Hello. Trying to figure out some of the DHCP server option functionality. Specifically whether or not the Option functionality can be used in conjunction with dhcp snooping on a switch to assign ip addresses based on port numbers.
Traditionally with an ISC dhcp server this is accomplished by specifying the circuit-id and remote-id to a specific mac address and port information and then creating a scope of one ip that when the incoming packet matches this information it assigns an ip address.
I have read through the manuals and it appears that the mikrotik supports option 82 functionality, but there is no information in the manner that it needs to be implemented. IE: What commands need to be entered into the option section to get this to work.
Unfortunately no. The document does illustrate the usage as it pertains to other options, but it gives no information regarding setting up the option82 functions. This is primarily because with option 82 you include both the circuit ID (usually the mac address of the switch) and the Remote ID (usually the combination of bits that indicates vlan, port and other information) With the text in the DHCP document, it doesn’t indicate if you have to specify “Circuit ID” prior to entering the value, whether you enter it in HEX, whether you combine the two, or other.
Do you need exactly Option 82 functionality? I think, you may use ‘Agent Circuit ID’ and ‘Agent Remote ID’ fields of DHCP Lease. A few moments:
you should use Option82-enabled switches, and setup switch as DHCP Relay for RouterOS;
generally, ‘Agent * ID’ are binary fields in switches (see picture, switches are D-Link DES-3028), and I don’t know whether you can manage them on RouterOS directly. we do not have troubles because we use RADUIS server for DHCP, but you may need a feature request to display/edit HEX, not RAW data in WinBox/CLI
I have the option82 set up correctly to work with an external ISC DHCP server. The switch passes the information to the server which then looks at the agent ID and Circuit ID. It then realizes that this fits the profile to allow a lease from a specific ip address.
I am trying to use option 82 to GRANT leases, without having to relay that information past the mikrotik device.
In doing this, I keep the dhcp snooping and I forward the dhcp requests directly to the mikrotik device. The mikrotik sees the dhcp request but doesn’t assign it any ip addresses. Possibly because I don’t know what the configuration in the dhcp option needs to be. Is there a value statement that comes before the hex?
I have attempted to put in the whole circuitID/RemoteID that comes from the debug of the switch I am working on, but this did not allow the device to get an ip address.
