dhcp-option on openwrt

dhcp-option on openwrt

openwrt

Target

配置网络支持dhcp option 43和option 60携带的capwapc的master和slave server的信息。客户端解释这个option43

Openwrt配置

服务器端/etc/config/dhcp

通过vendorclass来定义一个分类器,将携带’oakridge’vendor class的客户端分到独立的’oakridge’ networkid下。 然后为这些客户强制发送option 43的信息,不论客户端有没有请求.

  1. config vendorclass ‘oakridge‘


  2. option vendorclass ‘oakridge‘ 

  3. option networkid ‘oakridge‘ 

  4. option force ‘1‘ 

  5. list dhcp_option ‘43,1,4,192.168.100.117,1,4,192.168.100.20,2,12,ac1.test.com‘ 

转换为/var/etc/dnsmasq.conf如下

  1. dhcp-vendorclass=oakridge,oakridge


  2. dhcp-option-force=oakridge,43,1,4,192.168.100.117,1,4,192.168.100.20,2,12,ac1.test.com 

客户端配置/etc/config/network

指定vendorid为oakridge,并请求option 43

  1. config interface ‘lan1‘


  2. option ifname ‘eth0.1‘ 

  3. option type ‘bridge‘ 

  4. option proto ‘dhcp‘ 

  5. option vendorid ‘oakridge‘ 

  6. option reqopts ‘43‘ 


修改客户端udhcpc代码,将option 43携带信息转换为脚本/lib/netifd/dhcp.sh的环境变量

  1. --- a/networking/udhcp/common.c


  2. +++ b/networking/udhcp/common.c 

  3. @@ -41,6 +41,7 @@ const struct dhcp_optflag dhcp_optflags[ 

  4. { OPTION_STRING_HOST , 0x28 }, /* DHCP_NIS_DOMAIN */ 

  5. { OPTION_IP | OPTION_LIST , 0x29 }, /* DHCP_NIS_SERVER */ 

  6. { OPTION_IP | OPTION_LIST | OPTION_REQ, 0x2a }, /* DHCP_NTP_SERVER */ 

  7. + { OPTION_STRING | OPTION_REQ, 0x2b }, /* DHCP_AC_ADDR */ 

  8. { OPTION_IP | OPTION_LIST , 0x2c }, /* DHCP_WINS_SERVER */ 

  9. { OPTION_U32 , 0x33 }, /* DHCP_LEASE_TIME */ 

  10. { OPTION_IP , 0x36 }, /* DHCP_SERVER_ID */ 

  11. @@ -108,6 +109,7 @@ const char dhcp_option_strings[] ALIGN1 

  12. "nisdomain" "\0" /* DHCP_NIS_DOMAIN */ 

  13. "nissrv" "\0" /* DHCP_NIS_SERVER */ 

  14. "ntpsrv" "\0" /* DHCP_NTP_SERVER */ 

  15. + "acaddr" "\0" /* DHCP_AC_ADDR */ 

  16. "wins" "\0" /* DHCP_WINS_SERVER */ 

  17. "lease" "\0" /* DHCP_LEASE_TIME */ 

  18. "serverid" "\0" /* DHCP_SERVER_ID */ 

修改客户端udhcpc调用的脚本/lib/netifd/dhcp.sh

  1. # add option43 server list into capwapc config file


  2. [ -n "$acaddr" ] && { 

  3. acaddrs=`echo $acaddr | awk -F‘,‘ ‘{for(i=1;i <= NF; i++){ if(i%3==0)print $i}}‘`; 

  4. uci delete capwapc.server.option43_server 

  5. for addr in $acaddrs 

  6. do 

  7. uci add_list capwapc.server.option43_server=$addr; 

  8. done 

  9. uci commit capwapc; 



dnsmasq的dhcp-option说明

-O, --dhcp-option=[tag:

Specify different or extra options to DHCP clients.

指定不同的或额外的options给DHCP客户端。

By default, dnsmasq sends some standard options to DHCP clients, the netmask and broadcast address are set to the same as the host running dnsmasq, and the DNS server and default route are set to the address of the machine running dnsmasq.

缺省下,dnsmasq发送一些标准的options给DHCP客户端,子网掩码和广播地址被设置跟运行dnsmasq的主机一样,DNS服务器和缺省路由被设置为运行dnsmasq机器的地址。

(Equivalent rules apply for IPv6.)

同样的规则适用于IPv6.

If the domain name option has been set, that is sent. This configuration allows these defaults to be overridden, or other options specified.

