
And when I switch the allow/deny statements as shown below, the same
behavior occurs with the 10.5.129.x pool.
****************************************
pool {
range 10.5.128.1 10.5.128.250;
filename "CM.cfg";
allow members of "embeddedCM";
deny dynamic bootp clients;
}
pool {
range 10.5.129.1 10.5.129.250;
filename "embeddedCM.cfg";
deny members of "embeddedCM";
deny dynamic bootp clients;
}
*****************************************
It appears that the "embeddedCM" class I've defined doesn't exist (or
has no matches) and that clients are placed in the pool which has no
"allow" statements. Page 443 of the DHCP handbook states that " If a
pool has a list of things that are permitted, any client that doesn't
match one of the permits cannot be allocated an address from the pool.
If a pool has a list of things that are not permitted, any client that
doesn't match one of those permits can be allocated an address from the
pool". This is exactly what is happening. I'm using the same approach
above with the Vendor Class Identifier and that works like a champ -
which is why I believe that the ISC Server cannot process inbound option
43 data.
-----Original Message-----
From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
Behalf Of Glenn Satchell
Sent: Tuesday, October 16, 2007 8:29 AM
To: dhcp-users at isc.org
Subject: RE: Using Option 43 Info FROM a Cable Modem Client to Define a
Class
>Subject: RE: Using Option 43 Info FROM a Cable Modem Client to Define a
>Class
>Date: Mon, 15 Oct 2007 16:32:02 -0400
>From: "Perry, Keith" <Keith.Perry at sciatl.com>
>
>The option I'm trying to filter on is always placed first by our client
>so I'm too concerned with reliability. I already reviewed the
>application section of the dhcp-options MAN page prior to sending out
>my initial request. It is solely about setting sub-options to provide
to
>the client - nothing about reading sub-options from the client. I've
>tried the 5 variations below with no success. Conf file passes syntax
>check with any of these:
>
This looks for the string "ECM" starting at the 6th character in the
string. Remember first position is 0.
>match if substring (vendor-encapsulated-options, 5, 3) = "ECM";
This looks for "ECM" starting at the fourth character:
>match if substring (vendor-encapsulated-options, 3, 3) = "ECM";
This looks for the string "45:43:4d" - you need to leave out the quotes
to get hex chars, ie 45:43:4d
>match if substring (vendor-encapsulated-options, 5, 3) = "45:43:4d";
>match if substring (vendor-encapsulated-options, 3, 3) = "45:43:4d";
This one would work without the quotes...
>match if substring (vendor-encapsulated-options, 0, 5) =
>"02:03:45:43:4d";
This was the value in the string as reported by the packet sniffer
below:
Value: 020345434D030845434D3A4553544204095341424A4E425A...
It is pairs of hex characters, so in dhcpd format it would be:
02:03:45:43:4D:03:08:45:43:4D:3A:45:53:54:42:04....
So, 02 is sub-option 2, 03 is length of the option, 45:43:4D is the
value stored in the sub-option, in this case the ascii codes for E, C
and M. Next 03 is sub-option 3, 08 is length, value is the next 8 bytes,
and so on.
Remember that for sub-string() you count the starting position from 0,
so I believe the match line becomes
match if substring (vendor-encapsulated-options, 2, 3) = "ECM";
or
match if substring (vendor-encapsulated-options, 2, 3) =
45:43:4D;
HTH. By the way, the packet dump was really useful for working this out.
regards,
-glenn
--
Glenn Satchell mailto:glenn.satchell at uniq.com.au | Some days we are
Uniq Advances Pty Ltd http://www.uniq.com.au | the flies; some
PO Box 70 Paddington NSW Australia 2021 | days we are the
tel:0409-458-580 tel:02-9380-6360 fax:02-9380-6416 | windscreens...
>But fails to place the embedded CMs in the pool I have specified below:
>********************************************************************
> # Cable Modem Subnet
> subnet 10.5.128.0 netmask 255.255.192.0 {
> pool {
> range 10.5.128.1 10.5.128.250;
> filename "CM.cfg";
> deny members of "embeddedCM";
> deny dynamic bootp clients;
> }
> pool {
> range 10.5.129.1 10.5.129.250;
> filename "embeddedCM.cfg";
> allow members of "embeddedCM";
> deny dynamic bootp clients;
> }
> option subnet-mask 255.255.192.0;
> option routers 10.5.128.254;
> option broadcast-address 10.5.191.255;
> option time-offset 19800;
> option time-servers 10.253.0.10;
> option log-servers 10.253.0.10;
> next-server 10.253.0.10;
> authoritative;
> }
>********************************************************************
>
>I'm beginning to wonder if the server only handles outbound Option 43
>info and not inbound ?
