draft-ietf-dhc-dhcpv6-23.txt   draft-ietf-dhc-dhcpv6-24.txt 
Internet Engineering Task Force J. Bound Internet Engineering Task Force J. Bound
INTERNET DRAFT Compaq INTERNET DRAFT Compaq
DHC Working Group M. Carney DHC Working Group M. Carney
Obsoletes: draft-ietf-dhc-dhcpv6-22.txt Sun Microsystems, Inc Obsoletes: draft-ietf-dhc-dhcpv6-23.txt Sun Microsystems, Inc
C. Perkins C. Perkins
Nokia Research Center Nokia Research Center
Ted Lemon Ted Lemon
Nominum Nominum
Bernie Volz Bernie Volz
Ericsson Ericsson
R. Droms(ed.) R. Droms(ed.)
Cisco Systems Cisco Systems
1 Feb 2002 22 Apr 2002
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
draft-ietf-dhc-dhcpv6-23.txt draft-ietf-dhc-dhcpv6-24.txt
Status of This Memo Status of This Memo
This document is a submission by the Dynamic Host Configuration This document is a submission by the Dynamic Host Configuration
Working Group of the Internet Engineering Task Force (IETF). Comments Working Group of the Internet Engineering Task Force (IETF). Comments
should be submitted to the dhcwg@ietf.org mailing list. should be submitted to the dhcwg@ietf.org mailing list.
Distribution of this memo is unlimited. Distribution of this memo is unlimited.
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
skipping to change at page 1, line 51 skipping to change at page 1, line 51
The list of Internet-Draft Shadow Directories can be accessed at: The list of Internet-Draft Shadow Directories can be accessed at:
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
The Dynamic Host Configuration Protocol for IPv6 (DHCP) enables The Dynamic Host Configuration Protocol for IPv6 (DHCP) enables
DHCP servers to pass configuration parameters such as IPv6 network DHCP servers to pass configuration parameters such as IPv6 network
addresses to IPv6 nodes. It offers the capability of automatic addresses to IPv6 nodes. It offers the capability of automatic
allocation of reusable network addresses and additional configuration allocation of reusable network addresses and additional configuration
flexibility. This protocol is a stateful counterpart to "IPv6 flexibility. This protocol is a stateful counterpart to "IPv6
Stateless Address Autoconfiguration" [21], and can be used separately Stateless Address Autoconfiguration" (RFC2462), and can be used
or concurrently with the latter to obtain configuration parameters. separately or concurrently with the latter to obtain configuration
parameters.
Contents Contents
Status of This Memo i Status of This Memo i
Abstract i Abstract i
1. Introduction 1 1. Introduction and Overview 1
1.1. Protocols and addressing . . . . . . . . . . . . . . . . 2
2. Requirements 2 1.2. Protocol implementation . . . . . . . . . . . . . . . . . 2
1.3. Client-server exchanges involving two messages . . . . . 3
1.4. Client-server exchanges involving four messages . . . . . 3
3. Background 2 2. Requirements 4
4. Design Goals 3 3. Background 4
5. Non-Goals 4 4. Terminology 5
4.1. IPv6 Terminology . . . . . . . . . . . . . . . . . . . . 5
4.2. DHCP Terminology . . . . . . . . . . . . . . . . . . . . 6
6. Terminology 4 5. DHCP Constants 8
6.1. IPv6 Terminology . . . . . . . . . . . . . . . . . . . . 4 5.1. Multicast Addresses . . . . . . . . . . . . . . . . . . . 8
6.2. DHCP Terminology . . . . . . . . . . . . . . . . . . . . 5 5.2. Anycast address . . . . . . . . . . . . . . . . . . . . . 8
5.3. UDP ports . . . . . . . . . . . . . . . . . . . . . . . . 8
5.4. DHCP message types . . . . . . . . . . . . . . . . . . . 9
5.5. Status Codes . . . . . . . . . . . . . . . . . . . . . . 10
5.6. Configuration Parameters . . . . . . . . . . . . . . . . 11
7. DHCP Constants 7 6. Message Formats 11
7.1. Multicast Addresses . . . . . . . . . . . . . . . . . . . 7
7.2. UDP ports . . . . . . . . . . . . . . . . . . . . . . . . 7
7.3. DHCP message types . . . . . . . . . . . . . . . . . . . 8
7.4. Status Codes . . . . . . . . . . . . . . . . . . . . . . 9
7.4.1. Generic Status Codes . . . . . . . . . . . . . . 9
7.4.2. Server-specific Status Codes . . . . . . . . . . 10
7.5. Configuration Variables . . . . . . . . . . . . . . . . . 11
8. Message Formats 11 7. Relay agent messages 12
8.1. DHCP Solicit Message Format . . . . . . . . . . . . . . . 12 7.1. Relay-forward message . . . . . . . . . . . . . . . . . . 13
8.2. DHCP Advertise Message Format . . . . . . . . . . . . . . 12 7.2. Relay-reply message . . . . . . . . . . . . . . . . . . . 14
8.3. DHCP Request Message Format . . . . . . . . . . . . . . . 12
8.4. DHCP Confirm Message Format . . . . . . . . . . . . . . . 13
8.5. DHCP Renew Message Format . . . . . . . . . . . . . . . . 13
8.6. DHCP Rebind Message Format . . . . . . . . . . . . . . . 13
8.7. DHCP Reply Message Format . . . . . . . . . . . . . . . . 13
8.8. DHCP Release Message Format . . . . . . . . . . . . . . . 13
8.9. DHCP Decline Message Format . . . . . . . . . . . . . . . 14
8.10. DHCP Reconfigure Message Format . . . . . . . . . . . . . 14
8.11. Information-Request Message Format . . . . . . . . . . . 14
9. Relay messages 14 8. Representation and use of domain names 14
9.1. Relay-forward message . . . . . . . . . . . . . . . . . . 15
9.2. Relay-reply message . . . . . . . . . . . . . . . . . . . 16
10. Representation and use of domain names 16 9. DHCP unique identifier (DUID) 14
9.1. DUID contents . . . . . . . . . . . . . . . . . . . . . . 15
9.2. DUID based on link-layer address plus time . . . . . . . 15
9.3. Vendor-assigned unique ID based on Domain Name (VUID-DN) 16
9.4. Vendor-assigned unique ID based on Enterprise Number
(VUID-EN) . . . . . . . . . . . . . . . . . . . . . . 17
9.5. Link-layer address . . . . . . . . . . . . . . . . . . . 18
11. DHCP unique identifier (DUID) 16 10. Identity association 19
11.1. DUID contents . . . . . . . . . . . . . . . . . . . . . . 17
11.2. DUID based on link-layer address plus time . . . . . . . 17
11.3. Vendor-assigned unique ID (VUID) . . . . . . . . . . . . 18
11.4. Link-layer address . . . . . . . . . . . . . . . . . . . 19
12. Identity association 20 11. Selecting addresses for assignment to an IA 20
13. Selecting addresses for assignment to an IA 21 12. Management of temporary addresses 21
14. Management of temporary addresses 22 13. Transmission of messages by a client 21
15. Reliability of Client Initiated Message Exchanges 23 14. Reliability of Client Initiated Message Exchanges 21
16. Message validation 24 15. Message validation 23
16.1. Use of Transaction-ID field . . . . . . . . . . . . . . . 24 15.1. Use of Transaction-ID field . . . . . . . . . . . . . . . 23
16.2. Solicit message . . . . . . . . . . . . . . . . . . . . . 25 15.2. Solicit message . . . . . . . . . . . . . . . . . . . . . 23
16.3. Advertise message . . . . . . . . . . . . . . . . . . . . 25 15.3. Advertise message . . . . . . . . . . . . . . . . . . . . 24
16.4. Request message . . . . . . . . . . . . . . . . . . . . . 25 15.4. Request message . . . . . . . . . . . . . . . . . . . . . 24
16.5. Confirm message . . . . . . . . . . . . . . . . . . . . . 25 15.5. Confirm message . . . . . . . . . . . . . . . . . . . . . 24
16.6. Renew message . . . . . . . . . . . . . . . . . . . . . . 26 15.6. Renew message . . . . . . . . . . . . . . . . . . . . . . 24
16.7. Rebind message . . . . . . . . . . . . . . . . . . . . . 26 15.7. Rebind message . . . . . . . . . . . . . . . . . . . . . 25
16.8. Decline messages . . . . . . . . . . . . . . . . . . . . 26 15.8. Decline messages . . . . . . . . . . . . . . . . . . . . 25
16.9. Release message . . . . . . . . . . . . . . . . . . . . . 27 15.9. Release message . . . . . . . . . . . . . . . . . . . . . 25
16.10. Reply message . . . . . . . . . . . . . . . . . . . . . . 27 15.10. Reply message . . . . . . . . . . . . . . . . . . . . . . 25
16.11. Reconfigure message . . . . . . . . . . . . . . . . . . . 27 15.11. Reconfigure message . . . . . . . . . . . . . . . . . . . 26
16.12. Information-request message . . . . . . . . . . . . . . . 27 15.12. Information-request message . . . . . . . . . . . . . . . 26
16.13. Relay-forward message . . . . . . . . . . . . . . . . . . 28 15.13. Relay-forward message . . . . . . . . . . . . . . . . . . 26
16.14. Relay-reply message . . . . . . . . . . . . . . . . . . . 28 15.14. Relay-reply message . . . . . . . . . . . . . . . . . . . 26
17. Client Source Address and Interface Selection 28 16. Client Source Address and Interface Selection 26
18. DHCP Server Solicitation 28 17. DHCP Server Solicitation 27
18.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 29 17.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 27
18.1.1. Creation of Solicit messages . . . . . . . . . . 29 17.1.1. Creation of Solicit messages . . . . . . . . . . 27
18.1.2. Transmission of Solicit Messages . . . . . . . . 29 17.1.2. Transmission of Solicit Messages . . . . . . . . 28
18.1.3. Receipt of Advertise messages . . . . . . . . . . 30 17.1.3. Receipt of Advertise messages . . . . . . . . . . 29
18.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 31 17.1.4. Receipt of Reply message . . . . . . . . . . . . 30
18.2.1. Receipt of Solicit messages . . . . . . . . . . . 31 17.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 30
18.2.2. Creation and transmission of Advertise messages . 31 17.2.1. Receipt of Solicit messages . . . . . . . . . . . 30
17.2.2. Creation and transmission of Advertise messages . 30
17.2.3. Creation and Transmission of Reply messages . . . 31
19. DHCP Client-Initiated Configuration Exchange 32 18. DHCP Client-Initiated Configuration Exchange 32
19.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 33 18.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 32
19.1.1. Creation and transmission of Request messages . . 33 18.1.1. Creation and transmission of Request messages . . 32
19.1.2. Creation and transmission of Confirm messages . . 34 18.1.2. Creation and transmission of Confirm messages . . 34
19.1.3. Creation and transmission of Renew messages . . . 35 18.1.3. Creation and transmission of Renew messages . . . 35
19.1.4. Creation and transmission of Rebind messages . . 37 18.1.4. Creation and transmission of Rebind messages . . 36
19.1.5. Creation and Transmission of Information-request 18.1.5. Creation and Transmission of Information-request
messages . . . . . . . . . . . . . . . . . 38 messages . . . . . . . . . . . . . . . . . 37
19.1.6. Receipt of Reply message in response to a Request, 18.1.6. Receipt of Reply message in response to a Request,
Confirm, Renew, Rebind or Information-request Confirm, Renew, Rebind or Information-request
message . . . . . . . . . . . . . . . . . 38 message . . . . . . . . . . . . . . . . . 38
19.1.7. Creation and transmission of Release messages . . 40 18.1.7. Creation and transmission of Release messages . . 39
19.1.8. Receipt of Reply message in response to a Release 18.1.8. Receipt of Reply message in response to a Release
message . . . . . . . . . . . . . . . . . 40
18.1.9. Creation and transmission of Decline messages . . 40
18.1.10. Receipt of Reply message in response to a Decline
message . . . . . . . . . . . . . . . . . 41 message . . . . . . . . . . . . . . . . . 41
19.1.9. Creation and transmission of Decline messages . . 41 18.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 41
19.1.10. Receipt of Reply message in response to a Decline 18.2.1. Receipt of Request messages . . . . . . . . . . . 41
message . . . . . . . . . . . . . . . . . 42 18.2.2. Receipt of Confirm messages . . . . . . . . . . . 42
19.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 42 18.2.3. Receipt of Renew messages . . . . . . . . . . . . 43
19.2.1. Receipt of Request messages . . . . . . . . . . . 42 18.2.4. Receipt of Rebind messages . . . . . . . . . . . 44
19.2.2. Receipt of Confirm messages . . . . . . . . . . . 43 18.2.5. Receipt of Information-request messages . . . . . 44
19.2.3. Receipt of Renew messages . . . . . . . . . . . . 44 18.2.6. Receipt of Release messages . . . . . . . . . . . 45
19.2.4. Receipt of Rebind messages . . . . . . . . . . . 45 18.2.7. Receipt of Decline messages . . . . . . . . . . . 45
19.2.5. Receipt of Information-request messages . . . . . 46 18.2.8. Transmission of Reply messages . . . . . . . . . 46
19.2.6. Receipt of Release messages . . . . . . . . . . . 47
19.2.7. Receipt of Decline messages . . . . . . . . . . . 47
19.2.8. Transmission of Reply messages . . . . . . . . . 47
20. DHCP Server-Initiated Configuration Exchange 48 19. DHCP Server-Initiated Configuration Exchange 46
20.1. Server Behavior . . . . . . . . . . . . . . . . . . . . . 48 19.1. Server Behavior . . . . . . . . . . . . . . . . . . . . . 46
20.1.1. Creation and transmission of Reconfigure messages 48 19.1.1. Creation and transmission of Reconfigure messages 46
20.1.2. Time out and retransmission of Reconfigure 19.1.2. Time out and retransmission of Reconfigure
messages . . . . . . . . . . . . . . . . . 47
19.1.3. Receipt of Renew messages . . . . . . . . . . . . 47
19.2. Receipt of Information-request messages . . . . . . . . . 48
19.3. Client Behavior . . . . . . . . . . . . . . . . . . . . . 48
19.3.1. Receipt of Reconfigure messages . . . . . . . . . 48
19.3.2. Creation and transmission of Renew messages . . . 49
19.3.3. Creation and transmission of Information-request
messages . . . . . . . . . . . . . . . . . 49 messages . . . . . . . . . . . . . . . . . 49
20.1.3. Receipt of Renew messages . . . . . . . . . . . . 49 19.3.4. Time out and retransmission of Renew or
20.2. Receipt of Information-request messages . . . . . . . . . 49 Information-request messages . . . . . . . 49
20.3. Client Behavior . . . . . . . . . . . . . . . . . . . . . 50 19.3.5. Receipt of Reply messages . . . . . . . . . . . . 49
20.3.1. Receipt of Reconfigure messages . . . . . . . . . 50
20.3.2. Creation and transmission of Renew messages . . . 51
20.3.3. Creation and transmission of Information-request
messages . . . . . . . . . . . . . . . . . 51
20.3.4. Time out and retransmission of Renew or
Information-request messages . . . . . . . 51
20.3.5. Receipt of Reply messages . . . . . . . . . . . . 51
21. Relay Behavior 52 20. Relay Agent Behavior 50
21.1. Relaying of client messages . . . . . . . . . . . . . . . 52 20.1. Relaying of client messages . . . . . . . . . . . . . . . 50
21.2. Relaying of server messages . . . . . . . . . . . . . . . 52 20.2. Relaying of server messages . . . . . . . . . . . . . . . 50
22. Authentication of DHCP messages 53 21. Authentication of DHCP messages 51
22.1. DHCP threat model . . . . . . . . . . . . . . . . . . . . 53 21.1. DHCP threat model . . . . . . . . . . . . . . . . . . . . 51
22.2. Security of messages sent between servers and relay agents 54 21.2. Security of messages sent between servers and relay agents 52
22.3. Summary of DHCP authentication . . . . . . . . . . . . . 54 21.3. Summary of DHCP authentication . . . . . . . . . . . . . 52
22.4. Replay detection . . . . . . . . . . . . . . . . . . . . 54 21.4. Replay detection . . . . . . . . . . . . . . . . . . . . 52
22.5. Configuration token protocol . . . . . . . . . . . . . . 54 21.5. Delayed authentication protocol . . . . . . . . . . . . . 53
22.6. Delayed authentication protocol . . . . . . . . . . . . . 55 21.5.1. Management issues in the delayed authentication
22.6.1. Management issues in the delayed authentication protocol . . . . . . . . . . . . . . . . . 53
21.5.2. Use of the Authentication option in the delayed
authentication protocol . . . . . . . . . 53
21.5.3. Message validation . . . . . . . . . . . . . . . 54
21.5.4. Key utilization . . . . . . . . . . . . . . . . . 54
21.5.5. Client considerations for delayed authentication
protocol . . . . . . . . . . . . . . . . . 55 protocol . . . . . . . . . . . . . . . . . 55
22.6.2. Use of the Authentication option in the delayed 21.5.6. Server considerations for delayed authentication
authentication protocol . . . . . . . . . 55
22.6.3. Message validation . . . . . . . . . . . . . . . 56
22.6.4. Key utilization . . . . . . . . . . . . . . . . . 57
22.6.5. Client considerations for delayed authentication
protocol . . . . . . . . . . . . . . . . . 57 protocol . . . . . . . . . . . . . . . . . 57
22.6.6. Server considerations for delayed authentication
protocol . . . . . . . . . . . . . . . . . 59
23. DHCP options 60 22. DHCP options 57
23.1. Format of DHCP options . . . . . . . . . . . . . . . . . 60 22.1. Format of DHCP options . . . . . . . . . . . . . . . . . 58
23.2. Client Identifier option . . . . . . . . . . . . . . . . 60 22.2. Client Identifier option . . . . . . . . . . . . . . . . 58
23.3. Server Identifier option . . . . . . . . . . . . . . . . 61 22.3. Server Identifier option . . . . . . . . . . . . . . . . 59
23.4. Identity association option . . . . . . . . . . . . . . . 61 22.4. Identity Association option . . . . . . . . . . . . . . . 59
23.5. IA Address option . . . . . . . . . . . . . . . . . . . . 63 22.5. Identity Association for Temporary Addresses option . . . 61
23.6. Requested Temporary Addresses (RTA) Option . . . . . . . 65 22.6. IA Address option . . . . . . . . . . . . . . . . . . . . 63
23.7. Option Request option . . . . . . . . . . . . . . . . . . 65 22.7. Option Request option . . . . . . . . . . . . . . . . . . 64
23.8. Preference option . . . . . . . . . . . . . . . . . . . . 66 22.8. Preference option . . . . . . . . . . . . . . . . . . . . 64
23.9. Elapsed Time . . . . . . . . . . . . . . . . . . . . . . 67 22.9. Elapsed Time . . . . . . . . . . . . . . . . . . . . . . 65
23.10. Client message option . . . . . . . . . . . . . . . . . . 67 22.10. Client message option . . . . . . . . . . . . . . . . . . 66
23.11. Server message option . . . . . . . . . . . . . . . . . . 68 22.11. Server message option . . . . . . . . . . . . . . . . . . 66
23.12. Authentication option . . . . . . . . . . . . . . . . . . 68 22.12. Authentication option . . . . . . . . . . . . . . . . . . 67
23.13. Server unicast option . . . . . . . . . . . . . . . . . . 69 22.13. Server unicast option . . . . . . . . . . . . . . . . . . 68
23.14. Status Code Option . . . . . . . . . . . . . . . . . . . 70 22.14. Status Code Option . . . . . . . . . . . . . . . . . . . 68
23.15. User Class Option . . . . . . . . . . . . . . . . . . . . 70 22.15. Rapid Commit option . . . . . . . . . . . . . . . . . . . 69
23.16. Vendor Class Option . . . . . . . . . . . . . . . . . . . 71 22.16. User Class Option . . . . . . . . . . . . . . . . . . . . 69
23.17. Interface-Id Option . . . . . . . . . . . . . . . . . . . 72 22.17. Vendor Class Option . . . . . . . . . . . . . . . . . . . 70
22.18. Vendor-specific Information option . . . . . . . . . . . 71
22.19. Interface-Id Option . . . . . . . . . . . . . . . . . . . 72
22.20. Reconfigure Message option . . . . . . . . . . . . . . . 73
24. Security Considerations 73 23. Security Considerations 73
25. Year 2000 considerations 73 24. Year 2000 considerations 73
26. IANA Considerations 74 25. IANA Considerations 73
26.1. Multicast addresses . . . . . . . . . . . . . . . . . . . 74 25.1. Multicast addresses . . . . . . . . . . . . . . . . . . . 74
26.2. DHCPv6 message types . . . . . . . . . . . . . . . . . . 74 25.2. Anycast addresses . . . . . . . . . . . . . . . . . . . . 74
26.3. DUID . . . . . . . . . . . . . . . . . . . . . . . . . . 74 25.3. DHCPv6 message types . . . . . . . . . . . . . . . . . . 74
26.4. DHCPv6 options . . . . . . . . . . . . . . . . . . . . . 74 25.4. DUID . . . . . . . . . . . . . . . . . . . . . . . . . . 75
26.5. Status codes . . . . . . . . . . . . . . . . . . . . . . 74 25.5. DHCPv6 options . . . . . . . . . . . . . . . . . . . . . 75
26.6. Authentication option . . . . . . . . . . . . . . . . . . 75 25.6. Status codes . . . . . . . . . . . . . . . . . . . . . . 76
25.7. Authentication option . . . . . . . . . . . . . . . . . . 76
27. Acknowledgments 75 26. Acknowledgments 77
References 75 References 77
Chair's Address 77 Chair's Address 79
Authors' Addresses 77 Authors' Addresses 79
A. Appearance of Options in Message Types 79 A. Appearance of Options in Message Types 81
B. Appearance of Options in the Options Field of DHCP Messages 79 B. Appearance of Options in the Options Field of DHCP Options 81
C. Full Copyright Statement 80 C. Full Copyright Statement 82
1. Introduction 1. Introduction and Overview
This document describes DHCP for IPv6 (DHCP), a UDP [19] This document describes DHCP for IPv6 (DHCP), a client/server
client/server protocol designed to reduce the cost of management protocol that provides managed configuration of devices.
