Resolution of Fully Qualified Domain Name (FQDN) Conflicts among Dynamic Host Configuration Protocol (DHCP) Clients
draft-ietf-dhc-ddns-resolution-12
The information below is for an old version of the document that is already published as an RFC.
| Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 4703.
|
|
|---|---|---|---|
| Authors | Bernie Volz , Mark Stapp | ||
| Last updated | 2013-03-02 (Latest revision 2006-03-23) | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Proposed Standard | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | (None) | |
| Document shepherd | (None) | ||
| IESG | IESG state | Became RFC 4703 (Proposed Standard) | |
| Action Holders |
(None)
|
||
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | Margaret Cullen | ||
| Send notices to | <ogud@ogud.com>, <okolkman@ripe.net> |
draft-ietf-dhc-ddns-resolution-12
Dynamic Host Configuration M. Stapp
Internet-Draft B. Volz
Expires: September 23, 2006 Cisco Systems, Inc.
March 22, 2006
Resolution of FQDN Conflicts among DHCP Clients
<draft-ietf-dhc-ddns-resolution-12.txt>
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 23, 2006.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
DHCP provides a mechanism for host configuration that includes
dynamic assignment of IP addresses and fully qualified domain names.
To maintain accurate name to IP address and IP address to name
mappings in the DNS, these dynamically assigned addresses and fully
qualified domain names require updates to the DNS. This document
identifies situations in which conflicts in the use of fully
qualified domain names may arise among DHCP clients and servers, and
describes a strategy for the use of the DHCID DNS resource record in
Stapp & Volz Expires September 23, 2006 [Page 1]
Internet-Draft Resolution of FQDN Conflicts March 2006
resolving those conflicts.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Issues with DNS Update in DHCP Environments . . . . . . . . . 3
3.1. Client Misconfiguration . . . . . . . . . . . . . . . . . 4
3.2. Multiple DHCP Servers . . . . . . . . . . . . . . . . . . 5
4. Use of the DHCID RR . . . . . . . . . . . . . . . . . . . . . 5
5. Procedures for Performing DNS Updates . . . . . . . . . . . . 6
5.1. Error Return Codes . . . . . . . . . . . . . . . . . . . . 6
5.2. Dual IPv4/IPv6 Client Considerations . . . . . . . . . . . 6
5.3. Adding A and/or AAAA RRs to DNS . . . . . . . . . . . . . 7
5.3.1. Initial DHCID RR Request . . . . . . . . . . . . . . . 7
5.3.2. DNS UPDATE When FQDN in Use . . . . . . . . . . . . . 7
5.3.3. FQDN in Use by another Client . . . . . . . . . . . . 8
5.4. Adding PTR RR Entries to DNS . . . . . . . . . . . . . . . 8
5.5. Removing Entries from DNS . . . . . . . . . . . . . . . . 9
5.6. Updating Other RRs . . . . . . . . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 10
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
8.1. Normative References . . . . . . . . . . . . . . . . . . . 11
8.2. Informative References . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13
Intellectual Property and Copyright Statements . . . . . . . . . . 14
Stapp & Volz Expires September 23, 2006 [Page 2]
quot;
list MAY contain other configuration or operational state data
related to the corresponding logical interface.
4.1.1. Configuration of IPv6 Router Interfaces
The module "ietf-ipv6-unicast-routing" augments the definition of the
data node "/router/interfaces/interface" with definitions of the
following configuration variables as required by [RFC4861], sec.
6.2.1:
o send-advertisements,
o max-rtr-adv-interval,
Lhotka Expires August 23, 2012 [Page 10]
Internet-Draft YANG Routing Configuration February 2012
o min-rtr-adv-interval,
o managed-flag,
o other-config-flag,
o link-mtu,
o reachable-time,
o retrans-timer,
o cur-hop-limit,
o default-lifetime,
o prefix-list: a list of prefixes to be advertised. The following
parameters are associated with each prefix in the list:
* valid-lifetime,
* on-link-flag,
* preferred-lifetime,
* autonomous-flag.
The definitions and descriptions of the above parameters can be found
in the text of the module "ietf-ipv6-unicast-routing" (Section 8).
NOTE: The "IsRouter" flag, which is also required by [RFC4861], was
omitted. Is is expected that this variable will be implemented in
another module, either "ietf-interfaces" or "ietf-ip".