>
>
>Regards,
>
>Keith
>
>
>
>-----Original Message-----
>From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
>Behalf Of Glenn Satchell
>Sent: Friday, October 12, 2007 6:52 PM
>To: dhcp-users at isc.org
>Subject: Re: Using Option 43 Info FROM a Cable Modem Client to Define a
>Class
>
>Hi Keith
>
>You may not find the substring function reliable in this situation as
>the device is allowed to include the sub-options in any order. The
>dhcp-options man page has a section titled "VENDOR ENCAPSULATED
>OPTIONS". This is mostly about setting the sub-options, but should give
>you the information needed to decode them as well. It describes the
>format, which is the sub-option number, length, and value.
>
>regards,
>-glenn
>
>
>Subject: Using Option 43 Info FROM a Cable Modem Client to Define a
>Class
>Date: Fri, 12 Oct 2007 13:05:01 -0400
>From: "Perry, Keith" <Keith.Perry at sciatl.com
>
>I have digital settop boxes with embedded cable modems which I'm trying
>to differentiate from plain old stand alone cable modems so I can
>provide different cable modem configuration files to each. Both use
>the same Vendor Class Identifier (Option 60) so that is not an option.
>The embedded cable modem DHCP Discover includes a device type "ECM" in
>sub option 2 of option 43 which I should be able to use. I already use
>Option 60 to create CPE classes so I'm familiar with the syntax for it.
>Below is one of the class definitions I'm defining with Option 60:
>
>
>class "DSG-DHCT" {
> match if option vendor-class-identifier = "DSG1.0";
>}
>
>This looks at the entire Option 60 string. The embedded cable modem
>places 128 bytes of info into Option 43 using 9 seperate sub options as
>shown below:
>
>*********************************************************************
>Option: (t=43,l=128) Vendor-Specific Information (CableLabs)
> Option: (43) Vendor-Specific Information
> Length: 128
> Value: 020345434D030845434D3A4553544204095341424A4E425A...
> Suboption 2: Device Type = "ECM"
> Suboption 3: eSAFE Types = "ECM:ESTB"
> Suboption 4: Serial Number = "SABJNBZTR"
> Suboption 5: Hardware Version = "HW_REV: 1.2; "
> Suboption 6: Software Version = "SW_REV: 2.23.15 build 1
>Release"
> Suboption 7: Boot ROM version = "ROM:049d0106"
> Suboption 8: OUI = "000F21"
> Suboption 9: Model Number = "8300"
> Suboption 10: Vendor Name = "Scientific-Atlanta, Inc."
>
>0140 2e 30 2b 80 02 03 45 43 4d 03 08 45 43 4d 3a 45
.0+...ECM..ECM:E
>0150 53 54 42 04 09 53 41 42 4a 4e 42 5a 54 52 05 0d
STB..SABJNBZTR..
>0160 48 57 5f 52 45 56 3a 20 31 2e 32 3b 20 06 1f 53 HW_REV: 1.2;
..S
>0170 57 5f 52 45 56 3a 20 32 2e 32 33 2e 31 35 20 62 W_REV: 2.23.15
b
>0180 75 69 6c 64 20 31 20 52 65 6c 65 61 73 65 07 0c uild 1
Release..
>0190 52 4f 4d 3a 30 34 39 64 30 31 30 36 08 06 30 30
ROM:049d0106..00
>01a0 30 46 32 31 09 04 38 33 30 30 0a 18 53 63 69 65
0F21..8300..Scie
>01b0 6e 74 69 66 69 63 2d 41 74 6c 61 6e 74 61 2c 20 ntific-Atlanta,
>01c0 49 6e 63 2e ff 00 00 00 00 00 00 00 00 00 00 00
Inc.............
>*********************************************************************
>I'm only interested in the sub option 2:
>
>HEX: 2b 80 02 03 [45 43 4d]
>DEC: Option 43| Length 128 | SubOption 2 | Length 3 | [ECM]
>
>I'm not sure how isolate on this sub option. Would something like this
>work?
>
>class "eCM" {
> match if substring (vendor-encapsulated-options, 3, 3) = "ECM"; }
>
>Or should I include the 43 header in the offset?
>
>class "eCM" {
> match if substring (vendor-encapsulated-options, 5, 3) = "ECM"; }
>
>
>I'm open to sugestions. I running Version 3.1 on Solaris, have read
>the Man Pages and have a copy of the Teds "DHCP Handbook".
>
>
>Regards,
>
>Keith Perry
>Sr. Staff Systems Engineer
>WAN/LAN Integration R&D
>Scientific Atlanta
>770-236-3957 (Office)
>770-236-1098 (Lab)
>
>
>
>
>
> - - - - - Appended by Scientific Atlanta, a Cisco company - - - -
-
>This e-mail and any attachments may contain information which is
>confidential,
>proprietary, privileged or otherwise protected by law. The information
is
solely
>intended for the named addressee (or a person responsible for
>delivering it to
>the addressee). If you are not the intended recipient of this message,
you are
>not authorized to read, print, retain, copy or disseminate this message
or any
>part of it. If you have received this e-mail in error, please notify
the sender
>immediately by return e-mail and delete it from your computer.
>
>
>
More information about the dhcp-users
mailing list