Option based IP Address assignment Callout Dll



Overview


DHCP administrators would like to manage address assignment in the network, by assigning IP address to DHCP clients based on vendor/user class identifier from distinct address ranges in the subnet. This functionality can be added to the Microsoft DHCP Server, by installing DHCP Server Option Based IP Address Assignment Callout package.


This callout dll allows the administrators to define rules for assigning IP addresses from specific IP address ranges based on the vendor/ user classes of the DHCP clients in the network. The IP address to these DHCP clients will be leased/ renewed based on the rules configured by the administrator. Alternatively, the administrator could also implement a light weight network access control by denying IP addresses based on vendor/ user class of the device.


It can be configured for address assignment based on any one of the below:



  • Vendor class identifier (option 60)

  • User class identifier (option 77) 

This will provide administrator the following advantages:



  • Network access control, denial of IP based on vendor/ user class

  • Better manageability, as different vendors are assigned IP addresses from different ranges

  • Ability to configure options with different values for different DHCP clients, in the same subnet, based on the vendor/ user class.

This callout dll works with Windows Server 2008 (Standard or higher, 32 or 64 bit) and above, running DHCP Server (only English builds).


The callout dll can be configured using an MMC snapin. For usage information refer to the setup document present in the zip file attached to the blog.


Thanks,


DHCP Server Team


OptionBasedAssignmentCallout.zip

Comments (46)

  1. Anonymous says:

    Hi

    Can you send us your logs and OptionBasedAddressAssignment.xml files.

    Thanks

    Arun

    TeamDhcp

  2. Anonymous says:

    hi Christian,

    The callout dll works only with English builds. Please let us know if you see issues on English builds.

    Thanks

    Ranu

  3. Anonymous says:

    Hi,

    I can’t seem to find the 32bit even though you say that is supported?

    Jamie

  4. teamdhcp says:

    Gahao, DHCP server will echo back the value in option 60 (vendor identifier) sent by the DHCP client. So, the onus is on DHCP client to send the vendor identifier. Can you describe the scenario that you are trying to achieve.

  5. Anonymous says:

    Hey Rajesh,

    When defining user/ vendor class in DHCP Server, you need to specify class data in binary/ ascii value. This value is used to identify the class. This will be the value sent by the client in the DHCP packet for option 60 or 77.

    In case of user class this value is upto the admin to decide.

    For vendor classes, the vendor should provide this.

    You can also get this by looking at network monitor traces.

    Let me know if this helps.

    Thanks

    Raunak Pandya

  6. Anonymous says:

    Thanks Luigi.

    Could you also send the file OptionBasedAssignmentLog.txt.. That would contain the details of what went wrong in the callout dll.

    Plus also the output of the command : netsh dhcp server show scope

  7. teamdhcp says:

    Hi Senthil, the ability to assign IP addresses based on vendor class id within the same subnet is now supported inbox in Windows Server 2012 using DHCP Policies. Please consider using the inbox functionality.

  8. Anonymous says:

    Hi Tino,

    Your scenario which is discussed on the social.technet discussion requires capability to assign specific DHCP options and IP addresses from a specific range in a subnet. This is possible using DHCP policies. Using DHCP policies, you can assign options/IP address based on vendor class or MAC address prefix or a combination of the two.

    DHCP policies are supported in DHCP Server of Windows Server 2012. DHCP in Windows Server 2008 R2 does not have this capability.

  9. Anonymous says:

    Hey Elliott,

    The issue reported by you has been fixed and the currently uploaded MSI packages should work fine even for option data greater than 15 bytes/ chars.

    Thanks for reporting the issue once again.

    Continue using the callout dll.

    Raunak Pandya

    DHCP Server Team

  10. Anonymous says:

    Hey Elliott,

    Thanks for reporting this issue. We will look into this.

    Thanks

    Raunak Pandya

    DHCP Server Team

  11. teamdhcp says:

    Hi Senthil, DHCP server in Windows Server 2012 supports DHCP policies which provides the inbox support for scenarios like option based IP address assignment.. The option based IP address callout dll was an interim solution till the time we provided inbox support for the scenario – which is now available in Windows Server 2012. Given that we are not enhancing the option based IP address callout dll anymore.
    By the way, can you please elaborate on the scenario you are trying to achieve – I did not completely understand what you mean by “…user class for multiple scope is not supported…”

  12. Anonymous says:

    Will get back asap after looking at the logs..

