Using Pi-hole DHCP with custom domain name with Verizon G3100 router and E3200 Wi-Fi Extender

This a guide to help those who would like to use Pi-hole and its DHCP server capabilities in a network with Verizon's new G3100 router together with the E3200 Wi-Fi Extender.

You may be asking yourself, "why is the E3200 extender bit special?" It is a funny story in networking detective work!

I was doing 2 things at the same time over the last couple of days and realized that something was off (slow connection responses, etc):

  1. Use Pi-hole for ad-blocking.
  2. Install the new Verizon G3100 and E3200 to provide better Wi-Fi coverage at home.

Prior to the G3100 router, my network was configured with a .lan domain name and I wanted to keep my bookmarks, etc. the same. However, after installing the G3100, I realized that this is NOT possible, because Verizon DOES NOT ALLOW :angry: one to change the local domain name from the silly myfiosgateway.com to anything else, e.g., .lan.

Solution?

  1. Disable G3100's DHCP server, and Enable Pi-hole (dnsmasq)'s DHCP server. This way, I could get Pi-hole to assign .lan domain name to my devices.

And you thought, "piece of cake ... that should just work!" Well, that's what I thought as well. But, things weren't going to be as easy. :roll_eyes:

I realized that lots of my devices were having periodic disconnection problems and coulnd't maintain a connection. Having correlated the starting point of this problem with enabling my E3200 Wi-Fi extender, I realized that it WAS NOT able to maintain an Internet connection. Its front panel light was periodically alternating between WHITE (normal operational state) and YELLOW (no Internet).

That didn't make sense, because the devices on G3100 had perfectly OK Internet connection without any problems.

After doing a bit of Wireshark packet capture on the LAN interface of the E3200, I realized that the device was constantly going through a DHCP DISCOVER / REQUEST cycle, and not hanging onto its IP address assigned by Pi-hole.

In that packet capture, the thing that stood out was how the Verizon devices were using the "Vendor class identifier" with some special bits to identify themselves.


Having searched for related topics a bit, I came across the following links that provided the first hint: maybe the Verizon devices need to see that the "other device" they are talking to is ALSO a Verizon device, before deciding to operate like a normal DHCP client / Internet connected device.

With that information at hand, I decided to disable Pi-hole's DHCP server, re-enable G3100's and capture the DHCP traffic at the router's LAN interface to see if there was indeed something special going on.

Lo and behold, the answer came up in the capture where I saw that the G3100 router's DHCP OFFER included its CPE WAN identifiers including the GatewayManufacturerOUI, GatewaySerialNumber, and GatewayProductClass.

Armed with this information, I added a special Verizon config file to Pi-hole's Dnsmasq configuration directroy: /etc/dnsmasq.conf.d/11-verizon-options-conf

# Announce ourselves as a Verizon ARCADYAN router at all times
dhcp-option=option:vendor-class,ARCADYAN

# For Verizon devices that identify themselves
dhcp-vendorclass=set:VerizonFiOS,Verizon BHRx1 DHCP Detect

# Emulate Verizon G3100 router
dhcp-option=tag:VerizonFiOS,vi-encap:3561,4,880355
dhcp-option=tag:VerizonFiOS,vi-encap:3561,5,<replace with own serial number>
dhcp-option=tag:VerizonFiOS,vi-encap:3561,6,G3100

Trick was to do the following things:

  1. We need to provide Vendor Class identifier information that behaves like the G3100 router, i.e., ARCADYAN. I suppose that is the router vendor.
  2. Next, we need to ensure that we ONLY deliver the next set of options to those who need it. Therefore, we will tag the client requests with VerizonFiOS where their vendor class is Verizon BHRx1 DHCP Detect. This vendor class identifier is the one used by the E3200 Wi-Fi extender.
  3. Last, we need to send a set of Vendor Specific Information attributes that inform the E3200 that it IS INDEED talking to a Verizon router that it expects. This information, as I understand it, is also required for the communication with Verizon's Auto-Configuration Server (ACS) as described here: https://www.broadband-forum.org/technical/download/TR-069_Amendment-2.pdf, section F.2.2.

I believe the GatewayManufacturerOUI and GatewayProductClass are pretty much static in that configuration file. I would make sure to replace the GatewaySerialNumber with that of yours to ensure there is no potential issues on Verizon's back end thinking your device is connecting to the ACS from someone else's router :rofl:

You can find the router's serial number at the back of the device or by visiting this page: https://192.168.1.1/status.htm

With these in place, it was possible to disable G3100's DHCP server again, restart the Pi-hole's DHCP server, and it was all back to normal again:

  1. Use my own / desired domain name, e.g., .lan
  2. Use a E3200 Wi-Fi extender to better coverage at home
  3. Block ads with Pi-hole :heart:

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.