draft-ietf-dhc-agent-subnet-selection-04.txt   rfc3527.txt 
Network Working Group Kim Kinnear Network Working Group K. Kinnear
INTERNET DRAFT Mark Stapp Request for Comments: 3527 M. Stapp
Richard Johnson Category: Standards Track R. Johnson
Jay Kumarasamy J. Kumarasamy
Cisco Systems Cisco Systems
April 2003
October 2002
Expires April 2003
Link Selection sub-option Link Selection sub-option
for the Relay Agent Information Option for DHCPv4 for the Relay Agent Information Option for DHCPv4
<draft-ietf-dhc-agent-subnet-selection-04.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document specifies an Internet standards track protocol for the
all provisions of Section 10 of RFC2026. Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Internet-Drafts are working documents of the Internet Engineering Official Protocol Standards" (STD 1) for the standardization state
Task Force (IETF), its areas, and its working groups. Note that and status of this protocol. Distribution of this memo is unlimited.
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved. Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract Abstract
In RFC 2131, the giaddr specifies an IP address which determines both This document describes the link selection sub-option of the relay-
a subnet and thereby a link on which a DHCP client resides as well as agent-information option for the Dynamic Host Configuration Protocol
an IP address which can be used to communicate with the relay agent. (DHCPv4). The giaddr specifies an IP address which determines both a
The subnet-selection option [RFC 3011] allows these functions of the subnet, and thereby a link on which a Dynamic Host Configuration
giaddr to be split so that when one entity is performing as a DHCP Protocol (DHCP) client resides as well as an IP address that can be
proxy, it can specify the subnet/link from which to allocate an IP used to communicate with the relay agent. The subnet-selection
address which is different from the IP address with which it desires option allows the functions of the giaddr to be split so that when
to communicate with the DHCP server. Analogous situations exist one entity is performing as a DHCP proxy, it can specify the
where the relay agent needs to specify the subnet/link on which a subnet/link from which to allocate an IP address, which is different
DHCP client resides which is different from an IP address which can from the IP address with which it desires to communicate with the
be used to communicate with the relay agent. The link-selection DHCP server. Analogous situations exist where the relay agent needs
sub-option (specified here) of the relay-agent-information option to specify the subnet/link on which a DHCP client resides, which is
allows a relay agent to do this. different from an IP address that can be used to communicate with the
relay agent.
1. Introduction 1. Introduction
In RFC 2131, the giaddr specifies and IP address which determines a In RFC 2131, the giaddr specifies an IP address which determines a
subnet (and from there a link) on which a DHCP client resides as well subnet (and from there a link) on which a DHCP client resides as well
as an IP address which can be used to communicate with the relay as an IP address which can be used to communicate with the relay
agent. The subnet-selection option [RFC 3011] allows these functions agent. The subnet-selection option [RFC 3011] allows these functions
of the giaddr to be split so that when one entity is performing as a of the giaddr to be split, so that when one entity is performing as a
DHCP proxy, it can specify the subnet/link from which to allocate an DHCP proxy, it can specify the subnet/link from which to allocate an
IP address which is different from the IP address with which it IP address that is different from the IP address with which it
desires to communicate with the DHCP server. desires to communicate with the DHCP server.
Analgous situations exist where the relay agent needs to specify the Analogous situations exist where the relay agent needs to specify the
subnet/link on which a DHCP client resides which is different from an subnet/link on which a DHCP client resides, which is different from
IP address which can be used to communicate with the relay agent. an IP address that can be used to communicate with the relay agent.
