Dynamic Host Configuration (dhc)

Erik Nordmark | 3 Feb 2003 21:45

Picon

Re: Re: PD lifetimes


> Yes, *if we want to allow the delegating router to have the ability to
> control the downstream valid and preferred lifetimes*. 

I agree that this "if" is a key question.

But what I don't understand is the semantics of any lifetime
if we decide that the delegating DHCP server should not be able to
control the prefix lifetimes, then what is the purpose of having any
lifetime in the prefix delegation option? Wouldn't it be sufficient to
just have T1/T2 in that case?

> Before going that further, however, I still think it is overkilling
> for the delegating router to have the ability to control the
> downstream lifetimes.  IMO, the requesting router (and the site's
> administrator) should be responsible for such parameters, with one
> trivial constraint: the site lifetimes must not be smaller than the
> lifetimes of each downstream link.

Yes, but the counter argument is for home sites that don't have
an administrator it might make sense to allow the ISP to be able to suggest
or control the lifetimes. Of course, managed sites might be able to override
the lifetimes.

>   1. the requesting router should also have the additional bits (like
>      P and V above),
>   2. (this may be controversial) the lifetimes in router advertisement
>      on each downstream link should be the same as the default of RFC
>      2461 (i.e. AdvValidLifetime and AdvPreferredLifetime, NOT
>      decreasing in real time), as long as Renew/Reply exchanges

(Continue reading)

Barr Hibbs | 3 Feb 2003 21:50

Review of DHCPv4 Implementation Issues


One of the work items adopted by the DHC Working Group at IETF-55 in Atlanta
was a review of what I'll generically call "implementation issues" faced by
implementors of DHCP clients, servers, and relay agents.

The purpose of this review is to identify areas of the protocol that were:

	1.  not well-specified
	2.  described in a less-than-clear way
	3.  had dubious value or harmful side-effects
	4.  conflicted with other RFCs
	5.  internally inconsistent, that is, conflicted with
	    other sections of the specification
	6.  "difficult" to implement or test for interoperability
	7.  not implemented because of external policies
	8.  "seemed like a good idea" at the time, but are now
	    considered unnecessary, redundant, or wrong

I'm calling on all implementors, developers, and designers to offer their
observations, comments, wishes, anecdotes, and observations so that we may
create a list of problem areas that need resolution before submitting the
RFC for consideration as a full Internet Standard.

Even typographical errors, grammatical mistakes, and organizational issues
are fair game for this purpose.

Thanks in advance for your help.

--Barr

(Continue reading)

Ole Troan | 4 Feb 2003 06:21

Picon

Re: questions about prefix-delegation-01

>>> 3. Section 11 of the PD draft says:
>>> 
>>> In some circumstances the requesting router may need verification
>>> that the delegating router still has a valid binding for the
>>> requesting router.  Examples of times when a requesting router may
>>> ask for such verification include:
>>> 
>>> o  The requesting router reboots.
>>> ...
>>> If such verification is needed the requesting router MUST initiate a
>>> Renew/Reply message exchange as described in the section "Creation
>>> and Transmission of Renew Messages" of the DHCP specification [6].
>>> 
>>> I don't see why a Renew/Reply exchange is used, instead of a
>>> Confirm/Reply exchange.  The described situation is very similar to
>>> Section 18.1.2 of dhcpv6-28, and I don't see an essential difference
>>> to use a Renew/Reply exchange.  If there is, the PD draft should be
>>> clear on this.
>
>> Yes, I think a Confirm message could be used in this case.
>
> Okay, so do you think the PD draft should be updated by replacing the
> Renew with Confirm?  I personally think it should, because otherwise
> it would be unclear why we had Confirm in the base DHCPv6 spec in the
> first place.

the Confirm message has different semantics. it is used to verify that
a prefix is still on-link, something which restricts it usefulness to
address assignment. the Reply to a Confirm can come from any server,
and there is no requirement that a binding with the server exists.

(Continue reading)

Senthil Kumar B | 4 Feb 2003 10:43

Picon

Can a DHCPv4 server REPLY to non-standard port.

I heard about cases where a DHCP server like ISC DHCP runs on a
different port (other than the standard port 67). In that Can I assume
the client also run on a selected non-standard port(other than the
standard port 68).