4.2. Route
Routes are basic units of information in a routing system. The core
routing data model defines only the following minimal set of route
attributes:
o destination-prefix - IP prefix specifying the set of destination
addresses for which the route may be used. This attribute is
mandatory.
o next-hop - IP address of the adjacent router or host to which
packets with destination addresses belonging to destination-prefix
should be sent.
Lhotka Expires August 23, 2012 [Page 11]
Internet-Draft YANG Routing Configuration February 2012
o outgoing-interface - network interface that should be used for
sending packets with destination addresses belonging to
destination-prefix.
The above list of route attributes is sufficient for a simple static
routing configuration. It is expected that future modules defining
routing protocols will add other route attributes such as metrics or
preferences.
Routes and their attributes are used in both configuration data, for
example as manually configured static routes, and in operational
state data, for example as entries in routing tables.
4.3. Routing Tables
Routing tables are lists of routes complemented with administrative
data, namely:
o source-protocol - name of the routing protocol from which the
route was originally obtained.
o last-modified - date and time of last modification, or
installation, of the route.
Each routing table may only contain routes of the same address family
(AFN and SAFI).
In the core routing data model, the "routing-table" node represents
configuration while the descendant list of routes is defined as
operational state data. The contents of such lists are controlled by
routing protocol operations which may result in route additions,
removals and modifications. This also includes manipulations via the
"static" pseudo-protocol.
At least the following two routing tables MUST be configured for each
router instance and each supported AFN/SAFI pair:
1. Forwarding information base (FIB) contains active routes that are
used by the operating system kernel for forwarding datagrams.
2. Main routing table to which all routing protocol instances are
connected by default, with the exception of the "direct" pseudo-
protocol (Section 4.4): direct routes only appear in the FIB
table by default.
The main routing table SHOULD serve as the default source of active
routes for the FIB.
Lhotka Expires August 23, 2012 [Page 12]
Internet-Draft YANG Routing Configuration February 2012
One or more additional routing tables MAY be configured by creating
new entries in the "routing-table" list, either being a part of
factory-default configuration or configured by the client.
The naming scheme for routing tables, as well as restrictions on the
number and configurability of routing tables are implementation-
specific.
Every routing table can serve as a source of routes for other routing
tables. To achieve this, one or more recipient routing tables may be
specified in the configuration of the source routing table. In
addition, a route filter may be configured for each recipient routing
table, which selects and/or manipulates the routes that are passed on
between the source and recipient routing table.
4.4. Routing Protocols
The core routing data model provides an open-ended framework for
defining multiple routing protocol instances. Each of them is
identified by a name, which MUST be unique within a router instance.
Each protocol MUST be assigned a type, which MUST be an identity
derived from the "rt:routing-protocol" base identity. The core
routing data model defines two identities for the "direct" and
"static" pseudo-protocols.
Each routing protocol instance is connected to exactly one routing
table. By default, every routing protocol instance SHOULD be
connected to the main routing table. An implementation MAY allow any
or all routing protocol instances to be configured to use a different
routing table.
Routes learned from the network by a routing protocol are passed to
the connected routing table and vice versa - routes appearing in a
routing table are passed to all routing protocols connected to the
table (except "direct" and "static" pseudo-protocols) and advertised
by that protocol to the network.
Two independent route filters (see Section 4.5) may be defined for a
routing protocol instance to control the exchange of routes in both
directions between the routing protocol instance and the connected
routing table:
o import filter controls which routes are passed from a routing
protocol instance to the routing table,
o export filter controls which routes the routing protocol instance
may receive from the connected routing table.
Lhotka Expires August 23, 2012 [Page 13]
Internet-Draft YANG Routing Configuration February 2012
Note that, for historical reasons, the terms import and export are
used from the viewpoint of a routing table.
The core routing data model defines two special routing protocols -
"direct" and "static". Both are in fact pseudo-protocols, which
means that they are confined to the local device and do not exchange
any routing information with neighboring routers. Routes from both
"direct" and "static" protocol instances are passed to the connected
routing table (subject to route filters, if any), but an exchange in
the opposite direction is not allowed.
Every router instance MUST contain exactly one instance of the
"direct" pseudo-protocol. It is the source of direct routes which
are normally supplied by the operating system kernel, based on the
detected and configured network interfaces, and they SHOULD by
default appear in the FIB routing table. However, using the
framework defined in this document, the target routing table for
direct routes MAY be changed by connecting the "direct" protocol
instance to a non-default routing table. Direct routes can also be
filtered before they appear in the routing table.
The "static" routing pseudo-protocol allows for specifying routes
manually. It MAY be configured in zero or multiple instances,
although a typical implementation will have exactly one instance per
router.
