none
DHCP Option 82

    Question

  • Hi

     

    Our network guys want to implement DHCP option 82 or 'DHCP snooping' which provides additional security on the network and prevents unauthorised DHCP servers from responding to DHCP messages sent from clients.

     

    Has anyone any experience of configuring this in Windows 2003 DHCP? There appears to be little info on this on the net

     

    As its not a standard option it needs defining, its the options required I'm a little unsure of....

     

    Name: Relay Agent Information

    DataType: Byte     Array /

    Code: 82

    Description: Custom option 82

     

    Any ideas would be most welcome, thanks, Rob

    Wednesday, June 13, 2007 9:36 AM

Answers

  •  

    There are no known issues around option 82. If your dhcp client honours this option, definining it at Microsoft DHCP Server side should work for you.

     

    Let us know if you face any issues.

     

    Thursday, August 02, 2007 7:40 AM

All replies

  •  

    There are no known issues around option 82. If your dhcp client honours this option, definining it at Microsoft DHCP Server side should work for you.

     

    Let us know if you face any issues.

     

    Thursday, August 02, 2007 7:40 AM
  • Is there any documentation available for the configuration of this?

    Tuesday, August 07, 2007 8:12 AM
  • Sounds like there is some confusion about option 82.  This is not an option defined on the DHCP server, it is rather an option field attached to DHCPDISCOVER and REQUEST packets inserted by a DHCP relay agent.  Service providers and large enterprises might use this functionality to keep DHCP from being flooded in a VLAN/subnet and making DHCP more secure.  Some DHCP servers can limit leases based on the circuit ID provided in the option 82 fields.

     

    Can someone answer the question does Windows Server 2003 leave this option in tact in the replies or does it strip the option out?  The relay agent obviously needs the option there to determine which port to return the DHCP traffic to.  We are currently on Win2003 DHCP and would like this option to work if at all possible...

     

    Thanks...

    Tuesday, November 20, 2007 5:18 PM
  • I have been working with Server 2003 Standard to use a vendor class to assign an IP address by the option 82 circuit id within the DHCP Discover sent to my DHCP server.  It seems that Server 2003 is not option 82 compatible, as my server will not assign a IP address based on the circuit id I entered in binary under my vendor class.  Any guidence anyone has on this topis would be appreciated.

    Sunday, December 23, 2007 8:03 PM
  • Has this ever been fixed?  It seems that Server 2008 DOES support the option 82 properly.  Is there a work around for Server 2003?  What is the entry method for the Circuit ID in a custom Option 82 field?

    Surley This has been patched somewhere?

     

    Thanks for anyones assistance in overcoming this limitation in Windows 2003 DHCP Server.

     

    Jack,

    Friday, March 07, 2008 6:56 PM
  • DHCP snooping

    To prevent a rogue DHCP server from entering your network, you can enable DHCP snooping on your switch. This feature allows you to set trust a.nd untrusted interfaces on your switch You can find more information on your switch manual.

    www.infotechguyz.com - Server 2008, Exchange 2007 Tutorials
    Wednesday, July 09, 2008 7:25 AM
  • Hello,

    can you provide an updated link?
    This one is dead:

    Govind [MSFT] - Bereitgestellt am Montag, 13. August 2007 05:53:48
    http://blogs.technet.com/teamdhcp/archive/2005/09/21/411344.aspx

    Or is there another article that describes how to configure a Windows DHCP Server 2003
    with option 82?

    Thx!

    Monday, July 28, 2008 8:15 AM
  • That article appears to be taken offline, as it's not listed on the DHCPTeam's blog site anymore.


    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging
    Tuesday, August 05, 2008 1:42 AM
  • From the little bit of info out there, the DHCP server(in this case 2008 server) has to accept/read option 82 from DHCP packet.

    My clients are getting DHCP from the server...therefore I'm assuming 2008 server is accepting/reading Option 82 from DHCP packet...but now what?

    where to do find the Option 82 info on my 2008 server??

    Thursday, July 30, 2009 9:53 AM
  • I'm also interesting how to configure this option on MS 2008 dhcp server.
    Thursday, April 29, 2010 8:17 AM
  • I'm also curious about the "right" answer. And I'd like to see an official answer to end this thread.

    Thanks.

    Monday, February 14, 2011 9:14 PM
  • Hello,

    Same problem here, I really need to find how to set up this option in Windows 2008 DHCP. All I've found right now is to define the option as in the first post : 

    Name: Relay Agent Information <OPTIONAL>
    Code: 82
    Description: Custom option 82 <OPTIONAL>
    DataType: Byte
    Array: <CHECKED>

    But I haven't find how I fill the option with the circuit ID and the remote ID on which I want to lease an IP. Some help on that point would be much appreciated.

    Thanks

    Wednesday, December 14, 2011 2:53 PM
  • Hello

    UP !

    I'm also interesting to configure this option on DHCP Windows 2008 R2 Server.

    Try to attribute an IP to a network card according to the port of the switch on which it is connected.



    • Edited by sebcrj Sunday, June 17, 2012 9:12 PM
    Sunday, June 17, 2012 9:12 PM
  • Hi,

    This support is available in DHCP Server in Windows Server 2012 release candidate (as well as beta). DHCP server now sends back option 82 (relay agent information) back in the server's response. Also, you can create a policy on the DHCP server to assign IP address(es) based on value of the relay agent information option added.

    Thanks,

    Prasad [MSFT]

    Monday, June 18, 2012 1:10 PM