draft-ietf-dhc-ddns-resolution-07.txt   draft-ietf-dhc-ddns-resolution-08.txt 
Dynamic Host Configuration M. Stapp Dynamic Host Configuration M. Stapp
Internet-Draft B. Volz Internet-Draft B. Volz
Expires: January 14, 2005 Cisco Systems, Inc. Expires: March 22, 2005 Cisco Systems, Inc.
July 16, 2004 September 21, 2004
Resolution of DNS Name Conflicts among DHCP Clients Resolution of DNS Name Conflicts among DHCP Clients
<draft-ietf-dhc-ddns-resolution-07.txt> <draft-ietf-dhc-ddns-resolution-08.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of section 3 of RFC 3667. By submitting this Internet-Draft, each of section 3 of RFC 3667. By submitting this Internet-Draft, each
author represents that any applicable patent or other IPR claims of author represents that any applicable patent or other IPR claims of
which he or she is aware have been or will be disclosed, and any of which he or she is aware have been or will be disclosed, and any of
which he or she become aware will be disclosed, in accordance with which he or she become aware will be disclosed, in accordance with
RFC 3668. RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as
Internet-Drafts. Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http:// The list of current Internet-Drafts can be accessed at
www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 14, 2005. This Internet-Draft will expire on March 22, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2004).
Abstract Abstract
DHCP provides a powerful mechanism for IP host configuration. DHCP provides a powerful mechanism for IP host configuration.
However, the configuration capability provided by DHCP does not However, the configuration capability provided by DHCP does not
include updating DNS, and specifically updating the name to address include updating DNS, and specifically updating the name to address
and address to name mappings maintained in the DNS. This document and address to name mappings maintained in the DNS. This document
describes techniques for the resolution of DNS name conflicts among describes techniques for the resolution of DNS name conflicts among
DHCP clients. DHCP clients.
skipping to change at page 2, line 17 skipping to change at page 2, line 17
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Issues with DNS Update in DHCP Environments . . . . . . . . . 3 3. Issues with DNS Update in DHCP Environments . . . . . . . . . 3
3.1 Client Misconfiguration . . . . . . . . . . . . . . . . . 4 3.1 Client Misconfiguration . . . . . . . . . . . . . . . . . 4
3.2 Multiple DHCP Servers . . . . . . . . . . . . . . . . . . 5 3.2 Multiple DHCP Servers . . . . . . . . . . . . . . . . . . 5
4. Use of the DHCID RR . . . . . . . . . . . . . . . . . . . . . 5 4. Use of the DHCID RR . . . . . . . . . . . . . . . . . . . . . 5
5. DNS RR TTLs . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. DNS RR TTLs . . . . . . . . . . . . . . . . . . . . . . . . . 6
6. Procedures for performing DNS updates . . . . . . . . . . . . 6 6. Procedures for performing DNS updates . . . . . . . . . . . . 6
6.1 Error Return Codes . . . . . . . . . . . . . . . . . . . . 6 6.1 Error Return Codes . . . . . . . . . . . . . . . . . . . . 6
6.2 Dual IPv4/IPv6 Client Considerations . . . . . . . . . . . 7 6.2 Dual IPv4/IPv6 Client Considerations . . . . . . . . . . . 7
6.3 Adding A RRs to DNS . . . . . . . . . . . . . . . . . . . 7 6.3 Adding A or AAAA RRs to DNS . . . . . . . . . . . . . . . 7
6.3.1 Initial DHCID RR Query . . . . . . . . . . . . . . . . 7 6.3.1 Initial DHCID RR Query . . . . . . . . . . . . . . . . 7
6.3.2 DNS UPDATE When Name Not in Use . . . . . . . . . . . 7 6.3.2 DNS UPDATE When Name Not in Use . . . . . . . . . . . 8
6.3.3 DNS UPDATE When Name in Use . . . . . . . . . . . . . 8 6.3.3 DNS UPDATE When Name in Use . . . . . . . . . . . . . 8
6.3.4 Name in Use by another Client . . . . . . . . . . . . 8 6.3.4 Name in Use by another Client . . . . . . . . . . . . 8
6.4 Adding PTR RR Entries to DNS . . . . . . . . . . . . . . . 9 6.4 Adding PTR RR Entries to DNS . . . . . . . . . . . . . . . 9
6.5 Removing Entries from DNS . . . . . . . . . . . . . . . . 9 6.5 Removing Entries from DNS . . . . . . . . . . . . . . . . 9
6.6 Updating Other RRs . . . . . . . . . . . . . . . . . . . . 9 6.6 Updating Other RRs . . . . . . . . . . . . . . . . . . . . 10
7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
9.1 Normative References . . . . . . . . . . . . . . . . . . . . 11 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 11
9.2 Informative References . . . . . . . . . . . . . . . . . . . 11 9.2 Informative References . . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 13
Intellectual Property and Copyright Statements . . . . . . . . 13 Intellectual Property and Copyright Statements . . . . . . . . 14
1. Terminology 1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1]. document are to be interpreted as described in RFC 2119 [1].
2. Introduction 2. Introduction
"The Client FQDN Option" [4] includes a description of the operation "The Client FQDN Option" [4] includes a description of the operation
of DHCP [5] clients and servers that use the client FQDN option. of DHCPv4 [7] clients and servers that use the DHCPv4 client FQDN
Through the use of the client FQDN option, DHCP clients and servers option. And, "The DHCPv6 Client FQDN Option" [5] includes a
can negotiate the client's FQDN and the allocation of responsibility description of the operation of DHCPv6 [9] clients and servers that
for updating the DHCP client's A or AAAA RR. This document use the DHCPv6 client FQDN option. Through the use of the client
identifies situations in which conflicts in the use of FQDNs may FQDN option, DHCP clients and servers can negotiate the client's FQDN
arise among DHCP clients, and describes a strategy for the use of the and the allocation of responsibility for updating the DHCP client's A
DHCID DNS resource record [2] in resolving those conflicts. or AAAA RR. This document identifies situations in which conflicts
in the use of FQDNs may arise among DHCP clients, and describes a
strategy for the use of the DHCID DNS resource record [2] in
resolving those conflicts.
In any case, whether a site permits all, some, or no DHCP servers and In any case, whether a site permits all, some, or no DHCP servers and
clients to perform DNS updates (RFC 2136 [3], RFC 3007 [7]) into the clients to perform DNS updates (RFC 2136 [3], RFC 3007 [11]) into the
zones that it controls is entirely a matter of local administrative zones that it controls is entirely a matter of local administrative
policy. This document does not require any specific administrative policy. This document does not require any specific administrative
policy, and does not propose one. The range of possible policies is policy, and does not propose one. The range of possible policies is
very broad, from sites where only the DHCP servers have been given very broad, from sites where only the DHCP servers have been given
credentials that the DNS servers will accept, to sites where each credentials that the DNS servers will accept, to sites where each
individual DHCP client has been configured with credentials that individual DHCP client has been configured with credentials that
allow the client to modify its own domain name. Compliant allow the client to modify its own domain name. Compliant
implementations MAY support some or all of these possibilities. implementations MAY support some or all of these possibilities.
Furthermore, this specification applies only to DHCP client and Furthermore, this specification applies only to DHCP client and
server processes: it does not apply to other processes that initiate server processes: it does not apply to other processes that initiate
skipping to change at page 4, line 17 skipping to change at page 4, line 19
At many (though not all) sites, administrators wish to maintain a At many (though not all) sites, administrators wish to maintain a
one-to-one relationship between active DHCP clients and domain names, one-to-one relationship between active DHCP clients and domain names,
and to maintain consistency between a host's A and PTR RRs. Hosts and to maintain consistency between a host's A and PTR RRs. Hosts
that are not represented in the DNS, or hosts which inadvertently that are not represented in the DNS, or hosts which inadvertently
share an FQDN with another host may encounter inconsistent behavior share an FQDN with another host may encounter inconsistent behavior
or may not be able to obtain access to network resources. Whether or may not be able to obtain access to network resources. Whether
each DHCP client is configured with a domain name by its each DHCP client is configured with a domain name by its
administrator or whether the DHCP server is configured to distribute administrator or whether the DHCP server is configured to distribute
the clients' names, the consistency of the DNS data is entirely the clients' names, the consistency of the DNS data is entirely
dependent on the accuracy of the configuration procedure. Sites that dependent on the accuracy of the configuration procedure. Sites that
deploy Secure DNS [6] may configure credentials for each host and its deploy Secure DNS [10] may configure credentials for each host and
assigned name in a way that is more error-resistant, but this level its assigned name in a way that is more error-resistant, but this
of pre-configuration is still rare in DHCP environments. level of pre-configuration is still rare in DHCP environments.
