DHCP Option82

DHCP Option 82

DHCP Option 82 is a relay agent information option that

carries information known by the relay agent
increases DHCP security by enabling identification of request sources, and
allows address allocation based on network topology or client device characteristics.

The controller can be configured to add Option 82 information to DHCP requests from clients before forwarding the requests to a DHCP server. The DHCP server can then be configured to allocate IP addresses to the wireless client based on the information present in DHCP Option 82.

DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. Configuration parameters and other control information are carried in tagged data items stored in the Options field of the DHCP message. These data items are also called options. Option 82 includes information known by the relay agent.

The Relay Agent Information option is a single DHCP option containing one or more suboptions that convey information known by the Relay Agent. Option 82 enables a DHCP Relay Agent to insert circuit-specific information into a forwarded request to a DHCP server. This option uses two suboptions:

Circuit ID: The Circuit ID suboption includes information that is specific to the circuit the request came in on. This suboption is an identifier that is specific to the relay agent. Thus, the circuit that is described will vary depending on the relay agent.
Remote ID: The Remote ID suboption includes information on the remote host–end of the circuit. This suboption usually contains information that identifies the relay agent. In a wireless network, this is likely a unique identifier for the wireless AP.

Note

All valid Remote ID combinations are separated by a colon (:) as the delimiter.
IP MAC binding is required for DHCP Option 82 to work in some situations.

DHCP Option 82 configuration options

You can configure these DHCP Option 82 options in a controller:

DHCP Enable
DHCP Opt82 Enable
DHCP Opt82 Ascii
DHCP Opt82 RID
DHCP Opt Format
DHCP AP MAC
DHCP SSID
DHCP AP ETH MAC
DHCP AP NAME
DHCP Site Tag
DHCP AP Location
DHCP VLAN ID

The controller includes the SSID in ASCII format and the VLAN ID in hexadecimal format within the remote ID suboption of Option 82 in the outgoing DHCP packets to the server for this configuration.

ipv4 dhcp opt82 format ssid
ipv4 dhcp opt82 format vlan-id

However, if ipv4 dhcp opt82 ascii configuration is also present, the controller adds VLAN-ID and SSID in ASCII format.

For Cisco Catalyst 9800 Series Configuration Best Practices, see the following link: https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html

Configure DHCP Option 82 global interface

Configure DHCP Option 82 globally through server override (CLI)

Set up DHCP Option 82 settings to override relay agent information in DHCP packets at the server.

Procedure

Step 1

Enter global configuration mode.

Example:

Device# configure terminal

Step 2

Insert the global server override and link selection suboptions.

Example:

Device(config)# ip dhcp-relay information option server-override

The system processes DHCP Option 82 information globally based on server settings.

Device# configure terminal
Device(config)# ip dhcp-relay information option server-override

Configure DHCP Option 82 through server override (CLI)

To enable precise DHCP Option 82 behavior, configure the server override and link-selection suboptions.

Procedure

Step 1

Enter global configuration mode.

Example:

Device# configure terminal

Step 2

Set the server override suboption to either an RFC-specific value or a proprietary value.

Example:

Device(config)# ip dhcp compatibility suboption server-override [cisco | standard]

Step 3

Set the link selection suboption to either an RFC-specific value or a proprietary value.

Example:

Device(config)# ip dhcp compatibility suboption link-selection [cisco | standard]

DHCP Option 82 operates according to the configured settings.

Device# configure terminal
Device(config)# ip dhcp compatibility suboption server-override cisco
Device(config)# ip dhcp compatibility suboption link-selection cisco

Configure DHCP Option 82 globally through different SVIs (GUI)

Enable DHCP Option 82 to insert relay information for clients across selected SVIs.

Procedure

Step 1	Choose Configuration > VLAN.
Step 2	Select a VLAN from the drop-down list. The Edit SVI window appears.
Step 3	Click the Advanced tab.
Step 4	Select an option from the IPv4 Inbound ACL drop-down list.
Step 5	Select an option from the IPv4 Outbound ACL drop-down list.
Step 6	Select an option from the IPv6 Inbound ACL drop-down list.
Step 7	Select an option from the IPv6 Outbound ACL drop-down list.
Step 8	Enter an IP address in the IPv4 Helper Address field.
Step 9	Set the status to Enabled if you want to enable the Relay Information Option setting.
Step 10	Enter the Subscriber ID.
Step 11	Set the status to Enabled if you want to enable the Server ID Override setting.
Step 12	Set the status to Enabled if you want to enable the Option Insert setting.
Step 13	Select an option from the Source-Interface Vlan drop-down list.
Step 14	Click Update & Apply to Device.

DHCP Option 82 is enabled for the selected SVIs. This allows relay agent information to be included in DHCP requests.

Configure DHCP Option 82 globally through different SVIs (CLI)

Enable DHCP Option 82 globally so that DHCP relayed messages include option 82 information through the specified SVIs.

Procedure

Step 1

Enter global configuration mode.

Example:

Device# configure terminal

Step 2

Set global source interface for relayed messages.

Example:

Device(config)# ip dhcp-relay source-interface vlan vlan-id

The device globally applies DHCP relay with Option 82 information using the specified SVI interface.

Device# configure terminal
Device(config)# ip dhcp-relay source-interface vlan 72

Configure DHCP Option 82 format

Configure the wireless controller to insert DHCP Option 82 information into DHCP requests from wireless clients.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Enable configuration for the specified profile policy. Example: `Device(config)# wireless profile policy policy-name`
Step 3	Shut down the profile policy. Example: `Device(config-wireless-policy)# shutdown`
Step 4	Assign the profile policy to a VLAN. Example: `Device(config-wireless-policy)# vlan vlan-name`
Step 5	(Optional) Set the session timeout value in seconds. The range is between 20 to 86,400 seconds. Example: `Device(config-wireless-policy)# session-timeout value-btwn-20-86400`
Step 6	(Optional) Set the idle timeout value in seconds. The range is between 15 to 100,000 seconds. Example: `Device(config-wireless-policy)# idle-timeout 15`
Step 7	Enable central switching. Example: `Device(config-wireless-policy)# central switching`
Step 8	Enable DHCP Option 82 for the wireless clients. Example: `Device(config-wireless-policy)# ipv4 dhcp opt82`
Step 9	(Optional) Enable ASCII on the DHCP Option 82 feature. Example: `Device(config-wireless-policy)# ipv4 dhcp opt82 ascii`
Step 10	(Optional) Add Cisco 2-byte Remote ID (RID) to the DHCP Option 82 feature. Example: `Device(config-wireless-policy)# ipv4 dhcp opt82 rid`
Step 11	Enable DHCP Option 82 on the corresponding AP. Example: `Device(config-wireless-policy)# ipv4 dhcp opt82 format {ap_ethmac \| ap_location \| apmac \| apname \| policy_tag \| ssid \| vlan_id}` For information on the various options available with the command, see Cisco Catalyst 9800 Series Wireless Controller Command Reference .
Step 12	Enable the profile policy. Example: `Device(config-wireless-policy)# no shutdown`

The wireless profile policy inserts DHCP Option 82 information in the specified format for wireless clients.

Device# configure terminal
Device(config)# wireless profile policy pp3
Device(config-wireless-policy)# shutdown
Device(config-wireless-policy)# vlan 72
Device(config-wireless-policy)# session-timeout 300
Device(config-wireless-policy)# idle-timeout 15
Device(config-wireless-policy)# central switching
Device(config-wireless-policy)# ipv4 dhcp opt82
Device(config-wireless-policy)# ipv4 dhcp opt82 ascii
Device(config-wireless-policy)# ipv4 dhcp opt82 rid
Device(config-wireless-policy)# ipv4 dhcp opt82 format apmac
Device(config-wireless-policy)# no shutdown

Configure DHCP Option82 through a VLAN interface

Configure DHCP Option 82 through option-insert command (CLI)

Enable DHCP Option 82 insertion on a VLAN interface to provide relay agent information in DHCP packets.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Configure a VLAN ID. Example: `Device(config)# interface vlan vlan-id`
Step 3	Insert relay information in BOOTREQUEST. Example: `Device(config-if)# ip dhcp relay information option-insert`
Step 4	Configure the IP address for the interface. Example: `Device(config-if)# ip address ip-address`
Step 5	Configure the destination address for UDP broadcasts. Example: `Device(config-if)# ip helper-address ip-address`
Step 6	Disable the MOP for an interface. Example: `Device(config-if)# no mop enabled`
Step 7	Disable the task of sending MOP periodic system ID messages. Example: `Device(config-apgroup)# no mop sysid`

DHCP requests sent from this VLAN interface will contain Option 82 relay information to aid in DHCP server assignment and troubleshooting.

Device# configure terminal
Device(config)# interface vlan 72
Device(config-if)# ip dhcp relay information option-insert
Device(config-if)# ip address 9.3.72.38 255.255.255.0
Device(config-if)# ip helper-address 9.3.72.1
Device(config-if)# no mop enabled
Device(config-apgroup)# no mop sysid

Configure DHCP Option 82 through server-ID-override command (CLI)

Enable DHCP Option 82 with server-ID override to control how DHCP relay information is inserted on a Cisco device.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Configure the server-id override suboption to use an RFC-specific or Cisco-specific value. Example: `Device(config)# ip dhcp compatibility suboption server-override cisco`
Step 3	Configure the link-selection suboption to use an RFC-specific or Cisco-specific value. Example: `Device(config)# ip dhcp compatibility suboption link-selection cisco`
Step 4	Configure a VLAN ID. Example: `Device(config)# interface vlan vlan-id`
Step 5	Insert the server-id override suboption and link-selection suboption. Example: `Device(config-if)# ip dhcp relay information option server-id-override`
Step 6	Configure the IP address for the interface. Example: `Device(config-if)# ip address ip-address`
Step 7	Configure the destination address for UDP broadcasts that your interfce will use. Example: `Device(config-if)# ip helper-address ip-address`
Step 8	Disable MOP for an interface. Example: `Device(config-if)# no mop enabled`
Step 9	Disable the task of sending MOP periodic system ID messages. Example: `Device(config-if)# [no] mop sysid`

The device uses the specified server-id override and link-selection options in DHCP Option 82 relay messages, which the device forwards through the configured VLAN interface.

Device# configure terminal
Device(config)# ip dhcp compatibility suboption server-override cisco
Device(config)# ip dhcp compatibility suboption link-selection cisco 
Device(config)# interface vlan 72
Device(config-if)# ip dhcp relay information option server-id-override
Device(config-if)# ip address 9.3.72.38 255.255.255.0
Device(config-if)# ip helper-address 9.3.72.1
Device(config-if)# no mop enabled
Device(config-if)# no mop sysid

Configure DHCP Option 82 through a subscriber-ID (CLI)

Configure DHCP Option 82 through a subscriber-ID.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Configure a VLAN ID. Example: `Device(config)# interface vlan vlan-id`
Step 3	Insert the subscriber identifier suboption to include the subscriber ID in DHCP messages. Example: `Device(config-if)# ip dhcp relay information option subscriber-id subscriber-id`
Step 4	Configure the IP address for the interface. Example: `Device(config-if)# ip address ip-address`
Step 5	Configure the destination address for UDP broadcasts. Example: `Device(config-if)# ip helper-address ip-address`
Step 6	Disable MOP for an interface. Example: `Device(config-if)# no mop enabled`
Step 7	Disable the task of sending MOP periodic system ID messages. Example: `Device(config-apgroup)# no mop sysid`

The system now inserts the subscriber-ID suboption (DHCP Option 82) into relayed DHCP packets on the specified VLAN interface.

