Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - marius_siuram

Pages1
#1
General Discussion / Missing circuit id data when DHCP Relay is configured
October 03, 2021, 10:27:36 AM
Maybe I am missing something very obvious, but I cannot get the DHCP target to receive the circuit information from OPNSense.

My setup consists basically on a few VLAN and I was trying to setup an authoritative DHCP server (outside the OPNSense appliance). I activated the Append circuit ID and agent ID to requests flag but I was not getting information in the dnsmasq box.

At first I believed that ther was some limitation on dnsmasq and now was trying with the ISC kea DHCP server. However, I get the following:

Code Select

DEBUG DHCP4_PACKET_RECEIVED ...
DEBUG DHCP4_QUERY_DATA (...)
options:
    (...)
   type=082, len=016:,
options:
     type=001, len=014: ...


All options (client identifier, hostname, relay information, etc.) is received correctly on the ISC kea server. However the circuit id field (option 82) receives something buggy. dnsmasq was missing that information too, so... am I missing something obvious on DHCP server configuration? There are not a lot of options to tweak on the OPNsense side.
#2
21.1 Legacy Series / Wanting to use an API for DHCP managing (failing with OMAPI with pypureomapi)
April 08, 2021, 10:46:45 AM
My goal was to automate certain IP management tasks, and discovered that OPNsense's DHCP supports OMAPI (since 20.1 if I'm not mistaken). I am using an up-to-date OPNsense 21.1 installation.

Once activated and configured, I can see that OMAPI port is working (netstat -an | grep 7911 shows it). However, after adding a lease from the web UI, if I try to get with pypureomapi, it fails:

In [5]: omapi.lookup_ip("de:ad:be:ef:ca:fe")
---------------------------------------------------------------------------
OmapiErrorNotFound                        Traceback (most recent call last)
<ipython-input-5-83d144de8394> in <module>
----> 1 omapi.lookup_ip("de:ad:be:ef:ca:fe")

~...python3.8/site-packages/pypureomapi.py in lookup_ip(self, mac)
   1101                 @raises socket.error:
   1102                 """
-> 1103                 res = self.lookup_by_lease(mac=mac)
   1104                 try:
   1105                         return res["ip-address"]

~...python3.8/site-packages/pypureomapi.py in lookup_by_lease(self, **kwargs)
   1181
   1182         def lookup_by_lease(self, **kwargs):
-> 1183                 return self.__lookup("lease", **kwargs)
   1184
   1185         def __lookup(self, ltype, **kwargs):

~...python3.8/site-packages/pypureomapi.py in __lookup(self, ltype, **kwargs)
   1216                 response = self.query_server(msg)
   1217                 if response.opcode != OMAPI_OP_UPDATE:
-> 1218                         raise OmapiErrorNotFound()
   1219                 if "raw" in kwargs and kwargs["raw"]:
   1220                         return dict(response.obj)

OmapiErrorNotFound: not found

The connection seems to be correctly established, as I was receiving a different error when it was wrong (the fact that the OMAPI key name is omapi_key was a mysterious fact, as I could not find that on the documentation).

Something is working, because a double add fails on the second one:

In [7]: omapi.add_host("172.21.132.123", "be:ef:00:00:be:ef")

In [8]: omapi.add_host("172.21.132.123", "be:ef:00:00:be:ef")
---------------------------------------------------------------------------
OmapiError                                Traceback (most recent call last)
<ipython-input-8-6cf1f93d7c17> in <module>
----> 1 omapi.add_host("172.21.132.123", "be:ef:00:00:be:ef")

~...python3.8/site-packages/pypureomapi.py in add_host(self, ip, mac)
   1253                 response = self.query_server(msg)
   1254                 if response.opcode != OMAPI_OP_UPDATE:
-> 1255                         raise OmapiError("add failed")
   1256
   1257         def add_host_supersede_name(self, ip, mac, name):  # pylint:disable=E0213

OmapiError: add failed


... which is expected. But that lease does not appear on the web UI, nor can it be retrieved with the pypureomapi library.

This is my first time working with OMAPI, so I may have some misconception on how it works or how it shoulbe be used. I want a mechanism to add/sync static leases from a Python codebase, and OMAPI seemed the path to walk (is there another mechanism? maybe there is an OPNsense API endpoint for managing that? I could not find it. Maybe there is a simpler & easier way to achieve my goal?)
Pages1