Consider an example in which two DHCP clients in the "org.nil" Consider an example in which two DHCP clients in the "org.nil"
network are both configured with the name "foo". The clients are network are both configured with the name "foo". The clients are
permitted to perform their own DNS updates. The first client, client permitted to perform their own DNS updates. The first client, client
A, is configured via DHCP. It adds an A RR to "foo.org.nil", and its A, is configured via DHCP. It adds an A RR to "foo.org.nil", and its
DHCP server adds a PTR RR corresponding to its IP address lease. DHCP server adds a PTR RR corresponding to its IP address lease.
When the second client, client B, boots, it is also configured via When the second client, client B, boots, it is also configured via
DHCP, and it also begins to update "foo.org.nil". DHCP, and it also begins to update "foo.org.nil".
At this point, the "org.nil" administrators may wish to establish At this point, the "org.nil" administrators may wish to establish
skipping to change at page 6, line 26 skipping to change at page 6, line 26
this volatility, in order to minimize the possibility that answers to this volatility, in order to minimize the possibility that answers to
DNS queries will return records that refer to DHCP lease bindings DNS queries will return records that refer to DHCP lease bindings
that have expired. that have expired.
The coupling among primary, secondary, and caching DNS servers is The coupling among primary, secondary, and caching DNS servers is
'loose'; that is a fundamental part of the design of the DNS. This 'loose'; that is a fundamental part of the design of the DNS. This
looseness makes it impossible to prevent all possible situations in looseness makes it impossible to prevent all possible situations in
which a resolver may return a record reflecting a DHCP lease binding which a resolver may return a record reflecting a DHCP lease binding
that has expired. In deployment, this rarely if ever represents a that has expired. In deployment, this rarely if ever represents a
significant problem. Most DHCP-managed hosts are rarely looked-up by significant problem. Most DHCP-managed hosts are rarely looked-up by
name in the DNS, and the deployment of IXFR (RFC 1995 [10]) and name in the DNS, and the deployment of IXFR (RFC 1995 [14]) and
NOTIFY (RFC 1996 [11]) can reduce the latency between updates and NOTIFY (RFC 1996 [15]) can reduce the latency between updates and
their visibility at secondary servers. their visibility at secondary servers.
We suggest these basic guidelines for implementers. In general, the We suggest these basic guidelines for implementers. In general, the
TTLs for RRs added as a result of DHCP lease activity SHOULD be less TTLs for RRs added as a result of DHCP lease activity SHOULD be less
than the initial lease time. The RR TTL on a DNS record added for a than the initial lease time. The RR TTL on a DNS record added for a
DHCP lease SHOULD NOT exceed 1/3 of the lease time, and SHOULD be at DHCP lease SHOULD NOT exceed 1/3 of the lease time, and SHOULD be at
least 10 minutes. We recognize that individual administrators will least 10 minutes. We recognize that individual administrators will
have varying requirements: DHCP servers and clients SHOULD allow have varying requirements: DHCP servers and clients SHOULD allow
administrators to configure TTLs, either as an absolute time interval administrators to configure TTLs, either as an absolute time interval
or as a percentage of the lease time. or as a percentage of the lease time.
skipping to change at page 7, line 11 skipping to change at page 7, line 11
misconfiguration of the updater or of the DNS server, the updater MAY misconfiguration of the updater or of the DNS server, the updater MAY
attempt to signal to its administrator that an error has occurred, attempt to signal to its administrator that an error has occurred,
e.g. through a log message. e.g. through a log message.
6.2 Dual IPv4/IPv6 Client Considerations 6.2 Dual IPv4/IPv6 Client Considerations
At the time of publication of this document, a small minority of DHCP At the time of publication of this document, a small minority of DHCP
clients support both IPv4 and IPv6. We anticipate, however, that a clients support both IPv4 and IPv6. We anticipate, however, that a
transition will take place over a period of time, and more sites will transition will take place over a period of time, and more sites will
have dual-stack clients present. IPv6 clients will be represented by have dual-stack clients present. IPv6 clients will be represented by
AAAA RRs; IPv4 clients by A RRs. The administrators of some mixed AAAA RRs; IPv4 clients by A RRs. The administrators of mixed
deployments may wish to permit a single name to contain A and AAAA deployments will likely wish to permit a single name to contain A and
RRs from different clients. Other deployments may wish to restrict AAAA RRs from the same client.
the use of a DNS name to a single DHCP client, and allow only A and
AAAA RRs reflecting that client's DHCP leases.
