randomizing lease renewal?

David W. Hankins David_Hankins at isc.org
Fri Mar 30 23:02:08 UTC 2007

On Fri, Mar 30, 2007 at 05:54:40PM +0200, Shane Kerr wrote:
> Sure. But, basically this is using DHCP to implement something very much like
> IPv6 privacy addresses, isn't it?

With a server mandate, rather than DHCPv6's client mandate.  This will
always have the session mangling property, and although we like to talk
about ~8 hour sessions as the obvious situation, that's not as insidious
as when the 'privacy address' is yanked out from under very short lived
sessions, even web browsers.  Even a small percentage of this applied
to a large population of clients implies a nontrivial number of half-
open TCP sockets.

Consuming remote tcp buffer for local policy is possibly not the
most net-friendly thing.

> There are ways to engineer all of those identification needs into a network, I
> think. Some of them may be quite hackish, but still.

I think if a /client/ wanted IA_TA style privacy in DHCPv4, it could
have it today - without being too much of a "bad neighbor", and without
any new protocol.  No hacks.

Just suffix a value to your client identifier, and increment it every
time you're ready for a new address, then start a new state object
(INIT) for it.

ISC Training!  http://www.isc.org/training/  training at isc.org
Washington DC area, April 16-20 2007.  DNS & BIND, DDNS & DHCP.
David W. Hankins	"If you don't do it right the first time,
Software Engineer		you'll just have to do it again."
Internet Systems Consortium, Inc.	-- Jack T. Hankins

More information about the dhcp-users mailing list