DHCP Attribute 119

Discussion in 'Cisco' started by Wil, Jan 4, 2006.

  1. Wil

    Wil Guest

    Howdy folks,

    We are moving from a legacy LDAP domain into a fun new Active Directory
    forest with all these new domains. Funny thing is, the Microsoft DHCP
    service has no provisions for searching multiple DNS suffixes, which
    they recommend as a best practice. Loving this!

    Anyway, I thought that I would look into Cisco's DHCP service. Looks
    like there is a provision on attribute 119. Here's a snip from RFC3397:

    *************************************************
    3. Example

    Below is an example encoding of a search list consisting of
    "eng.apple.com." and "marketing.apple.com.":

    +---+---+---+---+---+---+---+---+---+---+---+
    |119| 9 | 3 |'e'|'n'|'g'| 5 |'a'|'p'|'p'|'l'|
    +---+---+---+---+---+---+---+---+---+---+---+

    +---+---+---+---+---+---+---+---+---+---+---+
    |119| 9 |'e'| 3 |'c'|'o'|'m'| 0 | 9 |'m'|'a'|
    +---+---+---+---+---+---+---+---+---+---+---+

    +---+---+---+---+---+---+---+---+---+---+---+
    |119| 9 |'r'|'k'|'e'|'t'|'i'|'n'|'g'|xC0|x04|
    +---+---+---+---+---+---+---+---+---+---+---+

    Note:

    i. The encoding has been split (for this example) into three
    Domain Search Options. All Domain Search Options are logically
    concatenated into one block of data before being interpreted by
    the client.

    ii. The encoding of "eng.apple.com." ends with a zero, the null
    root label, to mark the end of the name, as required by RFC
    1035.
    *************************************************

    So, my question is: How would I add this to my DHCP scope? I create the
    pool and see there is an "options" function from which I can choose
    option 119. Has anyone got this to work correctly?

    --
    Wil
    my 3¢
     
    Wil, Jan 4, 2006
    #1
    1. Advertising

  2. Hi Wil,

    Yeah, you should be able to enter (almost) any arbitrary DHCP option
    into your IOS DHCP server config using the "option" command ... something
    like ...

    tucson-ajax(dhcp-config)#option 119 hex 0903[ ... ]c004

    substitute the hex for you domain suffixes (null-separated) for
    the brackets.

    The example you quote below has three instances of option 119. You
    probably wouldn't need to do things this way, but I suppose you could
    if you wanted, using the "instance" keyword.

    As to whether this is going to WORK for your DHCP clients ... I have no idea.

    Have fun,

    Aaron

    ---


    ~ Howdy folks,
    ~
    ~ We are moving from a legacy LDAP domain into a fun new Active Directory
    ~ forest with all these new domains. Funny thing is, the Microsoft DHCP
    ~ service has no provisions for searching multiple DNS suffixes, which
    ~ they recommend as a best practice. Loving this!
    ~
    ~ Anyway, I thought that I would look into Cisco's DHCP service. Looks
    ~ like there is a provision on attribute 119. Here's a snip from RFC3397:
    ~
    ~ *************************************************
    ~ 3. Example
    ~
    ~ Below is an example encoding of a search list consisting of
    ~ "eng.apple.com." and "marketing.apple.com.":
    ~
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~ |119| 9 | 3 |'e'|'n'|'g'| 5 |'a'|'p'|'p'|'l'|
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~ |119| 9 |'e'| 3 |'c'|'o'|'m'| 0 | 9 |'m'|'a'|
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~ |119| 9 |'r'|'k'|'e'|'t'|'i'|'n'|'g'|xC0|x04|
    ~ +---+---+---+---+---+---+---+---+---+---+---+
    ~
    ~ Note:
    ~
    ~ i. The encoding has been split (for this example) into three
    ~ Domain Search Options. All Domain Search Options are logically
    ~ concatenated into one block of data before being interpreted by
    ~ the client.
    ~
    ~ ii. The encoding of "eng.apple.com." ends with a zero, the null
    ~ root label, to mark the end of the name, as required by RFC
    ~ 1035.
    ~ *************************************************
    ~
    ~ So, my question is: How would I add this to my DHCP scope? I create the
    ~ pool and see there is an "options" function from which I can choose
    ~ option 119. Has anyone got this to work correctly?
     
    Aaron Leonard, Jan 4, 2006
    #2
    1. Advertising

  3. Wil

    Wil Guest

    I think I'm going to try the following:

    ip dhcp pool somePool
    domain-name domain1.com
    option 119 instance 1 ascii "domain2.com"
    option 119 instance 2 ascii "domain3.com"

    Seems reasonable... I'll let ya'll know!

    Wil
    my 3¢
     
    Wil, Jan 4, 2006
    #3
  4. ~ I think I'm going to try the following:
    ~
    ~ ip dhcp pool somePool
    ~ domain-name domain1.com
    ~ option 119 instance 1 ascii "domain2.com"
    ~ option 119 instance 2 ascii "domain3.com"
    ~
    ~ Seems reasonable... I'll let ya'll know!
    ~
    ~ Wil
    ~ my 3¢

    I don't think THAT's going to work, since (per the
    RFC excerpt you posted), it looks like the value of
    this option has to begin with 0x0903 and end
    in 0xc004. But let us know how it goes.