6.3 Adding A RRs to DNS Sites that wish to permit a single name to contain both A and AAAA
RRs MUST make use of DHCPv4 clients and servers that support using
the DHCP Unique Identifier for DHCPv4 client identifiers, see
Node-Specific Client Identifiers for DHCPv4 [6]. Otherwise, a
dual-stack client that uses older-style DHCPv4 client identifiers
(see [7] and [8]) will only be able to have either its A or AAAA
record in DNS under a name because of the DHCID RR conflicts that
result.
6.3 Adding A or AAAA RRs to DNS
6.3.1 Initial DHCID RR Query 6.3.1 Initial DHCID RR Query
When a DHCP client or server intends to update an A RR, it performs a When a DHCP client or server intends to update an A or AAAA RR, it
DNS query with QNAME of the target name and with QTYPE of DHCID. performs a DNS query with QNAME of the target name and with QTYPE of
DHCID.
If the query returns NXDOMAIN, the updater can conclude that the name If the query returns NXDOMAIN, the updater can conclude that the name
is not in use and proceeds to Section 6.3.2. is not in use and proceeds to Section 6.3.2.
If the query returns NODATA, the updater can conclude that the target If the query returns NOERROR but without an answer, the updater can
name is in use, but that no DHCID RR is present. This indicates that conclude that the target name is in use, but that no DHCID RR is
some records have been configured by an administrator. Whether the present. This indicates that some records have been configured by an
updater proceeds with an update is a matter of local administrative administrator. Whether the updater proceeds with an update is a
policy. matter of local administrative policy.
If the DHCID rrset is returned, the updater uses the hash calculation If the DHCID rrset is returned, the updater uses the hash calculation
defined in the DHCID RR specification [4] to determine whether the defined in the DHCID RR specification [4] to determine whether the
client associated with the name matches the current client's client associated with the name matches the current client's
identity. If so, the updater proceeds to Section 6.3.3. Otherwise identity. If so, the updater proceeds to Section 6.3.3. Otherwise
the updater must conclude that the client's desired name is in use by the updater must conclude that the client's desired name is in use by
another host and proceeds to Section 6.3.4. another host and proceeds to Section 6.3.4.
If any other status is returned, the updater MUST NOT attempt an If any other status is returned, the updater MUST NOT attempt an
update. update.
6.3.2 DNS UPDATE When Name Not in Use 6.3.2 DNS UPDATE When Name Not in Use
The updater prepares a DNS UPDATE query that includes as a The updater prepares a DNS UPDATE query that includes as a
prerequisite the assertion that the name does not exist. The update prerequisite the assertion that the name does not exist. The update
section of the query attempts to add the new name and its IP address section of the query attempts to add the new name and its IP address
mapping (an A RR), and the DHCID RR with its unique client-identity. mapping (an A or AAAA RR), and the DHCID RR with its unique
client-identity.
If the update operation succeeds, the A RR update is now complete If the update operation succeeds, the A or AAAA RR update is now
(and a client updater is finished, while a server would then proceed complete (and a client updater is finished, while a server would then
to perform a PTR RR update). proceed to perform a PTR RR update).
If the update returns YXDOMAIN, the updater can now conclude that the If the update returns YXDOMAIN, the updater can now conclude that the
intended name is in use and proceeds to Section 6.3.3. intended name is in use and proceeds to Section 6.3.3.
6.3.3 DNS UPDATE When Name in Use 6.3.3 DNS UPDATE When Name in Use
The updater next attempts to confirm that the DNS name is not being The updater next attempts to confirm that the DNS name is not being
used by some other host. The updater prepares a UPDATE query in used by some other host. The updater prepares a UPDATE query in
which the prerequisite is that the desired name has attached to it a which the prerequisite is that the desired name has attached to it a
DHCID RR whose contents match the client identity. The update DHCID RR whose contents match the client identity. The update
section of this query deletes the existing A records on the name, and section of the UPDATE query contains:
adds the A record that matches the DHCP binding and the DHCID RR with 1. A delete of any existing A RRs on the name if this is an A update
the client identity. or an AAAA update and the updater does not desire A records on
the name.
2. A delete of the existing AAAA RRs on the name if the updater does
not desire AAAA records on the name or this update is adding an
AAAA and the updater only desires a single address on the name.
3. An add of the A RR that matches the DHCP binding if this is an A
update.
4. An add of the AAAA RR that matches the DHCP binding if this is an
AAAA update.
If the update succeeds, the updater can conclude that the current If the update succeeds, the updater can conclude that the current
client was the last client associated with the domain name, and that client was the last client associated with the domain name, and that
the name now contains the updated A RR. The A RR update is now the name now contains the updated A or AAAA RR. The update is now
complete (and a client updater is finished, while a server would then complete (and a client updater is finished, while a server would then
proceed to perform a PTR RR update). proceed to perform a PTR RR update).
If the update returns NXRRSET, the updater must conclude that the If the update returns NXRRSET, the updater must conclude that the
client's desired name is in use by another host and proceeds to client's desired name is in use by another host and proceeds to
Section 6.3.3. Section 6.3.4.
6.3.4 Name in Use by another Client 6.3.4 Name in Use by another Client
At this juncture, the updater can decide (based on some At this juncture, the updater can decide (based on some
administrative configuration outside of the scope of this document) administrative configuration outside of the scope of this document)
whether to let the existing owner of the name keep that name, and to whether to let the existing owner of the name keep that name, and to
(possibly) perform some name disambiguation operation on behalf of (possibly) perform some name disambiguation operation on behalf of
the current client, or to replace the RRs on the name with RRs that the current client, or to replace the RRs on the name with RRs that
represent the current client. If the configured policy allows represent the current client. If the configured policy allows
replacement of existing records, the updater submits a query that replacement of existing records, the updater submits a query that
deletes the existing A RR and the existing DHCID RR, adding A and deletes all RRs for the name and adds the A or AAAA and DHCID RRs
DHCID RRs that represent the IP address and client-identity of the that represent the address and client-identity of the new client.
new client.
DISCUSSION: DISCUSSION:
The updating entity may be configured to allow the existing DNS The updating entity may be configured to allow the existing DNS
records on the domain name to remain unchanged, and to perform records on the domain name to remain unchanged, and to perform
disambiguation on the name of the current client in order to disambiguation on the name of the current client in order to
attempt to generate a similar but unique name for the current attempt to generate a similar but unique name for the current
client. In this case, once another candidate name has been client. In this case, once another candidate name has been
generated, the updater should restart the process of adding an A generated, the updater should restart the process of adding an A
RR as specified in this section. RR as specified in this section.
6.4 Adding PTR RR Entries to DNS 6.4 Adding PTR RR Entries to DNS
The DHCP server submits a DNS query that deletes all of the PTR RRs The DHCP server submits a DNS query that deletes all of the PTR RRs
associated with the lease IP address, and adds a PTR RR whose data is associated with the lease IP address, and adds a PTR RR whose data is
the client's (possibly disambiguated) host name. The server MAY also the client's (possibly disambiguated) host name. The server MAY also
add a DHCID RR as specified in Section 4. add a DHCID RR as specified in Section 4, in which case it would
include a delete of all of the DHCID RRs associated with the lease IP
address, and adds a DHCID RR for the client.
6.5 Removing Entries from DNS 6.5 Removing Entries from DNS
The most important consideration in removing DNS entries is be sure The most important consideration in removing DNS entries is be sure
that an entity removing a DNS entry is only removing an entry that it that an entity removing a DNS entry is only removing an entry that it
added, or for which an administrator has explicitly assigned it added, or for which an administrator has explicitly assigned it
responsibility. responsibility.
When a lease expires or a DHCP client issues a DHCPRELEASE request, When a lease expires or a DHCP client issues a DHCPRELEASE [7] or
the DHCP server SHOULD delete the PTR RR that matches the DHCP Release [9] request, the DHCP server SHOULD delete the PTR RR that
binding, if one was successfully added. The server's update query matches the DHCP binding, if one was successfully added. The
SHOULD assert that the name in the PTR record matches the name of the server's update query SHOULD assert that the name in the PTR record
client whose lease has expired or been released. matches the name of the client whose lease has expired or been
released and should delete all RRs for the name.
The entity chosen to handle the A record for this client (either the The entity chosen to handle the A or AAAA record for this client
client or the server) SHOULD delete the A record that was added when (either the client or the server) SHOULD delete the A or AAAA record
the lease was made to the client. that was added when the lease was made to the client. However, the
updater should only remove the DHCID RR if there are no A or AAAA RRs
for the client.
In order to perform this delete, the updater prepares an UPDATE query In order to perform this A or AAAA RR delete, the updater prepares an
that contains two prerequisites. The first prerequisite asserts that UPDATE query that contains a prerequisite that asserts that the DHCID
the DHCID RR exists whose data is the client identity described in RR exists whose data is the client identity described in Section 4
Section 4. The second prerequisite asserts that the data in the A RR and contains an update section that deletes the client's specific A
contains the IP address of the lease that has expired or been or AAAA RR.
released.
If the query fails, the updater MUST NOT delete the DNS name. It may If the query succeeds, the updater prepares a second UPDATE query
be that the client whose lease on has expired has moved to another that contains three prerequisites and deletes all RRs for the name.
The first prerequisite asserts that the DHCID RR exists whose data is
the client identity described in Section 4. The second prerequisite
asserts that there are no A RRs. The third prerequisite asserts that
there are no AAAA RRs.
If either query fails, the updater MUST NOT delete the DNS name. It
may be that the client whose lease has expired has moved to another
network and obtained a lease from a different server, which has network and obtained a lease from a different server, which has
caused the client's A RR to be replaced. It may also be that some caused the client's A or AAAA RR to be replaced. It may also be that
other client has been configured with a name that matches the name of some other client has been configured with a name that matches the
the DHCP client, and the policy was that the last client to specify name of the DHCP client, and the policy was that the last client to
the name would get the name. In these cases, the DHCID RR will no specify the name would get the name. In these cases, the DHCID RR
longer match the updater's notion of the client-identity of the host will no longer match the updater's notion of the client-identity of
pointed to by the DNS name. the host pointed to by the DNS name.
6.6 Updating Other RRs 6.6 Updating Other RRs
The procedures described in this document only cover updates to the A The procedures described in this document only cover updates to the
and PTR RRs. Updating other types of RRs is outside the scope of A, AAAA, PTR, and DHCID RRs. Updating other types of RRs is outside
this document. the scope of this document.
7. Security Considerations 7. Security Considerations
Unauthenticated updates to the DNS can lead to tremendous confusion, Unauthenticated updates to the DNS can lead to tremendous confusion,
through malicious attack or through inadvertent misconfiguration. through malicious attack or through inadvertent misconfiguration.
Administrators should be wary of permitting unsecured DNS updates to Administrators should be wary of permitting unsecured DNS updates to
zones that are exposed to the global Internet. Both DHCP clients and zones that are exposed to the global Internet. Both DHCP clients and
servers SHOULD use some form of update request authentication (e.g., servers SHOULD use some form of update request authentication (e.g.,
TSIG [8]) when performing DNS updates. TSIG [12]) when performing DNS updates.
Whether a DHCP client may be responsible for updating an FQDN to IP Whether a DHCP client may be responsible for updating an FQDN to IP
address mapping, or whether this is the responsibility of the DHCP address mapping, or whether this is the responsibility of the DHCP
server is a site-local matter. The choice between the two server is a site-local matter. The choice between the two
alternatives may be based on the security model that is used with the alternatives may be based on the security model that is used with the
Dynamic DNS Update protocol (e.g., only a client may have sufficient Dynamic DNS Update protocol (e.g., only a client may have sufficient
credentials to perform updates to the FQDN to IP address mapping for credentials to perform updates to the FQDN to IP address mapping for
its FQDN). its FQDN).
Whether a DHCP server is always responsible for updating the FQDN to Whether a DHCP server is always responsible for updating the FQDN to
skipping to change at page 10, line 37 skipping to change at page 11, line 15
updates. In cases where a DHCP server is performing DNS updates on updates. In cases where a DHCP server is performing DNS updates on
behalf of a client, the DHCP server should be sure of the DNS name to behalf of a client, the DHCP server should be sure of the DNS name to
use for the client, and of the identity of the client. use for the client, and of the identity of the client.
