Dhclient doesn't support option 77
-
Hi,
I'm in France, with the ISP "Orange". Few month ago this ISP provide a new way to connect to its network. Before it was only with PPPoE/IPv4, now there is a new system with DHCP, who could provide static IPv4, and IPv6.
It's not possible to use the original pfSense dhclient, because he doesn't support some option code (for this case the option 77 isn't available). Some people here https://lafibre.info/remplacer-livebox/remplacer-sa-livebox-par-un-routeur-pfsense/ (in French) provide a different bin for dhclient to replace the original pfSense's dhclient.
I think this could be interesting to provide directly in pfsense a dhclient who can handle more option code (like the n°77). What do you think?
Megagolgoth
-
Option 77 is available on FreeBSD's dhclient (at least on the version available on pfSense 2.3.2). The only special note is 77 has a meaningful name, and in this case, meaningful name should be used instead of 77.
Here is dhclient definition:
https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_3_2/sbin/dhclient/tables.c#L145
'user-class' is the name that should be used
-
Hi,
I'm in France, with the ISP "Orange". Few month ago this ISP provide a new way to connect to its network. Before it was only with PPPoE/IPv4, now there is a new system with DHCP, who could provide static IPv4, and IPv6.
It's not possible to use the original pfSense dhclient, because he doesn't support some option code (for this case the option 77 isn't available). Some people here https://lafibre.info/remplacer-livebox/remplacer-sa-livebox-par-un-routeur-pfsense/ (in French) provide a different bin for dhclient to replace the original pfSense's dhclient.
I think this could be interesting to provide directly in pfsense a dhclient who can handle more option code (like the n°77). What do you think?
Megagolgoth
I have a fixed dhclient for option 77 in 2.4B, if you still need it pm me and I'll send it to you. I'm not in France, but a friend of mine is and he is/was having the same problem. I'll issue a PR to git this fixed shortly.
-
Hello I have the same issue,
dhclient does not honor user-class option.My Conf file:
interface "igb0_vlan832" { # DHCP Protocol Timing Values timeout 60; retry 15; select-timeout 0; initial-interval 1; # DHCP Protocol Options send dhcp-class-identifier "sagem"; send user-class "test"; send option-90 00:00:00:00:00:00:00:00:00:00:00:66:74:xx:xx...; request subnet-mask, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, domain-search, routers, domain-name-servers, option-90; script "/sbin/dhclient-script"; }Here is what i see on the network trace :
Frame: Number = 9, Captured Frame Length = 350, MediaType = ETHERNET + Ethernet: 802.1Q, Etype = Internet IP (IPv4),DestinationAddress:[FF-FF-FF-FF-FF-FF],SourceAddress:[00-0E-C4-CE-3A-10] + Ipv4: Src = 0.0.0.0, Dest = 255.255.255.255, Next Protocol = UDP, Packet ID = 0, Total IP Length = 332 + Udp: SrcPort = BOOTP client(68), DstPort = BOOTP server(67), Length = 312 - Dhcp: Request, MsgType = DISCOVER, TransactionID = 0x6E4364CE OpCode: Request, 1(0x01) Hardwaretype: Ethernet HardwareAddressLength: 6 (0x6) HopCount: 0 (0x0) TransactionID: 1849910478 (0x6E4364CE) Seconds: 12 (0xC) + Flags: 0 (0x0) ClientIP: 0.0.0.0 YourIP: 0.0.0.0 ServerIP: 0.0.0.0 RelayAgentIP: 0.0.0.0 + ClientHardwareAddress: 00-0E-C4-CE-3A-10 ServerHostName: BootFileName: MagicCookie: 99.130.83.99 + MessageType: DISCOVER - Type 53 - DHCPEOptionsVendorClassIdentifier: + VendorClassIdentifier: sagem - Type 60 + clientID: (Type 1) - Type 61 - DHCPEOptionsHostName: + HostName: pfSense - Type 12 + ParameterRequestList: - Type 55 + Authentication: - Type 90 + End:As you can see there is no user-class option sent. Any clue on how to fix this? should I open a bug ?
I tired using the generic typo option-77 but did not work as well…
runing AMD64 2.3.2-RELEASE.
I haven't tried with p1 yet will update once i tested -
It can be done. I have been working with a friend to get his Orange.fr to work with pfsense. It took a lot of hacking and a lot of swearing but it's done. I think he also had to purchase a netgear switch due to VLAN issues bit it works. I'll send him a link to this thread and ask him to tell you about what has to be done.
-
As marjohn says it is possible I'm writing a tutorial it will be completed shortly
Tonight probablyI have both IPv4 an IPv6 no issues and speed is good
The solution needs
some new code and a netgear switch but it's working well for me -
Ok so both IPv4 and IPv6 are possible on Orange FTTH using pfSense but for now IPv6 needs more work to be stable
I have it working but only by very careful timing of dhcpv6 requests and vlan settings, and it can lose the prefix and need manual intervention. In addition the dhcpv6 client in pfSense lacks the required options to get an IPv6 address so we need to use dibblerSo I will share how to get IPv4 and update once I have the IPv6 stable.
