Re: [dhcwg] Re: Last Call: DHCP Domain Search Option to Proposed Standard

John Schnizlein <> Sat, 29 September 2001 01:39 UTC

Received: from ( [] (may be forged)) by (8.9.1a/8.9.1a) with ESMTP id VAA29523; Fri, 28 Sep 2001 21:39:02 -0400 (EDT)
Received: from (localhost []) by (8.9.1a/8.9.1) with ESMTP id VAA29578; Fri, 28 Sep 2001 21:37:41 -0400 (EDT)
Received: from (odin []) by (8.9.1a/8.9.1) with ESMTP id VAA29554 for <>; Fri, 28 Sep 2001 21:37:39 -0400 (EDT)
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id VAA29513 for <>; Fri, 28 Sep 2001 21:37:32 -0400 (EDT)
Received: from ( []) by (8.8.6 (PHNE_14041)/CISCO.SERVER.1.2) with ESMTP id SAA13698; Fri, 28 Sep 2001 18:36:58 -0700 (PDT)
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Fri, 28 Sep 2001 15:52:57 -0400
To: Thomas Narten <>
From: John Schnizlein <>
Subject: Re: [dhcwg] Re: Last Call: DHCP Domain Search Option to Proposed Standard
Cc: Keith Moore <>,
In-Reply-To: <>
References: <Message of "Thu, 27 Sep 2001 15:32:42 EDT." <>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <>

At 02:34 PM 9/28/2001, Thomas Narten wrote:
>There is a general issue of when should (and shouldn't) a DHCP-learned
>option override a manually configured one. My guess is that
>DHCP-learned options generally do not override manually configured
>ones. But I suspect that this is all considered implementation
>specific. Can other DHC WG members comment? 

Since there is at least one widespread case in which DHCP-learned 
options MUST override manually configured ones, it would be wrong to
prohibit it. The case is acquiring (through DCHP) the addresses of 
DNS servers when connecting to a VPN. The DNS servers able to resolve
private names are often not available to the general Internet, but
necessary once the host's traffic tunnels behind the firewall. Using
DHCP both before and after establishing the tunnel does not work with
cable-access that requires an enterprise-incompatible host-name to
validate DHCP requests.

>What do existing RFCs say about this point?
>Would it suffice to add some language stating that 
>*** in the case of this option, *** [emphasis added]
>it should not override a manually configured search list?

Separate from the case above (and possibly the general case),
the order in which domain suffixes are applied is not critical to
operation, but could lead to wasteful time-outs.


dhcwg mailing list