Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Feature Request: Support DHCP Option 119 (RFC 3397 - Domain Search List) in VPC DHCP Option Sets

0

Problem

AWS VPC DHCP Option Sets currently only support Option 15 (RFC 2132) for domain names, which was designed for a single domain. As a workaround, multiple search domains are packed into Option 15 as a space-separated string ? which is non-standard behavior not defined in RFC 2132.

This causes a well-known bug in systemd-networkd (used by default on Ubuntu 20.04+): the space character between domains is interpreted as part of the domain name and encoded as \032, resulting in a broken search domain like:

stag.base032us-east-2.compute.internal

instead of two separate entries:

stag.base us-east-2.compute.internal

The systemd team closed this as "not planned" (issue #29107), citing that space-separated domains in Option 15 are non-standard. AWS documentation itself recommends using only one domain in this field precisely because of this compatibility issue.

Request

Please add support for DHCP Option 119 (RFC 3397 ? Domain Search) in VPC DHCP Option Sets. Option 119 was specifically designed for multiple search domains and uses proper DNS wire-format encoding ? all major DHCP clients (Windows, macOS, iOS, Linux) handle it correctly.

Impact

Every AWS customer running Ubuntu/Debian instances with multiple private DNS search domains is affected. Currently the only workarounds are:

  • Limit to one search domain in DHCP
  • Deploy custom scripts to fix /etc/resolv.conf after boot (e.g. fixnetplan)

References

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Amazon VPC
Language
English
asked a month ago66 views
1 Answer
0

Thank you for this detailed feature request. I can confirm that your understanding of the current limitation is accurate based on AWS documentation.

Currently, AWS VPC DHCP Option Sets use DHCP Option 15 for domain names, which according to RFC 2132 section 3.17 only supports a single domain name. While it was previously possible in Amazon Linux 2 to pass multiple domain names in the domain-name parameter to create-dhcp-options (resulting in space-separated entries in /etc/resolv.conf), this was an accidental feature rather than intended behavior.

As you've correctly identified, this approach causes issues with systems like Amazon Linux 2023 and modern Ubuntu/Debian distributions that use systemd-networkd for network configuration. These systems follow the RFC specification strictly, and since the space character is invalid in domain names, it gets encoded as \032, resulting in malformed search domains like foo.example.com\032bar.example.com instead of two separate domains.

AWS documentation explicitly acknowledges this limitation, stating: "Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP option set is associated with a VPC that has instances running operating systems that treat the value as a single domain, specify only one domain name."

The documentation also notes that to properly support multiple domain names, a DHCP server should use DHCP Option 119 (as defined in RFC 3397, section 2), which is the exact solution you're requesting.

For submitting this feature request to the AWS service team, I recommend using the AWS feedback mechanisms through your AWS account team or the AWS Support Center, as they can track and prioritize feature requests directly with the VPC service team.
Sources
Functionality deprecated in AL2 and removed in AL2023 - Amazon Linux 2023
Functionality deprecated in AL2 and removed in AL2023 - Amazon Linux 2
CreateDhcpOptions - Amazon Elastic Compute Cloud

answered a month ago
AWS
EXPERT
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content