4.4.1. Defining New Routing Protocols
It is expected that future YANG modules will create data models for
additional routing protocol types. In order to do so, the new module
has to define the protocol-specific information and fit it into the
core routing framework in the following way :
o A new identity MUST be defined for the routing protocol and its
base identity MUST be set to "rt:routing-protocol", or to an
identity derived from "rt:routing-protocol".
o Additional route attributes MAY be defined. Their definitions
then have to be inserted as operational state data by augmenting
the definition of "rt:route" inside "rt:routing-table", and
possibly to other places in the configuration, operational state
data and RPC input or output.
o Per-interface configuration parameters can be added by augmenting
the data node "rt:interface" (the list of router interfaces).
o Other configuration parameters can be defined by augmenting the
"routing-protocol" data node. By using the "when" statement, this
Lhotka Expires August 23, 2012 [Page 14]
Internet-Draft YANG Routing Configuration February 2012
augment SHOULD be made conditional and valid only if the value of
the "rt:type" child leaf equals to the new protocol's identity.
It is recommended that both per-interface and other configuration
data specific to the new protocol be encapsulated in an appropriately
named container.
The above steps are implemented by the example YANG module for the
RIP routing protocol in Appendix A. First, the module defines a new
identity for the RIP protocol:
identity rip {
base rt:routing-protocol;
description "Identity for the RIP routing protocol.&Internet-Draft Resolution of FQDN Conflicts March 2006
1. Introduction
"The Client FQDN Option" [8] includes a description of the operation
of [4] clients and servers that use the DHCPv4 client FQDN option.
And, "The DHCPv6 Client FQDN Option" [9] includes a description of
the operation of [5] clients and servers that use the DHCPv6 client
FQDN option. Through the use of the client FQDN option, DHCP clients
and servers can negotiate the client's FQDN and the allocation of
responsibility for updating the DHCP client's A and/or AAAA RRs.
This document identifies situations in which conflicts in the use of
FQDNs may arise among DHCP clients and servers, and describes a
strategy for the use of the DHCID DNS resource record [2] in
resolving those conflicts.
In any case, whether a site permits all, some, or no DHCP servers and
clients to perform DNS updates ([3], [10]) into the zones that it
controls is entirely a matter of local administrative policy. This
document does not require any specific administrative policy, and
does not propose one. The range of possible policies is very broad,
from sites where only the DHCP servers have been given credentials
that the DNS servers will accept, to sites where each individual DHCP
client has been configured with credentials that allow the client to
modify its own FQDN. Compliant implementations MAY support some or
all of these possibilities. Furthermore, this specification applies
only to DHCP client and server processes; it does not apply to other
processes that initiate DNS updates.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [1].
This document assumes familiarity with DNS terminology defined in [6]
and DHCP terminology defined in [4] and [5].
FQDN, or Fully Qualified Domain Name, is the full name of a system,
rather than just its hostname. For example, "venera" is a hostname
and "venera.isi.edu" is an FQDN. See [7].
DOCSIS, or Data-Over-Cable Service Interface Specifications, is
defined by CableLabs (www.cablelabs.com).
3. Issues with DNS Update in DHCP Environments
There are two DNS update situations that require special
Stapp & Volz Expires September 23, 2006 [Page 3]
Internet-Draft Resolution of FQDN Conflicts March 2006
consideration in DHCP environments: cases where more than one DHCP
client has been configured with the same FQDN and cases where more
than one DHCP server has been given authority to perform DNS updates
in a zone. In these cases, it is possible for DNS records to be
modified in inconsistent ways unless the updaters have a mechanism
that allows them to detect anomalous situations. If DNS updaters can
detect these situations, site administrators can configure the
updaters' behavior so that the site's policies can be enforced. This
specification describes a mechanism designed to allow updaters to
detect these situations, and suggests that DHCP implementations use
this mechanism by default.
3.1. Client Misconfiguration
Administrators may wish to maintain a one-to-one relationship between
active DHCP clients and FQDNs, and to maintain consistency between a
client's A, AAAA, and PTR RRs. Clients that are not represented in
the DNS, or clients that inadvertently share an FQDN with another
client may encounter inconsistent behavior or may not be able to
obtain access to network resources. Whether each DHCP client is
configured with a FQDN by its administrator or whether the DHCP
server is configured to distribute the clients' FQDN, the consistency
of the DNS data is entirely dependent on the accuracy of the
configuration procedure. Sites that deploy [10] may configure
credentials for each client and its assigned FQDN in a way that is
more error-resistant, as both the FQDN and credentials must match.
