Cisco IOS DHCP Client Identifier

This topic is to discuss the following lesson:

Hi Rene,
I tried this on WAN interface because my ISP uses DHCP, but didn’t make any difference to client-id.

interface GigabitEthernet0/1
 ip address dhcp client-id GigabitEthernet0/1
 ip access-group INTERNET in
 ip nat outside
 ip inspect FIREWALL out
 ip virtual-reassembly in

Aug 13 23:42:47 UTC:    Retry count: 1   Client-ID: cisco-c471.fec5.39d9-Gi0/1
Aug 13 23:42:47 UTC:    Client-ID hex dump: 636973636F2D633437312E666563352E
Aug 13 23:42:47 UTC:                        333964392D4769302F31
Aug 13 23:42:47 UTC:    Hostname: c2901
Aug 13 23:42:47 UTC: DHCP: SRequest - ciaddr: x.x.x.x
Aug 13 23:42:47 UTC: DHCP: SRequest placed class-id option: 636973636F706E70
Aug 13 23:42:47 UTC: DHCP: SRequest: 304 bytes
Aug 13 23:42:47 UTC: DHCP: SRequest: 304 bytes
Aug 13 23:42:47 UTC: DHCP: Received a BOOTREP pkt
Aug 13 23:42:47 UTC: DHCP: Scan: Message type: DHCP Ack
Aug 13 23:42:47 UTC: DHCP: Scan: Client ID: cisco-c471.fec5.39d9-Gi0/1

Hmm that’s weird. I tried this on a 1841 router. What IOS is your 2900 running?

Hi Rene,
I am running c2900-universalk9-mz.SPA.154-3.M2.bin.

You could try another IOS, see if it makes a difference. It’s strange though and there is no other command that influences this.

Hello, everyone!

I’ve a few questions about the client ID.

Most host devices that use DHCP client will use their MAC address as the client ID. Cisco IOS however uses one of their own formats, this can be a problem if you need to get an IP address from the DHCP server based on your MAC address. For example, some cable providers check the MAC address of a client before handing out an IP address.

If I had a router connected to the ISP and I issued the ip address dhcp command on that interface, there is a possibility that it wouldn’t receive an IP address just because its… using a different format?

My another question is, I’ve enabled a host for DHCP and this is the client ID it included in the DHCP message.
obrázok

However, in the output of show ip dhcp binding command, the client ID is just not the same there

And my last question is, why Client ID? Why not just use the MAC address all the time? What’s the reason behind Cisco using their own format?

Thank you all!

David

Hello David

In a standard DHCP server setup without specific MAC address filtering or binding, the server usually doesn’t care about the client ID’s format or content as long as it is unique. It will simply provide an IP address and other network configuration details based on the availability of IP addresses in its pool. The client ID, in this case, is used mainly for identifying the uniqueness of the request.

However, because DHCP servers in cable provider scenarios use additional mechanisms to ensure security and authentication, they will typically be configured to look out for the specific MAC address of the device you are connecting to their network. In such a case, if it is a Cisco device acting as the DHCP client, the sending of anything other than the MAC address will cause a failure in getting an IP address and network parameters. It’s not a matter of incompatibility, but a matter of configuration.

Indeed the output of the show ip dhcp binding command seems to show non-standard output for the client ID compared to what you see within the wireshark capture. I went into the lab and recreated your results as well. The value actually looks like hex, so what I did was I put my hex output into a hex-to-ascii translator, and I get this:


So the output is simply a hexadecimal format of the expected Client ID value.

Like many protocols, Cisco’s implementation of DHCP predated the widespread use of the standardized DHCP protocol. Cisco’s original implementation since the 1990s used the client ID and they have since kept the same capabilities.

They’ve kept this format however for more than nostalgic reasons. The DHCP client ID provides more flexibility. For example, in a network with multiple virtual interfaces, using the MAC address as the client ID would not work because all the virtual interfaces share the same MAC address. In this case, using a unique client ID for each interface allows each one to obtain its own IP address from the DHCP server.

I hope this has been helpful!

Laz