如果域名被设置,它被发送。这个配置允许覆写这些缺省,或其它被指定的选项

The option, to be sent may be given as a decimal number or as “option:

  1. [email protected]~ $ dnsmasq --help dhcp


  2. Known DHCP options: 

  3. 1 netmask 

  4. 2 time-offset 

  5. 3 router 

  6. 6 dns-server 

  7. 7 log-server 

  8. 9 lpr-server 

  9. 13 boot-file-size 

  10. 15 domain-name 

  11. 16 swap-server 

  12. 17 root-path 

  13. 18 extension-path 

  14. 19 ip-forward-enable 

  15. 20 non-local-source-routing 

  16. 21 policy-filter 

  17. 22 max-datagram-reassembly 

  18. 23 default-ttl 

  19. 26 mtu 

  20. 27 all-subnets-local 

  21. 31 router-discovery 

  22. 32 router-solicitation 

  23. 33 static-route 

  24. 34 trailer-encapsulation 

  25. 35 arp-timeout 

  26. 36 ethernet-encap 

  27. 37 tcp-ttl 

  28. 38 tcp-keepalive 

  29. 40 nis-domain 

  30. 41 nis-server 

  31. 42 ntp-server 

  32. 44 netbios-ns 

  33. 45 netbios-dd 

  34. 46 netbios-nodetype 

  35. 47 netbios-scope 

  36. 48 x-windows-fs 

  37. 49 x-windows-dm 

  38. 58 T1 

  39. 59 T2 

  40. 60 vendor-class 

  41. 64 nis+-domain 

  42. 65 nis+-server 

  43. 66 tftp-server 

  44. 67 bootfile-name 

  45. 68 mobile-ip-home 

  46. 69 smtp-server 

  47. 70 pop3-server 

  48. 71 nntp-server 

  49. 74 irc-server 

  50. 77 user-class 

  51. 93 client-arch 

  52. 94 client-interface-id 

  53. 97 client-machine-id 

  54. 119 domain-search 

  55. 120 sip-server 

  56. 121 classless-static-route 

  57. 125 vendor-id-encap 

  58. 255 server-ip-address 

For example, to set the default route option to 192.168.4.4, do --dhcp-option=3,192.168.4.4 or --dhcp-option = option:router, 192.168.4.4 and to set the time-server address to 192.168.0.4, do --dhcp-option = 42,192.168.0.4 or --dhcp-option = option:ntp-server, 192.168.0.4

例如,设置缺省路由为192.168.4.4,可以使用–dhcp-optoin=3,192.168.4.4或者–dhcp-option=option:router,192.168.4.4。设置time-server地址为192.168.0.4,可以使用–dhcp-option=42,192.168.0.4或者–dhcp-option=option:ntp-server,192.168.0.4

The special address 0.0.0.0 is taken to mean “the address of the machine running dnsmasq”.

专用地址0.0.0意思是运行dnsmasq机器的地址

Data types allowed are comma separated dotted-quad IPv4 addresses, []-wrapped IPv6 addresses, a decimal number, colon-separated hex digits and a text string.

数据类型允许逗号隔开的四个.的IPv4地址,[]括起来的IPv6地址,一个十进制数,冒号分割的十六进制数和一个文本字符串。

If the optional tags are given then this option is only sent when all the tags are matched.

如果可选的tag被指定,之后这个option只有当所有tags都匹配才被发送。

Special processing is done on a text argument for option 119, to conform with RFC 3397.

option 119的文本参数根据RFC 3397被特殊处理.

Text or dotted-quad IP addresses as arguments to option 120 are handled as per RFC 3361.

文本或四个.的IP地址作为option 120的参数根据每个RFC 3361被处理。

Dotted-quad IP addresses which are followed by a slash and then a netmask size are encoded as described in RFC 3442.

根据RFC 3442里的描述,四个.的IP地址加反斜线和子网掩码被编码。

IPv6 options are specified using the option6: keyword, followed by the option number or option name.

IPv6 options使用optoin6:keyword后面跟选项数或者名字。

The IPv6 option name space is disjoint from the IPv4 option name space.

IPv6名字空间跟IPv4选项名字空间不想交。

IPv6 addresses in options must be bracketed with square brackets, eg. --dhcp-option=option6:ntp-server,[1234::56] For IPv6, [::] means “the global address of the machine running dnsmasq”, whilst [fd00::] is replaced with the ULA, if it exists, and [fe80::] with the link-local address.

在options里的IPv6地址必须加括号。例如–dhcp-option=option6:ntp-server,[1234::56]。[::]表示运行dnsmasq的机器的全局地址。同时[fd00::]被ULA代替。

[fe80::]是link-local地址。

Be careful: no checking is done that the correct type of data for the option number is sent, it is quite possible to persuade dnsmasq to generate illegal DHCP packets with injudicious use of this flag.

注意:选项数字的数据类型的正确性不会被检查。这个可能使dnsmasq产生非法的DHCP包因为不正当的flag的使用。

When the value is a decimal number, dnsmasq must determine how large the data item is.

当数值使个十进制数,dnsmasq必须决定这个数据项有多大。

It does this by examining the option number and/or the value, but can be overridden by appending a single letter flag as follows: b = one byte, s = two bytes, i = four bytes.

通过检查option number和(或)数值,但是通过追加的单个字符flag覆写。b是一个字节,s是两个字节,i是四个字节。

This is mainly useful with encapsulated vendor class options (see below) where dnsmasq cannot determine data size from the option number.

当封装vendor class option时,dnsmasq不能通过option number决定数据大小。这个字符flag非常有用。

Option data which consists solely of periods and digits will be interpreted by dnsmasq as an IP address, and inserted into an option as such.

option数据由单一的周期和数字被dnsmasq解释为IP地址,

To force a literal string, use quotes. For instance when using option 66 to send a literal IP address as TFTP server name, it is necessary to do --dhcp-option=66,"1.2.3.4"

为了强制一个文本的字符串,使用双引号。例如当使用option 66来发送一个文本IP地址作为TFTP服务器名字,必须使用–dhcp-option=66,"1.2.3.4"

Encapsulated Vendor-class options may also be specified (IPv4 only) using --dhcp-option: for instance --dhcp-option=vendor:PXEClient,1,0.0.0.0 sends the encapsulated vendor class-specific option “mftp-address=0.0.0.0” to any client whose vendor-class matches “PXEClient”.

封装Vendor-class option可能使用–dhcp-option被指定.例如,–dhcp-option=vendor:PXEClient,1,0.0.0.0发送一个封装的vendor-class-specific选项”mftp-address=0.0.0.0"到任何一个vendor-class是PXEClient的client。

The vendor-class matching is substring based (see --dhcp-vendorclass for details).

vendor-class匹配以子字符串为基础(详细见 --dhcp-vendorclass)

If a vendor-class option (number 60) is sent by dnsmasq, then that is used for selecting encapsulated options in preference to any sent by the client. It is possible to omit the vendorclass completely; --dhcp-option=vendor:,1,0.0.0.0 in which case the encapsulated option is always sent.

如果一个vendor-class选项(60)被dnsmasq发送,然后被选择封装选项的客户端。它可能完全忽略vendorclass。–dhcp-option=vendor:,1,0.0.0.0在这个例子里封装选项总是被发送。

Options may be encapsulated (IPv4 only) within other options: for instance --dhcp-option=encap:175, 190, iscsi-client0 will send option 175, within which is the option 190.

选项可能被封装在其它选项里。例如–dhcp-option=encap:175,190, iscsi-client0将发送option175在option190里。

If multiple options are given which are encapsulated with the same option number then they will be correctly combined into one encapsulated option. encap: and vendor: are may not both be set in the same dhcp-option.

如果多个选项被给定在同一个选项的封装里,他们将正确的本病在一个封装选项里。encap:和vendor:不能被设置在同一个dhcp-option里。

The final variant on encapsulated options is “Vendor-Identifying Vendor Options” as specified by RFC3925.

最终封装选项的变种是"Vendor-Identifying Vendor Option"定义在RFC3925里。

These are denoted like this: --dhcp-option=vi-encap:2, 10, text The number in the vi-encap: section is the IANA enterprise number used to identify this option. This form of encapsulation is supported in IPv6.

The address 0.0.0.0 is not treated specially in encapsulated options.

–dhcp-option=vi-encap:2,10,text. 在vi-encap:里的数字是IANA enterprise number用来标识这个选项。在IPv6里也支持。地址0.0.0.0在封装选项里没有特殊意义。

–dhcp-option-force=[tag:

/etc/config/dhcp

dhcp_option list of strings no (none) The ID dhcp_option here must be with written with an underscore. OpenWrt will translate this to –dhcp-option, with a hyphen, as ultimately used by dnsmasq. Multiple option values can be given for this network-id, with a a space between them and the total string between “”. E.g. ‘26,1470’ or ‘option:mtu, 1470’ that can assign an MTU per DHCP. Your client must accept MTU by DHCP for this to work. Or “3,192.168.1.1 6,192.168.1.1” to give out gateway and dns server addresses.

dhcp_optoin是一个字符串列表,默认没有。OpenWrt负责将这个选项转换为dnsmasq的–dhcp-option选项,

Classifying Clients And Assigning Individual Options

分类客户端并分配个体选项

DHCP can provide the client with numerous options, such as the domain name, NTP servers, network booting options, etc. While some settings are applicable to all hosts in a network segment, other are more specific and apply only to a group of hosts, or even only a single one. dnsmasq offers to group DHCP options and their values by a network-id, an alphanumeric identifier, and sending options only to hosts which have been tagged with that network-id.

DHCP能提供给客户很多选项,例如domain name,NTP服务器,网络启动选项。然而有些设置只适用于一个网络段里的所有主机,其它的特殊。只适用一组主机,或者甚至单个主机。dnsmasq提供了通过network-id的组识别,只发送option给有network-id标签的主机。

In OpenWrt, you can tag hosts by the DHCP range they’re in (section dhcp), or a number of options the client might send with their DHCP request. In each of these sections, you can use the dhcp_option list to add DHCP options to be sent to hosts with this network-id.

在Openwrt里,能适用DHCP的范围来标签主机,或者option的数字。

Each classifying section has two configuration options: the value of the DHCP option used to distinguish clients, and the network-id that these clients should be tagged with. Here’s a template:

config classifier

option classifier ‘value’

option networkid ‘network-id’

list dhcp_option ‘DHCP-option’

DHCP Client的选项

UDHCPC选项说明

  1. udhcpc -p /var/run/udhcpc-br-lan1.pid -s /lib/netifd/dhcp.script -f -t 0 -i br-lan1 -V oakridge -C -O 43


  2. BusyBox v1.19.4 (2017-01-17 16:59:34 CST) multi-call binary. 


  3. Usage: udhcpc [-fbnqoCRB] [-i IFACE] [-r IP] [-s PROG] [-p PIDFILE] 

  4. [-H HOSTNAME] [-V VENDOR] [-x OPT:VAL]... [-O OPT]... 


  5. -i,--interface IFACE Interface to use (default eth0) 

  6. -p,--pidfile FILE Create pidfile 

  7. -s,--script PROG Run PROG at DHCP events (default /usr/share/udhcpc/default.script) 

  8. -B,--broadcast Request broadcast replies 

  9. -t,--retries N Send up to N discover packets 

  10. -T,--timeout N Pause between packets (default 3 seconds) 

  11. -A,--tryagain N Wait N seconds after failure (default 20) 

  12. -f,--foreground Run in foreground 

  13. -b,--background Background if lease is not obtained 

  14. -n,--now Exit if lease is not obtained 

  15. -q,--quit Exit after obtaining lease 

  16. -R,--release Release IP on exit 

  17. -S,--syslog Log to syslog too 

  18. -O,--request-option OPT Request option OPT from server (cumulative) 

  19. -o,--no-default-options Don‘t request any options (unless -O is given) 

  20. -r,--request IP Request this IP address 

  21. -x OPT:VAL Include option OPT in sent packets (cumulative) 

  22. Examples of string, numeric, and hex byte opts: 

  23. -x hostname:bbox - option 12 

  24. -x lease:3600 - option 51 (lease time) 

  25. -x 0x3d:0100BEEFC0FFEE - option 61 (client id) 

  26. -F,--fqdn NAME Ask server to update DNS mapping for NAME 

  27. -H,-h,--hostname NAME Send NAME as client hostname (default none) 

  28. -V,--vendorclass VENDOR Vendor identifier (default ‘udhcp VERSION‘) 

  29. -C,--clientid-none Don‘t send MAC as client identifier 

  30. Signals: 

  31. USR1 Renew current lease 

  32. USR2 Release current lease 

/etc/config/network

reqopts string no (none) Space-separated list of additional DHCP options to request from the server

sendopts string no (none) Space-separated list of additional DHCP options to send to the server. Syntax: option:value where option is either an integer code or a symbolic name such as hostname.

reqopts 字符串,额外DHCP选项请求。在参数请求列表里。

Reference

DHCP for dhsmasq config

Network for UDHCPC config

DHCP Options List

DNSMASQ Manual

UDHCPC Manual



[email protected]

时间: 2024-10-07 05:29:50

dhcp-option on openwrt的相关文章

DHCP Option 60 的理解

原文地址: http://blog.163.com/chenqioulin_1983/blog/static/83216232010109104430251/ 首先还是看看RFC咋说的吧.DHCP 是RFC2131定义,DHCP 2132定义了dhcp option . 9.13. Vendor class identifier This option is used by DHCP clients to optionally identify the vendor type and confi

Wyse Management Suit Dell3030无法从DHCP option自动发现服务器

解决不能自动注册 Dell Wyse 瘦客户机5020 OR 3030的设备 环境:服务器WMS 1.3客户端Wyse 5020.3030 WES7,WDA_14.3.0.66_Unified Wyse 5020安装了WDA 14.3.0.66,已尝试与DHCP服务器在同一个交换机下,同一VLAN,还是一直无法获取到DHCP的option选项,实现自动注册.也尝试过安装在Wyse 3030的WES 7上WDA 14.3.0.66,也是相同现象,无法实现自动注册.目前只能依靠手动在客户端设置服务器

编译树莓派2代B型OpenWrt固件实现无线路由器及nodogsplash认证功能

最终功能: 无线路由器的主要功能,网口WAN接入,USB无线网卡AP热点输出,连上wifi之后跳转到认证页面,点击认证方可上网,有效时间10分钟,认证成功之后自动访问指定网址. 文章结尾有编译好的刷机包下载 硬件准备: 1.Raspberry Pi 2 model B 2.USB无线网卡,我使用的是TL-WN722N 150Mbps 芯片是AR9271 3.操作系统:CentOS 7 4.SD卡8GB 开始之前最好配置好代理,因为编译过程中所有的依赖会联网自动下载,会有大部分时间耗在这里,如果速

[转载]OpenWRT使用wifidog实现强制认证的WIFI热点 | 半个橙子

首先安装wifidog到OpenWRT的路由器: opkg update opkg install wifidog wifidog依赖下面这些模块: iptables-mod-extra iptables-mod-ipopt kmod-ipt-nat iptables-mod-nat-extra libpthread 由于trunk的固件更新会比较频繁,会导致直接opkg install wifidog安装不了,如果你凑巧又没有备份与固件对应的Packages的话,就需要到http://down

[Openwrt 项目开发笔记]:Openwrt必要设置(二)

前面的两篇blog中,我将如何搭建Openwrt的开发.编译.调试以及烧写环境的方法一一列出了.从本文开始, 我将介绍如何一步一步进行Openwrt设置,以满足路由器作为智能家居网关的功能. ok,闲话休提,开始上干货. 一.Openwrt初始配置 1. 密码设置 当我们成功地将Openwrt刷入路由器后,路由器会经过大约4~5分钟的时间重启(以Netgear Wndr3700为例).待路由器启动之后,用一根网线与路由器LAN口直连,并将PC的IP设置到192.168.1.*网段. 提示:不同的

dnsmasq多物理网口dhcp配置

家里有一台pc安装了openwrt做成软路由,升级主板后.不知道什么原因openwrt无法运行,只好自己配置了. OS使用的是centos7.3mini版,DHCP使用的是dnsmasq2.77(最新版) 硬件:intel j1900主板 ,Intel e1000 pcie四口网卡 由于7.3自带的2.66在配置多网口dhcp时无法分配ip,不知道是什么问题造成的.2.77版本就没有这个问题. dnsmasq系统启动文件: [Unit] Description=DNS caching serve

OpenWRT使用wifidog实现强制认证的WIFI热点

首先安装wifidog到OpenWRT的路由器: opkg update opkg install wifidog wifidog依赖下面这些模块: iptables-mod-extra iptables-mod-ipopt kmod-ipt-nat iptables-mod-nat-extra libpthread 由于trunk的固件更新会比较频繁,会导致直接opkg install wifidog安装不了,如果你凑巧又没有备份与固件对应的Packages的话,就需要到http://down

wifidog认证实现OpenWRT强制认证的WIFI热点

首先安装wifidog到OpenWRT的路由器: opkg update opkg install wifidog wifidog依赖下面这些模块: iptables-mod-extra iptables-mod-ipopt kmod-ipt-nat iptables-mod-nat-extra libpthread 由于trunk的固件更新会比较频繁,会导致直接opkg install wifidog安装不了,如果你凑巧又没有备份与固件对应的Packages的话,就需要到http://down

openwrt上网配置的一些理解(二)

上一篇里面遇到了只能静态上网的问题,动态不行.所以再接再励,问题总是要解决的,偷懒的下场就是一直停留在菜鸟的水平. 首先分析下问题,要动态上网,首先我要明确不是动态获取不了IP,是获取了,上不了外网.那么问题就不会在lan口的配置上了,肯定是wan口,再来看我们的wan口配置.都一样,ifconfig|more,看了一下,eth1,eth2,eth3居然HWaddr都是00:A0:C9:00:00:00,不知道这样会不会影响上外网,但是肯定不对吧,所以我改了下: config interface