Device# configure terminal
Device(config)# interface vlan 72
Device(config-if)# ip dhcp relay information option subscriber-id test10
Device(config-if)# ip address 9.3.72.38 255.255.255.0
Device(config-if)# ip helper-address 92.0.2.1
Device(config-if)# no mop enabled
Device(config-apgroup)# no mop sysid

Configure DHCP Option 82 through server-ID-override and subscriber-ID commands (CLI)

Enable customized handling of DHCP Option 82 information for relayed DHCP requests by setting server and subscriber ID options.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Configure a VLAN ID. Example: `Device(config)# interface vlan vlan-id`
Step 3	Insert server ID override and link selection suboptions. Example: `Device(config-if)# ip dhcp relay information option server-id-override`
Step 4	Insert the subscriber identifier suboption. Example: `Device(config-if)# ip dhcp relay information option subscriber-id subscriber-id`
Step 5	Configure the IP address for the interface. Example: `Device(config-if)# ip address ip-address`
Step 6	Configure the destination address for UDP broadcasts. Example: `Device(config-if)# ip helper-address ip-address`
Step 7	Disable the MOP for an interface. Example: `Device(config-if)# no mop enabled`
Step 8	Disable the task of sending MOP periodic system ID messages. Example: `Device(config-apgroup)# no mop sysid`

The interface relays DHCP requests with Option 82 data, including server ID override and subscriber ID.

Device# configure terminal
Device(config)# interface vlan 72
Device(config-if)# ip dhcp relay information option server-id-override
Device(config-if)# ip dhcp relay information option subscriber-id test10
Device(config-if)# ip address 9.3.72.38 255.255.255.0
Device(config-if)# ip helper-address 9.3.72.1
Device(config-if)# no mop enabled
Device(config-apgroup)# no mop sysid

Configure DHCP Option 82 through different SVIs (CLI)

Enable DHCP Option 82 using different switch virtual interfaces (SVIs) for relayed requests.

Procedure

Step 1	Enter global configuration mode. Example: `Device# configure terminal`
Step 2	Configure a VLAN ID. Example: `Device(config)# interface vlan vlan-id`
Step 3	Configure a source interface on the VLAN to relay messages. Example: `Device(config-if)# ip dhcp relay source-interface vlan vlan-id`
Step 4	Configure the IP address for the interface. Example: `Device(config-if)# ip address ip-address`
Step 5	Configure the destination address for UDP broadcasts. Example: `Device(config-if)# ip helper-address ip-address`
Step 6	Disable the Maintenance Operations Protocol (MOP) on the interface. Example: `Device(config-if)# no mop enabled`
Step 7	Disable periodic system ID message transmission for MOP. Example: `Device(config-apgroup)# no mop sysid`

The device relays DHCP messages with Option 82 through the configured VLAN SVIs.

Device# configure terminal
Device(config)# interface vlan 72
Device(config-if)# ip dhcp relay source-interface vlan 74
Device(config-if)# ip address 9.3.72.38 255.255.255.0
Device(config-if)# ip helper-address 9.3.72.1
Device(config-if)# no mop enabled
Device(config-apgroup)# no mop sysid

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.8.x

Bias-Free Language

Results

Chapter: DHCP Option82

DHCP Option82

DHCP Option 82

DHCP Option 82 configuration options

Configure DHCP Option 82 global interface

Configure DHCP Option 82 globally through server override (CLI)

Procedure

Example:

Example:

Configure DHCP Option 82 through server override (CLI)

Procedure

Example:

Example:

Example:

Configure DHCP Option 82 globally through different SVIs (GUI)

Procedure

Configure DHCP Option 82 globally through different SVIs (CLI)

Procedure

Example:

Example:

Configure DHCP Option 82 format

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configure DHCP Option82 through a VLAN interface

Configure DHCP Option 82 through option-insert command (CLI)

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configure DHCP Option 82 through server-ID-override command (CLI)

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configure DHCP Option 82 through a subscriber-ID (CLI)

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configure DHCP Option 82 through server-ID-override and subscriber-ID commands (CLI)

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configure DHCP Option 82 through different SVIs (CLI)

Procedure

Example: