IETF Logo Mail Archive

Re: [dhcwg] Client Port Option?

Bud Millwood <budm@weird-solutions.com> Wed, 14 November 2007 14:28 UTC

Return-path: <dhcwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IsJEa-00057P-F4; Wed, 14 Nov 2007 09:28:52 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IsJEY-00053x-Lu for dhcwg@ietf.org; Wed, 14 Nov 2007 09:28:50 -0500
Received: from intermail.se.dataphone.net ([212.37.1.50]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IsJEX-0007ry-JC for dhcwg@ietf.org; Wed, 14 Nov 2007 09:28:50 -0500
Received: from [213.115.152.226] (account budm@weird-solutions.com HELO offset.weird.se) by intermail.se.dataphone.net (CommuniGate Pro SMTP 4.2) with ESMTP id 50895562; Wed, 14 Nov 2007 15:28:45 +0100
From: Bud Millwood <budm@weird-solutions.com>
Organization: Weird Solutions, Inc.
To: shane_kerr@isc.org, dhcwg@ietf.org
Subject: Re: [dhcwg] Client Port Option?
Date: Wed, 14 Nov 2007 14:44:08 +0100
User-Agent: KMail/1.8
References: <473991A0.2060009@isc.org> <200711132339.50550.budm@weird-solutions.com> <473B0002.9080902@isc.org>
In-Reply-To: <473B0002.9080902@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200711141444.08674.budm@weird-solutions.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 31247fb3be228bb596db9127becad0bc
Cc:
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Bud Millwood <budm@weird-solutions.com>
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Errors-To: dhcwg-bounces@ietf.org

On Wednesday 14 November 2007 15:02, Shane Kerr wrote:

> Bud Millwood wrote:
> > On Tuesday 13 November 2007 18:47, Shane Kerr wrote:
> >> Bud Millwood wrote:
> >>> On Tuesday 13 November 2007 13:02, Shane Kerr wrote:
> >>>> Shane Kerr wrote:
> >>>>> I think it might be useful for DHCP clients to use a different port,
> >>>>> other than 68/546.
> >>>>
> >>>> Hm... I just realized that I didn't explain the actual proposal. :(
> >>>>
> >>>> The idea is that if clients did want to use a different port, they
> >>>> would include an option with the port number when the sent a packet.
> >>>
> >>> We respond to whatever the source port was *by default*, and allow an
> >>> administrative override that forces responses to a particular dest port
> >>> (68 being the obvious choice). That way you can skip the need for a
> >>> client option.
> >>
> >> Interesting to hear that you do this by default. IMHO this should have
> >> been the defined behavior all along. I wonder why this wasn't corrected,
> >> at least for DHCPv6?
> >>
> >> I can't think of a way to change this in the protocol without potential
> >> pain. Still, maybe a hack is possible. Something like:
> >>
> >> - Send the first reply to the UDP port in the packet.
> >> - If a retransmission is detected, send the reply to port 68 and the UDP
> >> port in the packet.
> >
> > If the client used src port N, why would it not expect a reply on that
> > same port? It seems to me that a client that's straddling two ports - 68
> > for inbound and something else for outbound - is already on thin ice.
>
> Well, I agree, but happens to be the thin ice that the protocol defines as
> okay. :)
>
> I think that RFC 2131 is the only place where this is defined:
>
>    DHCP uses UDP as its transport protocol.  DHCP messages from a client
>    to a server are sent to the 'DHCP server' port (67), and DHCP
>    messages from a server to a client are sent to the 'DHCP client' port
>    (68). A server with multiple network address (e.g., a multi-homed
>    host) MAY use any of its network addresses in outgoing DHCP messages.
>
> >> This will cause extra packets and delay, but mostly for clients that
> >> send from a port other than 68 and expect a reply on port 68.
> >
> > Do you know of any clients that do this, or is this just debug code? And
> > if it's debug code, why not allow the server to respond to the client's
> > source port instead? That way you can transmit from as many source ports
> > as you want.
>
> I don't know of any clients that send from a port other than 68 and expect
> a reply on port 68. But if there are any, then they are following RFC 2131,
> and if we change the specification then they will break even though they do
> the right thing according to the RFC.
>
> I don't really know if there are clients that send from a port other than
> 68 at all. I guess from the server point of view it is "almost safe" to
> send back to the originating port. You have experience with this, since it
> is how your software operates - have you seen any problems with this in the
> field? Does anybody ever set the option to change from this behavior?

Originally we simply transmitted back to the source port, and I seem to recall 
having someone report that it was not strictly compliant behavior. That was 
many years ago, and IIRC it was an engineer writing in-house debug code. I'm 
not aware of anyone that's asked how to configure the server to enforce 
strict dest-port compliance since then, and our default is still to transmit 
to the source port. So in practice, for us, it hasn't been an issue at all if 
you discount the original report.

There's always the possibility that a user has figured out how to enforce 
dest-port compliance without asking, though.

> Maybe the best thing is just to set it as a non-standard option in our
> server...

If you make it an option that defaults to the opposite of ours, your behavior 
doesn't change, but you get the same flexibility.

- Bud

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email