Consider an example in which two DHCP clients in the "example.com"
network are both configured with the hostname "foo". The clients are
permitted to perform their own DNS updates. The first client, client
A, is configured via DHCP. It adds an A RR to "foo.example.com", and
its DHCP server adds a PTR RR corresponding to its assigned IP
address. When the second client, client B, boots, it is also
configured via DHCP, and it also begins to update "foo.example.com".
At this point, the "example.com" administrators may wish to establish
some policy about DHCP clients' FQDNs. If the policy is that each
client that boots should replace any existing A RR that matches its
FQDN, Client B can proceed, though Client A may encounter problems.
In this example, Client B replaces the A RR associated with
"foo.example.com". Client A must have some way to recognize that the
RR associated with "foo.example.com" now contains information for
Client B, so that it can avoid modifying the RR. When Client A's
assigned IP address expires, for example, it should not remove a RR
that reflects Client B's DHCP assigned IP address.
If the policy is that the first DHCP client with a given FQDN should
be the only client associated with that FQDN, Client B needs to be
Stapp & Volz Expires September 23, 2006 [Page 4]
Internet-Draft Resolution of FQDN Conflicts March 2006
able to determine if it is not the client associated with
"foo.example.com". It could be that Client A booted first, and that
Client B should choose another FQDN. Or it could be that B has
booted on a new subnet, and received a new IP address assignment, in
which case B should update the DNS with its new IP address. It must
either retain persistent state about the last IP address it was
assigned (in addition to its current IP address) or it must have some
other way to detect that it was the last updater of "foo.example.com"
in order to implement the site's policy.
3.2. Multiple DHCP Servers
It is possible to arrange for DHCP servers to perform A and/or AAAA
RR updates on behalf of their clients. If a single DHCP server
manages all of the DHCP clients at a site, it can maintain a database
of the FQDNs in use, and can check that database before assigning a
FQDN to a client. Such a database is necessarily proprietary,
however, and the approach does not work once more than one DHCP
server is deployed.
When multiple DHCP servers are deployed, the servers require a way to
coordinate the identities of DHCP clients. Consider an example in
which DHCPv4 Client A boots, obtains an IP address from Server S1,
presenting the hostname "foo" in a Client FQDN option [8] in its
DHCPREQUEST message. Server S1 updates the FQDN "foo.example.com",
adding an A RR containing the IP address assigned to A. The client
then moves to another subnet, served by Server S2. When Client A
boots on the new subnet, Server S2 will assign it a new IP address,
and will attempt to add an A RR containing the newly assigned IP
address to the FQDN "foo.example.com". At this point, without some
communication mechanism which S2 can use to ask S1 (and every other
DHCP server that updates the zone) about the client, S2 has no way to
know whether Client A is currently associated with the FQDN, or
whether A is a different client configured with the same FQDN. If
the servers cannot distinguish between these situations, they cannot
enforce the site's naming policies.
4. Use of the DHCID RR
A solution to both of these problems is for the updater (a DHCP
client or DHCP server) to be able to determine which DHCP client has
been associated with a FQDN, in order to offer administrators the
opportunity to configure updater behavior.
For this purpose, a DHCID RR, specified in [2], is used to associate
client identification information with a FQDN and the A, AAAA, and
PTR RRs associated with that FQDN. When either a client or server
Stapp & Volz Expires September 23, 2006 [Page 5]
Internet-Draft Resolution of FQDN Conflicts March 2006
adds A, AAAA, or PTR RRs for a client, it also adds a DHCID RR that
specifies a unique client identity, based on data from the client's
DHCP message. In this model, only one client is associated with a
given FQDN at a time.
By associating this ownership information with each FQDN, cooperating
DNS updaters may determine whether their client is currently
associated with a particular FQDN and implement the appropriately
configured administrative policy. In addition, DHCP clients which
currently have FQDNs may move from one DHCP server to another without
losing their FQDNs.
The specific algorithm utilizing the DHCID RR to signal client
ownership is explained below. The algorithm only works in the case
where the updating entities all cooperate -- this approach is
advisory only and is not a substitute for DNS security, nor is it
replaced by DNS security.
