Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] How to configure DHCP server (JDHCPD) to support domain search (option 119)

0

0

Article ID: KB34325 KB Last Updated: 22 May 2019Version: 1.0
Summary:

DHCP option 119 is for DHCP domain search. In traditional DHCPD on SRX, the command 'set system services dhcp domain-search' supports option 119.

In new JDHCPD, SRX no longer have this command. Configuring option 119 is a manual task.

Solution:

Here is an example of how to configure option 119 on SRX for new JDHCPD. This example configures SRX to offer domain search for 'jnpr.net' and 'juniper.net'.

Topology:

SRX345(ge-0/0/3, DHCP server) ------ (interface eno33557248, DHCP client)Linux PC
 

To support option 119 on JDHCPD, 'hex-string' is needed. Tools for converting text to hex can be found on the Internet. Here is the explanation for hex-string.

  • jnpr.net

    j    n    p   r   .    n   e   t
    6a 6e 70 72 2e 6e 65 74
  • juniper.net

    j    u   n   i    p   e   r    .   n   e    t
    6a 75 6e 69 70 65 72 2e 6e 65 74

The client expects the full domain to be split (get rid of the separating periods "2e"), with each section prefixed by it's length (e.g. 4 jnpr 3 net) and then the whole string is null terminated "00").

jnpr ==> 4 letters
net ===> 3 letters

jnpr ==> hex value ==> 6a6e7072
net  ==> hex vlaue ==> 6e6574

juniper ==> 7 letters
net     ==> 3 letters

juniper ==> hex value ==> 6a756e69706572
net     ==> hex vlaue ==> 6e6574
 

Based on the above rule:

------------------------------------------------------------------------------------------------
|lenght of jnpr| hex value of jnpr| length of net| hex value of net | Terminal null char |
------------------------------------------------------------------------------------------------     ACTUAL value to be entered
|04                 |    6a6e7072       |    03             |     6e6574          |       00               |   ===> 046a6e7072036e657400
------------------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------------------
|lenght of jnpr| hex value of juniper| length of net| hex value of net | Terminal null char |
----------------------------------------------------------------------------------------------------    ACTUAL value to be entered
|07                 |    6a756e69706572 |    03       |     6e6574          |       00               |   ===> 076a756e69706572036e657400
----------------------------------------------------------------------------------------------------


     j    n   p   r         n   e   t
04 6a 6e 70 72 03 6e 65 74 00

     j    u   n   i    p   e    r      n   e   t
07 6a 75 6e 69 70 65 72 03 6e 65 74 00
 

Here is SRX configuration:

set interfaces ge-0/0/3 unit 0 family inet address 20.20.20.1/24
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces ge-0/0/3.0

set system services dhcp-local-server group hawk interface ge-0/0/3.0
set access address-assignment pool hawk family inet network 20.20.20.0/24
set access address-assignment pool hawk family inet range 1 low 20.20.20.10
set access address-assignment pool hawk family inet range 1 high 20.20.20.20
set access address-assignment pool hawk family inet dhcp-attributes maximum-lease-time 3600
set access address-assignment pool hawk family inet dhcp-attributes server-identifier 20.20.20.1
set access address-assignment pool hawk family inet dhcp-attributes name-server 20.20.20.1
set access address-assignment pool hawk family inet dhcp-attributes wins-server 20.20.20.1
set access address-assignment pool hawk family inet dhcp-attributes router 20.20.20.1
set access address-assignment pool hawk family inet dhcp-attributes propagate-settings ge-0/0/3
set access address-assignment pool hawk family inet dhcp-attributes option 119 array hex-string 046a6e7072036e657400
set access address-assignment pool hawk family inet dhcp-attributes option 119 array hex-string 076a756e69706572036e657400


After DHCP client obtains the IP address:

[root@localhost ~]# ifconfig eno33557248
eno33557248: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 20.20.20.11  netmask 255.255.255.0  broadcast 20.20.20.255
        inet6 fe80::250:56ff:fe9e:68c0  prefixlen 64  scopeid 0x20<link>
        ether 00:50:56:9e:68:c0  txqueuelen 1000  (Ethernet)
        RX packets 70  bytes 12378 (12.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 93  bytes 16082 (15.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


From tcpdump, we can see SRX offer option 119 to client.

21:43:32.024993  In
    Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16
      Device Media Type Extension TLV #3, length 1, value: Ethernet (1)
      Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14)
      Device Interface Index Extension TLV #1, length 2, value: 35584
      Logical Interface Index Extension TLV #4, length 4, value: 74
    -----original packet-----
    IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto: UDP (17), length: 328) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 00:50:56:9e:68:c0, length 300, xid 0x66bdc648, Flags [none] (0x0000)
      Client-Ethernet-Address 00:50:56:9e:68:c0
      Vendor-rfc1048 Extensions
        Magic Cookie 0x63825363
        DHCP-Message Option 53, length 1: Request
        Requested-IP Option 50, length 4: 20.20.20.11
        Parameter-Request Option 55, length 18:
          Subnet-Mask, BR, Time-Zone, Classless-Static-Route
          Domain-Name, Domain-Name-Server, Hostname, YD
          YS, NTP, MTU, Option 119
          Default-Gateway, Classless-Static-Route, Classless-Static-Route-Microsoft, Static-Route
          Option 252, NTP
        END Option 255, length 0
        PAD Option 0, length 0, occurs 30
21:43:32.029842 Out
    Juniper PCAP Flags [Ext], PCAP Extension(s) total length 16
      Device Media Type Extension TLV #3, length 1, value: Ethernet (1)
      Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14)
      Device Interface Index Extension TLV #1, length 2, value: 35584
      Logical Interface Index Extension TLV #4, length 4, value: 74
    -----original packet-----
    IP (tos 0x0, ttl  64, id 44681, offset 0, flags [none], proto: UDP (17), length: 328) 20.20.20.1.67 > 20.20.20.11.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x66bdc648, Flags [none] (0x0000)
      Your-IP 20.20.20.11
      Client-Ethernet-Address 00:50:56:9e:68:c0
      Vendor-rfc1048 Extensions
        Magic Cookie 0x63825363
        DHCP-Message Option 53, length 1: ACK
        Lease-Time Option 51, length 4: 3600
        Subnet-Mask Option 1, length 4: 255.255.255.0
        Server-ID Option 54, length 4: 20.20.20.1
        Domain-Name-Server Option 6, length 4: 20.20.20.1
        T119 Option 119, length 23: 4.106.110.112.114.3.110.101.116.0.7.106.117.110.105.112.101.114.3.110.101.116.0
        Default-Gateway Option 3, length 4: 20.20.20.1
        END Option 255, length 0
        PAD Option 0, length 0

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search