IETF Logo Mail Archive

Re: [dhcwg] Renumbering DNS with stateless DHCPv6 - bug?

Stig Venaas <Stig.Venaas@uninett.no> Thu, 13 November 2003 22:07 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23398 for <dhcwg-archive@odin.ietf.org>; Thu, 13 Nov 2003 17:07:30 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKPcN-0001u3-Mv for dhcwg-archive@odin.ietf.org; Thu, 13 Nov 2003 17:07:12 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hADM7BJ8007293 for dhcwg-archive@odin.ietf.org; Thu, 13 Nov 2003 17:07:11 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKPcN-0001tQ-7B for dhcwg-web-archive@optimus.ietf.org; Thu, 13 Nov 2003 17:07:11 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23228 for <dhcwg-web-archive@ietf.org>; Thu, 13 Nov 2003 17:06:56 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AKPcI-0006Hz-00 for dhcwg-web-archive@ietf.org; Thu, 13 Nov 2003 17:07:07 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AKPcI-0006Hu-00 for dhcwg-web-archive@ietf.org; Thu, 13 Nov 2003 17:07:06 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKPcJ-0001qP-I9; Thu, 13 Nov 2003 17:07:07 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKPDS-0000KA-KR for dhcwg@optimus.ietf.org; Thu, 13 Nov 2003 16:41:26 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA22104 for <dhcwg@ietf.org>; Thu, 13 Nov 2003 16:41:14 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AKPDQ-0005rB-00 for dhcwg@ietf.org; Thu, 13 Nov 2003 16:41:24 -0500
Received: from tyholt.uninett.no ([158.38.60.10]) by ietf-mx with esmtp (Exim 4.12) id 1AKPDQ-0005qp-00 for dhcwg@ietf.org; Thu, 13 Nov 2003 16:41:24 -0500
Received: from sverresborg.uninett.no (sverresborg.uninett.no [IPv6:2001:700:e000:0:204:75ff:fee4:423b]) by tyholt.uninett.no (8.12.10/8.12.10) with ESMTP id hADLempI000798; Thu, 13 Nov 2003 22:40:48 +0100
Received: from sverresborg.uninett.no (localhost.localdomain [127.0.0.1]) by sverresborg.uninett.no (8.12.8/8.12.9) with ESMTP id hADLemR7020468; Thu, 13 Nov 2003 22:40:48 +0100
Received: (from venaas@localhost) by sverresborg.uninett.no (8.12.8/8.12.8/Submit) id hADLelZg020467; Thu, 13 Nov 2003 22:40:47 +0100
X-Authentication-Warning: sverresborg.uninett.no: venaas set sender to Stig.Venaas@uninett.no using -f
Date: Thu, 13 Nov 2003 22:40:47 +0100
From: Stig Venaas <Stig.Venaas@uninett.no>
To: Vijayabhaskar A K <vijayak@india.hp.com>
Cc: Tim Chown <tjc@ecs.soton.ac.uk>, dnsop@cafax.se, dhcwg@ietf.org
Subject: Re: [dhcwg] Renumbering DNS with stateless DHCPv6 - bug?
Message-ID: <20031113214047.GA20420@sverresborg.uninett.no>
References: <20031113191145.GS3473@login.ecs.soton.ac.uk> <3FB3E69E.4060705@india.hp.com> <20031113205538.GA20348@sverresborg.uninett.no> <3FB3F6C0.2050205@india.hp.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <3FB3F6C0.2050205@india.hp.com>
User-Agent: Mutt/1.4.1i
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>

On Fri, Nov 14, 2003 at 02:55:20AM +0530, Vijayabhaskar A K wrote:
> An intruder relay can trigger the clients to initiate the renewal of 
> config info by sending the reconfigure message, leading to flooding of 
> dhcp packets from all the dhcpv6 client nodes and DoS attack on the 
> server... Thats the reason why Reconfigure message needs to be 
> authenticated...

Ah ok, I see. One could possibly do authentication for multicasted
messages too, but the current authentication method wouldn't work
I think.

Stig

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email