5. Procedures for Performing DNS Updates
5.1. Error Return Codes
Certain RCODEs defined in [3] indicate that the destination DNS
server cannot perform an update, i.e., FORMERR, SERVFAIL, REFUSED,
NOTIMP. If one of these RCODEs is returned, the updater MUST
terminate its update attempt. Other RCODEs [13] may indicate that
there are problems with the key being used and may mean to try a
different key, if available, or to terminate the operation. Because
some errors may indicate a misconfiguration of the updater or the DNS
server, the updater MAY attempt to signal to its administrator that
an error has occurred, e.g. through a log message.
5.2. Dual IPv4/IPv6 Client Considerations
At the time of publication of this document, a small minority of DHCP
clients support both IPv4 and IPv6. We anticipate, however, that a
transition will take place over a period of time, and more sites will
have dual-stack clients present. IPv6 clients require updates of
AAAA RRs; IPv4 client require updates of A RRs. The administrators
of mixed deployments will likely wish to permit a single FQDN to
contain A and AAAA RRs from the same client.
Sites that wish to permit a single FQDN to contain both A and AAAA
RRs MUST make use of DHCPv4 clients and servers that support using
the DHCP Unique Identifier (DUID) for DHCPv4 client identifiers such
that this DUID is used in computing the RDATA of the DHCID RR by both
DHCPv4 and DHCPv6 for the client, see [11]. Otherwise, a dual-stack
Stapp & Volz Expires September 23, 2006 [Page 6]
Internet-Draft Resolution of FQDN Conflicts March 2006
client that uses older-style DHCPv4 client identifiers (see [4] and
[12]) will only be able to have either its A or AAAA records in DNS
under a single FQDN because of the DHCID RR conflicts that result.
5.3. Adding A and/or AAAA RRs to DNS
When a DHCP client or server intends to update A and/or AAAA RRs, it
starts with the UPDATE request in Section 5.3.1.
As the update sequence below can result in loops, implementers SHOULD
limit the total number of attempts for a single transaction.
5.3.1. Initial DHCID RR Request
The updater prepares a DNS UPDATE request that includes as a
prerequisite the assertion that the FQDN does not exist. The update
section of the request attempts to add the new FQDN and its IP
address mapping (A and/or AAAA RRs) and the DHCID RR with its unique
client identity.
If the UPDATE request succeeds, the A and/or AAAA RR update is now
complete (and a client updater is finished, while a server would then
proceed to perform a PTR RR update).
If the response to the UPDATE returns YXDOMAIN, the updater can now
conclude that the intended FQDN is in use and proceeds to
Section 5.3.2.
If any other status is returned, the updater SHOULD NOT attempt an
update (see Section 5.1).
5.3.2. DNS UPDATE When FQDN in Use
The updater next attempts to confirm that the FQDN is not being used
by some other client by preparing an UPDATE request in which there
are two prerequisites. The first prerequisite is that the FQDN
exists. The second is that the desired FQDN has attached to it a
DHCID RR whose contents match the client identity. The update
section of the UPDATE request contains:
1. A delete of any existing A RRs on the FQDN if this is an A update
or an AAAA update and the updater does not desire A records on
the FQDN or this update is adding an A and the updater only
desires a single IP address on the FQDN.
2. A delete of the existing AAAA RRs on the FQDN if the updater does
not desire AAAA records on the FQDN or this update is adding an
AAAA and the updater only desires a single IP address on the
FQDN.
Stapp & Volz Expires September 23, 2006 [Page 7]
Internet-Draft Resolution of FQDN Conflicts March 2006
3. An add (or adds) of the A RR that matches the DHCP binding if
this is an A update.
4. Adds of the AAAA RRs that match the DHCP bindings if this is an
AAAA update.
Whether A or AAAA RRs are deleted depends on the updater or updater's
policy. For example, if the updater is the client or configured as
the only DHCP server for the link on which the client is located, the
updater may find it beneficial to delete all A and/or AAAA RRs and
then add the current set of A and/or AAAA RRs, if any, for the
client.
If the UPDATE request succeeds, the updater can conclude that the
current client was the last client associated with the FQDN, and that
the FQDN now contains the updated A and/or AAAA RRs. The update is
now complete (and a client updater is finished, while a server would
then proceed to perform a PTR RR update).
If the response to the UPDATE request returns NXDOMAIN, the FQDN is
no longer in use and the updater proceeds back to Section 5.3.1.
If the response to the UPDATE request returns NXRRSET, there are two
possibilities - there are no DHCID RRs for the FQDN or the DHCID RR
does not match. In either case, the updater proceeds to
Section 5.3.3.
5.3.3. FQDN in Use by another Client
As the FQDN appears to be in use by another client or is not
associated with any client, the updater SHOULD either choose another
FQDN and restart the update process with this new FQDN or terminate
the update with a failure.
Techniques that may be considered to disambiguate FQDNs include
adding some suffix or prefix to the hostname portion of the FQDN or
randomly generating a hostname.
5.4. Adding PTR RR Entries to DNS
The DHCP server submits a DNS UPDATE request that deletes all of the
PTR RRs associated with the client's assigned IP address, and adds a
PTR RR whose data is the client's (possibly disambiguated) FQDN. The
server MAY also add a DHCID RR as specified in Section 4, in which
case it would include a delete of all of the DHCID RRs associated
with the client's assigned IP address, and adds a DHCID RR for the
client.
There is no need to validate the DHCID RR for PTR updates as the DHCP
Stapp & Volz Expires September 23, 2006 [Page 8]
Internet-Draft Resolution of FQDN Conflicts March 2006
server (or servers) only assigns an address to a single client at a
time.
5.5. Removing Entries from DNS
The most important consideration in removing DNS entries is to be
sure that an entity removing a DNS entry is only removing an entry
that it added, or for which an administrator has explicitly assigned
it responsibility.
When an address' lease time or valid lifetime expires or a DHCP
client issues a DHCPRELEASE [4] or Release [5] request, the DHCP
server SHOULD delete the PTR RR that matches the DHCP binding, if one
was successfully added. The server's UPDATE request SHOULD assert
that the domain name (PTRDNAME field) in the PTR record matches the
FQDN of the client whose address has expired or been released and
should delete all RRs for the FQDN.
The entity chosen to handle the A or AAAA records for this client
(either the client or the server) SHOULD delete the A or AAAA records
that were added when the address was assigned to the client.
However, the updater should only remove the DHCID RR if there are no
A or AAAA RRs remaining for the client.
In order to perform this A or AAAA RR delete, the updater prepares an
UPDATE request that contains a prerequisite that asserts that the
DHCID RR exists whose data is the client identity described in
Section 4 and contains an update section that deletes the client's
specific A or AAAA RR.
If the UPDATE request succeeds, the updater prepares a second UPDATE
request that contains three prerequisites and contains an update
section that deletes all RRs for the FQDN. The first prerequisite
asserts that the DHCID RR exists whose data is the client identity
described in Section 4. The second prerequisite asserts that there
are no A RRs. The third prerequisite asserts that there are no AAAA
RRs.
If either request fails, the updater MUST NOT delete the FQDN. It
may be that the client whose address has expired has moved to another
network and obtained an address from a different server, which has
caused the client's A or AAAA RR to be replaced. Or, the DNS data
may have been removed or altered by an administrator.
5.6. Updating Other RRs
The procedures described in this document only cover updates to the
A, AAAA, PTR, and DHCID RRs. Updating other types of RRs is outside
Stapp & Volz Expires September 23, 2006 [Page 9]
Internet-Draft Resolution of FQDN Conflicts March 2006
the scope of this document.
6. Security Considerations
Administrators should be wary of permitting unsecured DNS updates to
zones, whether or not they are exposed to the global Internet. Both
DHCP clients and servers SHOULD use some form of update request
authentication (e.g., TSIG [13]) when performing DNS updates.
Whether a DHCP client may be responsible for updating an FQDN to IP
address mapping, or whether this is the responsibility of the DHCP
server is a site-local matter. The choice between the two
alternatives may be based on the security model that is used with the
Dynamic DNS Update protocol (e.g., only a client may have sufficient
credentials to perform updates to the FQDN to IP address mapping for
its FQDN).
Whether a DHCP server is always responsible for updating the FQDN to
IP address mapping (in addition to updating the IP to FQDN mapping),
regardless of the wishes of an individual DHCP client, is also a
site-local matter. The choice between the two alternatives may be
based on the security model that is being used with dynamic DNS
updates. In cases where a DHCP server is performing DNS updates on
behalf of a client, the DHCP server should be sure of the FQDN to use
for the client, and of the identity of the client.
Currently, it is difficult for DHCP servers to develop much
confidence in the identities of their clients, given the absence of
entity authentication from the DHCP protocol itself. There are many
ways for a DHCP server to develop a FQDN to use for a client, but
only in certain relatively rare circumstances will the DHCP server
know for certain the identity of the client. If [14] becomes widely
deployed this may become more customary.