    Aaron
     
    Aaron Leonard, Jan 4, 2006
    #4
  5. Wil

    Wil Guest

    FYI: I could not get the bugger to work so I opened a TAC case, here is
    the reply:

    "As per our conversation and your request, I wanted to confirm that
    Microsoft Windows systems have not implemented this feature yet. I have
    verified this with a colleague at Microsoft."

    Basically, the server can give the information but only if the client
    requests it. M$ implementation does not request it so the server never
    sends it. Now the question is, why the heck would Microsoft put this in
    their "Best Practices" and not make any provisions for it?

    Wil
    my 3¢
     
    Wil, Jan 13, 2006
    #5
  6. On Fri, 13 Jan 2006 15:34:36 -0800, Wil <> wrote:

    ~ FYI: I could not get the bugger to work so I opened a TAC case, here is
    ~ the reply:
    ~
    ~ "As per our conversation and your request, I wanted to confirm that
    ~ Microsoft Windows systems have not implemented this feature yet. I have
    ~ verified this with a colleague at Microsoft."
    ~
    ~ Basically, the server can give the information but only if the client
    ~ requests it. M$ implementation does not request it so the server never
    ~ sends it. Now the question is, why the heck would Microsoft put this in
    ~ their "Best Practices" and not make any provisions for it?
    ~
    ~ Wil
    ~ my 3¢

    Heh ... well, thanks for following up.

    Without Cisco tech support, how would anyone get their Microsoft
    questions answered?

    Cheers,

    Aaron
     
    Aaron Leonard, Jan 14, 2006
    #6
  7. Wil

    Wil Guest

    Aaron Leonard wrote:
    > Heh ... well, thanks for following up.
    >
    > Without Cisco tech support, how would anyone get their Microsoft
    > questions answered?
    >
    > Cheers,
    >
    > Aaron


    Sad but true

    Wil
    my 3¢
     
    Wil, Jan 14, 2006
    #7
  8. Wil

    remaker

    Joined:
    Nov 1, 2006
    Messages:
    3
    I made this work on Windows 2003 DHCP server

    OK, I got this to work. It is super ugly to do, but possible.

    Windows 2003 DHCP server allows you to make a custom option.

    Right click on the server and select "SET PREDEFINED OPTIONS"

    For option class "DHCP STANDARD OPTIONS"

    Select ADD

    NAME: Domain Search List (or whatever)
    Data Type: BYTE (check "array")
    Code: 119
    Description: Whatever

    Now: Select the option name "119 Domain Search List"

    Select EDIT ARRAY

    Now, enter in, byte by byte, the data for the domain search list following the RFC rules.

    Example: for foo.com, if would be

    0x9 0x03 0x66 0x6f 0x6f 0x3 0x63 0x6f 0x6d 0x00

    (total length) [(length of item) (ascii hex)] [0x0]

    (Bonus bizzarity: You have to enter the array elements in reverse order, since they add to the front of the array, not the back)

    Refer to the RFC on how to craft the right hex string.

    FINALLY: Add to the server options or scope options to use the newly created option 119.

    Clear as mud, right?
     
    remaker, Nov 1, 2006
    #8
  9. Wil

    koka

    Joined:
    Jun 21, 2007
    Messages:
    1

    Hi, Did somebody actually made that work, I've read (option 119) RFC3397 and (Long names in DHCP) 3396 and understood perfectly how the bit are composed.

    But here, following the exact steps described above, I could not make it work. The server is configured with the option, but the server simply does not send out this option to the client.

    I have a screenshot of everything (ethereal and configuration)... but don't know how to show it...

    Cheers,
    Vincent STEEG
     
    koka, Jun 21, 2007
    #9
  10. Wil

    pceval

    Joined:
    Jun 25, 2007
    Messages:
    1
    I did the same test above on Windows 2003 DHCP server and got nowhere as well. Not sure if WinXP needs to support Option 119 or not, but I thought I read a KBA that indicated it now does. Does the client have to request the option, or does the server push out the option regardless?

    Tony
     
    pceval, Jun 26, 2007
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SGVpbkQ=?=

    Wireless DHCP clients cannot obtain an IP address from the DHCP se

    =?Utf-8?B?SGVpbkQ=?=, Jan 8, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    2,843
    =?Utf-8?B?SGVpbkQ=?=
    Jan 8, 2006
  2. wim
    Replies:
    0
    Views:
    406
  3. ashjas
    Replies:
    8
    Views:
    1,345
  4. ~misfit~

    Orcon port 119

    ~misfit~, Feb 24, 2005, in forum: NZ Computing
    Replies:
    12
    Views:
    680
    ~misfit~
    Feb 25, 2005
  5. Ian

    QNAP TS-119 Turbo NAS

    Ian, Jun 10, 2009, in forum: Front Page News
    Replies:
    0
    Views:
    1,201
Loading...

Share This Page