IPV4
Firstly you will need to set up VLAN 832 and assign your WAN interface to it see image1 and image 2 attached
Orange require DHCP request to be tagged with priority 6 but all other traffic with 0
So ensure the VLAN is defined with Priority 0 or you with end up with reduced flowadd the attached dhclient and dhclient_832.conf file to the following locations (make a copy of dhcleint first :-))
/sbin/dhclient
/conf/dhclient_832.confAmend the conf file to
- change the interface to match your set up
- change the "send rfc3118-auth 00:00:00:00:00:00:00:00:00:00:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx;"
The part in bold is your userid ID (fti / …)
A generator is available https://jsfiddle.net/kgersen/45zudr15/embedded/result/
Then in interfaces WAN set up as per image3 and image4 attached
Thats it your done :-)
I'll keep you all posted on IPv6 but its more complex may require a managed switch capable of COS tagging of packets.
This work is the combination of many from the French Forum https://lafibre.info/index.php but would have not been possibe with the help and support of @marjohn who has done most of the IPv6 work
NOTE this solution may work at 2.4 but is written and test at 2.3 only
-
@nivek1612:
add the attached dhclient…
/sbin/dhclientWill it work using ISC /usr/local/sbin/dhclient? If so people may be more comfortable with that than running a binary provided via a forum.
That binary does send the 'user-class' option when supplied.
If it is compatible with 'send-interface', 'vlan-id', and 'vlan-pcp' statements it should work. -
Possibly sorry not in France now for a few weeks so can't check for certain
However as dhclient is called from within interfaces.inc and others no sure how you would achieve that without code changes
-
Ok so Ive now got ipv6 working but its not robust
Some times it does not survive reboots and takes a few attempts to get it back
So I have attached a tutorial explaining what needs to be done and now seek further testers as I'm only in France from time to time
Many thanks to marjohn getting to this point
Happy to share the code with those willing to help
EDIT: Thanks to the guys over at lafibre its should be possible to set the COS in a firewall rule rather than need to use the switch
Still interested in people to test[Orange FTTH and IPV6.docx.zip](/public/imported_attachments/1/Orange FTTH and IPV6.docx.zip)
-
For those unhappy to simply download a binary from a forum - I get that this is a firewall after all right
Attached is the patch that allows dhclient to set both the PCP of the DHCP request and add option 77 to the parms
many of you wont need the pcp (I do for Orange France) so strip out the bits you need.
-
Hi,
I confirm that "option-77" or user-class is not sent by dhclient on pfsense 2.4.
View my result dhcpdump :–-------------------------------------------------------------------------
TIME: 2017-03-15 12:41:57.540
IP: 0.0.0.0 (00:0c:29:5c:ac:dc) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: a39a7bf5
SECS: 28
FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:0c:29:5c:ac:dc:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER)
OPTION: 60 ( 5) Vendor class identifier sagem
OPTION: 61 ( 7) Client-identifier 01:00:0c:29:5c:ac:dc
OPTION: 12 ( 2) Host name jr
OPTION: 55 ( 9) Parameter Request List 1 (Subnet mask)
28 (Broadcast address)
51 (IP address leasetime)
58 (T1)
59 (T2)
119 (Domain Search)
3 (Routers)
6 (DNS server)
90 (Authentication)OPTION: 90 ( 22) Authentication 0000000000000000 ........
0000006674692f64 ...fti/d
xxxxxxxx xxxxxview my config :
interface "vmx0_vlan832" {
#send-interface "vmx0";
vlan-id 832;
#vlan-pcp 6;DHCP Protocol Timing Values
timeout 60;
retry 15;
reboot 0;
select-timeout 0;
initial-interval 1;DHCP Protocol Options
send dhcp-class-identifier "sagem";
send option-77 "+FSVDSL_livebox.Internet.softathome.Livebox4";
send option-90 00:00:00:00:00:00:00:00:00:00:00:66:74:69:2f:xx:xx:xx:xx:xx:xx:xx;
request subnet-mask, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, domain-search, routers, domain-name-servers, opt
ion-90;or
interface "vmx0_vlan832" {
#send-interface "vmx0";
vlan-id 832;
#vlan-pcp 6;DHCP Protocol Timing Values
timeout 60;
retry 15;
reboot 0;
select-timeout 0;
initial-interval 1;DHCP Protocol Options
send dhcp-class-identifier "sagem";
send user-class "+FSVDSL_livebox.Internet.softathome.Livebox4";
send option-90 00:00:00:00:00:00:00:00:00:00:00:66:74:69:2f:xx:xx:xx:xx:xx:xx:xx;
request subnet-mask, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, domain-search, routers, domain-name-servers, opt
ion-90;Thanks for the help
Best regards,
fred
