19 Dec 2023

OpenBSD: Adopt Ubiquiti USW Flex Mini using DHCP option 43

If you have a flat network with no segmentation, the flex mini would find the controller after some broadcast spam, otherwise a DNS A record called unifi.my.local.domain pointing to the controller will suffice.

But why make it that easy?! One solution might fit better than the other, depending on the scenario.

Nothing here may be particularly OpenBSD specific and can probably be copy pasta to other DHCPD implementations.

According to this you can use dhcp with option 43 in order to adopt the USW Flex Mini into your controller (there is no SSH offically…despite having port 22 listening for some reason).

Option 43 translates to “Vendor Specific/Vendor Specific Information” and its specification can be found as RFC 2132

There is a man page (man dhcp-options) dedicated to dhcp options: https://man.openbsd.org/dhcp-options.5

The documentation for the various options mentioned below is taken from the IETF draft > document on DHCP options, RFC 2132. Options which are not listed by name may be defined by the name option-nnn, where nnn is the decimal number of the option code. These options may be followed either by a string, enclosed in quotes, or by a series of octets, expressed as two-digit hexadecimal numbers separated by colons. For example:

option option-133 “my-option-133-text”;

option option-129 1:54:c9:2b:47;

Our option 43 is however listed by name:

option vendor-encapsulated-options data-string; This option is used by clients and servers to exchange vendor-specific information. The information is an opaque object of n octets, presumably interpreted by vendor-specific code on the clients and servers. See RFC 2132, Section 8.4 for details.

If you want to be doubly sure which option has been concealed behind the names such as “vendor-encapsulated-options”, check the source code file tables.c:

{ "vendor-encapsulated-options", "X",  &dhcp_universe, 43 },

It is not possible to have the Unifi controllers http URL in the dhcp option. You must convert the IP number to your Unifi controller to hexadecimal.

You can do this using printf with the controller IP (replace dots with space) for instance:

printf "01:04:%02X:%02X:%02X:%02X\n" 10 3 2 1
01:04:0A:03:02:01

Note the prefix “01:04”. While the dhcp option is 43, there are also an additional sub-option in the message itself. How to interpret the sub-option/type and value is entirely up to the hardware vendor.

The message is encoded like this:

This is outlined in RFC 3925:

subopt-code        The code for the encapsulated option

subopt-len         An unsigned integer giving the length of the
                      option-data field in this encapsulated option in
                      octets

sub-option-data    Data area for the encapsulated option 

Use the following format for your dhcpd.conf scope (Do not surround the hex string with quotes, it won’t work):

        option vendor-encapsulated-options 01:04:0A:03:02:01;   

Use dhcpd -n to test the config.

You can now reload the dhcpd service and power cycle the USW Flex Mini and it should show up under devices in the Unifi controller, ready to be adopted.