VSA attributes for DHCP options
Starting from the VAS Experts DPI version 7.4, there are defined the following VSA-attributes (vendor-id = 43823) designed to specify almost any DHCP option within the Access-Accept:
ATTRIBUTE VasExperts-DHCP-Option-IP 45 string # IPv4 option: "opt:192.168.6.90", for example: "42:192.168.6.90" ATTRIBUTE VasExperts-DHCP-Option-Num 46 string # Numeric option: "opt:1500", for example: "58:3600" ATTRIBUTE VasExperts-DHCP-Option-String 47 string # String option: "opt:text", for example: "56:Hello from DHCP!" ATTRIBUTE VasExperts-DHCP-Option-Bin 48 string # Binary option in hex form: "opt:xxxxxxxx", for example: "58:100E"
All these attributes have a string type and the following uniform format is used: "DHCP_option_number: string-value"
The full list of all possible DHCP options can be viewed at the: iana.org site
There are also supported File and SName BOOTP fields which can be specified using the VSA-attributes:
ATTRIBUTE VasExperts-BOOTP-SName 43 string # BOOTP SName ATTRIBUTE VasExperts-BOOTP-File 44 string # BOOTP File
VasExperts-DHCP-Option-IP
The attribute is intended to specify the IP address. For example, DHCP opt42 (NTP Server Addresses) is specified as follows:
&VasExperts-DHCP-Option-IP += "42:213.108.248.178"
Many DHCP options can contain not just one IP address, but a list of IP addresses, usually in order of preference. The list of IP addresses for one option is specified by a number of Radius attributes so than each attribute has one IP-address, for example:
&VasExperts-DHCP-Option-IP += "42:213.108.248.178" &VasExperts-DHCP-Option-IP += "42:148.251.68.100"
specifies the list of NTP servers (opt42) with value "213.108.248.178, 148.251.68.100". The attributes order for the same option specifies the order in the list.
VasExperts-DHCP-Option-Num
The attribute is intended to specify the numeric DHCP options; int32, int16 and int8 options are supported. The VAS Experts DPI controls the option type and if the overflow occurs it will prevent specifying such an option and will write the error message to the fastpcrf-log. The examples:
# opt35 (int32) - ARP Cache Timeout = 600 seconds &VasExperts-DHCP-Option-Num += "35:600" # opt22 (int16) - Max Datagram Reassembly Size &VasExperts-DHCP-Option-Num += "22:16000" # opt23 (int8) - Default IP Time to Live &VasExperts-DHCP-Option-Num += "23:64" # such an opt23 value will cause the "int8 overflow" error message to be written to the fastpcrf-log by the VAS Experts DPI &VasExperts-DHCP-Option-Num += "23:1024" # opt19 (bool - 0 or 1) - Enable/Disable IP Forwarding &VasExperts-DHCP-Option-Num += "19:1"
VasExperts-DHCP-Option-String
The attribute is intended to specify the string DHCP options. The example:
# opt15 - DNS domain name of the client &VasExperts-DHCP-Option-String += "15:example.com"
VasExperts-DHCP-Option-Bin
The attribute is intended to set the value of the option as a hex string. It is used for DHCP options that do not fall into any of the above mentioned categories. The vendor-specific DHCP options are usually specified in this way. Each option value byte is specified by two hex-digits, so the hex string length have to be even. When specifying, note that all numeric values have to be specified in the network byte order. The example:
# To specify the IP address 10.11.12.13 as a hex string &VasExperts-DHCP-Option-Bin += "7:0a0b0c0d" # To specify bool option as a hex string &VasExperts-DHCP-Option-Bin += "19:01" # To specify int16 option as a hex string (number 16000) &VasExperts-DHCP-Option-Bin += "22:3e80" # To specify int32 option as a hex string (number 600) &VasExperts-DHCP-Option-Bin += "35:00000258"