    Thanks, Arun

  13. teamdhcp says:

    To add to that, as per RFC 2132, DHCP server is expected to send vendor specific option value configured on the server as part of option 43 in its response.

  14. teamdhcp says:

    Senthilkumar, You can configure different user classes on WinXP and Win7 desktops e.g. UserClassWinXP and UserClassWin7. Then create policies on DHCP server based on user class with specific IP address range. See the following blog:
    http://blogs.technet.com/b/teamdhcp/archive/2012/08/22/granular-dhcp-server-administration-using-dhcp-policies-in-windows-server-2012.aspx
    You will need Windows Server 2012 or 2012 R2 to setup DHCP policies.

  15. Anonymous says:

    hi Joe,

    This offering would not be supported from Microsoft.

    Thanks

    teamdhcp

  16. Anonymous says:

    Don’t know if my last comment went through, but I’m having a problem with this DLL.

    When the Vendor Class string is longer than 15 characters, I get an error and it doesn’t work properly.

    Any help would be much appreciated.

    Thanks

    ~Elliott

  17. Anonymous says:

    Introducing such a topic you’d like to congratulate you’ve let us know. Have good work.

  18. Anonymous says:

    Hi Mario, the Option based IP Address assignment Callout Dll was done as an interim solution till an inbox support for this scenario was provided in Windows Server. DHCP server in Windows Server 2012 provides support for this scenario through DHCP policies. Using DHCP policies, you can group clients based on option 60 (vendor class) or other supported criteria and provide different set of options, lease duration or IP addresses.

    Please take a look at blog posts – blogs.technet.com/…/granular-dhcp-server-administration-using-dhcp-policies-in-windows-server-2012.aspx

    and

    blogs.technet.com/…/using-dhcp-policies-to-set-different-lease-durations-for-different-device-types.aspx

    The inbox solution is supported through the MS support channels and we would encourage you to move to the same.

    BTW, could you elaborate on the scenario – what settings (TFTP server, bootfile name ?) are you trying to provide to PXE clients.

  19. Anonymous says:

    Hey Rajesh,

    When you configure the scopes with /27 I presume the address range you are selecting is less than 32 addresses.  What issue are you facing here? Please provide more details. Also if possible please share the contents of the XML FIle (optionbasedassignment.xml) located @ system32dhcp folder (by default).

    Raunak Pandya

  20. senthilkumare says:

    Need to configure user class for multiple scope not supporting in server 2008R2 can you please help me to resolve this issue Thanks in advance.

    senthil

  21. Anonymous says:

    Great! Thanks Mario for sharing the feedback.

  22. Anonymous says:

    Hey Elliott,

    This callout works only on WS08 or above.

    Raunak Pandya

  23. Gahao says:

    hi, can I set that DHCP server respond option 60 via the option I set (but not option 43) ?

  24. Anonymous says:

    Hi Luigi,

    I got a chance to look at your logs. Your server is bound to an address on 10.0.0.0/24 subnet. So (unless you are using a relay, which I doubt), configuring a subnet with 192.168 … will not work because of routing. The tool is just a manageability tool which can't provide addresses outside the scope of the server itself.

    So, to separate NAP-enabled and non-NAP enabled, you should follow the steps as in the word document in the attachment above. Create 2 subnets 10.0.0.1-10.0.0.127 and another from 10.0.0.128-10.0.0.254 if your overall address space is from 10.0.0.0/24. Thereafter do the steps as must 've originally done.

    Thanks, Arun

  25. Anonymous says:

    It will be lovely to see that it will work for User class & Vendor Class together.

    scenario like below.

    User have IP Phone, a bunch of windows and a bunch of non-windows

    Inside these windows, we have a few PC need full rights to the internet

    we want to allocate as below

    the range 192.168.50.0/24

    IP phone 192.168.50.0/26

    windows with full rights 192.168.50.64/26

    windows without full rights 192.168.50.128/26

    nonwindows 192.168.50.192/26

    we would like to use user class for windows with full rights (so administrator can identify the key PC that need the full internet rights), and others as vendor class

    I don’t know whether it is technically possible with the future release.

