Arran Cudbard-Bell a.cudbardb at freeradius.org
Sat Nov 3 15:19:57 CET 2012

On 3 Nov 2012, at 12:31, Bjørn Mork <bjorn at mork.no> wrote:

> Arran Cudbard-Bell <a.cudbardb at freeradius.org> writes:
>> There's also a new xlat expansion %{dhcp_options:}. Some switch
>> vendors offer DHCP to RADIUS gateways, but don't define their own VSAs
>> to represent DHCP options, so include the DHCP options from the DHCP
>> packet as an opaque blob of binary data packed into a single VSA.
>> Seeing as the server already has the code to parse dhcp options, it
>> seemed like a fun hack to expose it as an xlat
>> function. %{dhcp_options:} takes an attribute reference with
>> qualifiers, and expands to the number of options in the blob. During
>> expansion it adds all the options it finds in the blob to the request
>> list with +=, using the FR DHCP dictionary.
>> If anyone knows of other vendors besides the lazy lazy French one
>> doing this, please let me know.
> I'm not sure what you are referring to here, but if I understand this
> feature correctly then I believe it will be useful with Juniper JUNOS
> and JUNOSe access routers as well.  Newer versions decode some of the
> more useful DHCP options and provide them in separate attributes, but
> the raw list of all DHCP options is also available.  E.g:
>  ERX-Dhcp-Options = "5\001\0012\004\224z\247\0057\0103:;\001y\003!\006R'\001\033DSA13FBU atm 1/1/01/23:8.35\002\01067676775"
> I assume this is what the new xlat will decode?  That is very useful.

Yes. Though it looks like ERX-Dhcp-Options is defined wrongly as a string in the vendor's dictionary, i'll go fix that...


More information about the Freeradius-Devel mailing list