DHCP Client Configuration: How to properly set vivso-suboptions?
-
@bingo600 yes, exactly.
All of the guides I found say that to get an IP you need to clone the mac address, use vlan100 (or vlan200 on older posts) and set a vendor class identifier (BYGTELIAD on the newer vlan100)I tried both vlan100 & vlan200. Swapping over the vendor class identifiers too, you never know (:
No success, sadly -
@teunbruijnen
Now is the time to "dust off the credit card" and get a managed switch for packet capture.This is my favorite cheap 8-port
https://www.amazon.fr/D-Link-DGS-1100-08V2-administrable-fonctionnalit%C3%A9s-ventilateur/dp/B08MWL25PM/DONT' get TP-LINK
/Bingo
-
These could smell of DHCP parameters <option number , length>
See
https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml#options0x37 (55 dec) , Len 0x0b (dec 11) = Opt 55 - Parameter Request List
0x3c ( 60 dec) , Len 0x09 (dec 9) = Opt 60 - Class Identifier
0x3d (61 dec) , Len 0x07 (dec 7) = Opt 61 - Client Identifier
0x7d (125 dec) , Len 0x28 (dec 40) = Opt 125 - Vendor-Identifying Vendor-Specific Information
Parameter Request List
0x01 Subnet mask
0x1c Broadcast addr
0x03 Router
0x33 IP Address Lease Time
0x3a DHCP Renewal (T1) Time
0x3b DHCP Renewal (T2) Time
0x0f The DNS domain name of the client
0x0c Hostname string
0x06 DNS Server addresses
0x2a NTP Server Addresses
0x48 WWW Server AddressesDecoding of the above is rather crazy to do by hand - Wireshark would do the m for you ... But i could
/Bingo
Edit: Similar Thread
https://forum.netgate.com/topic/102195/fios-wan-dhcp-setup-for-g1100-fios-quantum-router-with-pfsense-no-bridging -
@bingo600 lol, you are like a networking wizard! That is awesome.
You've helped me out a ton already, thanks a lot for your kind & insightful replies. It's been hard trying to crack this on my own, I'm not that experience with networking.
I guess I really do need to take a peek at what's happening "on the other side", to understand why the DHCP request of the ISP device IS getting an IP and why the DHCP request of the netgate device is not.
Wouldn't it be possible to use the ports I have on the SG-1100 to achieve this?! -
@bingo600 lol I set up a bridge between 2 ports.
Thought it was possible to simply route the traffic from 1 port to another with a bridge and then sniff the traffic on the bridge. However, traffic on the interfaces was suspiciously low again.
The only packets I got were these:
I guess I didn't do it right. I thought it wasn't that hard, that seems to be a recurring theme with me & networking :') -
@teunbruijnen said in DHCP Client Configuration: How to properly set vivso-suboptions?:
@bingo600 lol I set up a bridge between 2 ports.
I guess I didn't do it right. I thought it wasn't that hard, that seems to be a recurring theme with me & networking :')
Don't give up ... We have all been there.
Get the "right tool for the job" - Aka The switchI have no experience with the Netgate 1100 , or any of the ones w. built in switches.
/Bingo
-
@bingo600 Thanks for the encouragement! Putting it on ice until I get the "right tool for the job" :)
-
@bingo600 hello mr bingo. After one month, an order came through and I'm finally able to properly 'tap' the line (between SOHO router & modem).
I can now see the exact difference between the DHCP Discover packet the Netgate router sends out(which does not get accepted), and the DHCP Discover packet the SOHO router sends out(which gets accepted).
I can see the DHCP packet from the SOHO router has a 'header' (is this the right term?) : 802.1Q Virtual LAN, PRI: 6, DEI: 0, ID: 100.
Left is Netgate, right is SOHO
This header is not included in the request from the Netgate router. If I'm not mistaken, it seems that I have made a mistake in setting up the VLAN !
-
@teunbruijnen
Vlan info seems to be : Vlan 100 , PRI ?? (Priority)This seems to indicate that the WAN/ISP line is running as a 802.1Q tagged interface , and that answer is sent with Vlan Tag 100.
How was your Wan interface setup ?
Screenshots please ??/Bingo
-
@bingo600 Thanks for the reply! Indeed..
WAN interface:
And the VLAN:
Thanks for the support Bingo!!
-
-
@bingo600 Sadly it does not work :(( with the exact setup I've shared above, the DHCP Discover packet does not send out the 802.1Q Virtual LAN info. Do you have any ideas?
-
@teunbruijnen
I have no experience with the 1100's, and their built in switch-ports.How is the little mirror-port switch setup in the "Vlan 802.1Q section" ?
You are using the excactly same setup for sniffing ISP and pfSense ?
You have not put any of the ports in a specific vlan ?Maybe JP can help here, he seems to know about the embedded switch-ports.
@johnpozWe're trying to replace an ISP router with a pfSense, right now we seem to be stuck with sending the dhcp requests from pfSense, with "Vlan 100 tag" - pfSense is a 1100, and OP has bought a little switch with mirroring capabilities in order to debug the functioning ISP DPCP request vs the non functioning pfSense request.
https://forum.netgate.com/post/1011969Right now the issue seems to be that the 1100 pfSense WAN interface packages are not tagged w. Vlan100, according to the Wireshark Trace.
I have never used a pfSense w. builtin switchports, and it could be that i'm missing something there.
-
@bingo600
I am sniffing the ISP & pfsense in the exact same way right now.The switch setup wasn't done properly!! I didn't know VLAN's had to be configured on that level too. This is what it looked like before changing the VLAN tag to 100:
The ports seemed to be wrong too, changed to this now:
However... Still no VLAN frame included in the DHCP Discover packet.
-
By switch i actually meant the New switch you got for "wireshark sniffing".
What model did you get ?As i say i have no idea about how to setup the switch on the 1100.
Could you show the two captures again SOHO & pfSense with the new setup
like this one : https://forum.netgate.com/post/1011969 -
@bingo600 I am using an Orange Pi R1 for sniffing!
After more trial and error I finally figured out the problem. In the VLANs for the switch, VLAN group 1 wasn't tagged for 'member 3'. Once I enabled this, the DHCP Discover came tagged with the VLAN. It's still quite strange imo, since I don't understand how 'member 3' corresponds with the interface etc.
Anyways I am happy to finally have figured out how to bypass the SOHO router and start using pfsense. It took me around 4 months in total! Learned a lot about networking. Most of it through the replies you posted in this thread @bingo600 so thanks a lot for that!!