I just wanted to clarify one thing here. When a DHCP server runs on a
non-standard port (may be 1070) and the client is running in (may be
1080, instead of 1071 conventionally), the server should understand the
client's port from the client's request packet and reply to the
port(1071) accordingly.

Will there be any problem if the client runs on a non-standard dynamic
port(varies for different dhcpclients)? One of the problem i could see
is that, the client (may be customized) can request all the IP addresses
and eventually the server will be running out of addresses to assign
(Because, any normal user  can write up a program and send DHCP messages
to acquire all the IP address).

Is this scenario violating the standards and if so how to avoid the
problem ?

Appreciate your help in advance,

Thanks,
Senthil

Vasu, Vallabhaneni | 4 Feb 2003 14:39

Picon

Re: Can a DHCPv4 server REPLY to non-standard port.

Senthil Kumar B wrote:

> I heard about cases where a DHCP server like ISC DHCP runs on a
> different port (other than the standard port 67). In that Can I assume
> the client also run on a selected non-standard port(other than the
> standard port 68).
>
> I just wanted to clarify one thing here. When a DHCP server runs on a
> non-standard port (may be 1070) and the client is running in (may be
> 1080, instead of 1071 conventionally), the server should understand the
> client's port from the client's request packet and reply to the
> port(1071) accordingly.
>
> Will there be any problem if the client runs on a non-standard dynamic
> port(varies for different dhcpclients)? One of the problem i could see
> is that, the client (may be customized) can request all the IP addresses
> and eventually the server will be running out of addresses to assign
> (Because, any normal user  can write up a program and send DHCP messages
> to acquire all the IP address).

This problem can happen even if the client uses the standard ports. All you
need to do is write c code to generate different client id's (MAC or option
61). This issue is  being handled in RFC 3118.

>
>
> Is this scenario violating the standards and if so how to avoid the
> problem ?
>
> Appreciate your help in advance,

(Continue reading)

JINMEI Tatuya / 神明達哉 | 4 Feb 2003 08:46

Picon

Re: Re: PD lifetimes

>>>>> On Mon, 3 Feb 2003 21:45:55 +0100 (CET), 
>>>>> Erik Nordmark <Erik.Nordmark <at> sun.com> said:

>> Yes, *if we want to allow the delegating router to have the ability to
>> control the downstream valid and preferred lifetimes*. 

> I agree that this "if" is a key question.

> But what I don't understand is the semantics of any lifetime
> if we decide that the delegating DHCP server should not be able to
> control the prefix lifetimes, then what is the purpose of having any
> lifetime in the prefix delegation option? Wouldn't it be sufficient to
> just have T1/T2 in that case?

It is, unless we do not want to control per-prefix lifetime in a
single IA_PD.  (If we remove the notion of per-prefix lifetime, then
we'd clarify the maximum retransmission duration (MRD) of Rebind for
IA_PD accordingly).

>> Before going that further, however, I still think it is overkilling
>> for the delegating router to have the ability to control the
>> downstream lifetimes.  IMO, the requesting router (and the site's
>> administrator) should be responsible for such parameters, with one
>> trivial constraint: the site lifetimes must not be smaller than the
>> lifetimes of each downstream link.

> Yes, but the counter argument is for home sites that don't have
> an administrator it might make sense to allow the ISP to be able to suggest
> or control the lifetimes. Of course, managed sites might be able to override
> the lifetimes.

(Continue reading)

JINMEI Tatuya / 神明達哉 | 4 Feb 2003 11:00

Picon

Re: questions about prefix-delegation-01

>>>>> On Tue, 04 Feb 2003 05:21:20 +0000, 
>>>>> Ole Troan <ot <at> cisco.com> said:

>>>> I don't see why a Renew/Reply exchange is used, instead of a
>>>> Confirm/Reply exchange.  The described situation is very similar to
>>>> Section 18.1.2 of dhcpv6-28, and I don't see an essential difference
>>>> to use a Renew/Reply exchange.  If there is, the PD draft should be
>>>> clear on this.
>> 
>>> Yes, I think a Confirm message could be used in this case.
>> 
>> Okay, so do you think the PD draft should be updated by replacing the
>> Renew with Confirm?  I personally think it should, because otherwise
>> it would be unclear why we had Confirm in the base DHCPv6 spec in the
>> first place.

