DHCP Option:vendorclass (No. 60) Required to be Hex Format in IPOE (DHCP+)

Phlyer · August 30, 2017, 10:27am

Hello,

First, thank all developers for so great work. LEDE is definitely the best firmware I've ever installed on my Netgear WNDR3800 router with flexibility and reliability balanced, though the documentation of guides still need a catch up to OpenWRT.

By FTTH, I have both Internet and IPTV connections via an ONU (Optical Network Unit). With the hardware switch RTL8366S in the router and VLAN binding, I successfully made the change - moving the STB (Set-Top-Box) from LAN port of ONU to the router. It works fine.

The next step, when I try to watch TV from my Windows desktop and Android smart phones with igmpproxy and udpxy packages installed, following the How-to "IPTV / UDP multicast", the problem happens that the "IPTV" interface in DHCP client Protocol could not pass the authentication to get a valid intranet address. Even I manually set the static address Protocol with IP, gateway, DNS, etc. acquired by the STB, the connection will be offline always.

Through packet capturing during STB booting up, I can see DHCP discover/offer/request/ack showing
plain text
Option 61 = STB MAC address
Option 12 = STB SN
encrypted
Option 60, maybe IPTV user name and password.

Following some hints got from searching on Internet, I edited following 2 config files (not accurate info), but nothing changed - only “udhcp 1.25.1” could be found in DHCP discover.

/etc/config/dhcp

config dhcp 'iptv'
...
option networkid 'iptv'
list dhcp_option '60,00:00:01:06:35:75:61:71:69:6E:02:0A:48:47:55:34:32:31:4E:20:76:33:03:0A:48:47:55:34:32:31:4E:20:76:33:04:10:32:30:30:2E:55:59:59:2E:30:2E:41:2E:30:2E:53:48:05:04:00:01:00:50'
option fore '1'

or
/etc/dnsmasq.conf

dhcp-option-force=60,00:00:01:06:35:75:61:71:69:6E:02:0A:48:47:55:34:32:31:4E:20:76:33:03:0A:48:47:55:34:32:31:4E:20:76:33:04:10:32:30:30:2E:55:59:59:2E:30:2E:41:2E:30:2E:53:48:05:04:00:01:00:50

If I paste anyway the Hex codes into the LuCI input box throught a web browser, it will turn to plain text not the binary format anymore.

In LEDE documentation, I found the definition and statement as below:

"vendorclass
String sent by the client representing the vendor of the client. dnsmasq performs a substring match on the vendor class string using this value."

"These parameters are handled partially by netifd (in interface.c) and partially by a shell script in lib/netifd/proto/dhcp.sh."

Does that mean this moment, LEDE can only handle DHCP Option:vendorclass in ASCII characters?

Hope someone could give me a firm answer and suggest some other way around.

Thanks in advance.

hnyman · August 30, 2017, 1:36pm

dnsmasq provides the DHCP services for LAN, but not for the router itself.

udhcpc is part of busybox, so dnsmasq config items have no impact.

EDIT: based on http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq.conf.example your dhcp-option-force looks right, but like said, I think that it targets the DHCP services for LAN clients.

Based on busybox sources, also udhcpc supports vendor class, but you need to figure out how to get that added into udhcpc parameters.

https://git.busybox.net/busybox/tree/networking/udhcp/dhcpc.c

Phlyer · August 30, 2017, 3:56pm

Thanks for comments.

Thing is going to a difficult part. Coding and reprogramming is now beyond what I can do as a new guy to Unix-like system.

I will try though it may not be easy.

Wish someone else solved the same problem, then I would be lucky.

Anyway, your help is appreciated.

hnyman · August 30, 2017, 5:20pm

I think that your best bet is to modify https://github.com/lede-project/source/blob/master/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh that is /lib/netifd/proto/dhcp.sh is a live router.

It calls udhcpc at https://github.com/lede-project/source/blob/master/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh#L57

As the result of that script you can see the dhcp client process with the active parameters:

root@LEDE:~# ps | grep udhcpc
 1109 root      1048 S    udhcpc -p /var/run/udhcpc-eth0.2.pid -s /lib/netifd/dhcp.script -f -t 0 -i eth0.2 -C -O 212 -O 121

You might try editing the script to include the verdorclass directly and forget passing vendorclass parameter from a config file.

Alternatively, try adding the vendorclass parameter to the wan section in dhcp config. vendorid parameter is supposed to be supported in the network config for interfaces with dhcp type: https://wiki.openwrt.org/doc/uci/network#protocol_dhcp

By running the udhcpc manually, you can see the default vendorclass. My example below is from master, but I guess that you used 17.01, right?

That command actually shows you a direct example how to solve it...
See the parameter "-x" the example using all hexadecimal notation, also for the option number:

-x 0x3d:0100BEEFC0FFEE - option 61 (client id)

So you would be looking at something like:

-x 0x3c:00000106357561...

Full output of "udhcpc -?"

root@LEDE:# udhcpc -?
udhcpc: unrecognized option: ?
BusyBox v1.26.2 () multi-call binary.

Usage: udhcpc [-fbqRB] [-t N] [-T SEC] [-A SEC/-n]
        [-i IFACE] [-s PROG] [-p PIDFILE]
        [-oC] [-r IP] [-V VENDOR] [-F NAME] [-x OPT:VAL]... [-O OPT]...

        -i,--interface IFACE    Interface to use (default eth0)
        -s,--script PROG        Run PROG at DHCP events (default /usr/share/udhcpc/default.script)
        -p,--pidfile FILE       Create pidfile
        -B,--broadcast          Request broadcast replies
        -t,--retries N          Send up to N discover packets (default 3)
        -T,--timeout SEC        Pause between packets (default 3)
        -A,--tryagain SEC       Wait if lease is not obtained (default 20)
        -n,--now                Exit if lease is not obtained
        -q,--quit               Exit after obtaining lease
        -R,--release            Release IP on exit
        -f,--foreground         Run in foreground
        -b,--background         Background if lease is not obtained
        -S,--syslog             Log to syslog too
        -r,--request IP         Request this IP address
        -o,--no-default-options Don't request any options (unless -O is given)
        -O,--request-option OPT Request option OPT from server (cumulative)
        -x OPT:VAL              Include option OPT in sent packets (cumulative)
                                Examples of string, numeric, and hex byte opts:
                                -x hostname:bbox - option 12
                                -x lease:3600 - option 51 (lease time)
                                -x 0x3d:0100BEEFC0FFEE - option 61 (client id)
        -F,--fqdn NAME          Ask server to update DNS mapping for NAME
        -V,--vendorclass VENDOR Vendor identifier (default 'udhcp VERSION')
        -C,--clientid-none      Don't send MAC as client identifier
Signals:
        USR1    Renew lease
        USR2    Release lease

Phlyer · August 31, 2017, 12:13pm

Thank you for help on listing such comprehensive references.

I'm using 17.01.2 now.

You mentioned alternative method is close to what I have done via LuCi.
In /etc/config/network,
Protocol "dhcp"
option vendorid

turns everything to ASCII character, header "0x3c:" does no help. If no entry, the default “udhcp 1.25.1” will always be sent at the 1st place.
option sendopts
accepts header "0x3c:", can send out the correct Hex values, but Option 60 was doubled in DHCP discover. The 2nd may not be effective. I believe this equals to command "udhcpc" with parameter "-x".

When I changed the script file
/lib/netifd/proto/dhcp.sh
like following
...
[ -n "$clientid" ] && clientid="-x 0x3d:${clientid//:/}" || clientid="-C"
[ -n "$vendorid" ] && vendorid="-x 0x3c:$vendorid" #insert a new line
[ -n "$iface6rd" ] && proto_export "IFACE6RD=$iface6rd"
...
${vendorid:+-V "$vendorid"} \ #delete
$vendorid \ #add
...

I could input Hex values to vendorid in LuCi or /etc/config/network, but the Option 60 would be same doubled like above mentioned.

I need to dig more to find how to disable the default vendorid.

Thanks anyway.

hnyman · August 31, 2017, 12:55pm

I would simply delete the two(?) vendorid-related lines from the script
(and add a line with -x option to it, or use the sendopts(?) like you tried).

you might also add the -x option directly to the script.

that would be the most straightforward solution, I think.

Phlyer · August 31, 2017, 3:33pm

I removed every "vendorid" definition I could find in /lib/netifd/proto/dhcp.sh, the output DHCP discover is always with

Option: (60) Vendor class identifier
Length: 12
Vendor class identifier: udhcp 1.25.1

no matter I create option sendopts or not.

Best Regards,