The Dynamic Host Configuration Protocol (DHCP) is a standard way for client devices to acquire an IP address and other configurations (DNS, Gateway, etc) on a network. This is particularly true in public access networks; as such, DHCP is integral to chilli, and always has been. Of course, it could certainly be more flexible. As it is now, you can’t really do much in the way of customizing your DHCP configurations. I have some ideas for CoovaChilli, and some DHCP discovery to share.

DHCP and MAC Authentication

MAC authentication is a common feature to access controllers that perform DHCP. It allows for authentication to take place automatically without the need of a captive portal or a web browser. CoovaChilli (and ChilliSpot) has the option to authenticate MAC addresses. Using this feature, initial DHCP requests made by the client trigger a RADIUS Access-Request. Subsequent DHCP requests from the client are granted with an authentication state based on the RADIUS response being Access-Accept or Access-Reject. That will change with the macauthdeny option, to have Access-Reject mean complete black-listing, but more could be done.

Here are the DHCP options found in a request from a Windows XP laptop (the Parameter Request List being the same in DHCP Discover messages):

Option 53: DHCP Message Type = DHCP Request
Option 61: Client identifier
    Hardware type: Ethernet
    Client MAC address: 00:18:xx:xx:xx:xx (00:18:xx:xx:xx:xx)
Option 12: Host Name = "laptop"
Option 81: FQDN
    Flags: 0x00
    A-RR result: 0
    PTR-RR result: 0
    Client name: laptop.coova.org
Option 60: Vendor class identifier = "MSFT 5.0"
Option 55: Parameter Request List
    1 = Subnet Mask
    15 = Domain Name
    3 = Router
    6 = Domain Name Server
    44 = NetBIOS over TCP/IP Name Server
    46 = NetBIOS over TCP/IP Node Type
    47 = NetBIOS over TCP/IP Scope
    31 = Perform Router Discover
    33 = Static Route
    249 = Classless static routes
    43 = Vendor-Specific Information
End Option

The following Vendor Specific Attributes (VSA) are proposed additions to CoovaChilli in order to forward this information to the RADIUS server during MAC authentication:

DHCP Option                          RADIUS Attribute
--------------------------------     --------------------------------    
Option 12: Host Name                 ChilliSpot-DHCP-Hostname
Option 55: Parameter Request List    ChilliSpot-DHCP-Parameter-Request-List
Option 60: Vendor class identifier   ChilliSpot-DHCP-Vendor-Class-Id
Option 61: Client identifier         ChilliSpot-DHCP-Client-Id
Option 81: FQDN                      ChilliSpot-DHCP-Client-FQDN

Additionally, the VSA named ChilliSpot-DHCP-Options will be optional in either an Access-Accept or Access-Reject, carrying arbitrary options to append to the DHCP response. All attributes are binary octet strings and carry the DHCP options in raw form.

[img_assist nid=206 title= desc= link=none align=center width=585 height=257]

Attributes in the Access-Request contain the corresponding DHCP option value, whereas the ChilliSpot-DHCP-Options contains a list of options, packed as they are in a DHCP message. Combined with the existing support for the Framed-IP-Address RADIUS attribute for IP assignment, this method provides for a high level of DHCP configuration centralized in your RADIUS server.

DHCP Relay Gateway

As the MAC authentication feature has shown, there is no reason why chilli can’t delegate IP assignment. Then why not have chilli act as a DHCP forwarding agent? This would make it possible to centrally manage your DHCP configurations, using a more configurable server. CoovaChilli will be able to forward DHCP requests to a remote DHCP gateway, noting the IP assignment in the response.

[img_assist nid=207 title= desc= link=none align=center width=525 height=214]

This would open up many possibilities… including, perhaps, captive portal settings provisioned through a DHCP server!

Note: You can already use CoovaChilli with access points, like the Cisco Aironet, configured to forward DHCP to chilli.

WPAD and Proxy Autoconfigure

Windows has a feature (in Internet Options, Connections tab, LAN settings button, Automatically detect settings checkbox) whereby browser proxy configurations can be picked up automatically from a network. The Web Proxy Auto Discovery (WPAD) protocol provides browsers (primarily Windows Internet Explorer, and maybe others) with a proxy configuration file. This Proxy Auto-Config (PAC) file can configure the default proxy and can be scripted, as demonstrated in this example, as a banner ad buster. Not without some risks, the configuration is downloaded either based on a DHCP option or a DNS based web server (using the prefix “wpad.” and the system FQDN).

With Automatically detect settings enabled, you will also see the following requests:

Option 53: DHCP Message Type = DHCP Inform
Option 61: Client identifier
    Hardware type: Ethernet
    Client MAC address: 00:18:xx:xx:xx:xx (00:xx:xx:xx:xx:xx)
Option 12: Host Name = "laptop"
Option 60: Vendor class identifier = "MSFT 5.0"
Option 55: Parameter Request List
    1 = Subnet Mask
    15 = Domain Name
    3 = Router
    6 = Domain Name Server
    44 = NetBIOS over TCP/IP Name Server
    46 = NetBIOS over TCP/IP Node Type
    47 = NetBIOS over TCP/IP Scope
    31 = Perform Router Discover
    33 = Static Route
    249 = Classless static routes
    43 = Vendor-Specific Information
    252 = Proxy autodiscovery
End Option

Replying to either the DHCP Discover, Request, or Inform messages specifying the Proxy autodiscovery option will inform Windows of the required WPAD URL:

Option 53: DHCP Message Type = DHCP ACK
Option 1: Subnet Mask = 255.0.0.0
Option 3: Router = 10.1.0.1
Option 6: Domain Name Server
    IP Address: 208.67.222.222
    IP Address: 208.67.220.220
Option 51: IP Address Lease Time = 15 minutes
Option 54: Server Identifier = 10.1.0.1
Option 252: Proxy autodiscovery = "http://ap.coova.org/wpad.dat"
End Option

With the option specified, and since DHCP takes priority over any DNS based WPAD source, Internet Explorer happily takes the configuration. Even though my Mac sends the following in a DHCP Discover message:

Option 53: DHCP Message Type = DHCP Discover
Option 55: Parameter Request List
    1 = Subnet Mask
    3 = Router
    6 = Domain Name Server
    15 = Domain Name
    112 = NetInfo Parent Server Address
    113 = NetInfo Parent Server Tag
    78 = Directory Agent Information
    79 = Service Location Agent Scope
    95 = Lightweight Directory Access Protocol
    252 = Proxy autodiscovery
Option 57: Maximum DHCP Message Size = 1500
Option 61: Client identifier (6 bytes)
Option 51: IP Address Lease Time = 90 days
Option 12: Host Name = "iMac"
End Option

The Mac does not use the returned Proxy Autodiscovery option, at least not with Safari.

Still, interesting stuff… and could pose a problem if you are at a hotspot and your Windows laptop auto-configures a proxy server that is not accessible in the walled garden!