of IPv6 nodes in environments where network managers require more
control over the allocation of IPv6 addresses and configuration
of network stack parameters than that offered by "IPv6 Stateless
Address Autoconfiguration" [21]. DHCP is a stateful counterpart to
stateless autoconfiguration. Note that both stateful and stateless
autoconfiguration can be used concurrently in the same environment,
leveraging the strengths of both mechanisms in order to reduce the
cost of ownership and management of network nodes.
DHCP reduces the cost of ownership by centralizing the management DHCP can provide a device with addresses assigned by a DHCP server
of network resources such as IP addresses, routing information, OS and other configuration information. The addresses and additional
installation information, directory service information, and other configuration are carried in options. DHCP can be extended through
such information on a few DHCP servers, rather than distributing such the definition of new options to carry configuration information not
information in local configuration files among all network node. specified in this document.
DHCP is designed to be easily extended to carry new configuration
parameters through the addition of new DHCP "options" defined to
carry this information.
Those readers familiar with DHCP for IPv4 [7] will find DHCP for DHCP is the "stateful address autoconfiguration protocol" and the
IPv6 provides a superset of the features of DHCP and benefits from "stateful autoconfiguration protocol" referred to in RFC2462, "IPv6
the additional features of IPv6 and freedom from the constraints of Stateless Address Autoconfiguration".
backward compatibility with BOOTP [4].
The remainder of this introduction summarizes DHCP, explaining
the message exchange mechanisms and example message flows. The
message flows in sections 1.3 and 1.4 are intended as illustrations
of DHCP operation rather than an exhaustive list of all possible
client-server interactions. Sections 17, 18 and 19 explain client
and server operation in detail.
1.1. Protocols and addressing
Clients and servers exchange DHCP messages using UDP [17]. The
client uses its link-local address determined through stateless
autoconfiguration for transmitting and receiving DHCP messages.
DHCP servers receive messages from clients using a reserved,
link-scoped multicast address. A DHCP client transmits most messages
to this reserved multicast address, so that the client need not be
configured with the address or addresses of DHCP servers.
To allow a DHCP client to send a message to a DHCP server that is not
attached to the same link, a DHCP relay agent on the client's link
will forward messages between the client and server. The operation
of the relay agent is transparent to the client and the discussion
of message exchanges in the remainder of this section will omit the
description of message forwarding by relay agents.
Once the client has determined the address of a server, it may
under some circumstances send messages directly to the server using
unicast.
1.2. Protocol implementation
This specification for DHCP includes messages and descriptions of
client and server behavior for several different functions. Some
clients and servers will be deployed in situations in which not all
of the functions will be required. For example, a client that uses
stateless autoconfiguration to determine its IPv6 addresses would
use only the Information-request and Reply messages to obtain other
configuration information.
Clients and servers that do not use all of the functions of DHCP
need not implement processing for those DHCP messages that will not
be used. A client or server that receives a message that it is not
prepared to process may simply discard that message. For example, a
DHCP server that only provides configuration information and does not
do IPv6 address assignment can respond to only Information-request
messages and discard other messages such as Solicit or Request
messages.
1.3. Client-server exchanges involving two messages
A DHCP client can obtain configuration information such as a list
of available DNS servers or NTP servers through a single message
and reply exchanged with a DHCP server. To obtain configuration
information the client first sends an Information-Request message
to the All_DHCP_Relay_Agents_and_Servers multicast address. The
server responds with a Reply message containing the configuration
information for the client.
This message exchange assumes that the client requires only
configuration information and does not require the assignment of any
IPv6 addresses. Because the server need not keep any dynamic state
information about individual clients to support this two message
exchange, a server that provides just configuration information can
be realized with a relatively simple and small implementation.
When a server has IPv6 addresses and other configuration information
committed to a client, the client and server may be able to complete
the exchange using only two messages, instead of four messages as
described in the next section. In this case, the client sends a
Solicit message to the All_DHCP_Relay_Agents_and_Servers requesting
the assignment of addresses and other configuration information.
This message includes an indication that the client is willing to
accept an immediate Reply message from the server. The server that
is willing to commit the assignment of addresses to the client
immediately responds with a Reply message. The configuration
information and the addresses in the Reply message are then
immediately available for use by the client.
Each address assigned to the client has associated preferred and
valid lifetimes specified by the server. To request an extension
of the lifetimes assigned to an address, the client sends a Renew
message to the server. The server sends a Reply message to the
client with the new lifetimes, allowing the client to continue to use
the address without interruption.
1.4. Client-server exchanges involving four messages
To request the assignment of one or more IPv6 addresses, a
client first locates a DHCP server and then requests the
assignment of addresses and other configuration information
from the server. The client sends a Solicit message to the
All_DHCP_Relay_Agents_and_Servers address to find available DHCP
servers. Any server that can meet the client's requirements
responds with an Advertise message. The client then chooses one
of the servers and sends a Request message to the server asking
for confirmed assignment of addresses and other configuration
information. The server responds with a Reply message that contains
the confirmed addresses and configuration.
As described in the previous section, the client sends a Renew
messages to the server to extend the lifetimes associated with its
addresses, allowing the client to continue to use those addresses
without interruption.
2. Requirements 2. Requirements
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in [2]. document, are to be interpreted as described in [2].
This document also makes use of internal conceptual variables This document also makes use of internal conceptual variables
to describe protocol behavior and external variables that an to describe protocol behavior and external variables that an
implementation must allow system administrators to change. The implementation must allow system administrators to change. The
specific variable names, how their values change, and how their specific variable names, how their values change, and how their
settings influence protocol behavior are provided to demonstrate settings influence protocol behavior are provided to demonstrate
protocol behavior. An implementation is not required to have them in protocol behavior. An implementation is not required to have them in
the exact form described here, so long as its external behavior is the exact form described here, so long as its external behavior is
consistent with that described in this document. consistent with that described in this document.
3. Background 3. Background
The IPv6 Specification provides the base architecture and design of The IPv6 Specification provides the base architecture and design of
IPv6. Related work in IPv6 that would best serve an implementor IPv6. Related work in IPv6 that would best serve an implementor
to study includes the IPv6 Specification [5], the IPv6 Addressing to study includes the IPv6 Specification [3], the IPv6 Addressing
Architecture [9], IPv6 Stateless Address Autoconfiguration [21], IPv6 Architecture [7], IPv6 Stateless Address Autoconfiguration [19], IPv6
Neighbor Discovery Processing [17], and Dynamic Updates to DNS [22]. Neighbor Discovery Processing [15], and Dynamic Updates to DNS [20].
These specifications enable DHCP to build upon the IPv6 work to These specifications enable DHCP to build upon the IPv6 work to
provide both robust stateful autoconfiguration and autoregistration provide both robust stateful autoconfiguration and autoregistration
of DNS Host Names. of DNS Host Names.
The IPv6 Addressing Architecture specification [9] defines the The IPv6 Addressing Architecture specification [7] defines the
address scope that can be used in an IPv6 implementation, and the address scope that can be used in an IPv6 implementation, and the
various configuration architecture guidelines for network designers various configuration architecture guidelines for network designers
of the IPv6 address space. Two advantages of IPv6 are that support of the IPv6 address space. Two advantages of IPv6 are that support
for multicast is required, and nodes can create link-local addresses for multicast is required, and nodes can create link-local addresses
during initialization. This means that a client can immediately use during initialization. This means that a client can immediately use
its link-local address and a well-known multicast address to begin its link-local address and a well-known multicast address to begin
communications to discover neighbors on the link. For instance, a communications to discover neighbors on the link. For instance, a
client can send a Solicit message and locate a server or relay. client can send a Solicit message and locate a server or relay agent.
IPv6 Stateless Address Autoconfiguration [21] specifies procedures IPv6 Stateless Address Autoconfiguration [19] specifies procedures
by which a node may autoconfigure addresses based on router by which a node may autoconfigure addresses based on router
advertisements [17], and the use of a valid lifetime to support advertisements [15], and the use of a valid lifetime to support
renumbering of addresses on the Internet. In addition the renumbering of addresses on the Internet. In addition the
protocol interaction by which a node begins stateless or stateful protocol interaction by which a node begins stateless or stateful
autoconfiguration is specified. DHCP is one vehicle to perform autoconfiguration is specified. DHCP is one vehicle to perform
stateful autoconfiguration. Compatibility with stateless address stateful autoconfiguration. Compatibility with stateless address
autoconfiguration is a design requirement of DHCP (see Section 4). autoconfiguration is a design requirement of DHCP.
IPv6 Neighbor Discovery [17] is the node discovery protocol in IPv6 IPv6 Neighbor Discovery [15] is the node discovery protocol in IPv6
which replaces and enhances functions of ARP [18]. To understand which replaces and enhances functions of ARP [16]. To understand
IPv6 and stateless address autoconfiguration it is strongly IPv6 and stateless address autoconfiguration it is strongly
recommended that implementors understand IPv6 Neighbor Discovery. recommended that implementors understand IPv6 Neighbor Discovery.
Dynamic Updates to DNS [22] is a specification that supports the Dynamic Updates to DNS [20] is a specification that supports the
dynamic update of DNS records for both IPv4 and IPv6. DHCP can use dynamic update of DNS records for both IPv4 and IPv6. DHCP can use
the dynamic updates to DNS to integrate addresses and name space to the dynamic updates to DNS to integrate addresses and name space to
not only support autoconfiguration, but also autoregistration in not only support autoconfiguration, but also autoregistration in
IPv6. IPv6.
4. Design Goals 4. Terminology
- DHCP is a mechanism rather than a policy. Network administrators
set their administrative policies through the configuration
parameters they place upon the DHCP servers in the DHCP domain
they're managing. DHCP is simply used to deliver parameters
according to that policy to each of the DHCP clients within the
domain.
- DHCP is compatible with IPv6 stateless address
autoconfiguration [21], statically configured, non-participating
nodes and with existing network protocol implementations.
- DHCP does not require manual configuration of network parameters
on DHCP clients, except in cases where such configuration is
needed for security reasons. A node configuring itself using
DHCP should require no user intervention.
- DHCP does not require a server on each link. To allow for scale
and economy, DHCP must work across DHCP relays.
- DHCP clients can operate on a link without IPv6 routers present.
- DHCP will provide the ability to renumber network(s) when
required by network administrators [3].
- A DHCP client can make multiple, different requests for
configuration parameters when necessary from one or more DHCP
servers at any time.
- DHCP will contain the appropriate time out and retransmission
mechanisms to efficiently operate in environments with high
latency and low bandwidth characteristics.
5. Non-Goals
This specification explicitly does not cover the following:
- Specification of a DHCP server to server protocol.
- How a DHCP server stores its DHCP data.
- How to manage a DHCP domain or DHCP server.
- How a DHCP relay is configured or what sort of information it may
log.
6. Terminology
This sections defines terminology specific to IPv6 and DHCP used in This sections defines terminology specific to IPv6 and DHCP used in
this document. this document.
6.1. IPv6 Terminology 4.1. IPv6 Terminology
IPv6 terminology relevant to this specification from the IPv6 IPv6 terminology relevant to this specification from the IPv6
Protocol [5], IPv6 Addressing Architecture [9], and IPv6 Stateless Protocol [3], IPv6 Addressing Architecture [7], and IPv6 Stateless
Address Autoconfiguration [21] is included below. Address Autoconfiguration [19] is included below.
address An IP layer identifier for an interface address An IP layer identifier for an interface
or a set of interfaces. or a set of interfaces.
unicast address An identifier for a single interface. anycast address An anycast address identifies a group
A packet sent to a unicast address is of nodes; message sent to an anycast
delivered to the interface identified by address is delivered to one node out of
that address. the group of nodes associated with the
address
multicast address An identifier for a set of interfaces
(typically belonging to different
nodes). A packet sent to a multicast
address is delivered to all interfaces
identified by that address.
host Any node that is not a router. host Any node that is not a router.
IP Internet Protocol Version 6 (IPv6). The IP Internet Protocol Version 6 (IPv6). The
terms IPv4 and IPv6 are used only in terms IPv4 and IPv6 are used only in
contexts where it is necessary to avoid contexts where it is necessary to avoid
ambiguity. ambiguity.
interface A node's attachment to a link. interface A node's attachment to a link.
skipping to change at page 5, line 33 skipping to change at page 6, line 18
network interfaces, and E.164 addresses network interfaces, and E.164 addresses
for ISDN links. for ISDN links.
link-local address An IPv6 address having link-only link-local address An IPv6 address having link-only
scope, indicated by having the prefix scope, indicated by having the prefix
(FE80::0000/64), that can be used to (FE80::0000/64), that can be used to
reach neighboring nodes attached to reach neighboring nodes attached to
the same link. Every interface has a the same link. Every interface has a
link-local address. link-local address.
multicast address An identifier for a set of interfaces
(typically belonging to different
nodes). A packet sent to a multicast
address is delivered to all interfaces
identified by that address.
neighbor A node attached to the same link. neighbor A node attached to the same link.
node A device that implements IP. node A device that implements IP.
packet An IP header plus payload. packet An IP header plus payload.
prefix The initial bits of an address, or a prefix The initial bits of an address, or a
set of IP address that share the same set of IP address that share the same
initial bits. initial bits.
prefix length The number of bits in a prefix. prefix length The number of bits in a prefix.
router A node that forwards IP packets not router A node that forwards IP packets not
explicitly addressed to itself. explicitly addressed to itself.
6.2. DHCP Terminology unicast address An identifier for a single interface.
A packet sent to a unicast address is
delivered to the interface identified by
that address.
Terminology specific to DHCP can be found below. 4.2. DHCP Terminology
agent address The address of a neighboring DHCP Agent Terminology specific to DHCP can be found below.
on the same link as the DHCP client.
binding A binding (or, client binding) is a binding A binding (or, client binding) is a
group of server data records containing group of server data records containing
the information the server has about the information the server has about
the addresses in an IA and any other the addresses in an IA and any other
configuration information assigned to configuration information assigned to
the client. A binding is indexed by the the client. A binding is indexed by
tuple <DUID, IAID>. the tuple <DUID, IA-type, IAID> (where
IA-type is the type of address in the
DHCP Dynamic Host Configuration Protocol IA; for example, temporary)
for IPv6. The terms DHCPv4 and DHCPv6
are used only in contexts where it is
necessary to avoid ambiguity.
configuration parameter An element of the configuration configuration parameter An element of the configuration
information set on the server and information set on the server and
delivered to the client using DHCP. delivered to the client using DHCP.
Such parameters may be used to carry Such parameters may be used to carry
information to be used by a node to information to be used by a node to
configure its network subsystem and configure its network subsystem and
enable communication on a link or enable communication on a link or
internetwork, for example. internetwork, for example.
DHCP Dynamic Host Configuration Protocol
for IPv6. The terms DHCPv4 and DHCPv6
are used only in contexts where it is
necessary to avoid ambiguity.
DHCP client (or client) A node that initiates requests on a link DHCP client (or client) A node that initiates requests on a link
to obtain configuration parameters from to obtain configuration parameters from
one or more DHCP servers. one or more DHCP servers.
DHCP domain A set of links managed by DHCP and DHCP domain A set of links managed by DHCP and
operated by a single administrative operated by a single administrative
entity. entity.
DHCP relay agent (or relay agent) A node that acts as an
intermediary to deliver DHCP messages
between clients and servers, and is on
the same link as the client.
DHCP server (or server) A server is a node that responds to DHCP server (or server) A server is a node that responds to
requests from clients, and may or requests from clients, and may or
may not be on the same link as the may not be on the same link as the
client(s). client(s).
DHCP relay (or relay) A node that acts as an intermediary to
deliver DHCP messages between clients
and servers, and is on the same link as
a client.
DHCP agent (or agent) Either a DHCP server on the same link as
a client, or a DHCP relay.
DUID A DHCP Unique IDentifier for a DHCP DUID A DHCP Unique IDentifier for a DHCP
participant; each DHCP client and server participant; each DHCP client and server
has exactly one DUID. has exactly one DUID. See section 9 for
details of the ways in which a DUID may
be constructed.
Identity association (IA) A collection of addresses assigned to Identity association (IA) A collection of addresses assigned to
a client. Each IA has an associated a client. Each IA has an associated
IAID. An IA may have 0 or more addresses IAID. A client may have more than one
associated with it. IA assigned to it; for example, one for
each of its interfaces.
Identity association identifier (IAID) An identifier for an IA, Identity association identifier (IAID) An identifier for an IA,
chosen by the client. Each IA has an chosen by the client. Each IA has an
IAID, which is chosen to be unique among IAID, which is chosen to be unique among
all IAIDs for IAs belonging to that all IAIDs for IAs belonging to that
client. client.
message A unit of data carried in a packet, message A unit of data carried in a packet,
exchanged between DHCP agents and exchanged among DHCP servers, relay
clients. agents and clients.
transaction-ID An unsigned integer to match responses transaction-ID An unsigned integer to match responses
with replies initiated either by a with replies initiated either by a
client or server. client or server.
