randomizing lease renewal?
David W. Hankins
David_Hankins at isc.org
Fri Mar 30 23:02:08 UTC 2007
On Fri, Mar 30, 2007 at 05:54:40PM +0200, Shane Kerr wrote:
> Sure. But, basically this is using DHCP to implement something very much like
> IPv6 privacy addresses, isn't it?
With a server mandate, rather than DHCPv6's client mandate. This will
always have the session mangling property, and although we like to talk
about ~8 hour sessions as the obvious situation, that's not as insidious
as when the 'privacy address' is yanked out from under very short lived
sessions, even web browsers. Even a small percentage of this applied
to a large population of clients implies a nontrivial number of half-
open TCP sockets.
Consuming remote tcp buffer for local policy is possibly not the
most net-friendly thing.
> There are ways to engineer all of those identification needs into a network, I
> think. Some of them may be quite hackish, but still.
I think if a /client/ wanted IA_TA style privacy in DHCPv4, it could
have it today - without being too much of a "bad neighbor", and without
any new protocol. No hacks.
Just suffix a value to your client identifier, and increment it every
time you're ready for a new address, then start a new state object
(INIT) for it.
--
ISC Training! http://www.isc.org/training/ training at isc.org
Washington DC area, April 16-20 2007. DNS & BIND, DDNS & DHCP.
--
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
More information about the dhcp-users
mailing list