, Johann Schmitz

The DHCP protocol contains several more or less options to configure the clients (e.g. PAC-Files, NTP-Servers, etc.). One of these cool options is the ability to push static routes to clients. This can be done in two different ways:

This guide describes the configuration on a pfSense box. For the configuration in ISC DHCP Server see this guide.

Single route

Pushing a single route is very easy. The configuration value consists of two ip address pairs in hex. The first address is the destination host, the second is the router.

Example:

  • Destination: 192.168.123.234 (Hex: C0:A8:7B:EA)
  • Router: 10.34.72.42 (Hex: 0A:22:48:2A)

The value is: C0:A8:7B:EA:0A:22:48:2A

If you configure a pfsense box, go to Services -> DHCP Server and add the value to the box "Additional BOOTP/DHCP Options". Its important to choose the type "String"!

Classless Static Routing

The DHCP option 121 follows a slightly different format. The format is width of the subnetmask:netaddress:router address (again, in hex).

Example:

  • Destination: 192.168.123.0 (Hex: C0:A8:7B:0)
  • Router: 10.34.72.42 (Hex: 0A:22:48:2A)
  • Subnet mask width: 24

Value: 24.192.168.123.10.34.72.42, in hex 18:C0:A8:7B:0A:22:48:2A

To provide multiple static routes, just concat all encoded values. According to RFC 3442, you should include the default route in the DHCP option 121, since clients are allowed to ignore the "default route" DHCP option if the server provides a value for the classless static routing option. The default route option is: 00:0A:0A:0A:02 (the routers ip is 10.10.10.2, the last 4 bytes), combined: 00:0A:0A:0A:02:18:C0:A8:7B:0A:22:48:2A.

Note: Windows systems up to Windows XP/Windows Server 2003 do not request the dhcp option 121 (they have to be tweaked manually to request this option). The linux dhcp client "dhcpcd" requests this option per default (if not, set option classless_static_routes in /etc/dhcpcd.conf).