RE: [dhcwg] Leasequery: should it be standardized?
"Barr Hibbs" <rbhibbs@pacbell.net> Fri, 28 February 2003 00:14 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA28538 for <dhcwg-archive@odin.ietf.org>; Thu, 27 Feb 2003 19:14:42 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h1S0Otn00958 for dhcwg-archive@odin.ietf.org; Thu, 27 Feb 2003 19:24:55 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h1S0Otp00955 for <dhcwg-web-archive@optimus.ietf.org>; Thu, 27 Feb 2003 19:24:55 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA28532 for <dhcwg-web-archive@ietf.org>; Thu, 27 Feb 2003 19:14:10 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h1S0NAp00930; Thu, 27 Feb 2003 19:23:10 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h1S0MRp00901 for <dhcwg@optimus.ietf.org>; Thu, 27 Feb 2003 19:22:27 -0500
Received: from smtp017.mail.yahoo.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA28480 for <dhcwg@ietf.org>; Thu, 27 Feb 2003 19:11:42 -0500 (EST)
Received: from adsl-64-169-89-92.dsl.snfc21.pacbell.net (HELO BarrH63p601) (rbhibbs@pacbell.net@64.169.89.92 with login) by smtp.mail.vip.sc5.yahoo.com with SMTP; 28 Feb 2003 00:15:38 -0000
Reply-To: rbhibbs@pacbell.net
From: Barr Hibbs <rbhibbs@pacbell.net>
To: dhcwg@ietf.org
Subject: RE: [dhcwg] Leasequery: should it be standardized?
Date: Thu, 27 Feb 2003 16:15:28 -0800
Message-ID: <JCELKJCFMDGAKJCIGGPNMEFCFBAA.rbhibbs@pacbell.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
In-Reply-To: <4.3.2.7.2.20030226120723.025d5628@goblet.cisco.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Importance: Normal
Content-Transfer-Encoding: 7bit
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Kim-- I agree that the proposed leasequery mechanism is of value for refreshing stateless devices such as access concentrators, relay agents, and others. I further agree that using the existing BOOTP packet layout as the framework for requesting and supplying information is appropriate. I do have a few nits with the draft, however. The position of the "R" bit flag needs to be identified, or at least, proposed. Selectively quoting from the -04 draft: 3. Background The focus of this document is to enable access concentrators to send DHCPLEASEQUERY messages to DHCP servers, to obtain location information of broadband access network devices. 5. Protocol Overview The access concentrator initiates all DHCPLEASEQUERY message conversations. 7. Security Considerations Access concentrators SHOULD minimize potential denial of service attacks on the DHCP servers by minimizing the generation of DHCPLEASEQUERY messages. These three excerpts suggest, but do not mandate, that a leasequery exchange is solely between the access concentrator and server. Two issues with this: (1) I have a mild objection to using the term "access concentrator" solely because that is not a component of the DHCP model environment, which consists of clients, servers, and relay agents. Since your proposed definition states that an access concentrator must contain relay agent functionality, why not just call it a relay agent? (2) There is no language prohibiting forwarding of leasequery messages from a downstream device, presumably because relay agents are often cascaded when constructing large networks. This suggests that dhcp clients or other network hosts may originate leasequery messages: a relay agent must forward the messages because there is no mechanism defined to prevent this. Hence, a potential Denial of Service attack, initiated by a rogue client or other rogue host. Note that I don't have any suggestions short of the use of DHCP Authentication to prevent this. A more general question arises with respect to the "R" flag. Why is it important to know if the IP to MAC or IP to Client Identifier mappings exist(ed) because of a reservation? If a reservation exists, but the server has not had a protocol exchange with the client, the server would respond with DHCPLEASEKNOWN, and if queried for the IP Address Lease Time, the server could respond with an all-ones entry (signifying infinite). I also contend that an unused reservation should not receive a DHCPLEASEACTIVE reply as that somewhat misstates the circumstances. For your information, Glenn and I will be submitting the -08 draft of the DHCPv4 server MIB prior to the San Francisco meeting. In the [hopefully final] draft there is a table defined, the dhcpv4ServerClientTable, that contains the IP address, last client request type and time of request, and the last server response type, indexed by the 3-tuple, 'hlen,' 'htype,' and 'chaddr.' There is a second table, the dhcpv4ServerAddressTable, that contains the lease type (static, dynamic, expired, reserved, unusable), allowed and served protocol, physical address, client identifier, host name, and domain name, indexed by the IP address. So, while this covers the same information (and more) as the proposed leasequery option, it is much less usable for lightweight inquiries. --Barr _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] lease query question Thomas Narten
- Re: [dhcwg] lease query question Kim Kinnear
- Re: [dhcwg] lease query question Thomas Narten
- RE: [dhcwg] lease query question Cosmo, Patrick
- Re: [dhcwg] lease query question Thomas Narten
- Re: [dhcwg] lease query question Kim Kinnear
- Re: [dhcwg] lease query question Ralph Droms
- Re: [dhcwg] lease query question Kim Kinnear
- Re: [dhcwg] lease query question Thomas Narten
- Re: [dhcwg] lease query question Kim Kinnear
- [dhcwg] Leasequery: should it be standardized? Kim Kinnear
- Re: [dhcwg] Leasequery: should it be standardized? Ted Lemon
- Re: [dhcwg] Leasequery: should it be standardized? Thomas Narten
- Re: [dhcwg] Leasequery: should it be standardized? Kim Kinnear
- RE: [dhcwg] Leasequery: should it be standardized? Kevin A. Noll
- RE: [dhcwg] Leasequery: should it be standardized? Kevin A. Noll
- RE: [dhcwg] Leasequery: should it be standardized? Barr Hibbs
- Re: [dhcwg] Leasequery: should it be standardized? Richard Johnson