Wireshark-users: Re: [Wireshark-users] DHCP option 66

From: "Noam Birnbaum" <noam@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 20 May 2012 14:48:55 -0700
Ahhhhhhhhhh!

Suggestions in how to manually form a DHCP discover that requests option 66? 

Sent from my iPhone

On May 19, 2012, at 3:57 PM, "Bob Carlson" <bob@xxxxxxxxxxxxx> wrote:

> In the DHCP Request or Discover messages, there is a list of requested options.
> Option 66 must be in that list or it will not be returned.
> 
> Cheers, Bob
> Eugene, OR - Tucson, AZ
> 
> -----Original Message-----
> From: wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Noam Birnbaum
> Sent: Friday, May 18, 2012 16:23
> To: wireshark-users@xxxxxxxxxxxxx
> Subject: [Wireshark-users] DHCP option 66
> 
> We are trying to configure a client's DHCP server to provide Option 66 (TFTP
> server address) as part of its lease acknowledgements.  We've configured and
> troubleshooted the DHCP server to do so, but Option 66 simply does not show up
> in packet captures of the DHCP transaction.  
> 
> We've tried swapping out the client router with a completely different
> make/model, thinking perhaps the original router's DHCP server had a bug, but
> the new router's DHCP acknowledgements also don't have any trace of Option 66.
> 
> Below is a text export of the acknowledgement frame from the new DHCP server to
> the client.  Am I looking in the wrong spot for Option 66?
> 
> 
> ****
> 
> No.     Time        Source                Destination           Protocol Length
> Info                                                            src port dst
> port
>    122 6.783709    192.168.29.1          255.255.255.255       DHCP     320
> DHCP ACK      - Transaction ID 0x31838ff0                       67       68
> 
> Frame 122: 320 bytes on wire (2560 bits), 320 bytes captured (2560 bits)
>    Arrival Time: May 18, 2012 15:52:26.966006000 PDT
>    Epoch Time: 1337381546.966006000 seconds
>    [Time delta from previous captured frame: 0.000295000 seconds]
>    [Time delta from previous displayed frame: 0.000295000 seconds]
>    [Time since reference or first frame: 6.783709000 seconds]
>    Frame Number: 122
>    Frame Length: 320 bytes (2560 bits)
>    Capture Length: 320 bytes (2560 bits)
>    [Frame is marked: False]
>    [Frame is ignored: False]
>    [Protocols in frame: eth:ip:udp:bootp]
>    [Coloring Rule Name: UDP]
>    [Coloring Rule String: udp]
> Ethernet II, Src: Sonicwal_ae:fb:9c (00:17:c5:ae:fb:9c), Dst: Broadcast
> (ff:ff:ff:ff:ff:ff)
>    Destination: Broadcast (ff:ff:ff:ff:ff:ff)
>        Address: Broadcast (ff:ff:ff:ff:ff:ff)
>        .... ...1 .... .... .... .... = IG bit: Group address
> (multicast/broadcast)
>        .... ..1. .... .... .... .... = LG bit: Locally administered address
> (this is NOT the factory default)
>    Source: Sonicwal_ae:fb:9c (00:17:c5:ae:fb:9c)
>        Address: Sonicwal_ae:fb:9c (00:17:c5:ae:fb:9c)
>        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
>        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory
> default)
>    Type: IP (0x0800)
> Internet Protocol Version 4, Src: 192.168.29.1 (192.168.29.1), Dst:
> 255.255.255.255 (255.255.255.255)
>    Version: 4
>    Header length: 20 bytes
>    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT
> (Not ECN-Capable Transport))
>        0000 00.. = Differentiated Services Codepoint: Default (0x00)
>        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable
> Transport) (0x00)
>    Total Length: 306
>    Identification: 0x0000 (0)
>    Flags: 0x02 (Don't Fragment)
>        0... .... = Reserved bit: Not set
>        .1.. .... = Don't fragment: Set
>        ..0. .... = More fragments: Not set
>    Fragment offset: 0
>    Time to live: 32
>    Protocol: UDP (17)
>    Header checksum: 0x7c12 [validation disabled]
>        [Good: False]
>        [Bad: False]
>    Source: 192.168.29.1 (192.168.29.1)
>    Destination: 255.255.255.255 (255.255.255.255) User Datagram Protocol, Src
> Port: 67 (67), Dst Port: 68 (68)
>    Source port: 67 (67)
>    Destination port: 68 (68)
>    Length: 286
>    Checksum: 0x3f24 [validation disabled]
>        [Good Checksum: False]
>        [Bad Checksum: False]
> Bootstrap Protocol
>    Message type: Boot Reply (2)
>    Hardware type: Ethernet
>    Hardware address length: 6
>    Hops: 0
>    Transaction ID: 0x31838ff0
>    Seconds elapsed: 0
>    Bootp flags: 0x0000 (Unicast)
>        0... .... .... .... = Broadcast flag: Unicast
>        .000 0000 0000 0000 = Reserved flags: 0x0000
>    Client IP address: 0.0.0.0 (0.0.0.0)
>    Your (client) IP address: 192.168.29.152 (192.168.29.152)
>    Next server IP address: 0.0.0.0 (0.0.0.0)
>    Relay agent IP address: 0.0.0.0 (0.0.0.0)
>    Client MAC address: Apple_8a:b2:e5 (c8:bc:c8:8a:b2:e5)
>    Client hardware address padding: 00000000000000000000
>    Server host name not given
>    Boot file name not given
>    Magic cookie: DHCP
>    Option: (t=53,l=1) DHCP Message Type = DHCP ACK
>        Option: (53) DHCP Message Type
>        Length: 1
>        Value: 05
>    Option: (t=54,l=4) DHCP Server Identifier = 192.168.29.1
>        Option: (54) DHCP Server Identifier
>        Length: 4
>        Value: c0a81d01
>    Option: (t=1,l=4) Subnet Mask = 255.255.255.0
>        Option: (1) Subnet Mask
>        Length: 4
>        Value: ffffff00
>    Option: (t=51,l=4) IP Address Lease Time = 1 day
>        Option: (51) IP Address Lease Time
>        Length: 4
>        Value: 00015180
>    Option: (t=3,l=4) Router = 192.168.29.1
>        Option: (3) Router
>        Length: 4
>        Value: c0a81d01
>    Option: (t=6,l=8) Domain Name Server
>        Option: (6) Domain Name Server
>        Length: 8
>        Value: 0808080804020202
>        IP Address: 8.8.8.8
>        IP Address: 4.2.2.2
>    End Option
> 
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe