[pfSense] ISC-DHCP server not matching partial of the MAC address
Hi all,
Let me explain a bit off the situation I have at the moment. The idea witch
was working properly under a CentOS environment. We have different types
of IP phones, YEALINK , AASTRA, SNOM and so on in ore company.
To provision all these different phones we were using substring (hardware)
match on the first 6 digits of the MAC address.
Now days we are working with the PfSense and it is also or DHCP server.
When I do a option 66 text http://xxx.xxx.xxx.xxx/ps/snom/cfg, I only will
get the write provisioning for all or SNOM Phones. So no auto provisioning
for the other types off IP PHONES.
So there for I made Additional Pools in ore DHCP server.
Pool Description YEALINK
range: xxx.xxx.128.1 - xxx.xxx.128.10
MAC Address Control: 00:15:65
TFTP server: http://xxx.xxx.xxx.xxx./ps/yealink/cfg/
Pool Description AASTRA
range: xxx.xxx.128.11 - xxx.xxx.128.19
MAC Address Control: 00:15:65
TFTP server: http://xxx.xxx.xxx.xxx./ps/aastra/cfg/
So did a factory reset on the YEALINK PHONE and this will not get a ip
address for the pool that I created. It will get a ip address outside the
pool. And this will go to option 66 and tring to get a snom firmware.
Did read this articel but with no use.
https://redmine.pfsense.org/issues/2241
here is the out put off the dhcpd.conf
class "001565" {
match if substring (hardware, 1, 3) = 00:15:65;
}
class "00085D" {
match if substring (hardware, 1, 3) = 00:08:5D;
}
subnet xxx.xxx.128.0 netmask 255.255.252.0 {
pool {
option domain-name-servers xxx..131.254;
ddns-update-style interim;
range xxx..128.20 xxx.xxx.129.254;
}
pool {
option domain-name-servers xxx.xxx.131.254;
allow members of "001565";
option tftp-server-name "
http://xxx.xxx.xxx.xxx/ps/yealink/cfg/;;
range xxx.xxx.128.1 xxx.xxx.128.10;
}
pool {
option domain-name-servers xxx.xxx.131.254;
allow members of "00085D";
option tftp-server-name "
http://xxx.xxx.xxx.xxx//ps/aastra/cfg;;
range xxx.xxx.128.11 xxx.xxx.128.19;
The manual says ass following http://linux.die.net/man/5/dhcpd.conf
So tried with quotes, but no luck
class "my-clients" {
match if substring (hardware,1,8) = "00:1D:92" ;
}
pool {
range 192.168.165.10 192.168.165.20;
allow members of "my-clients" ;
}
When I add the mac address to the "DHCP Static Mapping" The mac address
will get the write provisioning.
MAC ADDRESS: 00:15:65:2a:08:36
CLIENT identifier: TEST
TFTP Server: http://xxx.xxx.xxx.xxx/ps/yealink/cfg/
Im reading in the Pfsense manual that maching partial of the MAC address is
possible. So why is the pool not working for me?
here the output off tcpdump -vvv -i em1 port bootpc
15:10:53.867289 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
UDP (17), length 576)
0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP,
Request from 00:15:65:2a:08:36 (oui Unknown), length 548, xid 0xab36593e,
secs 100, Flags [none] (0x)
Client-Ethernet-Address 00:15:65:2a:08:36 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 7: ether 00:15:65:2a:08:36
T125 Option 125, length 37:
0.0.13.233.32.1.6.48.48.49.53.54.53.2.12.48.48.49.53.54.53.50.97.48.56.51.54.3.8.83.73.80.45.84.50.50.80
MSZ Option 57, length 2: 576
Parameter-Request Option 55, length 17:
Subnet-Mask, Time-Zone, Default-Gateway, Time-Server
Domain-Name-Server, LOG, Hostname, Domain-Name
BR, NTP, TFTP, BF
Vendor-Option, Option 132, Option 133, Option 120
Lease-Time
Hostname Option 12, length 8: "SIP-T22P"
Vendor-Class Option 60, length 7: "yealink"
END Option 255, length 0
PAD Option 0, length 0, occurs 214
15:10:54.879881 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto
UDP (17), length 333)
pfSense.ipgroup.bootps > 10.254.129.106.bootpc: [udp sum ok]
BOOTP/DHCP, Reply, length 305, xid 0xab36593e, secs 100, Flags [none]
(0x)
Your-IP xxx.xxx.129.106
Server-IP bla.bla.local
Client-Ethernet-Address 00:15:65:2a:08:36 (oui Unknown)
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: pfSense.test
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.252.0
Default-Gateway Option 3, length 4: pfSense.test
Domain-Name-Server Option 6, length 4: pfSense.test
Domain-Name Option 15, length 13: "ipgroup.test"
Vendor-Option Option 43, length 14:
49.48.46.50.53.52.46.49.51.49.46.49.51.50
END Option 255, length 0
15:10:54.926611 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
UDP (17), length 576)
15:10:54.926611 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
[pfSense] ISC-DHCP server not matching partial of the MAC address
Hi all,
Let me explain a bit off the situation I have at the moment. The idea witch
was working properly under a CentOS environment. We have different types
of IP phones, YEALINK , AASTRA, SNOM and so on in ore company.
To provision all these different phones we were using substring (hardware)
match on the first 6 digits of the MAC address.
Now days we are working with the PfSense and it is also or DHCP server.
When I do a option 66 text http://xxx.xxx.xxx.xxx/ps/snom/cfg, I only will
get the write provisioning for all or SNOM Phones. So no auto provisioning
for the other types off IP PHONES.
So there for I made Additional Pools in ore DHCP server.
Pool Description YEALINK
range: xxx.xxx.128.1 - xxx.xxx.128.10
MAC Address Control: 00:15:65
TFTP server: http://xxx.xxx.xxx.xxx./ps/yealink/cfg/
Pool Description AASTRA
range: xxx.xxx.128.11 - xxx.xxx.128.19
MAC Address Control: 00:15:65
TFTP server: http://xxx.xxx.xxx.xxx./ps/aastra/cfg/
So did a factory reset on the YEALINK PHONE and this will not get a ip
address for the pool that I created. It will get a ip address outside the
pool. And this will go to option 66 and tring to get a snom firmware.
Did read this articel but with no use.
https://redmine.pfsense.org/issues/2241
here is the out put off the dhcpd.conf
class "001565" {
match if substring (hardware, 1, 3) = 00:15:65;
}
class "00085D" {
match if substring (hardware, 1, 3) = 00:08:5D;
}
subnet xxx.xxx.128.0 netmask 255.255.252.0 {
pool {
option domain-name-servers xxx..131.254;
ddns-update-style interim;
range xxx..128.20 xxx.xxx.129.254;
}
pool {
option domain-name-servers xxx.xxx.131.254;
allow members of "001565";
option tftp-server-name "
http://xxx.xxx.xxx.xxx/ps/yealink/cfg/;;
range xxx.xxx.128.1 xxx.xxx.128.10;
}
pool {
option domain-name-servers xxx.xxx.131.254;
allow members of "00085D";
option tftp-server-name "
http://xxx.xxx.xxx.xxx//ps/aastra/cfg;;
range xxx.xxx.128.11 xxx.xxx.128.19;
The manual says ass following http://linux.die.net/man/5/dhcpd.conf
So tried with quotes, but no luck
class "my-clients" {
match if substring (hardware,1,8) = "00:1D:92" ;
}
pool {
range 192.168.165.10 192.168.165.20;
allow members of "my-clients" ;
}
When I add the mac address to the "DHCP Static Mapping" The mac address
will get the write provisioning.
MAC ADDRESS: 00:15:65:2a:08:36
CLIENT identifier: TEST
TFTP Server: http://xxx.xxx.xxx.xxx/ps/yealink/cfg/
Im reading in the Pfsense manual that maching partial of the MAC address is
possible. So why is the pool not working for me?
here the output off tcpdump -vvv -i em1 port bootpc
15:10:53.867289 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
UDP (17), length 576)
0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP,
Request from 00:15:65:2a:08:36 (oui Unknown), length 548, xid 0xab36593e,
secs 100, Flags [none] (0x)
Client-Ethernet-Address 00:15:65:2a:08:36 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 7: ether 00:15:65:2a:08:36
T125 Option 125, length 37:
0.0.13.233.32.1.6.48.48.49.53.54.53.2.12.48.48.49.53.54.53.50.97.48.56.51.54.3.8.83.73.80.45.84.50.50.80
MSZ Option 57, length 2: 576
Parameter-Request Option 55, length 17:
Subnet-Mask, Time-Zone, Default-Gateway, Time-Server
Domain-Name-Server, LOG, Hostname, Domain-Name
BR, NTP, TFTP, BF
Vendor-Option, Option 132, Option 133, Option 120
Lease-Time
Hostname Option 12, length 8: "SIP-T22P"
Vendor-Class Option 60, length 7: "yealink"
END Option 255, length 0
PAD Option 0, length 0, occurs 214
15:10:54.879881 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto
UDP (17), length 333)
pfSense.ipgroup.bootps > 10.254.129.106.bootpc: [udp sum ok]
BOOTP/DHCP, Reply, length 305, xid 0xab36593e, secs 100, Flags [none]
(0x)
Your-IP xxx.xxx.129.106
Server-IP bla.bla.local
Client-Ethernet-Address 00:15:65:2a:08:36 (oui Unknown)
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: pfSense.test
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.252.0
Default-Gateway Option 3, length 4: pfSense.test
Domain-Name-Server Option 6, length 4: pfSense.test
Domain-Name Option 15, length 13: "ipgroup.test"
Vendor-Option Option 43, length 14:
49.48.46.50.53.52.46.49.51.49.46.49.51.50
END Option 255, length 0
15:10:54.926611 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
UDP (17), length 576)
15:10:54.926611 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto
