IETF Logo Mail Archive

[dhcwg] Re: DHCP behind NAT

Bernard Dugas <bernard.dugas@is-production.com> Wed, 29 August 2001 09:42 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA18883; Wed, 29 Aug 2001 05:42:39 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id FAA26877; Wed, 29 Aug 2001 05:41:24 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id FAA26852 for <dhcwg@ns.ietf.org>; Wed, 29 Aug 2001 05:41:22 -0400 (EDT)
Received: from mail.span.ch (mail.span.ch [144.85.10.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA18830; Wed, 29 Aug 2001 05:39:59 -0400 (EDT)
Received: from is-production.com (unknown [144.85.4.122]) by mail.span.ch (Postfix) with ESMTP id 18E42388C5; Wed, 29 Aug 2001 11:41:05 +0200 (MEST)
Message-ID: <3B8CB6A1.FA7237D7@is-production.com>
Date: Wed, 29 Aug 2001 11:32:17 +0200
From: Bernard Dugas <bernard.dugas@is-production.com>
Organization: Originale
X-Mailer: Mozilla 4.75 [fr] (WinNT; U)
X-Accept-Language: fr,en
MIME-Version: 1.0
To: ietf-web@ietf.org, Ralph Droms <rdroms@cisco.com>, michael.patrick@motorola.com, dhcwg@ietf.org
References: <3B8659B5.59E7AD2@is-production.com>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Content-Transfer-Encoding: 8bit
Subject: [dhcwg] Re: DHCP behind NAT
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <dhcwg.ietf.org>
X-BeenThere: dhcwg@ietf.org
Content-Transfer-Encoding: 8bit

Hello,

I've had no comment on that. Is it the right procedure ?

The patch is loadable at http://www.is-pronet.com/download/, with the
original version and the patched version of ISC dhcpd we were using.

Best regards, and thanks for help of mailing lists and open source
process ! 

Bernard Dugas a écrit :
> 
> Hi,
> 
> I have a comment to do on both RFC :
> - Dynamic Host Configuration Protocol (RFC 2131);
> - DHCP Relay Agent Information Option (RFC 3046).
> 
> I couldn't find in these RFC's any mention of the possibility of a DHCP
> client being on a subnet behind some NAT device like a router.
> 
> NAT is used quite often, specially in the kind of network represented in
> RFC3046 Figure 1 page 3, with network clients behind modems.
> 
> Even more, it seems that the behaviour described by RFC2131
> is preventing a dhcp server to answer to a client behind a NAT.
> 
> 3 problems have been identified :
> - PB1) In the case of a unicast DISCOVER, with a relay involved, the
> DHCP
> server is answering to the ip address of the relay (giaddr field). In a
> non-NAT context, the giaddr is the same that the source ip address of
> the DISCOVER packet. But with NAT, the DHCP server MUST answer to the IP
> source address of the DISCOVER packet. This problem may happen also in
> other requests.
> 
> cf. "  If the 'giaddr' field in a DHCP message from a client is
> non-zero,
>    the server sends any return messages to the 'DHCP server' port on the
>    BOOTP relay agent whose address appears in 'giaddr'. "
> in :
> " Droms                       Standards Track                    [Page
> 23]
> RFC 2131          Dynamic Host Configuration Protocol         March 1997
> "
> 
> - PB2) The same apply for to UDP port of the OFFER packet : it should be
> the udp port of the IP source address of the DISCOVER packet, because
> NAT may have changed the port too ;
> 
> - PB3) The DHCP server is issuing a ICMP echo on client address before
> answering with the OFFER. In a NAT context, the echo can't go on the
> client subnet. The RELAY should do the ping before relaying the OFFER.
> 
> To illustrate the PB1, I can send you a patch on ISC dhcp 3.0.RC11,
> which allow our DHCP server to answer to clients behind NAT.
> 
> I would be very grateful to have an answer on these problems. Thanks a
> lot.

-- 

 __________ Bernard DUGAS ________________________________________
|                                                                 |
|  Technoparc Pays de Gex  mailto:bernard.dugas@is-production.com |
|  30 Rue Auguste Piccard           Tel.: +33 450 205 105         |
| FR 01630 St Genis Pouilly         Fax : +33 450 205 106         |
|_________________________________________________________________|

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
http://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email