One example of a situation that offers some extra assurances is when
the DHCP client is connected to a network through a DOCSIS cable
modem, and the Cable Modem Termination System (head-end) of the cable
modem ensures that MAC address spoofing simply does not occur.
Another example of a configuration that might be trusted is when
clients obtain network access via a network access server using PPP.
The Network Access Server (NAS) itself might be obtaining IP
addresses via DHCP, encoding client identification into the DHCP
client-id option. In this case, the NAS as well as the DHCP server
might be operating within a trusted environment, in which case the
DHCP server could be configured to trust that the user authentication
and authorization processing of the NAS was sufficient, and would
therefore trust the client identification encoded within the DHCP
Stapp & Volz Expires September 23, 2006 [Page 10]
Internet-Draft Resolution of FQDN Conflicts March 2006
client-id.
7. Acknowledgements
Many thanks to Mark Beyer, Jim Bound, Ralph Droms, Robert Elz, Peter
Ford, Olafur Gudmundsson, Edie Gunter, Andreas Gustafsson, David W.
Hankins, R. Barr Hibbs, Kim Kinnear, Stuart Kwan, Ted Lemon, Ed
Lewis, Michael Lewis, Josh Littlefield, Michael Patton, Pekka Savola,
and Glenn Stump for their review and comments.
8. References
8.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[2] Stapp, M., Gustafsson, A., and T. Lemon, "A DNS RR for Encoding
DHCP Information (draft-ietf-dnsext-dhcid-rr-*)", February 2006.
[3] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound, "Dynamic
Updates in the Domain Name System (DNS UPDATE)", RFC 2136,
April 1997.
[4] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
March 1997.
[5] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M.
Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
RFC 3315, July 2003.
8.2. Informative References
[6] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.
[7] Malkin, G., "Internet Users' Glossary", RFC 1983, August 1996.
[8] Stapp, M. and Y. Rekhter, "The DHCP Client FQDN Option
(draft-ietf-dhc-fqdn-option-*.txt)", February 2006.
[9] Volz, B., "The DHCPv6 Client FQDN Option
(draft-ietf-dhc-dhcpv6-fqdn-*.txt)", February 2006.
[10] Wellington, B., "Secure Domain Name System (DNS) Dynamic
Update", RFC 3007, November 2000.
Stapp & Volz Expires September 23, 2006 [Page 11]
Internet-Draft Resolution of FQDN Conflicts March 2006
[11] Lemon, T. and B. Sommerfeld, "Node-specific Client Identifiers
for Dynamic Host Configuration Protocol Version Four (DHCPv4)",
RFC 4361, February 2006.
[12] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor
Extensions", RFC 2132, March 1997.
[13] Vixie, P., Gudmundsson, O., Eastlake, D., and B. Wellington,
"Secret Key Transaction Authentication for DNS (TSIG)",
RFC 2845, May 2000.
[14] Droms, R. and W. Arbaugh, "Authentication for DHCP Messages",
RFC 3118, June 2001.
Stapp & Volz Expires September 23, 2006 [Page 12]
Internet-Draft Resolution of FQDN Conflicts March 2006
Authors' Addresses
Mark Stapp
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, MA 01719
USA
Phone: 978.936.1535
Email: mjs@cisco.com
Bernie Volz
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, MA 01719
USA
Phone: 978.936.0382
Email: volz@cisco.com
Stapp & Volz Expires September 23, 2006 [Page 13]
Internet-Draft Resolution of FQDN Conflicts March 2006
Intellectual Property Statementquot;;
}
New route attributes specific to the RIP protocol ("metric" and
"tag") are defined in a grouping and then added to the route
definitions appearing in "routing-table" and in the output part of
the "get-route" RPC method:
Lhotka Expires August 23, 2012 [Page 15]
Internet-Draft YANG Routing Configuration February 2012
grouping route-content {
description
"RIP-specific route content.";
leaf metric {
type rip-metric;
}
leaf tag {
type uint16;
default "0";
description
"This leaf may be used to carry additional info, e.g. AS
number.";
}
}
augment "/rt:routing/rt:router/rt:routing-tables/rt:routing-table/"
+ "rt:routes/rt:route" {
when "../../../../rt:routing-protocols/"
+ "rt:routing-protocol[rt:name=current()/rt:source-protocol]/"
+ "rt:type='rip:rip'" {
description
"This augment is only valid if the source protocol from which
the route originated is RIP.";
}
description
"RIP-specific route components.";
uses route-content;
}
augment "/rt:get-route/rt:output/rt:route" {
description
"Add RIP-specific route content.";
uses route-content;
}
Per-interface configuration data are defined by the following
"augment" statement:
Lhotka Expires August 23, 2012 [Page 16]
Internet-Draft YANG Routing Configuration February 2012
augment "/rt:routing/rt:router/rt:interfaces/rt:interface" {
when "../../rt:routing-protocols/rt:routing-protocol/rt:type = "
+ "'rip:rip'";
container rip {
description
"Per-interface RIP configuration.";
leaf enabled {
type boolean;
default "true";
}
leaf metric {
type rip-metric;
default "1";
}
}
}
Finally, global RIP configuration data are integrated into the "rt:
routing-protocol" node by using the following "augment" statement,
which is valid only for routing protocol instances whose type is
"rip:rip":
augment "/rt:routing/rt:router/rt:routing-protocols/"
+ "rt:routing-protocol" {
when "rt:type = 'rip:rip'";
container rip {
leaf update-interval {
type uint8 {
range "10..60";
}
units "seconds";
default "30";
description
"Time interval between periodic updates.";
}
}
}
4.5. Route Filters
The core routing data model provides a skeleton for defining route
filters that can be used to restrict the set of routes being
exchanged between a routing protocol instance and a connected routing
table, or between a source and a recipient routing table. Route
filters may also manipulate routes, i.e., add, delete, or modify
their properties.
