IETF Logo Mail Archive

Re: [dhcwg] Renumbering DNS with stateless DHCPv6 - bug?

Vijayabhaskar A K <vijayak@india.hp.com> Thu, 13 November 2003 21:26 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA21446 for <dhcwg-archive@odin.ietf.org>; Thu, 13 Nov 2003 16:26:28 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKOyf-0007cD-Jk for dhcwg-archive@odin.ietf.org; Thu, 13 Nov 2003 16:26:10 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hADLQ9Ad029273 for dhcwg-archive@odin.ietf.org; Thu, 13 Nov 2003 16:26:09 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKOyf-0007c4-Fr for dhcwg-web-archive@optimus.ietf.org; Thu, 13 Nov 2003 16:26:09 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA21401 for <dhcwg-web-archive@ietf.org>; Thu, 13 Nov 2003 16:25:57 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AKOyd-0005cb-00 for dhcwg-web-archive@ietf.org; Thu, 13 Nov 2003 16:26:07 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AKOyd-0005cY-00 for dhcwg-web-archive@ietf.org; Thu, 13 Nov 2003 16:26:07 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKOyX-0007aa-8B; Thu, 13 Nov 2003 16:26:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AKOy6-0007Vb-Gj for dhcwg@optimus.ietf.org; Thu, 13 Nov 2003 16:25:34 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA21360 for <dhcwg@ietf.org>; Thu, 13 Nov 2003 16:25:22 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AKOy4-0005az-00 for dhcwg@ietf.org; Thu, 13 Nov 2003 16:25:32 -0500
Received: from atlrel7.hp.com ([156.153.255.213]) by ietf-mx with esmtp (Exim 4.12) id 1AKOy4-0005aw-00 for dhcwg@ietf.org; Thu, 13 Nov 2003 16:25:32 -0500
Received: from iconsrv5.india.hp.com (iconsrv5.india.hp.com [15.42.229.13]) by atlrel7.hp.com (Postfix) with ESMTP id 46DC71C02C2B; Thu, 13 Nov 2003 16:25:28 -0500 (EST)
Received: from india.hp.com (nt23056.india.hp.com [15.42.230.56]) by iconsrv5.india.hp.com (8.9.3 (PHNE_29774)/8.9.3 SMKit7.02) with ESMTP id CAA24294; Fri, 14 Nov 2003 02:54:11 +0530 (IST)
Message-ID: <3FB3F6C0.2050205@india.hp.com>
Date: Fri, 14 Nov 2003 02:55:20 +0530
From: Vijayabhaskar A K <vijayak@india.hp.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031014 Thunderbird/0.3
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Stig Venaas <Stig.Venaas@uninett.no>
Cc: Tim Chown <tjc@ecs.soton.ac.uk>, dnsop@cafax.se, dhcwg@ietf.org
Subject: Re: [dhcwg] Renumbering DNS with stateless DHCPv6 - bug?
References: <20031113191145.GS3473@login.ecs.soton.ac.uk> <3FB3E69E.4060705@india.hp.com> <20031113205538.GA20348@sverresborg.uninett.no>
In-Reply-To: <20031113205538.GA20348@sverresborg.uninett.no>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

Stig Venaas wrote:

>On Fri, Nov 14, 2003 at 01:46:30AM +0530, Vijayabhaskar A K wrote:
>  
>
>>I guess, "stateless" means the server doesn't need to maintain the 
>>lifetime of the configuration information it has assigned to the clients 
>>and it doesn't mean that it doesn't need to maintain the information 
>>about the clients..
>>    
>>
>
>But it's certainly an advantage not having too.
>  
>
Considering the disadvantages due to mutlicast reconfigure, the gain is 
less...

>  
>
>>The proposal of sending multicast reconfigure message was discussed, but 
>>it was dropped as its very difficult to achieve multicast security and 
>>reconfigure mechanism mandates auth...
>>    
>>
>
>You could have DHCP server multicast reconfigure to relays, that then
>use link-scope multicast to send reconfiguration to the clients. DHCP
>server could also possibly have a list of relays and use unicast to
>the relays.
>
>Security shouldn't be a problem I think, you're only asking clients to
>send requests, you're not giving the clients any config information.
>  
>
An intruder relay can trigger the clients to initiate the renewal of 
config info by sending the reconfigure message, leading to flooding of 
dhcp packets from all the dhcpv6 client nodes and DoS attack on the 
server... Thats the reason why Reconfigure message needs to be 
authenticated...

Vijay

-- 
__________________________________________________________
Vijayabhaskar A K            Phone : +91-80-2053085
Hewlett Packard              Mobile: +91-9845241382
29 Cunningham Road           Telnet: 847-3085
Bangalore 52                 Email : vijayak@india.hp.com

Until you have the courage to lose sight of the shore,
you will not know the terror of being forever lost at sea.
 __________________________________________________________




_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email