    Cheers,

    Jian

  26. Anonymous says:

    Hi Rajesh,

    So while defining user’vendor class the ASCII field represents the user/vendor class data for that class. For more on class creation through API, please refer to http://msdn.microsoft.com/en-us/library/dd897514(VS.85).aspx  

    Thanks

    Ranu

  27. Gahao says:

    hi, can I set that DHCP server respond option 60 via the option I set (but not option 43) on a windows server 2003?

  28. Anonymous says:

    The package with "x86" prefix is the 32 bit dll.

    -teamdhcp

  29. Anonymous says:

    Raunak,

    Woohoo!

    Thanks much for your quick response.  Now I won’t have manually configure these 30 IP phones.

    Also, does this DLL work with Windows 2003?

    ~Elliott

  30. Rajesh Kanuri says:

    Could some one help me in deploying the scenario 2 mentioned in the file . .  While defining user class/vendor class it is asking for for ascii/ define class what is it actually?

    What should we enter there in order to complete the procedure

  31. Rajesh Kanuri says:

    Thanks Raunak for the support i have done and succeeded with the installation part . .

  32. Rajesh Kanuri says:

    Hey i got a strange issue when i trying to configure the scope by /26 and setting rules as /24 then it is working fine but when i am trying to configure as /27 and /24 then it is not working . .  could some one help me out in this case . .

  33. Christian says:

    in fact, it does not function with Windows 2008 (64bit) Standard German, nor Windows 2008r2 (64bit). The MMC Snapin crashes allways, when trying to add a new Subnet. Any workarounds for this?

    regards

  34. Joe says:

    What kind of support does Microsoft offer for this package?

    Is this an official Microsoft offering that would be supported in a production environment?

    Thanks!

    Joe

  35. Luigi Capriotti says:

    Hi,

    I have two distinct scopes, and I'd like PXEClient to be assigned addresses from scope1 (10.0.0.0/24) and other clients getting scope2 (192.168.0.0/24) addresses.

    I defined a vendor class as "PXEClient:Arch:00000:UNDI:002001" at server level, created a subnet 10.0.0.0 in the mmc, and created a rule for scope1in the subnet using the custom vendor class, but PXEClients are still getting scope2 addresses, as well as all other clients.

    Please advice!

  36. Luigi Capriotti says:

    Tks Arun,

    files sent to (teamdhcp at hotmail) and (msnetworkteam at live).

    Luigi

  37. Luigi Capriotti says:

    Tks again Arun,

    all requested info sent.

  38. Luigi Capriotti says:

    Hi Arun,

    I have replicated the test scenario but still the custom vendor option is not matched. Further test results sent via email.

    Tks for giving it a look.

    Luigi

  39. LaurV says:

    Any chance this would work with 2003R2 ?

    Thanks.

  40. TinoS says:

    Hi,

    at social.technet.microsoft.com/…/dhcp-vendor-id somebody says that the callout DLL is integrated into 2008R2. Unfortunately there doesn't seem a way to actually configure it.

    Is there a way to assign IP range by vendor class (apart from upgrading to Server 2012)?

    Thanks,

    Tino

  41. Mario says:

    Hi DHCP Team,

    I am running into the same issue as Luigi – that is I'm unable to use your callout if Option 60 is "PXEClient:Arch:00000:UNDI:002001". It appears if option 60 is long then the filter doesn't work. I am using this callout function in Windows 2008 R2.  Is this a bug?

    Mario

  42. Mario says:

    Thanks for your response. I agree that built-in feature is a much better approach than trying to fix an unsupported dll. In my lab, I have verified that my goals can be achieved with using Windows 2012 DHCP and its PBA feature.

    Regards,

    Mario.

  43. Russell Kelly says:

    This doesn't seem to work for subnets in a superscope – where their subnet address is different form the DHCP relay's IP address – i.e. multiple subnets case of superscoping.

  44. teamdhcp says:

    Russell, This functionality now ships inbox in Windows Server 2012 via DHCP policies. For superscopes, you can create identical policies in each superscope. Can you please provide detail on the scenario that you are trying to accomplish.

  45. senthil kumar says:

    im not able to assign the ip address using vendor class id with same subnet with different ipaddress range
    50.0.0.1/22 & 50.0.4.1/22
    Thanks
    Senthil

  46. senthilkumar says:

    Current Scenario:

    1.We have desktops with operating system windows xp & windows 7

    2..Above desktops gets IP from a single DHCP Server

    Configuration required:

    Need to configure separate range of IP address leases based on operating system from DHCP server