7. DHCP Constants 5. DHCP Constants
This section describes various program and networking constants used This section describes various program and networking constants used
by DHCP. by DHCP.
7.1. Multicast Addresses 5.1. Multicast Addresses
DHCP makes use of the following multicast addresses: DHCP makes use of the following multicast addresses:
All_DHCP_Agents (FF02::1:2) This link-scoped multicast address All_DHCP_Relay_Agents_and_Servers (FF02::1:2) A link-scoped
is used by clients to communicate with the multicast address used by a client to communicate with
on-link agent(s) when they do not know the neighboring (i.e., on-link) relay agents and servers.
link-local address(es) for those agents. All All servers and relay agents are members of this
agents (servers and relays) are members of this
multicast group. multicast group.
All_DHCP_Servers (FF05::1:3) This site-scoped multicast address is All_DHCP_Servers (FF05::1:3) A site-scoped multicast address
used by clients or relays to communicate with used by a client or relay agent to communicate with
server(s), either because they want to send servers, either because the client or relay agent
messages to all servers or because they do not wants to send messages to all servers or because it
know the server(s) unicast address(es). Note does not know the unicast addresses of the servers.
that in order for a client to use this address, Note that in order for a client or relay agent to use
it must have an address of sufficient scope to this address, it must have an address of sufficient
be reachable by the server(s). All servers scope to be reachable by the servers. All servers
within the site are members of this multicast within the site are members of this multicast group.
group.
7.2. UDP ports 5.2. Anycast address
DHCP uses the following destination UDP [19] port numbers. While DHCP proposes to use the following reserved anycast address:
source ports MAY be arbitrary, client implementations SHOULD permit
their specification through a local configuration parameter to
facilitate the use of DHCP through firewalls.
546 Client port. Used by servers as the destination port DHCP_Anycast (FEC0:0:0:0:FFFF::4) This document proposes the
for messages sent to clients and relays. Used by relay assignment of the DHCP_Anycast address for use
agents as the destination port for messages sent to by clients attached to links that do not support
clients. multicast.
547 Agent port. Used as the destination port by clients 5.3. UDP ports
for messages sent to agents. Used as the destination
port by relays for messages sent to servers.
7.3. DHCP message types Clients listen for DHCP messages on UDP port 546. Servers and relay
agents listen for DHCP messages on UDP port 547.
5.4. DHCP message types
DHCP defines the following message types. More detail on these DHCP defines the following message types. More detail on these
message types can be found in Section 8. Message types not listed message types can be found in Section 6. Message types not listed
here are reserved for future use. The message code for each message here are reserved for future use. The message code for each message
type is shown with the message name. type is shown with the message name.
SOLICIT (1) The Solicit message is used by clients to SOLICIT (1) A client sends a Solicit message to locate
locate servers. servers.
ADVERTISE (2) The Advertise message is used by servers ADVERTISE (2) A server sends an Advertise message to indicate
responding to Solicits. that it is available for DHCP service, in
response to a Solicit message received from a
client.
REQUEST (3) The Request message is used by clients to REQUEST (3) A client sends a Request message to request
request configuration parameters from servers. configuration parameters from a server.
CONFIRM (4) The Confirm message is used by clients to CONFIRM (4) A client sends a Confirm message to servers to
confirm that the addresses assigned to an IA request that the server validate and confirm
and the lifetimes for those addresses, as that the addresses and current configuration
well as the current configuration parameters parameters assigned by the server to the client
assigned by the server to the client are still are still valid.
valid.
RENEW (5) The Renew message is used by clients to RENEW (5) A client sends a Renew message to the server
update the addresses assigned to an IA and the that originally provided the client's addresses
and configuration addresses to update the
addresses assigned to the client and the
lifetimes for those addresses, as well as the lifetimes for those addresses, as well as the
current configuration parameters assigned by current configuration parameters assigned by
the server to the client. A client sends a the server to the client.
Renew message to the server that originally
populated the IA at time T1.
REBIND (6) The Rebind message is used by clients to extend REBIND (6) A client sends a Rebind message to update
the lifetimes of addresses assigned to an IA, the addresses assigned to the client and the
as well as the current configuration parameters lifetimes for those addresses, as well as the
assigned by the server to the client. A current configuration parameters assigned by
client sends a Rebind message to all available the server to the client; this message is sent
DHCP servers at time T2 only after the client after a client receives no response to a Renew
has been unable to contact the server that
originally populated the IA with a Renew
message. message.
REPLY (7) The Reply message is used by servers REPLY (7) A server sends a Reply message containing
responding to Request, Confirm, Renew, Rebind, assigned addresses and configuration parameters
Information-request, Release and Decline in response to a Solicit, Request, Renew,
messages. In the case of responding to Rebind or Information-request message received
a Request, Confirm, Information-request, from a client. A server sends a Reply message
Renew or Rebind message, the Reply contains confirming or denying the validity of the
configuration parameters destined for the client's addresses and configuration parameters
client. in response to a Confirm message. A server
sends a Reply message to acknowledge receipt of
a Release or Decline message.
RELEASE (8) The Release message is used by clients to RELEASE (8) A client sends a Release message to the server
indicate to a server that the client will no that assigned addresses to the client to
longer use one or more addresses in an IA. indicate that the client will no longer use one
or more of the assigned addresses.
DECLINE (9) The Decline message is used by clients to DECLINE (9) A client sends a Decline message to a server to
indicate that the client has determined that indicate that the client has determined that
one or more addresses in an IA are already one or more addresses assigned by the server
in use on the link to which the client is are already in use on the link to which the
connected. client is connected.
RECONFIGURE (10) The Reconfigure message is sent by a server RECONFIGURE (10) A server sends a Reconfigure message to a
to inform a client that the server has new or client to inform the client that the server has
updated configuration parameters, and that new or updated configuration parameters, and
the client is to initiate a Renew/Reply or that the client is to initiate a Renew/Reply
Information-request/Reply transaction with or Information-request/Reply transaction with
the server in order to receive the updated the server in order to receive the updated
information. information.
INFORMATION-REQUEST (11) The Information-request message is sent INFORMATION-REQUEST (11) A client sends an Information-request
by clients to request configuration parameters message to a server to request configuration
without the assignment of any IP addresses to parameters without the assignment of any IP
the client. addresses to the client.
RELAY-FORW (12) The Relay-forward message is used by relays to RELAY-FORW (12) A relay agent sends a Relay-forward message to
forward client messages to servers. The client forward client messages to servers. The client
message is encapsulated in an option in the message is encapsulated in an option in the
Relay-forward message. Relay-forward message.
RELAY-REPL (13) The Relay-reply message is used by servers to RELAY-REPL (13) A server sends a Relay-reply message to a relay
send messages to clients through a relay. The agent to send messages to clients through the
server encapsulates the client message as an relay agent. The server encapsulates the
option in the Relay-reply message, which the client message as an option in the Relay-reply
relay extracts and forwards to the client. message, which the relay agent extracts and
forwards to the client.
7.4. Status Codes
This section describes status codes exchanged between DHCP
implementations. These status codes may appear in the Status Code
option or in the status field of an IA.
7.4.1. Generic Status Codes
The status codes in this section are used between clients and servers
to convey status conditions. The following table contains the status
codes, the name for each code (as used in this document) and a brief
description. Note that the numeric values do not start at 1, nor are
they consecutive. The status codes are organized in logical groups.
Name Code Description
---------- ---- -----------
Success 0 Success
UnspecFail 16 Failure, reason unspecified
AuthFailed 17 Authentication failed or nonexistent
PoorlyFormed 18 Poorly formed message
AddrUnavail 19 Addresses unavailable
OptionUnavail 20 Requested options unavailable
7.4.2. Server-specific Status Codes
The status codes in this section are used by servers to convey status 5.5. Status Codes
conditions to clients. The following table contains the status
codes, the name for each code (as used in this document) and a brief
description. Note that the numeric values do not start at 1, nor are
they consecutive. The status codes are organized in logical groups.
Name Code Description DHCPv6 uses status codes to communicate the success or failure of
---- ---- ----------- operations requested in messages from clients and servers, and to
NoBinding 32 Client record (binding) unavailable provide additional information about the specific cause of the
ConfNoMatch 33 Client record Confirm doesn't match IA failure of a message. The specific status codes are defined in
RenwNoMatch 34 Client record Renew doesn't match IA section 25.6.
RebdNoMatch 35 Client record Rebind doesn't match IA
InvalidSource 36 Invalid Client IP address
NoPrefixMatch 37 One or more prefixes of the addresses
in the IA is not valid for the link
from which the client message was received
7.5. Configuration Variables 5.6. Configuration Parameters
This section presents a table of client and server configuration This section presents a table of configuration parameters used to
variables and the default or initial values for these variables. describe the message transmission behavior of clients and servers.
Parameter Default Description Parameter Default Description
------------------------------------- -------------------------------------
MIN_SOL_DELAY 1 sec Min delay of first Solicit MIN_SOL_DELAY 1 sec Min delay of first Solicit
MAX_SOL_DELAY 5 secs Max delay of first Solicit MAX_SOL_DELAY 5 secs Max delay of first Solicit
SOL_TIMEOUT 500 msecs Initial Solicit timeout SOL_TIMEOUT 500 msecs Initial Solicit timeout
SOL_MAX_RT 30 secs Max Solicit timeout value SOL_MAX_RT 30 secs Max Solicit timeout value
REQ_TIMEOUT 250 msecs Initial Request timeout REQ_TIMEOUT 250 msecs Initial Request timeout
REQ_MAX_RT 30 secs Max Request timeout value REQ_MAX_RT 30 secs Max Request timeout value
REQ_MAX_RC 10 Max Request retry attempts REQ_MAX_RC 10 Max Request retry attempts
skipping to change at page 11, line 35 skipping to change at page 11, line 35
REB_MAX_RT 600 secs Max Rebind timeout value REB_MAX_RT 600 secs Max Rebind timeout value
INF_TIMEOUT 500 ms Initial Information-request timeout INF_TIMEOUT 500 ms Initial Information-request timeout
INF_MAX_RT 30 secs Max Information-request timeout value INF_MAX_RT 30 secs Max Information-request timeout value
REL_TIMEOUT 250 msecs Initial Release timeout REL_TIMEOUT 250 msecs Initial Release timeout
REL_MAX_RT 1 sec Max Release timeout REL_MAX_RT 1 sec Max Release timeout
REL_MAX_RC 5 MAX Release attempts REL_MAX_RC 5 MAX Release attempts
DEC_TIMEOUT 250 msecs Initial Decline timeout DEC_TIMEOUT 250 msecs Initial Decline timeout
DEC_MAX_RT 1 sec Max Decline timeout DEC_MAX_RT 1 sec Max Decline timeout
DEC_MAX_RC 5 Max Decline attempts DEC_MAX_RC 5 Max Decline attempts
8. Message Formats 6. Message Formats
All DHCP messages sent between clients and servers share an identical All DHCP messages sent between clients and servers share an identical
fixed format header and a variable format area for options. Not all fixed format header and a variable format area for options.
fields in the header are used in every message.
All values in the message header and in options are in network order. All values in the message header and in options are in network order.
The following diagram illustrates the format of DHCP messages sent The following diagram illustrates the format of DHCP messages sent
between clients and servers: between clients and servers:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| msg-type | transaction-ID | | msg-type | transaction-ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
. options . . options .
. (variable) . . (variable) .
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The following sections describe the use of the fields in the DHCP msg-type Identifies the DHCP message type; the
message header in each of the DHCP messages. In these descriptions, available message types are listed in
fields that are not used in a message are marked as "unused". All section 5.4.
unused fields in a message MUST be transmitted as zeroes and ignored
by the receiver of the message.
8.1. DHCP Solicit Message Format
msg-type SOLICIT
transaction-ID An unsigned integer generated by the client used
to identify this Solicit message.
options See section 23.
8.2. DHCP Advertise Message Format
msg-type ADVERTISE
transaction-ID An unsigned integer used to identify this
Advertise message. Copied from the Solicit
message received from the client.
options See section 23.
8.3. DHCP Request Message Format
msg-type REQUEST
transaction-ID An unsigned integer generated by the client used
to identify this Request message.
options See section 23.
8.4. DHCP Confirm Message Format
msg-type CONFIRM
transaction-ID An unsigned integer generated by the client used
to identify this Confirm message.
options See section 23.
8.5. DHCP Renew Message Format
msg-type RENEW
transaction-ID An unsigned integer generated by the client used
to identify this Renew message.
options See section 23.
8.6. DHCP Rebind Message Format
msg-type REBIND
transaction-ID An unsigned integer generated by the client used
to identify this Rebind message.
options See section 23.
8.7. DHCP Reply Message Format
msg-type REPLY
transaction-ID An unsigned integer used to identify this
Reply message. Copied from the client Request,
Confirm, Renew or Rebind message received from
the client.
options See section 23.
8.8. DHCP Release Message Format
msg-type RELEASE
transaction-ID An unsigned integer generated by the client used
to identify this Release message.
options See section 23.
8.9. DHCP Decline Message Format
msg-type DECLINE
transaction-ID An unsigned integer generated by the client used
to identify this Decline message.
options See section 23.
8.10. DHCP Reconfigure Message Format
msg-type RECONFIG
transaction-ID An unsigned integer generated by the server used
to identify this Reconfigure message.
options See section 23.
8.11. Information-Request Message Format
msg-type INFORMATION-REQUEST
transaction-ID An unsigned integer generated by the client used transaction-id An unsigned integer used by a client or
to identify this Information-request message. server to match a response message to a
request message.
options See section 23. options Options carried in this message; options are
described in section 22.
9. Relay messages 7. Relay agent messages
Relay agents exchange messages with servers to forward messages Relay agents exchange messages with servers to forward messages
between clients and servers that are not connected to the same link. between clients and servers that are not connected to the same link.
There are two relay messages, which share the following format: There are two relay agent messages, which share the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| msg-type | | | msg-type | |
+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+ |
| link-address | | link-address |
| | | |
| | | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| | | | | |
+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+ |
| client-return-address | | client-address |
| | | |
| | | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| | | | | |
+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+ |
. . . .
. options (variable number and length) .... . . options (variable number and length) .... .
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The following sections describe the use of the Relay message header. The following sections describe the use of the Relay Agent message
header.
9.1. Relay-forward message 7.1. Relay-forward message
The following table defines the use of message fields in a The following table defines the use of message fields in a
Relay-forward message. Relay-forward message.
msg-type RELAY-FORW msg-type RELAY-FORW
link-address An address with a prefix that is assigned link-address A global or site-local address that will be used
to the link from which the client should by the server to identify the link on which the
be assigned an address. client is located.
client-return-address The IPv6 source address in which the client-address The address of the client from which the message
message from the client was received by to be forwarded was received
the relay agent
options MUST include a "Client message option"; options MUST include a "Client message option" (see
see section 23.10; MAY include other section 22.10); MAY include other options added
options added by the relay agent by the relay agent
9.2. Relay-reply message 7.2. Relay-reply message
The following table defines the use of message fields in a The following table defines the use of message fields in a
Relay-reply message. Relay-reply message.
msg-type RELAY-REPL msg-type RELAY-REPL
link-address The link-address copied from the link-address The link-address copied from the Relay-forward
Relay-forward message; used by the relay message
agent to select the link on which the
message is returned to the client
client-return-address The source address from the IP datagram client-address The client's address, copied from the
in which the message from the client was relay-forward message
received by the relay agent
options MUST include a "Server message option"; options MUST include a "Server message option"; see
see section 23.11; MAY include other section 22.11; MAY include other options
options
10. Representation and use of domain names 8. Representation and use of domain names
So that domain names may be encoded uniformly and compactly, a So that domain names may be encoded uniformly and compactly, a
domain name or a list of domain names is encoded using the technique domain name or a list of domain names is encoded using the technique
described in sections 3.1 and 4.1.4 of RFC1035 [14]. Section 4.1.4 described in sections 3.1 and 4.1.4 of RFC1035 [12]. Section 4.1.4
of RFC1035 describes how more than one domain name can be represented of RFC1035 describes how more than one domain name can be represented
in a list of domain names. For use in this specification, in a in a list of domain names. For use in this specification, in a
list of domain names, the compression pointer (see section 4.1.4 of list of domain names, the compression pointer (see section 4.1.4 of
RFC1035) refers to the offset within the list. RFC1035) refers to the offset within the list.
If a single domain name is being used by a vendor as a vendor 9. DHCP unique identifier (DUID)
identifier, then the vendor MUST ensure that the domain name has not
previously been used by a different vendor.
11. DHCP unique identifier (DUID)
Each DHCP client and server has a DUID. DHCP servers use DUIDs to Each DHCP client and server has a DUID. DHCP servers use DUIDs to
identify clients for the selection of configuration parameters and identify clients for the selection of configuration parameters and
in the association of IAs with clients. DHCP clients use DUIDs to in the association of IAs with clients. DHCP clients use DUIDs to
identify a server in messages where a server needs to be identified. identify a server in messages where a server needs to be identified.
See sections 23.3 and 23.2 for the representation of a DUID in a DHCP See sections 22.2 and 22.3 for the representation of a DUID in a DHCP
message. message.
Clients and servers MUST treat DUIDs as opaque values and MUST only Clients and servers MUST treat DUIDs as opaque values and MUST only
compare DUIDs for equality. Clients and servers MUST NOT in any compare DUIDs for equality. Clients and servers MUST NOT in any
other way interpret DUIDs. Clients and servers MUST NOT restrict other way interpret DUIDs. Clients and servers MUST NOT restrict
DUIDs to the types defined in this document as additional DUID types DUIDs to the types defined in this document as additional DUID types
may be defined in the future. may be defined in the future.
The DUID is carried in an option because it may be variable length The DUID is carried in an option because it may be variable length
and because it is not required in all DHCP options. The DUID is and because it is not required in all DHCP messages. The DUID is
designed to be unique across all DHCP clients and servers, and designed to be unique across all DHCP clients and servers, and
consistent for any specific client or server - that is, the DUID used consistent for any specific client or server - that is, the DUID
by a client or server SHOULD NOT change over time, for example, as a used by a client or server SHOULD NOT change over time; for example,
result of network hardware reconfiguration. a device's DUID should not change as a result of a change in the
device's network hardware.
The motivation for having more than one type of DUID is that the DUID The motivation for having more than one type of DUID is that the DUID
must be globally unique, and must also be easy to generate. The sort must be globally unique, and must also be easy to generate. The sort
of globally-unique identifier that is easy to generate for any given of globally-unique identifier that is easy to generate for any given
device can differ quite widely. Also, some devices may not contain device can differ quite widely. Also, some devices may not contain
any persistent storage. Retaining a generated DUID in such a device any persistent storage. Retaining a generated DUID in such a device
is not possible, so the DUID scheme must accommodate such devices. is not possible, so the DUID scheme must accommodate such devices.
11.1. DUID contents 9.1. DUID contents
A DUID consists of a sixteen-bit type code represented in network A DUID consists of a two octet type code represented in network
order, followed by a variable number of octets that make up the order, followed by a variable number of octets that make up the
actual identifier. A DUID can be no more than 256 octets long. The actual identifier. A DUID can be no more than 256 octets long. The
following types are currently defined: following types are currently defined:
1 Link-layer address plus time 1 Link-layer address plus time
2 Vendor-assigned unique ID 2 Vendor-assigned unique ID based on domain name
3 Link-layer address 3 Vendor-assigned unique ID based on Enterprise Number
4 Link-layer address
Formats for the variable field of the DUID for each of the above Formats for the variable field of the DUID for each of the above
types are shown below. types are shown below.