Consider the following architecture: Consider the following architecture:
+--------+ +---------------+ +--------+ +---------------+
| DHCP | IP x| |IP y | DHCP | IP x| |IP y
| Server |-.......-| Relay Agent |----+------------+ | Server |-.......-| Relay Agent |----+------------+
+--------+ | | | | +--------+ | | | |
+---------------+ | +------+ +---------------+ | +------+
| |Modem | | |Modem |
| +------+ | +------+
| | | | | |
+-----+ +-----+ +-----+ +-----+ +-----+ +-----+
|Host1| |Host2| |Host3| |Host1| |Host2| |Host3|
+-----+ +-----+ +-----+ +-----+ +-----+ +-----+
In the usual approach, the relay agent would put IP address Y into In the usual approach, the relay agent would put IP address Y into
the giaddr of any packets that it forwarded to the DHCP server. How- the giaddr of any packets that it forwarded to the DHCP server.
ever, if for any reason IP address Y is not accessible from the DHCP However, if for any reason, IP address Y is not accessible from the
server, then this usual approach will fail. There are several rea- DHCP server, this approach will fail. There are several reasons why
sons why IP y might be inaccessible from the DHCP server: IP y might be inaccessible from the DHCP server:
o There might be some firewall capability in the network element o There might be some firewall capability in the network element
in which the relay agent resides that does not allow the DHCP in which the relay agent resides that does not allow the DHCP
server to access the relay agent via IP y. server to access the relay agent via IP y.
o There might not be an IP y. An example would be the case where o There might not be an IP y. An example would be the case where
there was only one host and this was a point to point link. there was only one host and this was a point to point link.
In any of these or other cases, the relay agent needs to be able to In any of these or other cases, the relay agent needs to be able to
communicate to the DHCP server the subnet/link from which to allocate communicate to the DHCP server the subnet/link from which to allocate
an IP address. The IP address which will communicate to the DHCP an IP address. The IP address, which will communicate to the DHCP
server the subnet/link information cannot be used as a way to commun- server the subnet/link information, cannot be used as a way to
icate between the DHCP server and the relay agent. communicate between the DHCP server and the relay agent.
Since the relay agent can modify the client's DHCP DHCPREQUEST in Since the relay agent can modify the client's DHCP DHCPREQUEST in
only two ways: the giaddr and the relay-agent-info option, there is only two ways, the giaddr and the relay-agent-info option, there is a
thus a need to extend the relay-agent-info option with a new sub- need to extend the relay-agent-info option with a new sub-option, the
option, the link-selection sub-option, to allow separation of the link-selection sub-option, to allow separation of the specification
specification of the subnet/link from the IP address to use when com- of the subnet/link from the IP address to use when communicating with
municating with the relay agent. the relay agent.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC 2119]. document are to be interpreted as described in BCP 14, RFC 2119 [RFC
2119].
This document uses the following terms: This document uses the following terms:
o "DHCP client" o "DHCP client"
A DHCP client is an Internet host using DHCP to obtain confi- A DHCP client is an Internet host using DHCP to obtain
guration parameters such as a network address. configuration parameters such as a network address.
o "DHCP relay agent" o "DHCP relay agent"
A DHCP relay agent is a third-party agent that transfers BOOTP A DHCP relay agent is a third-party agent that transfers BOOTP
and DHCP messages between clients and servers residing on dif- and DHCP messages between clients and servers residing on
ferent subnets, per [RFC 951] and [RFC 1542]. different subnets, per [RFC 951] and [RFC 1542].
o "DHCP server" o "DHCP server"
A DHCP server is an Internet host that returns configuration A DHCP server is an Internet host that returns configuration
parameters to DHCP clients. parameters to DHCP clients.
o "link" o "link"
A link is a communications facility or medium over which nodes A link is a communications facility or medium over which nodes
can communicate at the link layer, i.e., the layer immediately can communicate at the link layer, i.e., the layer immediately
below IPv4. Examples are Ethernets (simple or bridged); PPP below IPv4. Examples are Ethernets (simple or bridged); PPP
links; X.25, Frame Relay, or ATM networks; and internet (or links; X.25, Frame Relay, or ATM networks; and internet (or
higher) layer "tunnels" such as tunnels over IPv4 or IPv6 higher) layer "tunnels", such as tunnels over IPv4 or IPv6
itself. itself.
o "subnet" o "subnet"
A subnet (for the purposes of this document) consists on a rout- A subnet (for the purposes of this document) consists of a
able address range. It may be one of several that exist on a routable address range. It may be one of several that exist on
link at the same time. a link at the same time.
3. Link selection sub-option definition 3. Link selection sub-option definition
The link-selection sub-option is used by any DHCP relay agent which The link-selection sub-option is used by any DHCP relay agent that
desires to specify a subnet/link for a DHCP client request that it is desires to specify a subnet/link for a DHCP client request that it is
relaying but needs the subnet/link specification to be different from relaying but needs the subnet/link specification to be different from
the IP address the DHCP server should use when communicating with the the IP address the DHCP server should use when communicating with the
relay agent. relay agent.
The sub-option contains a single IP address that is an address con- The sub-option contains a single IP address that is an address
tained in a subnet. The value for the subnet address is determined by contained in a subnet. The value for the subnet address is determined
taking any IP address on the subnet and ANDing that address with the by taking any IP address on the subnet and ANDing that address with
subnet mask (i.e.: the network and subnet bits are left alone and the the subnet mask (i.e., the network and subnet bits are left alone and
remaining (address) bits are set to zero). This determines a single the remaining (address) bits are set to zero). This determines a
subnet, and when allocating an IP address, all of the other related single subnet, and when allocating an IP address, all of the other
subnets on the same link will also be considered in the same way as related subnets on the same link will also be considered in the same
currently specified for the processing of the giaddr in [RFC 2131, way as currently specified for the processing of the giaddr in [RFC
Section 4.3.1, first group of bullets, bullet 4]. 2131, Section 4.3.1, first group of bullets, bullet 4].
In scenarios where this sub-option is needed the relay agent adds it In scenarios where this sub-option is needed, the relay agent adds it
whenever it sets the giaddr value (i.e., on all messages relayed to whenever it sets the giaddr value (i.e., on all messages relayed to
the DHCP server). the DHCP server).
When the DHCP server is allocating an address and this sub-option is When the DHCP server is allocating an address and this sub-option is
present then the DHCP server MUST allocate the address on either: present, then the DHCP server MUST allocate the address on either:
o the subnet specified in the link-selection sub-option, or; o the subnet specified in the link-selection sub-option, or;
o a subnet on the same link (also known as a network segment) as o a subnet on the same link (also known as a network segment) as
the subnet specified by the link-selection sub-option. the subnet specified by the link-selection sub-option.
The format of the sub-option is: The format of the sub-option is:
SubOpt Len subnet IP address SubOpt Len subnet IP address
+------+------+------+------+------+------+ +------+------+------+------+------+------+
| TBD | 4 | a1 | a2 | a3 | a4 | | 5 | 4 | a1 | a2 | a3 | a4 |
+------+------+------+------+------+------+ +------+------+------+------+------+------+
A relay agent which uses this sub-option MUST assume that the server A relay agent which uses this sub-option MUST assume that the server
receiving the sub-option supports the sub-option and used the infor- receiving the sub-option supports the sub-option and uses the
mation available in the sub-option to correctly allocate an IP information available in the sub-option to correctly allocate an IP
address. A relay agent which uses this sub-option MUST NOT take dif- address. A relay agent which uses this sub-option MUST NOT take
ferent actions based on whether this sub-option appears or does not different actions based on whether this sub-option appears or does
appear in the response packet from the server. not appear in the response packet from the server.
It is important to ensure using administrative techniques that any It is important to ensure, using administrative techniques, that any
relay agent employing this sub-option is directed to only send pack- relay agent employing this sub-option is directed to only send
ets to a server which supports this sub-option. packets to a server that supports this sub-option.
Support for this sub-option does not require changes to operations or Support for this sub-option does not require changes to operations or
features of the DHCP server other than to select the subnet (and features of the DHCP server other than to select the subnet (and
link) on which to allocate an address. For example, the handling of link) on which to allocate an address. For example, the handling of
DHCPDISCOVER for an unknown subnet should continue to operate DHCPDISCOVER for an unknown subnet should continue to operate
unchanged. unchanged.
In the event that a DHCP server receives a packet which contains both In the event that a DHCP server receives a packet that contains both
a subnet-selection option [RFC 3011] as well as a link-selection a subnet-selection option [RFC 3011], as well as a link-selection
sub-option, the information contained in the link-selection sub- sub-option, the information contained in the link-selection sub-
option MUST be used to control the allocation of an IP address in option MUST be used to control the allocation of an IP address in
preference to the information contained in the subnet-selection preference to the information contained in the subnet-selection
option. option.
When this sub-option is present and the server supports this sub- When this sub-option is present and the server supports this sub-
option, the server MUST NOT offer an address that is not on the option, the server MUST NOT offer an address that is not on the
requested subnet or the link (network segment) with which that subnet requested subnet or the link (network segment) with which that subnet
is associated. is associated.
The IP address to which a DHCP server sends a reply MUST be the same The IP address to which a DHCP server sends a reply MUST be the same
as it would choose when this sub-option is not present. as it would choose when this sub-option is not present.
4. Security Considerations 4. Security Considerations
Potential attacks on DHCP are discussed in section 7 of the DHCP pro- Potential attacks on DHCP are discussed in section 7 of the DHCP
tocol specification [RFC 2131], as well as in the DHCP authentication protocol specification [RFC 2131], as well as in the DHCP
specification [RFC 3118]. authentication specification [RFC 3118].
The link-selection sub-option allows a relay agent to specify the The link-selection sub-option allows a relay agent to specify the
subnet/link on which to allocate an address for a DHCP client. Given subnet/link on which to allocate an address for a DHCP client. Given
that the subnet-selection option already exists [RFC 3011], no funda- that the subnet-selection option already exists [RFC 3011], no
mental new security issues are raised by the existence of the link- fundamental new security issues are raised by the existence of the
selection sub-option specified in this document beyond those implied link-selection sub-option specified in this document beyond those
by the subnet-selection option [RFC 3011]. implied by the subnet-selection option [RFC 3011].
The existance of either the subnet-selection option or link-selection The existence of either the subnet-selection option or link-selection
sub-option documented here would allow a malicious DHCP client to sub-option documented here would allow a malicious DHCP client to
perform a more complete address-pool exhaustion attack than could be perform a more complete address-pool exhaustion attack than could be
performed without the use of these options, since the client would no performed without the use of these options, since the client would no
longer be restricted to attacking address-pools on just its local longer be restricted to attacking address-pools on just its local
subnet. subnet.
There is some minor protection against this form of attack using this There is some minor protection against this form of attack using this
sub-option that is not present for the subnet-selection option, in sub-option that is not present for the subnet-selection option, in
that a trusted relay agent which supports the relay-agent-info option that a trusted relay agent that supports the relay-agent-info option
MUST discard a packet it receives with a zero giaddr and a relay- MUST discard a packet it receives with a zero giaddr and a relay-
agent-info option when that packet arrives on an "untrusted" circuit agent-info option when that packet arrives on an "untrusted" circuit
[RFC 3046, section 2.1]. [RFC 3046, section 2.1].
5. IANA Considerations 5. IANA Considerations
IANA has assigned a value of TBD from the DHCP Relay Agent Sub- IANA has assigned a value of 5 from the DHCP Relay Agent sub-options
options space [RFC 3046] for the link-selection sub-option defined in space [RFC 3046] for the link-selection sub-option defined in Section
Section 3. 3.
6. Acknowledgments 6. Acknowledgments
Eric Rosen contributed to helping the authors to understand the need Eric Rosen helped the authors to understand the need for this sub-
for this sub-option. Much of the text of this document was borrowed option. Much of this document was borrowed, with only minimal
with only minimal modifications from the document describing the modifications, from the document describing the subnet-selection
subnet-selection option [RFC 3011]. option [RFC 3011].
7. References 7. References
[RFC 951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 7.1. Normative References
951, September 1985.
[RFC 1542] Wimer, W., "Clarifications and Extensions for the
Bootstrap Protocol", RFC 1542, October 1993.
[RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC 2131] Droms, R., "Dynamic Host Configuration Protocol", RFC [RFC 2131] Droms, R., "Dynamic Host Configuration Protocol", RFC
2131, March 1997. 2131, March 1997.
[RFC 2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor
Extensions", Internet RFC 2132, March 1997.
[RFC 3011] Waters, G. "The IPv4 Subnet Selection Option for DHCP", [RFC 3011] Waters, G. "The IPv4 Subnet Selection Option for DHCP",
Internet RFC 3011, November 2000. RFC 3011, November 2000.
[RFC 3046] Patrick, M., "DHCP Relay Agent Information Option", RFC [RFC 3046] Patrick, M., "DHCP Relay Agent Information Option", RFC
3046, January 2001. 3046, January 2001.
8. Author's information 7.2. Informative References
[RFC 951] Croft, W. and J. Gilmore, "Bootstrap Protocol", RFC 951,
September 1985.
[RFC 1542] Wimer, W., "Clarifications and Extensions for the
Bootstrap Protocol", RFC 1542, October 1993.
8. Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
9. Authors' Addresses
Kim Kinnear Kim Kinnear
Mark Stapp
Cisco Systems Cisco Systems
250 Apollo Drive 1414 Massachusetts Ave
Chelmsford, MA 01824 Boxborough, Ma. 01719
Phone: (978) 497-8000
Phone: (978) 936-0000
EMail: kkinnear@cisco.com EMail: kkinnear@cisco.com
mjs@cisco.com
Mark Stapp
Cisco Systems
1414 Massachusetts Ave
Boxborough, Ma. 01719
Phone: (978) 936-0000
EMail: mjs@cisco.com
Jay Kumarasamy Jay Kumarasamy
Richard Johnson
Cisco Systems Cisco Systems
170 W. Tasman Dr. 170 W. Tasman Dr.
San Jose, CA 95134 San Jose, CA 95134
Phone: (408) 526-4000 Phone: (408) 526-4000
EMail: jayk@cisco.com EMail: jayk@cisco.com
raj@cisco.com
9. Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any intel-
lectual property or other rights that might be claimed to pertain to
the implementation or use of the technology described in this document
or the extent to which any license under such rights might or might not
be available; neither does it represent that it has made any effort to
identify any such rights. Information on the IETF's procedures with
respect to rights in standards-track and standards-related documentation
can be found in BCP-11. Copies of claims of rights made available for
publication and any assurances of licenses to be made available, or the Richard Johnson
result of an attempt made to obtain a general license or permission for Cisco Systems
the use of such proprietary rights by implementors or users of this 170 W. Tasman Dr.
specification can be obtained from the IETF Secretariat. San Jose, CA 95134
The IETF invites any interested party to bring to its attention any Phone: (408) 526-4000
copyrights, patents or patent applications, or other proprietary rights EMail: raj@cisco.com
which may cover technology that may be required to practice this stan-
dard. Please address the information to the IETF Executive Director.
10. Full Copyright Statement 10. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved. Copyright (C) The Internet Society (2003). All Rights Reserved.
This document and translations of it may be copied and furnished to oth- This document and translations of it may be copied and furnished to
ers, and derivative works that comment on or otherwise explain it or others, and derivative works that comment on or otherwise explain it
assist in its implementation may be prepared, copied, published and dis- or assist in its implementation may be prepared, copied, published
tributed, in whole or in part, without restriction of any kind, provided and distributed, in whole or in part, without restriction of any
that the above copyright notice and this paragraph are included on all kind, provided that the above copyright notice and this paragraph are
such copies and derivative works. However, this document itself may not included on all such copies and derivative works. However, this
be modified in any way, such as by removing the copyright notice or document itself may not be modified in any way, such as by removing
references to the Internet Society or other Internet organizations, the copyright notice or references to the Internet Society or other
except as needed for the purpose of developing Internet standards in Internet organizations, except as needed for the purpose of
which case the procedures for copyrights defined in the Internet Stan- developing Internet standards in which case the procedures for
dards process must be followed, or as required to translate it into copyrights defined in the Internet Standards process must be
languages other than English. followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS This document and the information contained herein is provided on an
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FIT- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
NESS FOR A PARTICULAR PURPOSE. MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/