5

I want to configure DHCP server in a way that it puts "regular" smartphones and tablets into a separate subnet. Is it possible to detect if the DHCP request comes from an Android or iOS device based on the DHCP request itself?

For example: a Sony android phone which was around set the following DHCP options in request, which are potentially useful for identification

bootp.option.vendor_class_id == "dhcpcd-5.2.10:Linux-2.6.32.9-perf:armv7l:mogami"
bootp.option.hostname == "android-c7d342d011ea6419"

Are there any known common patterns in SmartPhone DHCP requests that are better than MAC prefix?

petrus
  • 5,287
  • 25
  • 42
abbot
  • 213
  • 1
  • 2
  • 9
  • It might be possible to do this based on Mac address...iOS/Apple devices would be easier than Android, as there are a lot of different Android device providers. WHat problem are you trying to solve? – tombull89 Oct 22 '12 at 08:36
  • @tombull89, yes, MAC-based separation is obvious. Regarding the problem, exactly what stated in the question: keep common wifi network, put smartphones in a separate IP subnet. – abbot Oct 22 '12 at 08:40
  • This looks like something better achieved through separate SSIDs and VLANning. DO you have an environment where you can instruct the users of such devices to join the correct network? – SmallClanger Oct 22 '12 at 09:02
  • @SmallClanger, I do understand possible workarounds like separate SSIDs, etc., there is no need to explain these things. I'm curious, if may be mobile devices are known to send some common dhcp options in DHCP discovery packets or something like this. – abbot Oct 22 '12 at 09:15

3 Answers3

1

An Android phone here sent similar vendor ID:

Option: (t=60,l=52) Vendor class identifier = "dhcpcd-5.2.10:Linux-3.0.16-ge733189:armv7l:shooter_u"

However an iPhone device sent nothing beyond its MAC address and hostname. The same was true of a Nokia Symbian device (E71). My sample of three devices suggests that only Android devices send anything useful. You might have some success by finding what information each client requests (SIP server, domain search) and indeed does not request, and using that as a 'fingerprint'.

To my mind, however, the real answer is to put 'unknown' clients in a default network, and explicitly known devices in a different one.

Norky
  • 849
  • 4
  • 14
1

Using the host-name to match. Users could change it, on Android, Settings > Developer Options > Device host-name. But I am pretty sure that 90% of you users leave that setting alone. iPhone and iPad 

class "Android" {
  match if substring(option host-name,0,7) = "Android";
}
class "iPhone" {
  match if substring(option host-name,0,6) = "iPhone";
}
class "iPad" {
  match if substring(option host-name,0,4) = "iPad";
}
class "Windows-Phone" {
  match if substring(option host-name,0,13) = "Windows-Phone";
}
class "BLACKBERRY" {
  match if substring(option host-name,0,10) = "BLACKBERRY";
}
cheche
  • 111
  • 1
  • 4
0

You can limit the network access in your DHCP server. For example, in ISC DHCP, you can define a class or several subclasses using the string that android send:

class "Android" {
  match if substring(option vendor-class-identifier,0,5) = "dhcpd";
}

You can register this information for debugging in your logs files adding to your cfg file:

log (debug, substring (option vendor-class-identifier, 0, 5));
Aliaksandr Belik
  • 259
  • 6
  • 17
Paco López
  • 1