Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Adding static routes using DHCP [RFC 3442]

    Scheduled Pinned Locked Moved Documentation
    1 Posts 1 Posters 5.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      knozzle
      last edited by

      I have never done this before, so I thought I would share-

      Inserting static routes

      By default, the DHCP server provides a single route to the client, the default route of that subnet. This can be implied via the VLAN interface's IP address, or can be overridden without using a DHCP options. When additional routes are required that are not the default route, a DHCP option must be used. RFC 3442 specifies that options 121 and 249 must be used.

      To add additional routes in pfSense under the VLAN's DHCP server option, click the 'Advanced' button under 'Additional BOOTP/DHCP Options'. If no options are already set, click on the + button; add two lines, one for DHCP option 121 and one for 249. Under the 'Number' column, insert these two options. The 'Type' column should be set to 'String'.

      Generating the route hex values

      The hex values that are required for the DHCP options must be generated in a specific format. For this method, we will be using a utility called HexRoute (http://www.xrx.ca/hexroute.htm). Copy and extract the shell script to your local Linux/Cygwin instance and run the command. This will provide you with the information that the command is looking for:

      $ ./hexroute
      Usage: hexroute [-v|-h] target/bits [gw] gateway [target/bits [gw] gateway ...]
              ie: ./hexroute 172.16.0.0/16 gw 192.168.1.1
      

      i.e. we will want the clients of this subnet to be able to route traffic destined for 2.1.1.0/24 via the gateway 4.1.2.1

      $ ./hexroute  2.1.1.0/24 gw 4.1.2.1               
      18:02:01:01:04:01:02:0
      

      Once the hex value is generated, insert this string into the 'Value' column for both DHCP options.
      Converting the hex values back to binary

      A small script can easily parse the hex values into a readable format (hexparse.sh).

      
      #!/bin/bash
      toDecode=$1
      for value in $(echo "$toDecode" | xargs -d':' -n1);
      do
              echo $((0x$value))
      done
      
      

      To use this script, insert the hex string as the argument.

      $ ./hexparse.sh 18:02:01:01:04:01:02:01
      24
      2
      1
      1
      4
      1
      2
      1
      

      Understanding the string syntax

      Using the previous example, the string always starts with the block size specified in CIDR notation, followed by the network or address, and then the gateway.

      Note that when specifying a network range that has the last octet's value of 0, it is simply omitted. When specifying a single host, all four octets will be present.

      Appending additional routes to a preexisting string

      If the DHCP server already has a value present, and an addition route is needed, concatenate the values and insert a colon.

      Again using the previous example, we will add an additional route destined for 2.1.1.0/24 via the gateway 4.1.2.1

      18:02:01:01:04:01:02:01 + 18:03:01:01:04:01:02:01 = 18:02:01:01:04:01:02:01:18:03:01:01:04:01:02:01

      Replace the entire value with the new string.

      Updating the clients

      Depending on the operating system, the client will need to run the following:

      Linux/BSD
      dhclient

      Windows
      ipconfig /release
      ipconfig /renew

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.