By itself, the route filtering framework defined in this document
Lhotka Expires August 23, 2012 [Page 17]
Internet-Draft YANG Routing Configuration February 2012
allows to establish only the two extreme routing policies in which
either all routes are allowed or all routes are rejected. It is
expected that real route filtering frameworks will be developed
separately.
Each route filter is identified by a name which MUST be unique within
a router instance. Its type MUST be specified by the "type" identity
reference - this opens the space for multiple route filtering
framework implementations. The default value for route filter type
is the identity "deny-all-route-filter" defined in the "ietf-routing"
module, which represents a route filtering policy in which all routes
are rejected.
4.6. RPC Operation
The "ietf-routing" module defines the "get-route" RPC operation. It
is used for querying the forwarding information base of a router
instance. The first input parameter is the name of the router
instance whose FIB is to be queried, and the second parameter is a
destination address. Modules for particular address families are
expected to augment the "destination-address" container with the
"address" leaf, as it is done in the "ietf-ipv4-unicast-routing" and
"ietf-ipv6-unicast-routing" modules.
The server replies with an active route which is used for forwarding
datagrams to the destination address within the selected router
instance. Again, modules for particular address families are
expected to augment the definition of output parameters with AFN/
SAFI-specific contents.
Lhotka Expires August 23, 2012 [Page 18]
Internet-Draft YANG Routing Configuration February 2012
5. IANA AFN and SAFI YANG Module
RFC Ed.: In this section, replace all occurrences of 'XXXX' with the
actual RFC number and all occurrences of the revision date below with
the date of RFC publication (and remove this note).
<CODE BEGINS> file "iana-afn-safi@2012-02-20.yang"
module iana-afn-safi {
namespace "urn:ietf:params:xml:ns:yang:iana-afn-safi";
prefix "ianaaf";
organization
"IANA";
contact
"Internet Assigned Numbers Authority
Postal:
ICANN
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
U. S. A.
Tel: +1 310 823 9358
E-Mail: iana&iana.org
";
description
"This YANG module provides two typedefs containing YANG
definitions for the following IANA-registered enumerations:
- Address Family Numbers (AFN)
- Subsequent Address Family Identifiers (SAFI)
The latest revision of this YANG module can be obtained from the
IANA web site.
Copyright (c) 2012 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set
Lhotka Expires August 23, 2012 [Page 19]
Internet-Draft YANG Routing Configuration February 2012
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see the
RFC itself for full legal notices.
";
revision 2012-02-20 {
description
"Initial revision.";
reference
"RFC XXXX: A YANG Data Model for Routing Configuration";
}
typedef address-family {
type enumeration {
enum other {
value "0";
description
"none of the following";
}
enum ipV4 {
value "1";
description
"IP Version 4";
}
enum ipV6 {
value "2";
description
"IP Version 6";
}
enum nsap {
value "3";
description
"NSAP";
}
enum hdlc {
value "4";
description
"(8-bit multidrop)";
}
enum bbn1822 {
value "5";
description
"BBN Report 1822";
}
enum all802 {
Lhotka Expires August 23, 2012 [Page 20]
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Stapp & Volz Expires September 23, 2006 [Page 14]