11.2. DUID based on link-layer address plus time 9.2. DUID based on link-layer address plus time
This type of DUID consists of a two octet type field containing the This type of DUID consists of a two octet type field containing the
value 1, a two octet hardware type code, four octets containing value 1, a two octet hardware type code, four octets containing
a time value, followed by link-layer address of any one network a time value, followed by link-layer address of any one network
interface that is connected to the DHCP device at the time that the interface that is connected to the DHCP device at the time that the
DUID is generated. The time value is the time that the DUID is DUID is generated. The time value is the time that the DUID is
generated represented in seconds since midnight (UTC), January 1, generated represented in seconds since midnight (UTC), January 1,
2000, modulo 2^32. The hardware type MUST be a valid hardware type 2000, modulo 2^32. The hardware type MUST be a valid hardware type
assigned by the IANA as described in the section on ARP in RFC 826. assigned by the IANA as described in the section on ARP in RFC 826.
Both the time and the hardware type are stored in network order. Both the time and the hardware type are stored in network order.
skipping to change at page 18, line 34 skipping to change at page 16, line 18
used to generate the DUID. used to generate the DUID.
Clients and servers using this type of DUID MUST store the DUID Clients and servers using this type of DUID MUST store the DUID
in stable storage, and MUST continue to use this DUID even if the in stable storage, and MUST continue to use this DUID even if the
network interface used to generate the DUID is removed. Clients and network interface used to generate the DUID is removed. Clients and
servers that do not have any stable storage MUST NOT use this type of servers that do not have any stable storage MUST NOT use this type of
DUID. DUID.
Clients and servers that use this DUID SHOULD attempt to configure Clients and servers that use this DUID SHOULD attempt to configure
the time prior to generating the DUID, if that is possible, and MUST the time prior to generating the DUID, if that is possible, and MUST
use some sort of time source (e.g., a real-time clock) in generating use some sort of time source (for example, a real-time clock) in
the DUID, even if that time source could not be configured prior to generating the DUID, even if that time source could not be configured
generating the DUID. The use of a time source makes it unlikely that prior to generating the DUID. The use of a time source makes it
two identical DUIDs will be generated if the network interface is unlikely that two identical DUIDs will be generated if the network
removed from the client and another client then uses the same network interface is removed from the client and another client then uses
interface to generate a DUID. A DUID collision is very unlikely even the same network interface to generate a DUID. A DUID collision is
if the clocks haven't been configured prior to generating the DUID. very unlikely even if the clocks haven't been configured prior to
generating the DUID.
This method of DUID generation is recommended for all general purpose This method of DUID generation is recommended for all general purpose
computing devices such as desktop computers and laptop computers, and computing devices such as desktop computers and laptop computers, and
also for devices such as printers, routers, and so on, that contain also for devices such as printers, routers, and so on, that contain
some form of writable non-volatile storage. some form of writable non-volatile storage.
11.3. Vendor-assigned unique ID (VUID) Despite our best efforts, it is possible that this algorithm for
generating a DUID could result in a client identifier collision. A
DHCP client that generates a DUID using this mechanism MUST provide
an administrative interface that replaces the existing DUID with a
newly-generated DUID of this type.
The vendor-assigned unique ID consists of a two-octet value giving 9.3. Vendor-assigned unique ID based on Domain Name (VUID-DN)
the length of the identifier, the value of the idnetifier and the
vendor's registered domain name.
The following diagram summarizes the structure of a VUID: The vendor-assigned unique ID based on the domain name consists of a
two-octet value giving the length of the identifier, the value of the
identifier and the vendor's registered domain name.
The following diagram summarizes the structure of a VUID-DN:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 2 | identifier length | | 2 | identifier length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. identifier . . identifier .
. (variable length) . . (variable length) .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. domain name (variable length) . . domain name (variable length) .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The source of the identifier is left up to the vendor defining it, The source of the identifier is left up to the vendor defining it,
but each identifier part of each VUID MUST be unique to the device but each identifier part of each VUID-DN MUST be unique to the device
that is using it, and MUST be assigned to the device at the time of that is using it, and MUST be assigned to the device at the time of
manufacture and stored in some form of non-volatile storage. The manufacture and stored in some form of non-volatile storage. The
VUID SHOULD be recorded in non-erasable storage. The domain name VUID-DN SHOULD be recorded in non-erasable storage. The domain name
is simply any domain name that has been legally registered by the is simply any domain name that has been legally registered by the
vendor in the domain name system [13], stored in the form described vendor in the domain name system [11], stored in the form described
in section 10. in section 8.
If a domain name is being used by a vendor as a vendor identifier,
then the vendor MUST ensure that the domain name has not previously
been used by a different vendor.
An example DUID of this type might look like this: An example DUID of this type might look like this:
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| 0 | 2 | 0 | 8 | 12|192|132|221| | 0 | 2 | 0 | 8 | 12|192|132|221|
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| 3 | 0 | 9 | 18|101|120| 97|109| | 3 | 0 | 9 | 18|101|120| 97|109|
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
|112|108|101| 46| 99|111|109| |112|108|101| 46| 99|111|109|
+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+
This example includes the two-octet type of 2, the two-octet length This example includes the two-octet type of 2, the two-octet length
of 8, eight octets of identifier data, followed by "example.com" of 8, eight octets of identifier data, followed by "example.com"
represented in ASCII. represented in ASCII.
11.4. Link-layer address 9.4. Vendor-assigned unique ID based on Enterprise Number (VUID-EN)
This type of DUID consists of two octets containing the DUID type 3, The vendor-assigned unique ID based on Enterprise Number consists
of the vendor's registered Enterprise Number as maintained by IANA
followed by the value of the identifier.
The following diagram summarizes the structure of a VUID-EN:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 3 | Enterprise Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Enterprise Number (contd) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
. identifier .
. (variable length) .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The source of the identifier is left up to the vendor defining it,
but each identifier part of each VUID-EN MUST be unique to the device
that is using it, and MUST be assigned to the device at the time of
manufacture and stored in some form of non-volatile storage. The
VUID SHOULD be recorded in non-erasable storage. The Enterprise
Number is the vendor's Enterprise code from the list "SMI Network
Management Private Enterprise Codes", as maintained by IANA in file
ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers. The
Enterprise Number is stored as an unsigned 32 bit number.
An example DUID of this type might look like this:
+---+---+---+---+---+---+---+---+
| 0 | 3 | 0 | 0 | 0 | 9| 12|192|
+---+---+---+---+---+---+---+---+
|132|221| 3 | 0 | 9 | 18|
+---+---+---+---+---+---+
This example includes the two-octet type of 3, the Enterprise Number
(9), followed by eight octets of identifier data.
9.5. Link-layer address
This type of DUID consists of two octets containing the DUID type 4,
a two octet network hardware type code, followed by the link-layer a two octet network hardware type code, followed by the link-layer
address of any one network interface that is permanently connected address of any one network interface that is permanently connected to
to the client or server device and cannot be removed. The hardware the client or server device. For example, this DUID could be used
type MUST be a valid hardware type assigned by the IANA as described by a host that has a network interface implemented in a chip that is
in the section on ARP in RFC 826. The hardware type is stored in unlikely to be removed and used elsewhere. The hardware type MUST
network order. be a valid hardware type assigned by the IANA as described in the
section on ARP in RFC 826. The hardware type is stored in network
order.
The following diagram illustrates the format of a DUID based on The following diagram illustrates the format of a DUID based on
link-layer address: link-layer address:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 3 | Hardware type (16 bits) | | 4 | Hardware type (16 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. link-layer address (variable length) . . link-layer address (variable length) .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The choice of network interface can be completely arbitrary, as The choice of network interface can be completely arbitrary, as
long as that interface provides a unique link-layer address and long as that interface provides a unique link-layer address and
is permanently attached to the device on which the DUID is being is permanently attached to the device on which the DUID is being
generated. The same DUID should be used in configuring all network generated. The same DUID should be used in configuring all network
interfaces connected to the device, regardless of which interface's interfaces connected to the device, regardless of which interface's
link-layer address was used to generate the DUID. link-layer address was used to generate the DUID.
This type of DUID is recommended for devices that have a This type of DUID is recommended for devices that have a
permanently-connected network interface with a link-layer address and permanently-connected network interface with a link-layer address and
do not have nonvolatile, writable stable storage. This type of DUID do not have nonvolatile, writable stable storage. This type of DUID
MUST NOT be used by DHCP clients or servers that cannot tell whether MUST NOT be used by DHCP clients or servers that cannot tell whether
or not a network interface is permanently attached to the device on or not a network interface is permanently attached to the device on
which the DHCP client is running. which the DHCP client is running.
12. Identity association 10. Identity association
An "identity-association" (IA) is a construct through which a server An "identity-association" (IA) is a construct through which a server
and a client can identify, group and manage IPv6 addresses. Each IA and a client can identify, group and manage IPv6 addresses. Each IA
consists of an IAID and associated configuration information. consists of an IAID and associated configuration information.
A client must associate at least one distinct IA with each of A client must associate at least one distinct IA with each of
its network interfaces and uses that IA to obtain configuration its network interfaces and uses that IA to obtain configuration
information from a server for that interface. Other distinct IAs may information from a server for that interface. Each IA must be
be associated with applications. Each IA must be associated with associated with exactly one interface.
exactly one interface.
The IAID uniquely identifies the IA and must be chosen to be unique The IAID uniquely identifies the IA and must be chosen to be unique
among the IAIDs on the client. The IAID is chosen by the client. among the IAIDs on the client. The IAID is chosen by the client.
For any given use of an IA by the client, the IAID for that IA MUST For any given use of an IA by the client, the IAID for that IA MUST
be consistent across restarts of the DHCP client. The client may be consistent across restarts of the DHCP client. The client may
maintain consistency either by storing the IAID in non-volatile maintain consistency either by storing the IAID in non-volatile
storage or by using an algorithm that will consistently produce the storage or by using an algorithm that will consistently produce the
same IAID as long as the configuration of the client has not changed. same IAID as long as the configuration of the client has not changed.
There may be no way for a client to maintain consistency of the IAIDs There may be no way for a client to maintain consistency of the IAIDs
if it does not have non-volatile storage and the client's hardware if it does not have non-volatile storage and the client's hardware
configuration changes. configuration changes.
The configuration information in an IA consists of one or more IPv6 The configuration information in an IA consists of one or more IPv6
addresses and other parameters. The parameters are specified as DHCP addresses and other parameters. The parameters are specified as DHCP
options within the IA, and are associated with the addresses in the options within the IA, and are associated with the addresses in the
IA and the interface to which the IA belongs. Other parameters that IA and the interface to which the IA belongs. Other parameters that
are not associated with a particular interface may be specified in are not associated with a particular interface may be specified in
the options section of a DHCP message, outside the scope of any IA. the options section of a DHCP message, outside the scope of any IA.
Each address in an IA has a preferred lifetime and a valid lifetime, Each address in an IA has a preferred lifetime and a valid lifetime,
as defined in RFC2462 [21]. The lifetimes are transmitted from the as defined in RFC2462 [19]. The lifetimes are transmitted from the
DHCP server to the client in the IA option. The lifetimes apply to DHCP server to the client in the IA option. The lifetimes apply to
the use of IPv6 addresses as described in section 5.5.4 of RFC2462. the use of IPv6 addresses as described in section 5.5.4 of RFC2462.
An address whose valid lifetime has expired MAY be discarded from the
IA.
See section 23.4 for the representation of an IA in a DHCP message. See section 22.4 for the representation of an IA in a DHCP message.
13. Selecting addresses for assignment to an IA 11. Selecting addresses for assignment to an IA
A server selects addresses to be assigned to an IA according to the A server selects addresses to be assigned to an IA according to the
address assignment policies determined by the server administrator address assignment policies determined by the server administrator
and the specific information the server determines about the client and the specific information the server determines about the client
from the following sources: from some combination of the following sources:
- The link to which the client is attached. The server determines - The link to which the client is attached. The server determines
the link as follows: the link as follows:
* If the server receives the message directly from the client * If the server receives the message directly from the client
and the source address in the IP datagram in which the and the source address in the IP datagram in which the
message was received is a link-local address, then the client message was received is a link-local address, then the client
is on the same link to which the interface over which the is on the same link to which the interface over which the
message was received is attached message was received is attached
* If the server receives the message from a forwarding relay * If the server receives the message from a forwarding relay
agent, then the client is on the same link as the one to agent, then the client is on the same link as the one to
which the interface identified by the link-address field in which the interface identified by the link-address field in
the message from the relay is attached the message from the relay agent is attached
* If the server receives the message directly from the client
and the source address in the IP datagram in which the
message was received is not a link-local address, then the
client is on the link identified by the source address in the
IP datagram (note that this situation can occur only if the
server has enabled the use of unicast message delivery by the
client and the client has sent a message for which unicast
delivery is allowed)
- The DUID supplied by the client - The DUID supplied by the client
- Other information in options supplied by the client - Other information in options supplied by the client
- Other information in options supplied by the relay agent - Other information in options supplied by the relay agent
- If the server receives the message directly from the client and A server MUST generate link identifiers for unicast addresses with
the source address in the IP datagram in which the message was the "u" (universal/local) and "g" (individual/group) bits of the
received is not a link-local address, then the client is on the EUI-64 identifier set to 0 (see RFC 2373).
link identified by the source address in the IP datagram (note
that this situation can occur only if the server has enabled the
use of unicast message delivery by the client and the client has
sent a message for which unicast delivery is allowed)
The addresses that the server selects for the client MUST be valid on
the link to which the interface is attached, regardless of the way in
which the server selects the addresses.
14. Management of temporary addresses A server MUST NOT assign an address that is otherwise reserved by
IANA.
A client may be assigned temporary addresses [16]. Clients and 12. Management of temporary addresses
servers simply label addresses as "temporary". DHCPv6 handling
of address lifetimes and lifetime extensions is no different for A client may be assigned temporary addresses (temporary addresses
temporary addresses. DHCPv6 says nothing about details of temporary are defined in RFC 3041 [14]). Clients and servers simply identify
addresses like lifetimes, lifetime extensions, how clients use addresses as "temporary". DHCPv6 handling of address assignment is
no different for temporary addresses. DHCPv6 says nothing about
details of temporary addresses like lifetimes, how clients use
temporary addresses, rules for generating successive temporary temporary addresses, rules for generating successive temporary
addresses, etc. addresses, etc.
In DHCP, temporary addresses are identified with T-bit set in the IA Clients ask for temporary addresses and servers assign them.
Address Option(see section 23.5). A client may have zero or more Temporary addresses are carried in the Identity Association for
temporary addresses. Addresses with the T-bit set MUST be intended Temporary Addresses (IA_TA) option (see section 22.5). Each IA_TA
for the client to use for the general purposes described in RFC3041. option contains at most one temporary address for each of the
Addresses that otherwise have short lifetimes or are not intended to prefixes on the link to which the client is attached.
be renewed by the server MUST NOT have the T-bit set.
Clients ask for temporary addresses and servers assign them. When
a client sends an IA to a server, the client lists all of the
temporary addresses it knows about and optionally indicates how many
additional temporary addresses it wants in the Requested Temporary
Addresses Option(see section 23.6). The server compares the number
of requested additional temporary addresses against any previously
allocated temporary addresses for the IA that were not reported
by the client in the IA but still have some reasonable preferred
lifetime left. If the number of temporary addresses is less than the
requested number, the server adds additional temporary addresses to
the IA to satisfy the requested number (subject to server policy).
DISCUSSION:
It is important that the server include any allocated
temporary addresses that were not reported by the client as
it is possible the client never received an earlier Reply
that contained these additional temporary addresses. If
the server did not consider these, a client that fails to
receive a server's reply might cause the server to allocate
many temporary addresses.
When the valid lifetime on a temporary address expires, both the Unless otherwise stated, an IA_TA option is used in the same way in
client and server silently discard the address from the IA. The as an IA option. In the protocol specification, unless otherwise
discarded address no longer counts against the client's allotment of stated, a reference to an IA should be read as either an IA or an
temporary addresses. IA_TA.
A server SHOULD NOT assign a client temporary addresses without the The IAID number space for the IA_TA option IAID number space is
client having specifically asked for it. The client is not obligated separate from the IA option IAID number space.
to install address(es) that it receives and did not request and can
release any addresses it does not want.
The server MAY update the DNS for a temporary address as described in The server MAY update the DNS for a temporary address as described in
section 4 of RFC3041, and MUST NOT update the DNS in any other way section 4 of RFC3041, and MUST NOT update the DNS in any other way
for a temporary address. for a temporary address.
15. Reliability of Client Initiated Message Exchanges 13. Transmission of messages by a client
Unless otherwise specified, a client sends DHCP messages to the
All_DHCP_Relay_Agents_and_Servers or the DHCP_Anycast address.
If the client is attached to a link that supports multicast
transmission, the client sends DHCP messages to the
All_DHCP_Relay_Agents_and_Servers address. If the client is
attached to a link that does not support multicast transmission, the
client uses the DHCP_Anycast address.
A client may send some messages directly to a server using unicast,
as described in section 22.13.
14. Reliability of Client Initiated Message Exchanges
DHCP clients are responsible for reliable delivery of messages in the DHCP clients are responsible for reliable delivery of messages in the
client-initiated message exchanges described in sections 18 and 19. client-initiated message exchanges described in sections 17 and 18.
If a DHCP client fails to receive an expected response from a server, If a DHCP client fails to receive an expected response from a server,
the client must retransmit its message. This section describes the the client must retransmit its message. This section describes the
retransmission strategy to be used by clients in client-initiated retransmission strategy to be used by clients in client-initiated
message exchanges. message exchanges.
Note that the procedure described in this section is slightly Note that the procedure described in this section is slightly
modified for use with the Solicit message (section 18.1.2). modified for use with the Solicit message (section 17.1.2).
The client begins the message exchange by transmitting a message to The client begins the message exchange by transmitting a message to
the server. The message exchange terminates when either the client the server. The message exchange terminates when either the client
successfully receives the appropriate response or responses from a successfully receives the appropriate response or responses from a
server or servers, or when the message exchange is considered to have server or servers, or when the message exchange is considered to have
failed according to the retransmission mechanism described below. failed according to the retransmission mechanism described below.
The client retransmission behavior is controlled and described by the The client retransmission behavior is controlled and described by the
following variables: following variables:
skipping to change at page 24, line 34 skipping to change at page 23, line 26
MRD specifies an upper bound on the length of time a client may MRD specifies an upper bound on the length of time a client may
retransmit a message. If MRD has a value of 0, the client MUST retransmit a message. If MRD has a value of 0, the client MUST
continue to retransmit the original message until a response is continue to retransmit the original message until a response is
received. Otherwise, the message exchange fails once the client has received. Otherwise, the message exchange fails once the client has
transmitted the message MRD seconds. transmitted the message MRD seconds.
If both MRC and MRD are non-zero, the message exchange fails whenever If both MRC and MRD are non-zero, the message exchange fails whenever
either of the conditions specified in the previous two paragraphs are either of the conditions specified in the previous two paragraphs are
met. met.
16. Message validation 15. Message validation
Servers MUST discard any received messages that include Servers MUST discard any received messages that include
authentication information and fail the authentication check by the authentication information and fail the authentication check by the
server. server.
Clients MUST discard any received messages that include Clients MUST discard any received messages that include
authentication information and fail the authentication check by the authentication information and fail the authentication check by the
client, except as noted in section 22.6.5.2. client, except as noted in section 21.5.5.2.
16.1. Use of Transaction-ID field 15.1. Use of Transaction-ID field
The "transaction-ID" field holds a value used by clients and servers The "transaction-ID" field holds a value used by clients and servers
to synchronize server responses to client messages. A client SHOULD to synchronize server responses to client messages. A client SHOULD
choose a different transaction-ID for each new message it sends. A choose a different transaction-ID for each new message it sends. A
client MUST leave the transaction-ID unchanged in retransmissions of client MUST leave the transaction-ID unchanged in retransmissions of
a message. a message.
16.2. Solicit message 15.2. Solicit message
Clients MUST discard any received Solicit messages. Clients MUST discard any received Solicit messages.
Relay agents MUST discard any Solicit messages received through port
546.
Servers MUST discard any Solicit messages that do not include a Servers MUST discard any Solicit messages that do not include a
Client Identifier option. Client Identifier option.
16.3. Advertise message 15.3. Advertise message
Clients MUST discard any received Advertise messages that meet any of Clients MUST discard any received Advertise messages that meet any of
the following conditions: the following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the message does not include a Client Identifier option - the message does not include a Client Identifier option
- the contents of the Client Identifier option does not match the - the contents of the Client Identifier option does not match the
client's DUID client's DUID
- the "Transaction-ID" field value does not match the value the - the "Transaction-ID" field value does not match the value the
client used in its Solicit message client used in its Solicit message
Servers and relay agents MUST discard any received Advertise Servers and relay agents MUST discard any received Advertise
messages. messages.
16.4. Request message 15.4. Request message
Clients MUST discard any received Request messages. Clients MUST discard any received Request messages.
Relay agents MUST discard any Request messages received through port
546.
Servers MUST discard any received Request message that meet any of Servers MUST discard any received Request message that meet any of
the following conditions: the following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the contents of the Server Identifier option do not match the - the contents of the Server Identifier option do not match the
server's identifier server's identifier
- the message does not include a Client Identifier option - the message does not include a Client Identifier option
16.5. Confirm message 15.5. Confirm message
Clients MUST discard any received Confirm messages. Clients MUST discard any received Confirm messages.
Relay agents MUST discard any Confirm messages received through port
546.
Servers MUST discard any Confirm messages received that do not Servers MUST discard any Confirm messages received that do not
include a Client Identifier option. include a Client Identifier option.
16.6. Renew message 15.6. Renew message
Clients MUST discard any received Renew messages. Clients MUST discard any received Renew messages.
Relay agents MUST discard any Renew messages received through port
546.
Servers MUST discard any received Renew message that meets any of the Servers MUST discard any received Renew message that meets any of the
following conditions: following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the contents of the Server Identifier option do not match the - the contents of the Server Identifier option do not match the
server's identifier server's identifier
- the message does not include a Client Identifier option - the message does not include a Client Identifier option
16.7. Rebind message 15.7. Rebind message
Clients MUST discard any received Rebind messages. Clients MUST discard any received Rebind messages.
Relay agents MUST discard any Rebind messages received through port
546.
Servers MUST discard any received Rebind message that does not Servers MUST discard any received Rebind message that does not
include a Client Identifier option. include a Client Identifier option.
16.8. Decline messages 15.8. Decline messages
Clients MUST discard any received Decline messages. Clients MUST discard any received Decline messages.
Relay agents MUST discard any Decline messages received through port
546.
Servers MUST discard any received Decline message that meets any of Servers MUST discard any received Decline message that meets any of
the following conditions: the following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the contents of the Server Identifier option do not match the - the contents of the Server Identifier option do not match the
server's identifier server's identifier
- the message does not include a Client Identifier option - the message does not include a Client Identifier option
16.9. Release message 15.9. Release message
Clients MUST discard any received Release messages. Clients MUST discard any received Release messages.
Relay agents MUST discard any Release messages received through port Servers MUST discard any received Decline message that meets any of
546. the following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the contents of the Server Identifier option do not match the - the contents of the Server Identifier option do not match the
server's identifier server's identifier
- the message does not include a Client Identifier option - the message does not include a Client Identifier option
16.10. Reply message 15.10. Reply message
Clients MUST discard any received Reply messages that meet any of the Clients MUST discard any received Reply messages that meet any of the
following conditions: following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the "transaction-ID" field in the message does not match the - the "transaction-ID" field in the message does not match the
value used in the original message value used in the original message
- the message does not include a Client Identifier option and the
original message from the client contained a Client Identifier
option
- the message does not include a Client Identifier option - the message includes a Client Identifier option and the contents
of the Client Identifier option does not match the DUID of the
- the contents of the Client Identifier option does not match the client
DUID of the client
Servers and relay agents MUST discard any received Reply messages. Servers and relay agents MUST discard any received Reply messages.
16.11. Reconfigure message 15.11. Reconfigure message
Servers and relay agents MUST discard any received Reconfigure Servers and relay agents MUST discard any received Reconfigure
messages. messages.
Clients MUST discard any Reconfigure messages that meet any of the Clients MUST discard any Reconfigure messages that meet any of the
following conditions: following conditions:
- the message does not include a Server Identifier option - the message does not include a Server Identifier option
- the message does not contain an authentication option - the message does not contain an authentication option
- the message fails the authentication validation performed by the - the message fails the authentication validation performed by the
client client
16.12. Information-request message 15.12. Information-request message
Clients MUST discard any received Information-request messages. Clients MUST discard any received Information-request messages.
Relay agents MUST discard any Information-request messages received Servers MAY discard any received Information-request messages that do
through port 546. not include a Client Identifier option.
Servers MAY choose to discard any received Information-request
messages that do not include a Client Identifier option.
Servers MUST discard any received Information-request message that Servers MUST discard any received Information-request message that
includes a Server Identifier option and the DUID in the option does includes a Server Identifier option and the DUID in the option does
not match the server's DUID. not match the server's DUID.
16.13. Relay-forward message 15.13. Relay-forward message
Clients MUST discard any received Relay-forward messages. Clients MUST discard any received Relay-forward messages.
16.14. Relay-reply message 15.14. Relay-reply message
Clients and servers MUST discard any received Relay-reply messages. Clients and servers MUST discard any received Relay-reply messages.
17. Client Source Address and Interface Selection 16. Client Source Address and Interface Selection
When a client sends a DHCP message to the All_DHCP_Agents multicast When a client sends a DHCP message to the
address, it MUST use the IPv6 link-local address assigned to All_DHCP_Relay_Agents_and_Servers multicast address, it MUST
the interface for which the client is interested in obtaining use the IPv6 link-local address assigned to the interface for which
configuration as the source address in the header of the IP datagram. the client is interested in obtaining configuration as the source
address in the header of the IP datagram.
When a client sends a DHCP message directly to a server using unicast When a client sends a DHCP message to the DHCP_Anycast address, it
(after receiving the Server Unicast option from that server), it MUST use an address assigned to the interface for which the client
MUST use an address assigned to the interafce for which the client
is interested in obtaining configuration, which is suitable for use is interested in obtaining configuration, which is suitable for use
by the server in responding to the client, as the source address in by the server in responding to the client, as the source address in
the header of the IP datagram. See "Default Address Selection for the header of the IP datagram. See "Default Address Selection for
IPv6" [6] for more details. IPv6" [4] for more details.
When a client sends a DHCP message directly to a server using unicast
(after receiving the Server Unicast option from that server), it MUST
use an address assigned to the interface for which the client is
interested in obtaining configuration, which is suitable for use by
the server in responding to the client, as the source address in the
header of the IP datagram.
The client MUST transmit the message on the link that the interface The client MUST transmit the message on the link that the interface
for which configuration information is being obtained is attached for which configuration information is being obtained is attached
to. The client SHOULD send the message through that interface. The to. The client SHOULD send the message through that interface. The
client MAY send the message through another interface attached to the client MAY send the message through another interface attached to the
same link if and only if the client is certain the two interface are same link if and only if the client is certain the two interface are
attached to the same link. attached to the same link.
18. DHCP Server Solicitation 17. DHCP Server Solicitation
This section describes how a client locates servers that will assign This section describes how a client locates servers that will assign
addresses to IAs belonging to the client. addresses to IAs belonging to the client.
The client is responsible for creating IAs and requesting that a The client is responsible for creating IAs and requesting that a
server assign configuration information, including IPv6 addresses, server assign configuration information, including IPv6 addresses,
to the IA. The client first creates an IA and assigns it an IAID. to the IA. The client first creates an IA and assigns it an IAID.
The client then transmits a Solicit message containing an IA option The client then transmits a Solicit message containing an IA option
describing the IA. Servers that can assign configuration information describing the IA. Servers that can assign configuration information
to the IA respond to the client with an Advertise message. The to the IA respond to the client with an Advertise message. The
client then initiates a configuration exchange as described in client then initiates a configuration exchange as described in
section 19. section 18.
18.1. Client Behavior 17.1. Client Behavior
A client uses the Solicit message to discover DHCP servers configured A client uses the Solicit message to discover DHCP servers configured
to serve addresses on the link to which the client is attached. to serve addresses on the link to which the client is attached.
18.1.1. Creation of Solicit messages 17.1.1. Creation of Solicit messages
The client sets the "msg-type" field to SOLICIT. The client generates The client sets the "msg-type" field to SOLICIT. The client generates
a transaction ID and inserts this value in the "transaction-ID" a transaction ID and inserts this value in the "transaction-ID"
field. field.
The client MUST include a Client Identifier option to identify itself The client MUST include a Client Identifier option to identify itself
to the server. The client MUST include one or more IA options for to the server. The client MUST include one or more IA options for
any IAs to which it wants the server to assign addresses. The client any IAs to which it wants the server to assign addresses. The client
MAY include addresses in the IAs as a hint to the server about MAY include addresses in the IAs as a hint to the server about
addresses for which the client has a preference. The client MAY addresses for which the client has a preference. The client MUST
include an Option Request Option in the Solicit message. The client NOT include any other options except those specifically allowed as
MUST NOT include any other options except those specifically allowed defined by specific options.
as defined by specific options.
If the client chooses to request specific options from the server, The client may send just IA options for the assignment of
it does so by including an Option Request option (see section 23.7, non-temporary addresses, just IA_TA options for the assignment of
which MUST include all of the options the client is requesting. The only temporary options, or a mix of both IA and IA_TA options.
client MAY include options with data values as hints to the server
about parameter values the client would like to have returned.
18.1.2. Transmission of Solicit Messages The client MAY request specific options from the server by including
an Option Request option (see section 22.7) indicating the options
the client is interested in receiving. The client MAY include
options with data values as hints to the server about parameter
values the client would like to have returned.
The client sends the Solicit message to the All_DHCP_Agents multicast If the client will accept a Reply message with committed address
address. assignments and other resources in response to the Solicit message,
the client includes a Rapid Commit option (see section 22.15) in the
Solicit message.
17.1.2. Transmission of Solicit Messages
The first Solicit message from the client on the interface MUST The first Solicit message from the client on the interface MUST
be delayed by a random amount of time between MIN_SOL_DELAY and be delayed by a random amount of time between MIN_SOL_DELAY and
MAX_SOL_DELAY. This random delay desynchronizes clients which start MAX_SOL_DELAY. In the case of a Solicit message transmitted when DHCP
at the same time (e.g., after a power outage). is initiated by IPv6 Neighbor Discovery, the delay gives the amount
of time to wait after the ManagedFlag changes from FALSE to TRUE (see
section 5.5.3 of RFC2462). This random delay desynchronizes clients
which start at the same time (for example, after a power outage).
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT SOL_TIMEOUT IRT SOL_TIMEOUT
MRT SOL_MAX_RT MRT SOL_MAX_RT
MRC 0 MRC 0
MRD 0 MRD 0
The mechanism in section 15 is modified as follows for use in the If the client has included a Rapid Commit option and is waiting for
transmission of Solicit messages. The message exchange is not a Reply message, the client terminates the retransmission process as
terminated by the receipt of an Advertise before IRT has elapsed. soon as a Reply message is received.
Rather, the client collects Advertise messages until IRT has elapsed.
Also, the first RT MUST be selected to be strictly greater than IRT
by choosing RAND to be strictly greater than 0.
A client MUST collect Advertise messages for IRT seconds, unless If the client is waiting for an Advertise message, the mechanism in
it receives an Advertise message with a preference value of 255. section 14 is modified as follows for use in the transmission of
The preference value is carried in the Preference option (section Solicit messages. The message exchange is not terminated by the
23.8). Any Solicit that does not include a Preference option is receipt of an Advertise before IRT has elapsed. Rather, the client
considered to have a preference value of 0. If the client receives collects Advertise messages until IRT has elapsed. Also, the first
an Advertise message with a preference value of 255, then the client RT MUST be selected to be strictly greater than IRT by choosing RAND
MAY act immediately on that Advertise message without waiting for any to be strictly greater than 0.
A client MUST collect Advertise messages for IRT seconds, unless it
receives an Advertise message with a preference value of 255. The
preference value is carried in the Preference option (section 22.8).
Any Solicit that does not include a Preference option is considered
to have a preference value of 0. If the client receives an Advertise
message with a preference value of 255, then the client SHOULD
act immediately on that Advertise message without waiting for any
additional Advertise messages. additional Advertise messages.
If the client does not receive any Advertise messages before IRT If the client does not receive any Advertise messages before IRT
has elapsed, it begins the retransmission mechanism described in has elapsed, it begins the retransmission mechanism described in
section 15. The client terminates the retransmission process as section 14. The client terminates the retransmission process as
soon as it recieves any Advertise message, and the client acts on soon as it receives any Advertise message, and the client acts on
the received Advertise message without waiting for any additional the received Advertise message without waiting for any additional
Advertise messages. Advertise messages.
A DHCP client SHOULD choose MRC and MRD to be 0. If the DHCP client A DHCP client SHOULD choose MRC and MRD to be 0. If the DHCP client
is configured with either MRC or MRD set to a value other than is configured with either MRC or MRD set to a value other than
0, it MUST stop trying to configure the interface if the message 0, it MUST stop trying to configure the interface if the message
exchange fails. After the DHCP client stops trying to configure the exchange fails. After the DHCP client stops trying to configure the
interface, it SHOULD choose to restart the reconfiguration process interface, it SHOULD choose to restart the reconfiguration process
after some external event, such as user input, system restart, or after some external event, such as user input, system restart, or
when the client is attached to a new link. when the client is attached to a new link.
18.1.3. Receipt of Advertise messages 17.1.3. Receipt of Advertise messages
The client MUST ignore any Advertise message that includes a Status The client MUST ignore any Advertise message that includes a Status
Code option containing the value AddrUnavail, with the exception that Code option containing the value AddrUnavail, with the exception that
the client MAY display the associated status message to the user. the client MAY display the associated status message to the user.
Upon receipt of one or more valid Advertise messages, the client Upon receipt of one or more valid Advertise messages, the client
selects one or more Advertise messages based upon the following selects one or more Advertise messages based upon the following
criteria. criteria.
- Those Advertise messages with the highest server preference value - Those Advertise messages with the highest server preference value
skipping to change at page 31, line 26 skipping to change at page 30, line 8
returned an advertisement with configuration options of interest returned an advertisement with configuration options of interest
to the client. to the client.
- The client MAY choose a less-preferred server if that server has - The client MAY choose a less-preferred server if that server has
a better set of advertised parameters, such as the available a better set of advertised parameters, such as the available
addresses advertised in IAs. addresses advertised in IAs.
Once a client has selected Advertise message(s), the client will Once a client has selected Advertise message(s), the client will
typically store information about each server, such as server typically store information about each server, such as server
preference value, addresses advertised, when the advertisement was preference value, addresses advertised, when the advertisement was
received, and so on. Depending on the requirements of the user that received, and so on.
invoked the DHCP client, the client MAY initiate a configuration
exchange with the server(s) immediately, or MAY defer this exchange
until later.
If the client needs to select an alternate server in the case that a If the client needs to select an alternate server in the case that a
chosen server does not respond, the client chooses the next server chosen server does not respond, the client chooses the next server
according to the criteria given above. according to the criteria given above.
18.2. Server Behavior 17.1.4. Receipt of Reply message
If the client includes a Rapid Commit option in the Solicit message,
it will expect a Reply message that includes a Rapid Commit option
in response. If the client receives a Reply message, it processes
the message as described in section 18.1.6. If the client does not
receive a Reply message, the client restarts the server solicitation
process by sending a Solicit message that does not include a Rapid
Commit option.
17.2. Server Behavior
A server sends an Advertise message in response to Solicit messages A server sends an Advertise message in response to Solicit messages
it receives to announce the availability of the server to the client. it receives to announce the availability of the server to the client.
18.2.1. Receipt of Solicit messages 17.2.1. Receipt of Solicit messages
The server determines the information about the client and its The server determines the information about the client and its
location as described in section 13. If administrative policy location as described in section 11 and checks its administrative
permits the server to respond to the client, the server will generate policy about responding to the client. If the server is not
and send an Advertise message to the client. permitted to respond to the client, the server discards the Solicit
message.
18.2.2. Creation and transmission of Advertise messages If the client has included a Rapid Commit option in the Solicit
message and the server has been configured to respond with committed
address assignments and other resources, the server responds to the
Solicit with a Reply message as described in section 17.2.3.
Otherwise, the server generates and sends an Advertise message to the
client.
17.2.2. Creation and transmission of Advertise messages
The server sets the "msg-type" field to ADVERTISE and copies the The server sets the "msg-type" field to ADVERTISE and copies the
contents of the transaction-ID field from the Solicit message contents of the transaction-ID field from the Solicit message
received from the client to the Advertise message. The server received from the client to the Advertise message. The server
includes its server identifier in a Server Identifier option. includes its server identifier in a Server Identifier option.
The server MAY add a Preference option to carry the preference value The server MAY add a Preference option to carry the preference value
for the Advertise message. The server implementation SHOULD allow for the Advertise message. The server implementation SHOULD allow
the setting of a server preference value by the administrator. the setting of a server preference value by the administrator.
The server preference value MUST default to zero unless otherwise The server preference value MUST default to zero unless otherwise
configured by the server administrator. configured by the server administrator.
The server MUST include IA options in the Advertise message The server MUST include IA options in the Advertise message
containing any addresses that would be assigned to IAs contained in containing any addresses that would be assigned to IAs contained in
the Solicit message from the client. The server MAY include some or the Solicit message from the client.
all of the IA options from the client in the Advertise message.
If the server will not assign any addresses to IAs in a subsequent If the server will not assign any addresses to IAs in a subsequent
Request from the client, the server SHOULD either send an Advertise Request from the client, the server MUST send an Advertise message to
message to the client that includes only a status code option with the client that includes only a status code option with the status
the status code set to AddrUnavail and a status message for the user code set to AddrUnavail and a status message for the user.
or not respond to the Solicit message.
The server may choose to assign fewer temporary addresses than
the client requested with an RTA option (see section 23.6) and
includes a status code of Success in the IA. If the server will
assign no temporary addresses, the server includes a status code of
AddrUnavail.
The server MAY include other options the server will return to the The server MAY include other options the server will return to the
client in a subsequent Reply message. The information in these client in a subsequent Reply message. The information in these
options will be used by the client in the selection of a server if options will be used by the client in the selection of a server if
the client receives more than one Advertise message. The server the client receives more than one Advertise message. The server
SHOULD include options specifying values for options requested by the SHOULD include options specifying values for options requested by the
client in an Option Request Option included in the Solicit message. client in an Option Request Option included in the Solicit message.
If the Solicit message was received directly by the server, the If the Solicit message was received directly by the server, the
server unicasts the Advertise message directly to the client using server unicasts the Advertise message directly to the client using
skipping to change at page 32, line 49 skipping to change at page 31, line 38
be unicast through the interface on which the Solicit message was be unicast through the interface on which the Solicit message was
received. received.
If the Solicit message was received in a Relay-forward message, If the Solicit message was received in a Relay-forward message,
the server constructs a Relay-reply message with the Advertise the server constructs a Relay-reply message with the Advertise
message in the payload of a "server-message" option. The server message in the payload of a "server-message" option. The server
unicasts the Relay-reply message directly to the relay agent using unicasts the Relay-reply message directly to the relay agent using
the address in the source address field from the IP datagram in which the address in the source address field from the IP datagram in which
the Relay-forward message was received. the Relay-forward message was received.
19. DHCP Client-Initiated Configuration Exchange 17.2.3. Creation and Transmission of Reply messages
A client initiates a message exchange with a server or servers to The server MUST commit the assignment of any addresses or other
acquire or update configuration information of interest. The client configuration information message before sending a Reply message to a
may initiate the configuration exchange as part of the operating client in response to a Solicit message.
system configuration process or when requested to do so by the
application layer.
19.1. Client Behavior DISCUSSION:
When using the Solicit-Advertise message exchange, a server
need not commit the assignment of configuration information
to the client or otherwise keep state about the client
before the server sends the Advertise message to the client.
The client will choose one of the responding servers and
send a Request message to obtain configuration information.
The other servers can make any addresses they might have
offered to the client available for assignment to other
clients.
When using the Solicit-Reply message exchange, the server
commits the assignment of any addresses before sending the
Reply message. The client can assume it has been assigned
the addresses in the Reply message and does not need to send
a Request message for those addresses.
Typically, servers that are configured to use the
Solicit-Reply message exchange will be deployed so that only
one server will respond to a Solicit message. If more than
one server responds, the client will only use the addresses
from one of the servers and the addresses from the other
servers will be committed to the client but not used by the
client.
The server includes a Rapid Commit option in the Reply message to
indicate that the Reply is in response to a Solicit message.
The server produces the Reply message as though it had received
a Request message, as described in section 18.2.1. The server
transmits the Reply message as described in section 18.2.8.
18. DHCP Client-Initiated Configuration Exchange
A client initiates a message exchange with a server or servers
to acquire or update configuration information of interest. The
client may initiate the configuration exchange as part of the
operating system configuration process, when requested to do
so by the application layer, when required by Stateless Address
Autoconfiguration or as required to extend the lifetime of an address
(Rebind and Renew messages).
18.1. Client Behavior
A client will use Request, Confirm, Renew, Rebind and A client will use Request, Confirm, Renew, Rebind and
Information-request messages to acquire and confirm the Information-request messages to acquire and confirm the
validity of configuration information. The client uses the server validity of configuration information. The client uses the server
identifier information and information about IAs from previous identifier information and information about IAs from previous
Advertise messages for use in constructing Request messages. Note Advertise messages for use in constructing Request messages.
that a client may request configuration information from one or more
servers at any time.
19.1.1. Creation and transmission of Request messages 18.1.1. Creation and transmission of Request messages
The client uses a Request message to populate IAs with addresses The client uses a Request message to populate IAs with addresses
and obtain other configuration information. The client includes and obtain other configuration information. The client includes
one or more IA options in the Request message, with addresses and one or more IA options in the Request message, with addresses and
information about the IAs that were obtained from the server in a information about the IAs that were obtained from the server in a
previous Advertise message. The server then returns addresses and previous Advertise message. The server then returns addresses and
other information about the IAs to the client in IA options in a other information about the IAs to the client in IA options in a
Reply message. Reply message.
The client generates a transaction ID and inserts this value in the The client generates a transaction ID and inserts this value in the
"transaction-ID" field. "transaction-ID" field.
The client places the identifier of the destination server in a The client places the identifier of the destination server in a
Server Identifier option. Server Identifier option.
The client MUST include a Client Identifier option to identify itself The client MUST include a Client Identifier option to identify itself
to the server. The client adds any other appropriate options, to the server. The client adds any other appropriate options,
including one or more IA options (if the client is requesting that including one or more IA options (if the client is requesting that
the server assign it some network addresses). The list of addresses the server assign it some network addresses).
in each included IA MUST include the addresses received by the client
in a previous Advertise message.
If the client chooses to request specific options from the server, If the client chooses to request specific options from the server,
it does so by including an Option Request option (see section 23.7, it does so by including an Option Request option (see section 22.7),
which MUST include all of the options the client is requesting. The which MUST include all of the options the client is requesting. The
client MAY include options with data values as hints to the server client MAY include options with data values as hints to the server
about parameter values the client would like to have returned. about parameter values the client would like to have returned.
If the client has a source address of sufficient scope that can be If the client has a source address of sufficient scope that can be
used by the server as a return address and the client has received used by the server as a return address and the client has received
a Server Unicast option (section 23.13) from the server, the client a Server Unicast option (section 22.13) from the server, the client
SHOULD unicast the Request message to the server. Otherwise, the SHOULD unicast the Request message to the server.
client MUST send the Request message to the All_DHCP_Agents multicast
address.
DISCUSSION: DISCUSSION:
Use of multicast and relay agents enables the inclusion of Use of multicast or anycast on a link and relay agents
relay agent options in all messages sent by the client. The enables the inclusion of relay agent options in all messages
server should enable the use of unicast only when relay sent by the client. The server should enable the use of
agent options will not be used. unicast only when relay agent options will not be used.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT REQ_TIMEOUT IRT REQ_TIMEOUT
MRT REQ_MAX_RT MRT REQ_MAX_RT
MRC REQ_MAX_RC MRC REQ_MAX_RC
MRD 0 MRD 0
If the message exchange fails, the client MAY choose one of the If the message exchange fails, the client MAY choose one of the
following actions: following actions:
- Select another server from a list of servers known to the client; - Select another server from a list of servers known to the client;
e. g., servers that responded with an Advertise message for example, servers that responded with an Advertise message
- Initiate the server discovery process described in section 18 - Initiate the server discovery process described in section 17
- Terminate the configuration process and report failure - Terminate the configuration process and report failure
19.1.2. Creation and transmission of Confirm messages 18.1.2. Creation and transmission of Confirm messages
Whenever a client may have moved to a new link, its IPv6 addresses Whenever a client may have moved to a new link, its IPv6 addresses
and other configuration information may no longer be valid. Examples and other configuration information may no longer be valid. Examples
of times when a client may have moved to a new link include: of times when a client may have moved to a new link include:
o The client reboots o The client reboots
o The client is physically disconnected from a wired connection o The client is physically disconnected from a wired connection
o The client returns from sleep mode o The client returns from sleep mode
skipping to change at page 35, line 6 skipping to change at page 34, line 36
The client sets the "msg-type" field to CONFIRM. The client generates The client sets the "msg-type" field to CONFIRM. The client generates
a transaction ID and inserts this value in the "transaction-ID" a transaction ID and inserts this value in the "transaction-ID"
field. field.
The client MUST include a Client Identifier option to identify itself The client MUST include a Client Identifier option to identify itself
to the server. The client adds any appropriate options, including to the server. The client adds any appropriate options, including
one or more IA options. The client MUST include the addresses the one or more IA options. The client MUST include the addresses the
client currently has associated with those IAs. client currently has associated with those IAs.
If the client chooses to request specific options from the server, If the client chooses to request specific options from the server,
it does so by including an Option Request option (see section 23.7, it does so by including an Option Request option (see section 22.7,
which MUST include all of the options the client is requesting. The which MUST include all of the options the client is requesting. The
client MAY include options with data values as hints to the server client MAY include options with data values as hints to the server
about parameter values the client would like to have returned. about parameter values the client would like to have returned.
The client sends the Confirm message to the All_DHCP_Agents multicast When the client sends the Confirm message, it MUST use an IPv6
address. The client MUST use an IPv6 address that the client has address that the client has confirmed to be valid on the link to
confirmed to be valid on the link to which it is currently attached which it is currently attached and that is assigned to the interface
and that is assigned to the interface for which the client is for which the client is interested in obtaining configuration
interested in obtaining configuration information as the source information as the source address in the IP header of the datagram
address in the IP header of the datagram carrying the Confirm carrying the Confirm message.
message.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT CNF_TIMEOUT IRT CNF_TIMEOUT
MRT CNF_MAX_RT MRT CNF_MAX_RT
MRC 0 MRC 0
MRD CNF_MAX_RD MRD CNF_MAX_RD
If the client receives no responses before the message transmission If the client receives no responses before the message transmission
process as described in section 15 terminates, the client SHOULD process as described in section 14 terminates, the client SHOULD
continue to use any IP addresses, using the last known lifetimes for continue to use any IP addresses, using the last known lifetimes for
those addresses, and SHOULD continue to use any other previously those addresses, and SHOULD continue to use any other previously
obtained configuration parameters. obtained configuration parameters.
19.1.3. Creation and transmission of Renew messages 18.1.3. Creation and transmission of Renew messages
To extend the valid and preferred lifetimes associated with To extend the valid and preferred lifetimes associated with
addresses, the client sends a Renew message to the server containing addresses, the client sends a Renew message to the server containing
an "IA option" for the IA and its associated addresses. The server an IA option for the IA and its associated addresses. The server
determines new lifetimes for the addresses in the IA according to the determines new lifetimes for the addresses in the IA according to the
administrative configuration of the server. The server may also add administrative configuration of the server. The server may also add
new addresses to the IA. The server may remove addresses from the IA new addresses to the IA. The server may remove addresses from the IA
by setting the preferred and valid lifetimes of those addresses to by setting the preferred and valid lifetimes of those addresses to
zero. zero.
The server controls the time at which the client contacts the server The server controls the time at which the client contacts the server
to extend the lifetimes on assigned addresses through the T1 and T2 to extend the lifetimes on assigned addresses through the T1 and T2
parameters assigned to an IA. parameters assigned to an IA.
If T1 or T2 is set to 0 by the server, the client does not send a
Renew or Rebind message, respectively, for the IA.
At time T1 for an IA, the client initiates a Renew/Reply message At time T1 for an IA, the client initiates a Renew/Reply message
exchange to extend the lifetimes on any addresses in the IA. The exchange to extend the lifetimes on any addresses in the IA. The
client includes an IA option with all addresses currently assigned to client includes an IA option with all addresses currently assigned to
the IA in its Renew message. the IA in its Renew message.
The client sets the "msg-type" field to RENEW. The client generates a The client sets the "msg-type" field to RENEW. The client generates a
transaction ID and inserts this value in the "transaction-ID" field. transaction ID and inserts this value in the "transaction-ID" field.
The client places the identifier of the destination server in a The client places the identifier of the destination server in a
Server Identifier option. Server Identifier option.
The client MUST include a Client Identifier option to identify The client MUST include a Client Identifier option to identify
itself to the server. The client adds any appropriate options, itself to the server. The client adds any appropriate options,
including one or more IA options (if the client is requesting that including one or more IA options. The client MUST include the list
the server extend the lifetimes of the addresses assigned to those of addresses the client currently has associated with the IAs in the
IAs; note that the client may check the status of other configuration Renew message.
parameters without asking for lifetime extensions). The client MUST
include the list of addresses the client currently has associated
with the IAs in the Renew message.
If the client chooses to request specific options from the server, If the client chooses to request specific options from the server,
it does so by including an Option Request option (see section 23.7, it does so by including an Option Request option (see section 22.7),
which MUST include all of the options the client is requesting. The which MUST include all of the options the client is requesting. The
client MAY include options with data values as hints to the server client MAY include options with data values as hints to the server
about parameter values the client would like to have returned. about parameter values the client would like to have returned.
If the client has a source address of sufficient scope that can be If the client has a source address of sufficient scope that can be
used by the server as a return address and the client has received used by the server as a return address and the client has received a
a Server Unicast option (section 23.13) from the server, the client Server Unicast option (see section 22.13) from the server, the client
SHOULD unicast the Renew message to the server. Otherwise, the SHOULD unicast the Renew message to the server.
client sends the Renew message to the All_DHCP_Agents multicast
address.
DISCUSSION: DISCUSSION:
Use of multicast and relay agents enables the inclusion of Use of multicast or anycast on a link and relay agents
relay agent options in all messages sent by the client. The enables the inclusion of relay agent options in all messages
server MUST NOT enable the use of unicast for a client when sent by the client. The server MUST NOT enable the use of
relay agent options are required for that client. unicast for a client when relay agent options are required
for that client.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT REN_TIMEOUT IRT REN_TIMEOUT
MRT REP_MAX_RT MRT REP_MAX_RT
MRC 0 MRC 0
MRD 0 MRD 0
The mechanism in section 15 is modified as follows for use in the The mechanism in section 14 is modified as follows for use in the
transmission of Renew messages. The message exchange is terminated transmission of Renew messages. The message exchange is terminated
when time T2 is reached (see section 19.1.4), at which time the when time T2 is reached (see section 18.1.4), at which time the
client begins a Rebind message exchange. client begins a Rebind message exchange.
19.1.4. Creation and transmission of Rebind messages 18.1.4. Creation and transmission of Rebind messages
At time T2 for an IA (which will only be reached if the server to At time T2 for an IA (which will only be reached if the server to
which the Renew message was sent at time T1 has not responded), which the Renew message was sent at time T1 has not responded),
the client initiates a Rebind/Reply message exchange. The client the client initiates a Rebind/Reply message exchange. The client
includes an IA option with all addresses currently assigned to the includes an IA option with all addresses currently assigned to the IA
IA in its Rebind message. The client sends this message to the in its Rebind message.
All_DHCP_Agents multicast address.
The client sets the "msg-type" field to REBIND. The client generates The client sets the "msg-type" field to REBIND. The client generates
a transaction ID and inserts this value in the "transaction-ID" a transaction ID and inserts this value in the "transaction-ID"
field. field.
The client MUST include a Client Identifier option to identify The client MUST include a Client Identifier option to identify
itself to the server. The client adds any appropriate options, itself to the server. The client adds any appropriate options,
including one or more IA options. The client MUST include the list including one or more IA options. The client MUST include the list
of addresses the client currently has associated with the IAs in the of addresses the client currently has associated with the IAs in the
Rebind message. Rebind message.
If the client chooses to request specific options from the server, If the client chooses to request specific options from the server,
it does so by including an Option Request option (see section 23.7, it does so by including an Option Request option (see section 22.7),
which MUST include all of the options the client is requesting. The which MUST include all of the options the client is requesting. The
client MAY include options with data values as hints to the server client MAY include options with data values as hints to the server
about parameter values the client would like to have returned. about parameter values the client would like to have returned.
The client sends the Rebind message to the All_DHCP_Agents multicast The client transmits the message according to section 14, using the
address.
The client transmits the message according to section 15, using the
following parameters: following parameters:
IRT REB_TIMEOUT IRT REB_TIMEOUT
MRT REB_MAX_RT MRT REB_MAX_RT
MRC 0 MRC 0
MRD 0 MRD 0
The mechanism in section 15 is modified as follows for use in the The mechanism in section 14 is modified as follows for use in the
transmission of Rebind messages. The message exchange is terminated transmission of Rebind messages. The message exchange is terminated
when the lifetimes of all of the addresses assigned to the IA expire when the lifetimes of all of the addresses assigned to the IA expire
(see section 12), at which time the client has several alternative (see section 10), at which time the client has several alternative
actions to choose from: actions to choose from:
- The client may choose to use a Solicit message to locate a new - The client may choose to use a Solicit message to locate a new
DHCP server and send a Request for the expired IA to the new DHCP server and send a Request for the expired IA to the new
server server
- The client may have other addresses in other IAs, so the client - The client may have other addresses in other IAs, so the client
may choose to discard the expired IA and use the addresses in the may choose to discard the expired IA and use the addresses in the
other IAs other IAs
19.1.5. Creation and Transmission of Information-request messages 18.1.5. Creation and Transmission of Information-request messages
The client uses an Information-request message to obtain The client uses an Information-request message to obtain
configuration information without having addresses assigned to it. configuration information without having addresses assigned to it.
The client sets the "msg-type" field to INFORMATION-REQUEST. The The client sets the "msg-type" field to INFORMATION-REQUEST. The
client generates a transaction ID and inserts this value in the client generates a transaction ID and inserts this value in the
"transaction-ID" field. "transaction-ID" field.
The client SHOULD include a Client Identifier option to identify The client SHOULD include a Client Identifier option to identify
itself to the server. If the client does not include a Client itself to the server. If the client does not include a Client
Identifier option, the server will not be able to return any Identifier option, the server will not be able to return any
client-specific options to the client. client-specific options to the client, or the server may choose not
to respond to the message at all.
If the client chooses to request specific options from the server, If the client chooses to request specific options from the server,
it does so by including an Option Request option (see section 23.7, it does so by including an Option Request option (see section 22.7),
which MUST include all of the options the client is requesting. The which MUST include all of the options the client is requesting. The
client MAY include options with data values as hints to the server client MAY include options with data values as hints to the server
about parameter values the client would like to have returned. The about parameter values the client would like to have returned. The
client MUST NOT include any IA options. client MUST NOT include any IA options.
If the client has an IPv6 address of sufficient scope, the If the client has an IPv6 address of sufficient scope, the
client MAY choose to send the Information-request message to the client MAY choose to send the Information-request message to the
All_DHCP_Servers multicast address. Otherwise, the client MUST send All_DHCP_Servers multicast address.
the Information-request message to the All_DHCP_Agents multicast
address.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT INF_TIMEOUT IRT INF_TIMEOUT
MRT INF_MAX_RT MRT INF_MAX_RT
MRC 0 MRC 0
MRD 0 MRD 0
19.1.6. Receipt of Reply message in response to a Request, Confirm, 18.1.6. Receipt of Reply message in response to a Request, Confirm,
Renew, Rebind or Information-request message Renew, Rebind or Information-request message
Upon the receipt of a valid Reply message in response to a Request, Upon the receipt of a valid Reply message in response to a Request,
Confirm, Renew, Rebind or Information-request message, the client Confirm, Renew, Rebind or Information-request message, the client
extracts the configuration information contained in the Reply. The extracts the configuration information contained in the Reply. The
client MAY choose to report any status code or message from the client MAY choose to report any status code or message from the
status code option in the Reply message. status code option in the Reply message.
The client SHOULD perform duplicate address detection [21] on each The client SHOULD perform duplicate address detection [19] on each
of the addresses in any IAs it receives in the Reply message after of the addresses in any IAs it receives in the Reply message before
a Request message. If any of the addresses are found to be in use using that address for traffic. If any of the addresses are found
on the link, the client sends a Decline message to the server as to be in use on the link, the client sends a Decline message to the
described in section 19.1.9. server as described in section 18.1.9.
The client records the T1 and T2 times for each IA in the Reply The client records the T1 and T2 times for each IA in the Reply
message. The client records any addresses included with IAs in message. The client records any addresses included with IAs in
the Reply message. The client updates the preferred and valid the Reply message. The client updates the preferred and valid
lifetimes for the addresses in the IA from the lifetime information lifetimes for the addresses in the IA from the lifetime information
in the IA option. The client leaves any addresses that the client in the IA option. The client leaves any addresses that the client
has associated with the IA that are not included in the IA option has associated with the IA that are not included in the IA option
unchanged. unchanged.
The client SHOULD respond to the server with a Release message for
any addresses in the Reply message that have a valid lifetime of 0.
The client constructs and transmits this message as described in
section 19.1.7.
If the Reply was received in response to a Renew or Rebind message, If the Reply was received in response to a Renew or Rebind message,
the client must update the information in any IA option contained in the client must update the information in any IA option contained in
the Reply message. The client adds any new addresses from the IA the Reply message. The client adds any new addresses from the IA
option to the IA, updates lifetimes for existing addresses in the IA option to the IA, updates lifetimes for existing addresses in the IA
from the IA option and discards any addresses with a lifetime of zero from the IA option and discards any addresses with a lifetime of zero
in the IA option. in the IA option.
Management of the specific configuration information is detailed in Management of the specific configuration information is detailed in
the definition of each option, in section 23. the definition of each option, in section 22.
When the client receives a NoPrefixMatch status in an IA from the When the client receives a NotOnLink status in an IA from the server
server the client can assume it needs to send a Request to the server in response to a Confirm message, the client can assume it needs to
to obtain appropriate addresses for the IA. If the client receives send a Request to the server to obtain appropriate addresses for the
any Reply messages that do not indicate a NoPrefixMatch status, the IA. If the client receives any Reply messages that do not indicate
client can use the addresses in the IA and ignore any messages that a NotOnLink status, the client can use the addresses in the IA and
do indicate a NoPrefixMatch status. ignore any messages that do indicate a NotOnLink status.
When the client receives an AddrUnavail status in an IA from the When the client receives an AddrUnavail status in an IA from the
server for a Request message the client will have to find a new server for a Request message the client will have to find a new
server to create an IA. server to create an IA.
When the client receives a NoBinding status in an IA from the server When the client receives a NoBinding status in an IA from the server
for a Confirm message the client can assume it needs to send a
Request to reestablish an IA with the server.
When the client receives a ConfNoMatch status in an IA from the
server for a Confirm message the client can send a Renew message to
the server to extend the lifetimes of the addresses.
When the client receives a NoBinding status in an IA from the server
for a Renew message the client can assume it needs to send a Request for a Renew message the client can assume it needs to send a Request
to reestablish an IA with the server. to reestablish an IA with the server.
When the client receives a RenwNoMatch status in an IA from the
server for a Renew message the client can assume it needs to send a
Request to reestablish an IA with the server.
When the client receives an AddrUnavail status in an IA from the When the client receives an AddrUnavail status in an IA from the
server for a Renew message the client can assume it needs to send a server for a Renew message the client can assume it needs to send a
Request to reestablish an IA with the server. Request to reestablish an IA with the server.
When the client receives a NoBinding status in an IA from the server When the client receives a NoBinding status in an IA from the server
for a Rebind message the client can assume it needs to send a Request for a Rebind message the client can assume it needs to send a Request
to reestablish an IA with the server or try another server. to reestablish an IA with the server or try another server.
When the client receives a RebdNoMatch status in an IA from the
server for a Rebind message the client can assume it needs to send a
Request to reestablish an IA with the server or try another server.
When the client receives an AddrUnavail status in an IA from the When the client receives an AddrUnavail status in an IA from the
server for a Rebind message the client can assume it needs to send a server for a Rebind message the client can assume it needs to send a
Request to reestablish an IA with the server or try another server. Request to reestablish an IA with the server or try another server.
19.1.7. Creation and transmission of Release messages 18.1.7. Creation and transmission of Release messages
To release one or more addresses, a client sends a Release message to
the server.
The client sets the "msg-type" field to RELEASE. The client generates The client sets the "msg-type" field to RELEASE. The client generates
a transaction ID and places this value in the "transaction-ID" field. a transaction ID and places this value in the "transaction-ID" field.
The client places the identifier of the server that allocated the The client places the identifier of the server that allocated the
address(es) a Server Identifier option. address(es) in a Server Identifier option.
The client MUST include a Client Identifier option to identify itself The client MUST include a Client Identifier option to identify itself
to the server. The client includes options containing the IAs it to the server. The client includes options containing the IAs for
is releasing in the "options" field. The addresses to be released the addresses it is releasing in the "options" field. The addresses
MUST be included in the IAs. The client continues to use any other to be released MUST be included in the IAs. Any addresses for the
addresses in the IAs. The appropriate "status" field in the options IAs the client wishes to continue to use should not be in added to
MUST be set to indicate the reason for the release. the IAs.
The client MUST NOT use any of the addresses in the IAs in the The client MUST NOT use any of the addresses if is releasing as
message as the source address in the Release message or in any the source address in the Release message or in any subsequently
subsequently transmitted message. transmitted message.
If the client has a source address of sufficient scope that can be If the client has a source address of sufficient scope that can be
used by the server as a return address and the client has received used by the server as a return address and the client has received
a Server Unicast option (section 23.13) from the server, the client a Server Unicast option (section 22.13) from the server, the client
SHOULD unicast the Release message to the server. Otherwise, the SHOULD unicast the Release message to the server.
client MUST send the Release message to the All_DHCP_Agents multicast
address.
DISCUSSION: DISCUSSION:
Use of multicast and relay agents enables the inclusion of Use of multicast or anycast on a link and relay agents
relay agent options in all messages sent by the client. The enables the inclusion of relay agent options in all messages
server MUST NOT enable the use of unicast for a client when sent by the client. The server MUST NOT enable the use of
relay agent options are required for that client. unicast for a client when relay agent options are required
for that client.
A client MAY choose to wait for a Reply message from the server in The client SHOULD choose to guarantee the delivery of the Release
response to the Release message. If the client does wait for a message using the retransmission strategy in section 14. An example
Reply, the client MAY choose to retransmit the Release message. of a situation in which a client would not guarantee delivery would
be when the client is powering down or restarting because of some
error condition.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT REL_TIMEOUT IRT REL_TIMEOUT
MRT 0 MRT 0
MRC REL_MAX_MRC MRC REL_MAX_MRC
MRD 0 MRD 0
The client MUST abandon the attempt to release addresses if the The client MUST abandon the attempt to release addresses if the
Release message exchange fails. Release message exchange fails.
The client MUST stop using all of the addresses in the IA(s) being The client MUST stop using all of the addresses being released as
released as soon as the client begins the Release message exchange soon as the client begins the Release message exchange process.
process. If an IA is released but the Reply from a DHCP server If addresses are released but the Reply from a DHCP server is
is lost, the client will retransmit the Release message, and the lost, the client will retransmit the Release message, and the
server may respond with a Reply indicating a status of "Nobinding". server may respond with a Reply indicating a status of "Nobinding".
Therefore, the client does not treat a Reply message with a status Therefore, the client does not treat a Reply message with a status
of "Nobinding" in a Release message exchange as if it indicates an of "Nobinding" in a Release message exchange as if it indicates an
error. error.
Note that if the client fails to release the IA, the addresses Note that if the client fails to release the addresses, the addresses
assigned to the IA will be reclaimed by the server when the lifetime assigned to the IA will be reclaimed by the server when the lifetime
of the address expires. of the address expires.
19.1.8. Receipt of Reply message in response to a Release message 18.1.8. Receipt of Reply message in response to a Release message
Upon receipt of a valid Reply message, the client can consider the Upon receipt of a valid Reply message, the client can consider the
Release event successful. Release event successful.
19.1.9. Creation and transmission of Decline messages 18.1.9. Creation and transmission of Decline messages
The client sets the "msg-type" field to DECLINE. The client generates The client sets the "msg-type" field to DECLINE. The client generates
a transaction ID and places this value in the "transaction-ID" field. a transaction ID and places this value in the "transaction-ID" field.
The client places the identifier of the server that allocated the The client places the identifier of the server that allocated the
address(es) in a Server Identifier option. address(es) in a Server Identifier option.
The client MUST include a Client Identifier option to identify itself The client MUST include a Client Identifier option to identify itself
to the server. The client includes options containing the IAs it is to the server. The client includes options containing the IAs for
declining in the "options" field. The addresses to be declined MUST the addresses it is declining in the "options" field. The addresses
be included in the IAs. The client continues to use other addresses to be declined MUST be included in the IAs. Any addresses for the
in the IAs. The appropriate "status" field in the options MUST be IAs the client wishes to continue to use should not be in added to
set to indicate the reason for declining the address. the IAs.
The client MUST NOT use any of the addresses in the IAs in the The client MUST NOT use any of the addresses it is declining as
message as the source address in the Decline message or in any the source address in the Decline message or in any subsequently
subsequently transmitted message. transmitted message.
If the client has a source address of sufficient scope that can be If the client has a source address of sufficient scope that can be
used by the server as a return address and the client has received used by the server as a return address and the client has received
a Server Unicast option (section 23.13) from the server, the client a Server Unicast option (section 22.13) from the server, the client
SHOULD unicast the Decline message to the server. Otherwise, the SHOULD unicast the Decline message to the server.
client MUST send the Decline message to the All_DHCP_Agents multicast
address.
DISCUSSION: DISCUSSION:
Use of multicast and relay agents enables the inclusion of Use of multicast or anycast on a link and relay agents
relay agent options in all messages sent by the client. The enables the inclusion of relay agent options in all messages
server MUST NOT enable the use of unicast for a client when sent by the client. The server MUST NOT enable the use of
relay agent options are required for that client. unicast for a client when relay agent options are required
for that client.
The client transmits the message according to section 15, using the The client transmits the message according to section 14, using the
following parameters: following parameters:
IRT DEC_TIMEOUT IRT DEC_TIMEOUT
MRT DEC_MAX_RT MRT DEC_MAX_RT
MRC DEC_MAX_RC MRC DEC_MAX_RC
MRD 0 MRD 0
The client MUST abandon the attempt to decline addresses if the The client MUST abandon the attempt to decline addresses if the
Decline message exchange fails. Decline message exchange fails.
19.1.10. Receipt of Reply message in response to a Decline message 18.1.10. Receipt of Reply message in response to a Decline message
Upon receipt of a valid Reply message, the client can consider the Upon receipt of a valid Reply message, the client can consider the
Decline event successful. Decline event successful.
19.2. Server Behavior 18.2. Server Behavior
For this discussion, the Server is assumed to have been configured in For this discussion, the Server is assumed to have been configured in
an implementation specific manner with configuration of interest to an implementation specific manner with configuration of interest to
clients. clients.
19.2.1. Receipt of Request messages 18.2.1. Receipt of Request messages
The server MAY choose to discard Request messages received via When the server receives a Request message via unicast from a
unicast from a client to which the server has not sent a unicast client to which the server has not sent a unicast option, the server
option. discards the Request message and responds with a Reply message
containing a status code option with value UseMulticast and no other
options.
When the server receives a Request the client is requesting the When the server receives a Request the client is requesting the
configuration of a new IA by the server. The server MUST take the configuration of IAs by the server. The server creates the bindings
IA from the client and associate a binding for that client in an for that client according to the server's policy and configuration
implementation-specific manner within the configuration parameter information and records the IAs and other information about the
database for DHCP clients managed by the server.
Upon the receipt of a valid Request message from a client the server
can respond to, (implementation-specific administrative policy
satisfied) the server scans the options field.
The server then constructs a Reply message and sends it to the
client. client.
The server SHOULD process each option for the client in an The server contructs a Reply message by setting the "msg-type" field
implementation-specific manner. The server MUST construct a Reply to REPLY, copying the transaction ID from the Request message into
message containing the following values: the transaction-ID field.
msg-type REPLY
transaction-ID The transaction-ID from the Request message.
The server MUST include a Server Identifier option containing the The server MUST include a Server Identifier option containing the
server's DUID in the Reply message. server's DUID and the Client Identifier option from the Request
message in the Reply message.
If the server finds that the prefix on one or more IP addresses in If the server finds that the prefix on one or more IP addresses in
any IA in the message from the client is not a valid prefix for the any IA in the message from the client is not a valid prefix for the
link to which the client is connected, the server MUST return the IA link to which the client is connected, the server MUST return the IA
to the client with the status field set to NoPrefixMatch. to the client with the status field set to NotOnLink.
If the server cannot assign any addresses to any of the IAs in
the message from the client, the server SHOULD include the IAs in
the Reply message with the status field set to AddrUnavail and no
addresses in the IA.
For any IAs to which the server can assign addresses, server includes If the server cannot assign any addresses to any of the IAs in the
the IA with addresses and other configuration parameters a status of message from the client, the server MUST include the IAs in the Reply
Success, and add the IA as a new client binding. message with the status field set to AddrUnavail and no addresses in
the IA.
The server may choose to assign fewer temporary addresses than For any IAs to which the server can assign addresses, the server
the client requested with an RTA option (see section 23.6) and includes the IA with addresses and other configuration parameters and
includes a status code of Success in the IA. If the server chooses to records the IA as a new client binding.
assign no temporary addresses, the server includes a status code of
AddrUnavail.
The server adds options to the Reply message for any other The server adds options to the Reply message for any other
configuration information to be assigned to the client. configuration information to be assigned to the client. If the
Request message contained an Option Request option, the server MUST
include options in the Reply message for any options in the Option
Request option the server is configured to return to the client. The
server MAY choose to return other options not specified in the Option
Request option.
19.2.2. Receipt of Confirm messages 18.2.2. Receipt of Confirm messages
When the server receives a Confirm message, the client is requesting When the server receives a Confirm message, the client is requesting
confirmation that the configuration information it will use is valid. confirmation that the configuration information it will use is valid.
The server SHOULD locate the binding for that client and compare the The server locates the binding for that client and compares the
information in the Confirm message from the client to the information information in the Confirm message from the client to the information
associated with that client. associated with that client.
Upon the receipt of a valid Confirm message from a client the server
can respond to, (implementation-specific administrative policy
satisfied) the server scans the options field.
If the server cannot determine if the information in the Confirm
message is valid or invalid, the server MUST NOT send a reply to the
client. For example, if the server does not have a binding for the
client, but the configuration information in the Confirm message
appears valid, the server does not reply.
If the server finds that the information for the client does not If the server finds that the information for the client does not
match what is in the binding for that client or the configuration match what is in the binding for that client or the configuration
information is not valid, the server sends a Reply message containing information is not valid, the server sends a Reply message containing
a Status Code option with the value ConfNoMatch. a Status Code option with the value ConfNoMatch.
If the server finds that the information for the client does match If the server finds that the information for the client does match
the information in the binding for that client, and the configuration the information in the binding for that client, and the configuration
information is still valid, the server sends a Reply message information is still valid, the server sends a Reply message
containing a Status Code option with the value Success. containing a Status Code option with the value Success.
The server SHOULD process each option for the client in an If the server cannot determine if the information in the Confirm
implementation-specific manner. The server MUST construct a Reply message is valid or invalid, the server MUST NOT send a reply to the
message containing the following values: client. For example, if the server does not have a binding for the
client, but the configuration information in the Confirm message
msg-type REPLY appears valid, the server does not reply.
transaction-ID The transaction-ID from the Confirm message. The server contructs a Reply message by setting the "msg-type" field
to REPLY, copying the transaction ID from the Confirm message into
the transaction-ID field.
The server MUST include a Server Identifier option containing the The server MUST include a Server Identifier option containing the
server's DUID in the Reply message. server's DUID and the Client Identifier option from the Confirm
message in the Reply message.
The Reply message from the server MUST contain a Status Code option
and MUST NOT include any other options.
19.2.3. Receipt of Renew messages The Reply message from the server MUST include a Status Code option.
The server MAY choose to discard Renew messages received via unicast 18.2.3. Receipt of Renew messages
from a client to which the server has not sent a unicast option.
Upon the receipt of a valid Renew message from a client the server When the server receives a Renew message via unicast from a client to
can respond to, (implementation-specific administrative policy which the server has not sent a unicast option, the server discards
satisfied) the server scans the options field. the Renew message and responds with a Reply message containing a
status code option with value UseMulticast and no other options.
When the server receives a Renew and IA option from a client it When the server receives a Renew and IA option from a client it
SHOULD locate the clients binding and verify the information in the locates the client's binding and verifies that the information in the
IA from the client matches the information stored for that client. IA from the client matches the information stored for that client.
If the server cannot find a client entry for this IA the server If the server cannot find a client entry for the IA the server
SHOULD return an IA containing no addresses with status set to returns the IA containing no addresses with status set to NoBinding
NoBinding. in the Renew message.
If the server finds that the addresses in the IA for the client
do not match the client binding the server should return an IA
containing no addresses with status set to RenwNoMatch.
If the server cannot Renew addresses for the client it SHOULD send If the server finds that any of the addresses are no longer valid
back an IA containing no addresses to the client with the status for the client, the server returns the address to the client with
field set to AddrUnavail. lifetimes of 0.
If the server finds the addresses in the IA for the client then the If the server finds the addresses in the IA for the client then the
server SHOULD send back the IA to the client with new lifetimes and server sends back the IA to the client with new lifetimes and T1/T2
T1/T2 times if the default is not being used, and set status to times, and includes a Status Code option with value Success. The
Success. The server may choose to change the list of addresses and server may choose to change the list of addresses and the lifetimes
the lifetimes of addresses in IAs that are returned to the client. of addresses in IAs that are returned to the client.
The server may choose to assign fewer temporary addresses than
the client requested with an RTA option (see section 23.6) and
includes a status code of Success in the IA. If the server chooses to
assign no temporary addresses, the server includes a status code of
AddrUnavail.
The server SHOULD process each option for the client in an
implementation-specific manner. The server MUST construct a Reply
message containing the following values:
msg-type REPLY
transaction-ID The transaction-ID from the Confirm message. The server contructs a Reply message by setting the "msg-type" field
to REPLY, copying the transaction ID from the Renew message into the
transaction-ID field.
The server MUST include a Server Identifier option containing the The server MUST include a Server Identifier option containing the
server's DUID in the Reply message. server's DUID and the Client Identifier option from the Renew message
in the Reply message.
19.2.4. Receipt of Rebind messages
Upon the receipt of a valid Rebind message from a client the server 18.2.4. Receipt of Rebind messages
can respond to, (implementation-specific administrative policy
satisfied) the server scans the options field.
When the server receives a Rebind and IA option from a client it When the server receives a Rebind and IA option from a client it
SHOULD locate the clients binding and verify the information in the locates the client's binding and verifies that the information in the
IA from the client matches the information stored for that client. IA from the client matches the information stored for that client.
If the server cannot find a client entry for this IA the server If the server cannot find a client entry for the IA the server
SHOULD return an IA containing no addresses with status set to returns the IA containing no addresses with status set to NoBinding
NoBinding. in the Rebind message.
If the server finds that the addresses in the IA for the client
do not match the client binding the server should return an IA
containing no addresses with status set to RebdNoMatch.
If the server cannot Rebind addresses for the client it SHOULD send If the server finds that the any of the addresses are no longer valid
back an IA containing no addresses to the client with the status for the client, the server returns the address to the client with
field set to AddrUnavail. lifetimes of 0.
If the server finds the addresses in the IA for the client then the If the server finds the addresses in the IA for the client then the
server SHOULD send back the IA to the client with new lifetimes and server SHOULD send back the IA to the client with new lifetimes and
T1/T2 times if the default is not being used, and set status to T1/T2 times if the default is not being used.
Success.
The server may choose to assign fewer temporary addresses than
the client requested with an RTA option (see section 23.6) and
includes a status code of Success in the IA. If the server will
assign no temporary addresses, the server includes a status code of
AddrUnavail.
The server SHOULD process each option for the client in an
implementation-specific manner. The server MUST construct a Reply
message containing the following values:
msg-type REPLY
transaction-ID The transaction-ID from the Confirm message. The server contructs a Reply message by setting the "msg-type" field
to REPLY, copying the transaction ID from the Rebind message into the
transaction-ID field.
The server MUST include a Server Identifier option containing the The server MUST include a Server Identifier option containing the
server's DUID in the Reply message. server's DUID and the Client Identifier option from the Rebind
message in the Reply message.
19.2.5. Receipt of Information-request messages The server adds options to the Reply message for any other
configuration information to be assigned to the client. If the
Rebind message contained an Option Request option, the server MUST
include options in the Reply message for any options in the Option
Request option the server is configured to return to the client. The
server MAY choose to return other options not specified in the Option
Request option.
