draft-ietf-dhc-server-override-03.txt   draft-ietf-dhc-server-override-04.txt 
Network Working Group R. Johnson Network Working Group R. Johnson
Internet-Draft J. Jumarasamy Internet-Draft J. Jumarasamy
Expires: April 24, 2006 K. Kinnear Expires: April 25, 2007 K. Kinnear
M. Stapp M. Stapp
Cisco Systems, Inc. Cisco Systems, Inc.
October 21, 2005 October 22, 2006
DHCP Server Identifier Override Suboption DHCP Server Identifier Override Suboption
draft-ietf-dhc-server-override-03.txt draft-ietf-dhc-server-override-04.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 24, 2006. This Internet-Draft will expire on April 25, 2007.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2006).
Abstract Abstract
This memo defines a new suboption of the DHCP relay information This memo defines a new suboption of the DHCP relay information
option which allows the DHCP relay to specify a new value for the option which allows the DHCP relay to specify a new value for the
Server Identifier option, which is inserted by the DHCP Server. This Server Identifier option, which is inserted by the DHCP Server. This
allows the DHCP relay to act as the actual DHCP server such that allows the DHCP relay to act as the actual DHCP server such that
RENEW DHCPREQUESTs will come to the relay instead of going to the RENEW DHCPREQUESTs will come to the relay instead of going to the
server directly. This gives the relay the opportunity to include the server directly. This gives the relay the opportunity to include the
Relay Agent option with appropriate suboptions even on DHCP RENEW Relay Agent option with appropriate suboptions even on DHCP RENEW
messages. messages.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Server Identifier Override Suboption Definition . . . . . . 5 3. Server Identifier Override Suboption Definition . . . . . . 5
4. Security Considerations . . . . . . . . . . . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . 7 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . 8
6. Intellectual Property Rights and Copyright . . . . . . . . . 8 6. Intellectual Property Rights and Copyright . . . . . . . . . 9
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 10
Intellectual Property and Copyright Statements . . . . . . . 10 Intellectual Property and Copyright Statements . . . . . . . 11
1. Introduction 1. Introduction
There are many situations where the DHCP relay is involved and can There are many situations where the DHCP relay is involved and can
insert a relay agent option with appropriate suboptions easily into insert a relay agent option with appropriate suboptions easily into
DHCP DISCOVER messages. Once the lease has been granted, however, DHCP DISCOVER messages. Once the lease has been granted, however,
future DHCP RENEWAL messages are sent directly to the DHCP Server as future DHCP RENEWAL messages are sent directly to the DHCP Server as
specified in the Server Identifier option. This means that the relay specified in the Server Identifier option. This means that the relay
may not see the DHCP RENEWAL messages (depending upon network may not see the DHCP RENEWAL messages (depending upon network
topology) and thus can not provide the same relay agent option topology) and thus can not provide the same relay agent option
skipping to change at page 6, line 5 skipping to change at page 5, line 49
should be made between this suboption and the Server Identifier should be made between this suboption and the Server Identifier
option. If both of the Server Identifier Override Suboption and the option. If both of the Server Identifier Override Suboption and the
Server Identifier Option specify the same address, then the Server Server Identifier Option specify the same address, then the Server
should accept the DHCPREQUEST packet for processing, regardless of should accept the DHCPREQUEST packet for processing, regardless of
whether or not the Server Identifier Option matchs a DHCP Server whether or not the Server Identifier Option matchs a DHCP Server
interface. interface.
The DHCP Relay should fill in the giaddr field when relaying the The DHCP Relay should fill in the giaddr field when relaying the
packet just as it normally would do. packet just as it normally would do.
In a situation where the DHCP Relay is configured to forward packets
to more than one server, the DHCP Relay should forward all DHCP
packets all servers. This applies to DHCP RENEW packets as well.
The intent is that the DHCP Relay should not need to maintain state
information about the DHCP lease.
DHCP Relays using this suboption SHOULD also implement and use the
DHCPv4 Relay Agent Flags Suboption [7] in order to specify whether
the DHCP Relay received the original packet as a broadcast or
unicast. The DHCP Server receiving a packet containing the Server
Identifier Override Suboption may use this additional information in
processing the packet.
Note that if the DHCP Relay becomes inaccessible by the DHCP Client
or loses network access to the DHCP Server, further DHCP RENEW
packets from the DHCP Client may not be properly processed and the
DHCP Client's lease may time out.
4. Security Considerations 4. Security Considerations
Message authentication in DHCP for intradomain use where the out-of- Message authentication in DHCP for intradomain use where the out-of-
band exchange of a shared secret is feasible is defined in [3]. band exchange of a shared secret is feasible is defined in [3].
Potential exposures to attack are discussed in section 7 of the DHCP Potential exposures to attack are discussed in section 7 of the DHCP
protocol specification in [2]. protocol specification in [2].
The DHCP Relay Agent option depends on a trusted relationship between The DHCP Relay Agent option depends on a trusted relationship between
the DHCP relay agent and the server, as described in section 5 of RFC the DHCP relay agent and the server, as described in section 5 of RFC
3046. While the introduction of fraudulent relay-agent options can 3046. While the introduction of fraudulent relay-agent options can
skipping to change at page 8, line 12 skipping to change at page 9, line 12
Identifier Override Suboption from the DHCP Relay Agent Information Identifier Override Suboption from the DHCP Relay Agent Information
Option [3] suboption number space. None. Option [3] suboption number space. None.
6. Intellectual Property Rights and Copyright 6. Intellectual Property Rights and Copyright
The IETF has been notified of intellectual property rights claimed in The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this regard to some or all of the specification contained in this
document. For more information consult the online list of claimed document. For more information consult the online list of claimed
rights. rights.
Copyright (C) The Internet Society (2004). This document is subject Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights." except as set forth therein, the authors retain all their rights."
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
skipping to change at page 9, line 5 skipping to change at page 9, line 44
[4] Stapp, M., "The Authentication Suboption for the DHCP Relay [4] Stapp, M., "The Authentication Suboption for the DHCP Relay
Agent Option", RFC 4030, March 2005. Agent Option", RFC 4030, March 2005.
[5] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA [5] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
Considerations Section in RFCs", RFC 2434, October 1998. Considerations Section in RFCs", RFC 2434, October 1998.
[6] Patrick, M., "DHCP Relay Agent Information Option", RFC 3046, [6] Patrick, M., "DHCP Relay Agent Information Option", RFC 3046,
November 2004. November 2004.
[7] Kinnear, K., "DHCPv4 Relay Agent Flags Suboption",
draft-ietf-dhc-relay-agent-flags-00.txt (work in progress),
June 2006.
Authors' Addresses Authors' Addresses
Richard A. Johnson Richard A. Johnson
Cisco Systems, Inc. Cisco Systems, Inc.
170 W. Tasman Dr. 170 W. Tasman Dr.
San Jose, CA 95134 San Jose, CA 95134
US US
Phone: +1 408 526 4000 Phone: +1 408 526 4000
Email: raj@cisco.com Email: raj@cisco.com
skipping to change at page 10, line 41 skipping to change at page 11, line 41
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 10 change blocks. 
13 lines changed or deleted 36 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/