Error /var/etc/dhclient_wan.conf line 14: no option named option-61

Paint · Jul 9, 2016, 5:08 AM

I hope someone can help me with this error. I am impersonating my G1100 Quantum Gateway via these instructions: https://forum.pfsense.org/index.php?topic=114389.msg635823#msg635823

I am getting the following error in the DHCP log file:

Jul 9 00:57:26	dhclient	83437	send option-61 3d:
Jul 9 00:57:26	dhclient	83437	/var/etc/dhclient_wan.conf line 14: no option named option-61
Jul 9 00:57:25	dhclient	31659	exiting.
Jul 9 00:57:25	dhclient	31659	connection closed

option-61 is to impersonate my G1100 dhcp-client-identifier string (masked below). The problem is if I change the WAN DHCP Send Options to send dhcp-client-identifier 3d:07:01:77:77:11:44:33:d9; the parameter is not sent inside of the packet correctly (confirmed via packet sniff). This causes my WAN DHCP to fail and receive a IPv4 address of 0.0.0.0. If I use the configuration as specified below, the option is sent and I successfully receive a WAN IP.

Should I be worried about this error message or can it be ignored?
It looks like it could be a legacy issue with dhclient: https://bugs.launchpad.net/ubuntu/+source/netcfg/+bug/27141

Thanks!

Here is a copy of my /var/etc/dhclient_wan.conf file:


nterface "em0" {

# DHCP Protocol Timing Values
timeout 70;
retry 15;
select-timeout 0;
reboot 1;
backoff-cutoff 2;
initial-interval 1;

# DHCP Protocol Options
        send host-name "FIOS_Quantum_Gateway";
        send dhcp-class-identifier "FiOS-G1100:dslforum.org";
        send option-61 3d:07:01:77:77:11:44:33:d9;
        send host-name "FIOS_Quantum_Gateway";
        send domain-name "verizon.net";
        request broadcast-address, dhcp-lease-time, dhcp-rebinding-time, dhcp-renewal-time, domain-name, domain-name-servers, host-name, routers, static-routes, subnet-mask, vendor-encapsulated-options, default-ip-ttl, dhcp-class-identif
ier, dhcp-client-identifier, dhcp-parameter-request-list, dhcp-server-identifier, dhcp-requested-address, interface-mtu, log-servers, time-offset, time-servers, www-server;
        require subnet-mask, domain-name-servers;

        script "/sbin/dhclient-script";
}

NOYB · Jul 9, 2016, 5:58 AM

@Paint:

The problem is if I change the WAN DHCP Send Options to send dhcp-client-identifier 3d:07:01:77:77:11:44:33:d9; the parameter is not sent inside of the packet correctly (confirmed via packet sniff).

When using send dhcp-cleint-identifier instead of send option-61 do not include the option code (d3) and the length (07).
Only the type (01) (Ethernet), and the identifier. In this case the MAC address. The code and length should be added by dhclient.

Try this.
send dhcp-client-identifier 01:77:77:11:44:33:d9;

If this is the MAC address of the interface you may be able to use this to prevent sending the client ID at all. In which case the DHCP server is supposed to default to using the client's MAC address.
send dhcp-client-identifier "";

Also the error being seen may be that the option code and length are not expected to be included when using the send option-61 designation as well. You might give that a try too. Not sure on that. Don't think I've ever tried that. I've always used the send dhcp-client-identifier way.

Paint · Jul 9, 2016, 6:44 AM

@NOYB:

@Paint:

The problem is if I change the WAN DHCP Send Options to send dhcp-client-identifier 3d:07:01:77:77:11:44:33:d9; the parameter is not sent inside of the packet correctly (confirmed via packet sniff).

When using send dhcp-cleint-identifier instead of send option-61 do not include the option code (d3) and the length (07).
Only the type (01) (Ethernet), and the identifier. In this case the MAC address. The code and length should be added by dhclient.

Try this.
send dhcp-client-identifier 01:77:77:11:44:33:d9;

If this is the MAC address of the interface you may be able to use this to prevent sending the client ID at all. In which case the DHCP server is supposed to default to using the client's MAC address.
send dhcp-client-identifier "";

Also the error being seen may be that the option code and length are not expected to be included when using the send option-61 designation as well. You might give that a try too. Not sure on that. Don't think I've ever tried that. I've always used the send dhcp-client-identifier way.

Thank you, NOYB! That fixed the problem.

NOYB · Jul 9, 2016, 7:54 AM

You're welcome.

This is probably why the error when using the option-61 designation.

Options which are not listed by name may be defined by the name option-nnn, where nnn is the
decimal number of the option code.

In my original work for impersonating the Actiontec router option-125 designation worked because it is not one that is "listed by name" (defined).

See the REFERENCE: OPTION STATEMENTS section here.
https://www.freebsd.org/cgi/man.cgi?query=dhcp-options&sektion=5&apropos=0&manpath=FreeBSD+10.3-RELEASE+and+Ports

The reason an address was being obtained anyway was that dhclient was probably defaulting to sending hardware address or nothing at all.