Re: [dhcwg] What sorts of services does DHCP configure?

[Mikael Abrahamsson <swmike@swm.pp.se>]

On Mon, 14 Oct 2013, Ted Lemon wrote:

> I am going to make a claim, and I would like the working group to tell 
> me whether they agree with or disagree with this claim.  My claim is 
> that DHCP doesn't make sense for configuring node-specific services. 
> There may be edge cases where a node-specific service can be configured 
> using DHCP, but DHCP isn't the right service to be used in this 
> case—it's used in this case because there is no better alternative, not 
> because DHCP is a good alternative.  And while there may be edge cases 
> where configuring a particular node-specific service using DHCP makes 
> sense, there will be many more cases where using DHCP to configure that 
> same service would not only not work, but would probably create serious 
> security vulnerabilities.

I agree. In my view DHCP should be used to bootstrap stuff, give you 
information to be able to communicate on the network and know where to go 
to learn more.

So outgoing non-authenticated SMTP server could go into DHCP, IMAP 
account information should not. SMTP server will change with location, 
IMAP account information does not (just as you say).

So in your SIP phone example case, there should be DHCP options to tell it 
where to go to talk to the configuration system, and additional 
information it might need in order to do this.

The Netconf/YANG guys are working on zeroconf draft in order to do this 
kind of bootstrapping, but I can imagine that there will be opposition to 
this method because people are used to have the DHCP client configure 
resolv.conf or NTP or whatever, and bringing in other methods will be 
uphill struggle because of added complexity. In the long run, I think a 
unified method is probably best though.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se