> the Confirm message has different semantics. it is used to verify that
> a prefix is still on-link, something which restricts it usefulness to
> address assignment. the Reply to a Confirm can come from any server,
> and there is no requirement that a binding with the server exists.

> for PD we wanted a message exchange to verify that the delegating
> router still has a binding with the requesting router, therefore the
> use of Renew.

Okay, I understand the intention.  However, I still think of a case
where Confirm is more appropriate.  For example, suppose that we have
two upstream "cables", each of which connects to a separate ISP.  Also
suppose that the requesting router has an upstream port.  We first
plug one cable to the upstream port, and then switch to another

(Continue reading)

JINMEI Tatuya / 神明達哉 | 4 Feb 2003 11:20

Picon

Re: questions about dhcpv6-28

(In the followings, I folded some long lines)

>>>>> On Tue, 28 Jan 2003 12:42:33 -0600, 
>>>>> "Bernie Volz (EUD)" <Bernie.Volz <at> am1.ericsson.se> said:

>> Ralph pointed out to me the possibility of some "magic" between a
>> primary server and a backup server, which allows those servers to be
>> synchronized in real time.  I'm not sure how this is realistic,
>> either, but I'd personally prefer to keep the possibility.

> For DHCPv6 there seems to me a better way to handle things like failover?

> The two standard mechanisms would be:
> 1. Failover like protocol between the two servers
> 2. Redundant backend database

> But, with the large IPv6 addresses, there is another way which I
> think is even better and requires no communication between
> "redundant" servers (well, there is the configuration issues but
> there is no need or minimal need for ongoing communication). The
> idea is as follows:

(snip)

> I wonder whether the DHC WG might take this on - to specify how
> redundant DHCPv6 services could or should be built? I think it will
> be easier than the DHCPv4 failover work and may not require any
> protocol - just a way of working? But, then perhaps this is simply
> left to the server implementers to decide how best to work and
> interoperability between several vendors is not required?

(Continue reading)

JINMEI Tatuya / 神明達哉 | 4 Feb 2003 10:25

Picon

Re: questions about dhcpv6-28

>>>>> On Wed, 29 Jan 2003 11:23:07 -0500, 
>>>>> Ralph Droms <rdroms <at> cisco.com> said:

>> Actually, Section 15.6 *seems to* address the case.  It says:

(snip)

>> However, there should be a wording problem.  I guess the sentence
>> actually intended to be:
>> 
>> Servers MUST discard any received Renew message that fails to meet
>> ^^^^^^^^
>> any of the following conditions:

> Excellent point; thanks for catching that goof.

> While this check is defined in section 15.6, would it be helpful
> to add a reference in section 18.1.3 explaining the reason for
> that constraint?

Hmm, I'm not sure if this case is that special, but the explanation
itself would surely be helpful.

					JINMEI, Tatuya
					Communication Platform Lab.
					Corporate R&D Center, Toshiba Corp.
					jinmei <at> isl.rdc.toshiba.co.jp

Bud Millwood | 4 Feb 2003 16:06

Re: Can a DHCPv4 server REPLY to non-standard port.

On Tuesday 04 February 2003 14.39, Vasu, Vallabhaneni wrote:

> This problem can happen even if the client uses the standard ports. All you
> need to do is write c code to generate different client id's (MAC or option
> 61). This issue is  being handled in RFC 3118.

We respond to the source port the client is using, but allow the administrator 
to override this at the server. It seemed like a bad idea to respond to a 
fixed port if no communication had been initiated from that port.

The best way to handle spoofing today, to my knowledge, is to use the trusted 
values found in option 82 for identifying the client. If your server supports 
resource limiting using option 82, and your relay agents support option 82, 
you should be fine.

Otherwise, some sort of pre-registration works, although that's a bit of a 
pain to manage.

Bud Millwood
Weird Solutions, Inc.
http://www.weird-solutions.com
tel: +46 8 758 3700
fax: +46 8 758 3687
mailto:budm <at> weird-solutions.com

Group

gmane.ietf.dhc.

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 22

Articles in period: 218

February 2003

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Source address in IP header for DHCPREQUEST generated during REBINDING (17 May 2013)
Mail regarding draft-ietf-dhc-dhcpv4-over-dhcpv6 (16 May 2013)
Echoing back options in server response (15 May 2013)
WG Adoption Call RESULT - draft-bhandari-dhc-access-network-identifier (13 May 2013)
draft-ietf-dhc-dhcpv6-stateful-issues-04.txt (13 May 2013)
I-D Action: draft-ietf-dhc-dhcpv6-stateful-issues-04.txt (13 May 2013)
I-D Action: draft-ietf-dhc-v4configuration-00.txt (13 May 2013)
[Technical Errata Reported] RFC6656 (3617) (9 May 2013)
WG Adoption Call Result - draft-lemon-dhc-topo-conf (6 May 2013)
I-D Action: draft-ietf-dhc-triggered-reconfigure-06.txt (6 May 2013)
WGLC Results for draft-ietf-dhc-dhcpv6-radius-opt-11 because of late I (3 May 2013)
draft-scskf-dhc-dhcpv4-over-dhcpv6-01 comments (2 May 2013)
WGLC Results - draft-ietf-dhc-option-guidelines-11 (2 May 2013)
RFC 6925 on The DHCPv4 Relay Agent Identifier Sub-Option (30 Apr 2013)
Currently Outstanding WGLC and Adoption Calls (29 Apr 2013)
WGLC Result - draft-ietf-dhc-container-opt-07 - Respond by 2013-04-28 (29 Apr 2013)
Biggest Fake Conference in Computer Science (27 Apr 2013)
Gen-art review: draft-ietf-dhc-triggered-reconfigure-05 (26 Apr 2013)
I-D Action: draft-ietf-dhc-dhcpv4-over-dhcpv6-00.txt (26 Apr 2013)
New version of draft-rajtar-dhc-v4configuration-02 posted (23 Apr 2013)
Failed WGLC summary for draft-ietf-dhc-dhcpv6-prefix-pool-opt (23 Apr 2013)

Archives

61	May 2013
207	April 2013
148	March 2013
120	February 2013
39	January 2013
116	December 2012
146	November 2012
147	October 2012
190	September 2012
157	August 2012
101	July 2012
25	June 2012
21	May 2012
124	April 2012
168	March 2012
80	February 2012
33	January 2012
108	December 2011
60	November 2011
97	October 2011
50	September 2011
46	August 2011
58	July 2011
47	June 2011
91	May 2011
35	April 2011
61	March 2011
9	February 2011
26	January 2011
51	December 2010
42	November 2010
146	October 2010
107	September 2010
155	August 2010
24	July 2010
27	June 2010
41	May 2010
44	April 2010
54	March 2010
232	February 2010
57	January 2010
33	December 2009
137	November 2009
120	October 2009
39	September 2009
24	August 2009
86	July 2009
27	June 2009
27	May 2009
91	April 2009
168	March 2009
60	February 2009
92	January 2009
114	December 2008
75	November 2008
205	October 2008
126	September 2008
123	August 2008
130	July 2008
29	June 2008
37	May 2008
38	April 2008
60	March 2008
63	February 2008
58	January 2008
160	December 2007
281	November 2007
109	October 2007
87	September 2007
149	August 2007
37	July 2007
76	June 2007
41	May 2007
43	April 2007
191	March 2007
146	February 2007
69	January 2007
39	December 2006
110	November 2006
92	October 2006
71	September 2006
95	August 2006
72	July 2006
148	June 2006
44	May 2006
33	April 2006
152	March 2006
123	February 2006
48	January 2006
67	December 2005
140	November 2005
130	October 2005
97	September 2005
46	August 2005
138	July 2005
96	June 2005
199	May 2005
36	April 2005
98	March 2005
111	February 2005
90	January 2005
74	December 2004
81	November 2004
76	October 2004
70	September 2004
200	August 2004
99	July 2004
57	June 2004
41	May 2004
161	April 2004
157	March 2004
192	February 2004
103	January 2004
67	December 2003
152	November 2003
239	October 2003
60	September 2003
50	August 2003
126	July 2003
78	June 2003
62	May 2003
53	April 2003
81	March 2003
206	February 2003
90	January 2003
46	December 2002
63	November 2002
109	October 2002
56	September 2002
54	August 2002
72	July 2002
66	June 2002
200	May 2002
68	April 2002
1	September 2000

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template