Currently, it is difficult for DHCP servers to develop much Currently, it is difficult for DHCP servers to develop much
confidence in the identities of their clients, given the absence of confidence in the identities of their clients, given the absence of
entity authentication from the DHCP protocol itself. There are many entity authentication from the DHCP protocol itself. There are many
ways for a DHCP server to develop a DNS name to use for a client, but ways for a DHCP server to develop a DNS name to use for a client, but
only in certain relatively rare circumstances will the DHCP server only in certain relatively rare circumstances will the DHCP server
know for certain the identity of the client. If DHCP Authentication know for certain the identity of the client. If DHCP Authentication
[9] becomes widely deployed this may become more customary. [13] becomes widely deployed this may become more customary.
One example of a situation that offers some extra assurances is one One example of a situation that offers some extra assurances is one
where the DHCP client is connected to a network through an MCNS cable where the DHCP client is connected to a network through an MCNS cable
modem, and the CMTS (head-end) of the cable modem ensures that MAC modem, and the CMTS (head-end) of the cable modem ensures that MAC
address spoofing simply does not occur. Another example of a address spoofing simply does not occur. Another example of a
configuration that might be trusted is one where clients obtain configuration that might be trusted is one where clients obtain
network access via a network access server using PPP. The NAS itself network access via a network access server using PPP. The NAS itself
might be obtaining IP addresses via DHCP, encoding a client might be obtaining IP addresses via DHCP, encoding a client
identification into the DHCP client-id option. In this case, the identification into the DHCP client-id option. In this case, the
network access server as well as the DHCP server might be operating network access server as well as the DHCP server might be operating
skipping to change at page 11, line 32 skipping to change at page 12, line 11
[3] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound, "Dynamic [3] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound, "Dynamic
Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April
1997. 1997.
9.2 Informative References 9.2 Informative References
[4] Stapp, M. and Y. Rekhter, "The DHCP Client FQDN Option [4] Stapp, M. and Y. Rekhter, "The DHCP Client FQDN Option
(draft-ietf-dhc-fqdn-option-*.txt)", July 2004. (draft-ietf-dhc-fqdn-option-*.txt)", July 2004.
[5] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, [5] Volz, B., "The DHCPv6 Client FQDN Option
(draft-ietf-dhc-dhcpv6-fqdn-*.txt)", September 2004.
[6] Lemon, T. and B. Sommerfeld, "Node-Specific Client Identifiers
for DHCPv4 (draft-ietf-dhc-3315id-for-v4-*txt)", July 2004.
[7] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
March 1997. March 1997.
[6] Eastlake, D., "Domain Name System Security Extensions", RFC [8] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor
Extensions", RFC 2132, March 1997.
[9] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M.
Carney, "Dynamic Host Configuration Protocol for IPv6
(DHCPv6)", RFC 3315, July 2003.
[10] Eastlake, D., "Domain Name System Security Extensions", RFC
2535, March 1999. 2535, March 1999.
[7] Wellington, B., "Secure Domain Name System (DNS) Dynamic [11] Wellington, B., "Secure Domain Name System (DNS) Dynamic
Update", RFC 3007, November 2000. Update", RFC 3007, November 2000.
[8] Vixie, P., Gudmundsson, O., Eastlake, D. and B. Wellington, [12] Vixie, P., Gudmundsson, O., Eastlake, D. and B. Wellington,
"Secret Key Transaction Authentication for DNS (TSIG)", RFC "Secret Key Transaction Authentication for DNS (TSIG)", RFC
2845, May 2000. 2845, May 2000.
[9] Droms, R. and W. Arbaugh, "Authentication for DHCP Messages", [13] Droms, R. and W. Arbaugh, "Authentication for DHCP Messages",
RFC 3118, June 2001. RFC 3118, June 2001.
[10] Ohta, M., "Incremental Zone Transfer in DNS", RFC 1995, August [14] Ohta, M., "Incremental Zone Transfer in DNS", RFC 1995, August
1996. 1996.
[11] Vixie, P., "A Mechanism for Prompt Notification of Zone Changes [15] Vixie, P., "A Mechanism for Prompt Notification of Zone Changes
(DNS NOTIFY)", RFC 1996, August 1996. (DNS NOTIFY)", RFC 1996, August 1996.
Authors' Addresses Authors' Addresses
Mark Stapp Mark Stapp
Cisco Systems, Inc. Cisco Systems, Inc.
1414 Massachusetts Ave. 1414 Massachusetts Ave.
Boxborough, MA 01719 Boxborough, MA 01719
USA USA
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/