Results 1 to 2 of 2
  1. #1
    Master Untangler
    Join Date
    Dec 2008
    Greater Omaha Area

    Default DHCP Advanced Option 43

    Just finished out a marathon VLAN VoIP Site to Site roll out, trying to see if I can configure the DHCP Options for the Port on the VoIP Phones. They are pulling IP Addressing, the other DHCP Options are working but the Option 43 usually needs a HEX value on most Firewalls, though it doesn't seem to accept the following. Any ideas as to how one enters a HEX value under Config, Networking, Interfaces, Edit (Internal) Interface, DHCP Configuration, DHCP Advanced, DHCP Options??


    The following option appears to work just fine:


  2. #2
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Central PA


    I don't have experience with this option, but:
    should help.

    -O, --dhcp-option=[tag:<tag>,[tag:<tag>,]][encap:<opt>,][vi-encap:<enterprise>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>|option6:<opt>|option6:<opt-name>],[<value>[,<value>]]

    Specify different or extra options to DHCP clients. By default, dnsmasq sends some standard options to DHCP clients, the netmask and broadcast address are set to the same as the host running dnsmasq, and the DNS server and default route are set to the address of the machine running dnsmasq. (Equivalent rules apply for IPv6.) If the domain name option has been set, that is sent. This configuration allows these defaults to be overridden, or other options specified. The option, to be sent may be given as a decimal number or as "option:<option-name>" The option numbers are specified in RFC2132 and subsequent RFCs. The set of option-names known by dnsmasq can be discovered by running "dnsmasq --help dhcp". For example, to set the default route option to, do --dhcp-option=3, or --dhcp-option = option:router, and to set the time-server address to, do --dhcp-option = 42, or --dhcp-option = option:ntp-server, The special address is taken to mean "the address of the machine running dnsmasq".

    Data types allowed are comma separated dotted-quad IPv4 addresses, []-wrapped IPv6 addresses, a decimal number, colon-separated hex digits and a text string. If the optional tags are given then this option is only sent when all the tags are matched.

    Be careful: no checking is done that the correct type of data for the option number is sent, it is quite possible to persuade dnsmasq to generate illegal DHCP packets with injudicious use of this flag. When the value is a decimal number, dnsmasq must determine how large the data item is. It does this by examining the option number and/or the value, but can be overridden by appending a single letter flag as follows: b = one byte, s = two bytes, i = four bytes. This is mainly useful with encapsulated vendor class options (see below) where dnsmasq cannot determine data size from the option number. Option data which consists solely of periods and digits will be interpreted by dnsmasq as an IP address, and inserted into an option as such. To force a literal string, use quotes. For instance when using option 66 to send a literal IP address as TFTP server name, it is necessary to do --dhcp-option=66,""
    As you are adding these per interface, NGFW prepends your entry with the "--dhcp-option=[tag:<tag>,[tag:<tag>,]" part. Don't duplicate that. But be aware, bad syntax can bring DNS & DHCP services to a halt.

    So my first stab at it would be:
    Last edited by Jim.Alles; 02-10-2016 at 06:48 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2