When the server receives an Information-request message, the client 18.2.5. Receipt of Information-request messages
is requesting configuration information that does not include
the assignment of any addresses. The server SHOULD determine all When the server receives an Information-request message, the
client is requesting configuration information that does not
include the assignment of any addresses. The server determines all
configuration parameters appropriate to the client, based on the configuration parameters appropriate to the client, based on the
server configuration policies known to the server. server configuration policies known to the server.
Upon the receipt of a valid Information-request message from a client The server contructs a Reply message by setting the "msg-type" field
the server can respond to, (implementation-specific administrative to REPLY, copying the transaction ID from the Rebind message into the
policy satisfied) the server scans the options field. The server transaction-ID field.
then constructs a Reply message and sends it to the client.
The server SHOULD process each option for the client in an
implementation-specific manner. The server MUST construct a Reply
message containing the following values:
msg-type REPLY
transaction-ID The transaction-ID from the Confirm message.
The server MUST include a Server Identifier option containing the The server MUST include a Server Identifier option containing the
server's DUID in the Reply message. server's DUID and the Client Identifier option from the Rebind
message in the Reply message.
The server adds options to the Reply message for all of the The server adds options to the Reply message for all of the
configuration parameters to be returned to the client. configuration parameters to be returned to the client. If the
Information-request message contained an Option Request option, the
server MUST include options in the Reply message for any options in
the Option Request option the server is configured to return to the
client. The server MAY choose to return other options not specified
in the Option Request option.
19.2.6. Receipt of Release messages If the Information-request message received from the client did
not include a Client Identifier option, the server SHOULD respond
with a Reply message containing any configuration parameters
that are not determined by the client's identity. If the server
chooses not to respond, the client may continue to retransmit the
Information-request message indefinitely.
The server MAY choose to discard Release messages received via 18.2.6. Receipt of Release messages
unicast from a client to which the server has not sent a unicast
option. When the server receives a Release message via unicast from a
client to which the server has not sent a unicast option, the server
discards the Release message and responds with a Reply message
containing a status code option with value UseMulticast and no other
options.
Upon the receipt of a valid Release message, the server examines the Upon the receipt of a valid Release message, the server examines the
IAs and the addresses in the IAs for validity. If the IAs in the IAs and the addresses in the IAs for validity. If the IAs in the
message are in a binding for the client and the addresses in the IAs message are in a binding for the client and the addresses in the IAs
have been assigned by the server to those IAs, the server deletes have been assigned by the server to those IAs, the server deletes
the addresses from the IAs and makes the addresses available for the addresses from the IAs and makes the addresses available for
assignment to other clients. The server ignores invalid addresses assignment to other clients. The server ignores invalid addresses
(though it may choose to log an error if it finds an invalid (though it may choose to log an error if it finds an invalid
address). address).
After all the addresses have been processed, the server generates a After all the addresses have been processed, the server generates a
Reply message and includes a Status Code option with value Success Reply message and includes a Status Code option with value Success
and a Server Identifier option with the server's DUID. The server and a Server Identifier option with the server's DUID. The server
MUST NOT include any other options in the Reply message. MUST NOT include any other options in the Reply message.
A server is not required to (but may choose to as an implementation If the server cannot find a binding for the client, the server
strategy) retain any record of an IA from which all of the addresses sends a Reply message that includes a Status Code option with value
have been released. NoBinding.
19.2.7. Receipt of Decline messages A server may choose to retain a record of assigned addresses and IAs
after the lifetimes on the addresses have expired to allow the server
to reassign the previously assigned addresses to a client.
The server MAY choose to discard Decline messages received via 18.2.7. Receipt of Decline messages
unicast from a client to which the server has not sent a unicast
option. When the server receives a Decline message via unicast from a
client to which the server has not sent a unicast option, the server
discards the Decline message and responds with a Reply message
containing a status code option with value UseMulticast and no other
options.
Upon the receipt of a valid Decline message, the server examines the Upon the receipt of a valid Decline message, the server examines the
IAs and the addresses in the IAs for validity. If the IAs in the IAs and the addresses in the IAs for validity. If the IAs in the
message are in a binding for the client and the addresses in the IAs message are in a binding for the client and the addresses in the IAs
have been assigned by the server to those IA, the server deletes have been assigned by the server to those IA, the server deletes
the addresses from the IAs. The server SHOULD mark the addresses the addresses from the IAs. The server SHOULD mark the addresses
declined by the client so that those addresses are not assigned to declined by the client so that those addresses are not assigned to
other clients, and MAY choose to make a notification that addresses other clients, and MAY choose to make a notification that addresses
were declined. The server ignores invalid addresses (though it may were declined. The server ignores invalid addresses (though it may
choose to log an error if it finds an invalid address). choose to log an error if it finds an invalid address).
After all the address have been processed, the server generates a After all the address have been processed, the server generates a
Reply message and includes a Status Code option with value Success Reply message and includes a Status Code option with value Success
and a Server Identifier option with the server' DUID. The server MUST and a Server Identifier option with the server's DUID. The server
NOT include any other options in the Reply message. MUST NOT include any other options in the Reply message.
19.2.8. Transmission of Reply messages 18.2.8. Transmission of Reply messages
If the Request, Confirm, Renew, Rebind, Release, Decline or If the Request, Confirm, Renew, Rebind, Release, Decline or
Information-request message from the client was originally received Information-request message from the client was originally received
in a Relay-forward message from a relay, the server places the in a Relay-forward message from a relay, the server places the Reply
Reply message in the options field of a Relay-response message and message in the options field of a Relay-response message and copies
copies the link-address and client-return-address fields from the the link-address and client-address fields from the Relay-forward
Relay-forward message into the Relay-response message. message into the Relay-response message.
The server then unicasts the Reply or Relay-reply to the source The server then unicasts the Reply or Relay-reply to the source
address from the IP datagram in which the original message was address from the IP datagram in which the original message was
received. received.
20. DHCP Server-Initiated Configuration Exchange 19. DHCP Server-Initiated Configuration Exchange
A server initiates a configuration exchange to cause DHCP clients A server initiates a configuration exchange to cause DHCP clients
to obtain new addresses and other configuration information. For to obtain new addresses and other configuration information. For
example, an administrator may use a server-initiated configuration example, an administrator may use a server-initiated configuration
exchange when links in the DHCP domain are to be renumbered. Other exchange when links in the DHCP domain are to be renumbered. Other
examples include changes in the location of directory servers, examples include changes in the location of directory servers,
addition of new services such as printing, and availability of new addition of new services such as printing, and availability of new
software (system or application). software.
20.1. Server Behavior 19.1. Server Behavior
A server sends a Reconfigure message to cause a client to initiate A server sends a Reconfigure message to cause a client to initiate
immediately a Renew/Reply or Information-request/Reply message immediately a Renew/Reply or Information-request/Reply message
exchange with the server. exchange with the server.
20.1.1. Creation and transmission of Reconfigure messages 19.1.1. Creation and transmission of Reconfigure messages
The server sets the "msg-type" field to RECONFIGURE. The server The server sets the "msg-type" field to RECONFIGURE. The server sets
generates a transaction-ID and inserts it in the "transaction-ID" the transaction-id field to 0. The server places its identifier in a
field. The server places its identifier in a Server Identifier Server Identifier option.
option.
The server MAY include an Option Request option to inform the client The server MAY include an Option Request option to inform the client
of what information has been changed or new information that has been of what information has been changed or new information that has been
added. In particular, the server specifies the IA option in the added. In particular, the server specifies the IA option in the
Option Request option if the server wants the client to obtain new Option Request option if the server wants the client to obtain new
address information. address information.
The server MUST include an authentication option with the appropriate The server MUST include an authentication option in the Reconfigure
settings and add that option as the last option in the "options" message. The server MUST include a Reconfigure Message option
field of the Reconfigure message. (defined in section 22.20) to select whether the client responds with
a Renew message or an Information-Request message.
The server MUST NOT include any other options in the Reconfigure The server MUST NOT include any other options in the Reconfigure
except as specifically allowed in the definition of individual except as specifically allowed in the definition of individual
options. options.
A server sends each Reconfigure message to a single DHCP client, A server sends each Reconfigure message to a single DHCP client,
using an IPv6 unicast address of sufficient scope belonging to the using an IPv6 unicast address of sufficient scope belonging to the
DHCP client. The server may obtain the address of the client through DHCP client. The server may obtain the address of the client through
the information that the server has about clients that have been in the information that the server has about clients that have been in
contact with the server, or the server may be configured with the contact with the server, or the server may be configured with the
skipping to change at page 49, line 17 skipping to change at page 47, line 39
of multiple clients concurrently; for example, a server may of multiple clients concurrently; for example, a server may
send a Reconfigure message to additional clients while previous send a Reconfigure message to additional clients while previous
reconfiguration message exchanges are still in progress. reconfiguration message exchanges are still in progress.
The Reconfigure message causes the client to initiate a Renew/Reply The Reconfigure message causes the client to initiate a Renew/Reply
or Information-request/Reply message exchange with the server. The or Information-request/Reply message exchange with the server. The
server interprets the receipt of a Renew or Information-request server interprets the receipt of a Renew or Information-request
message from the client as satisfying the Reconfigure message message from the client as satisfying the Reconfigure message
request. request.
20.1.2. Time out and retransmission of Reconfigure messages 19.1.2. Time out and retransmission of Reconfigure messages
If the server does not receive a Renew or Information-request message If the server does not receive a Renew or Information-request message
from the client in RECREP_MSG_TIMEOUT milliseconds, the server from the client in RECREP_MSG_TIMEOUT milliseconds, the server
retransmits the Reconfigure message, doubles the RECREP_MSG_TIMEOUT retransmits the Reconfigure message, doubles the RECREP_MSG_TIMEOUT
value and waits again. The server continues this process until value and waits again. The server continues this process until
REC_MSG_ATTEMPTS unsuccessful attempts have been made, at which point REC_MSG_ATTEMPTS unsuccessful attempts have been made, at which point
the server SHOULD abort the reconfigure process for that client. the server SHOULD abort the reconfigure process for that client.
Default and initial values for RECREP_MSG_TIMEOUT and Default and initial values for RECREP_MSG_TIMEOUT and
REC_MSG_ATTEMPTS are documented in section 7.5. REC_MSG_ATTEMPTS are documented in section 5.6.
20.1.3. Receipt of Renew messages 19.1.3. Receipt of Renew messages
The server generates and sends Reply message(s) to the client as The server generates and sends Reply message(s) to the client as
described in section 19.2.8, including in the "options" field new described in sections 18.2.3 and 18.2.8, including options for
values for configuration parameters. configuration parameters.
It is possible that the client may send a Renew message after the
server has sent a Reconfigure but before the Reconfigure is received
by the client. In this case, the Renew message from the client
may not include all of the IAs and requests for parameters to be
reconfigured by the server. To accommodate this scenario, the server
MAY choose to send a Reply with the IAs and other parameters to be
reconfigured, even if those IAs and parameters were not in the Renew
message from the client.
20.2. Receipt of Information-request messages
If the server has assigned addresses to one or more IAs that belong The server MAY choose to send a Reply with the IAs and other
to the responding client, the server MUST silently discard the parameters to be reconfigured, even if those IAs and parameters were
Information-request message. not requested in the Renew message from the client.
If the client has requested options in an Option Request option that 19.2. Receipt of Information-request messages
the server is unable to provide to the client, the server MAY send
a Reply message with only those options it can provide. If the
server sends a Reply message that does not include all of the options
requested by the client, it MUST include a Status Code option with
code OptionUnavail.
The server generates and sends Reply message(s) to the client as The server generates and sends Reply message(s) to the client as
described in section 19.2.8, including in the "options" field new described in sections 18.2.5 and 18.2.8, including options for
values for configuration parameters. configuration parameters.
It is possible that the client may send an Information-request The server MAY choose to send a Reply with the other parameters to
message after the server has sent a Reconfigure but before be reconfigured, even if those parameters were not specified in the
the Reconfigure is received by the client. In this case, the Information-request message from the client.
Information-request message from the client may not request all of
the parameters to be reconfigured by the server. To accommodate
this scenario, the server MAY choose to send a Reply with the other
parameters to be reconfigured, even if those parameters were not
specified in the Information-request message from the client.
20.3. Client Behavior 19.3. Client Behavior
A client MUST always monitor UDP port 546 for Reconfigure messages A client MUST accept Reconfigure messages sent to UDP port 546on
on interfaces for which it has acquired DHCP parameters. Since the interfaces for which it has acquired configuration information
through DHCP. These messages may be sent at any time. Since the
results of a reconfiguration event may affect application layer results of a reconfiguration event may affect application layer
programs, the client SHOULD log these events, and MAY notify these programs, the client SHOULD log these events, and MAY notify these
programs of the change through an implementation-specific interface. programs of the change through an implementation-specific interface.
20.3.1. Receipt of Reconfigure messages 19.3.1. Receipt of Reconfigure messages
Upon receipt of a valid Reconfigure message, the client initiates a Upon receipt of a valid Reconfigure message, the client initiates a
transaction with the server. While the transaction is in progress, transaction with the server by sending a Reply or Information-request
the client silently discards any Reconfigure messages it receives. message. While the transaction is in progress, the client silently
discards any Reconfigure messages it receives.
If the client has IAs with addresses that have been assigned by the The client responds with either a Renew message or an
server from which the Reconfigure message was received, the client Information-request message as indicated by the Reconfigure
MUST respond with a Renew message. Otherwise, the client responds Message option (as defined in section 22.20).
with an Information-request message.
DISCUSSION: DISCUSSION:
The Reconfigure message acts as a trigger that signals the The Reconfigure message acts as a trigger that signals the
client to complete a successful message exchange. Once client to complete a successful message exchange. Once
the client has received a Reconfigure, the client proceeds the client has received a Reconfigure, the client proceeds
with the message exchange (retransmitting the Renew or with the message exchange (retransmitting the Renew or
Information-request message if necessary); the client Information-request message if necessary); the client
ignores any additional Reconfigure messages (regardless ignores any additional Reconfigure messages (regardless
of the transaction ID in the Reconfigure message) until of the transaction ID in the Reconfigure message) until
skipping to change at page 51, line 20 skipping to change at page 49, line 20
It might be possible for a duplicate or retransmitted It might be possible for a duplicate or retransmitted
Reconfigure to be sufficiently delayed (and delivered out of Reconfigure to be sufficiently delayed (and delivered out of
order) to arrive at the client after the exchange (initiated order) to arrive at the client after the exchange (initiated
by the original Reconfigure) has been completed. In this by the original Reconfigure) has been completed. In this
case, the client would initiate a redundant exchange. The case, the client would initiate a redundant exchange. The
likelihood of delayed and out of order delivery is small likelihood of delayed and out of order delivery is small
enough to be ignored. The consequence of the redundant enough to be ignored. The consequence of the redundant
exchange is inefficiency rather than incorrect operation. exchange is inefficiency rather than incorrect operation.
20.3.2. Creation and transmission of Renew messages 19.3.2. Creation and transmission of Renew messages
When responding to a Reconfigure, the client creates and sends When responding to a Reconfigure, the client creates and sends
the Renew message in exactly the same manner as outlined in the Renew message in exactly the same manner as outlined in
section 19.1.3, with the exception: if the server included on Option section 18.1.3, with the exception: if the server included on Option
Request option specifying the IA option, the client MUST include IA Request option specifying the IA option, the client MUST include IA
options containing the addresses the client currently has assigned to options containing the addresses the client currently has assigned to
ALL IAs for the interface through which the Reconfigure message was ALL IAs for the interface through which the Reconfigure message was
received. received.
20.3.3. Creation and transmission of Information-request messages 19.3.3. Creation and transmission of Information-request messages
When responding to a Reconfigure, the client creates and sends the When responding to a Reconfigure, the client creates and sends the
Information-request message in exactly the same manner as outlined in Information-request message in exactly the same manner as outlined in
section 19.1.5, with the exception that the client includes a Server section 18.1.5, with the exception that the client includes a Server
Identifier option with the identifier from the Reconfigure message to Identifier option with the identifier from the Reconfigure message to
which the client is responding. which the client is responding.
20.3.4. Time out and retransmission of Renew or Information-request 19.3.4. Time out and retransmission of Renew or Information-request
messages messages
The client uses the same variables and retransmission algorithm as The client uses the same variables and retransmission algorithm as
it does with Renew or Information-request messages generated as part it does with Renew or Information-request messages generated as part
of a client-initiated configuration exchange. See sections 19.1.3 of a client-initiated configuration exchange. See sections 18.1.3
and 19.1.5 for details. and 18.1.5 for details.
20.3.5. Receipt of Reply messages 19.3.5. Receipt of Reply messages
Upon the receipt of a valid Reply message, the client extracts the Upon the receipt of a valid Reply message, the client extracts the
contents of the "options" field, and sets (or resets) configuration contents of the "options" field, and sets (or resets) configuration
parameters appropriately. The client records and updates the parameters appropriately. The client records and updates the
lifetimes for any addresses specified in IAs in the Reply message. lifetimes for any addresses specified in IAs in the Reply message.
If the configuration parameters changed were requested by the
application layer, the client notifies the application layer of the
changes using an implementation-specific interface.
21. Relay Behavior 20. Relay Agent Behavior
For this discussion, the Relay MAY be configured to use a list of For this discussion, the relay agent MAY be configured to use a
server destination addresses, which MAY include unicast addresses, list of server destination addresses, which MAY include unicast
the All_DHCP_Servers multicast address, or other multicast addresses addresses, the All_DHCP_Servers multicast address, or other multicast
selected by the network administrator. If the Relay has not been addresses selected by the network administrator. If the relay agent
explicitly configured, it MUST use the All_DHCP_Servers multicast has not been explicitly configured, it MUST use the All_DHCP_Servers
address as the default. multicast address as the default.
21.1. Relaying of client messages 20.1. Relaying of client messages
When a Relay receives a valid client message, it constructs a When a relay agent receives a valid client message, it constructs
Relay-forward message. The relay places an address with a prefix a Relay-forward message. The relay agent places a global or
assigned to the link on which the client should be assigned an site-scoped address with a prefix assigned to the link on which the
address in the link-address field. This address will be used by the client should be assigned an address in the link-address field. This
server to determine the link from which the client should be assigned address will be used by the server to determine the link from which
an address and other configuration information. the client should be assigned an address and other configuration
information.
If the relay cannot use the address in the link-address field to If the relay agent cannot use the address in the link-address field
identify the interface through which the response to the client will to identify the interface through which the response to the client
be forwarded, the relay MUST include an Interface-id option (see will be forwarded, the relay agent MUST include an Interface-id
section 23.17) in the Relay-forward message. The server will include option (see section 22.19) in the Relay-forward message. The server
the Interface-id option in its Relay-reply message. will include the Interface-id option in its Relay-reply message.
The relay agent puts the client's address in the link-address field
regardless of whether the relay agent includes an Interface-id option
in the Relay-forward message.
The relay copies the source address from the IP datagram in which the The relay agent copies the source address from the IP datagram
message was received from the client into the client-return-address in which the message was received from the client into the
field in the Relay-forward message. client-address field in the Relay-forward message.
The relay constructs a "client-message" option 23.10 that contains The relay agent constructs a Client Message option (see
the entire message from the client in the data field of the section 22.10) that contains the entire message from the client in
option. The relay places the "relay-message" option along with any the data field of the option. The relay agent places the Client
"relay-specific" options in the options field of the Relay-forward Message option along with any "relay agent-specific" options in the
message. The Relay MUST send the Relay-forward message to the list options field of the Relay-forward message. The relay agent sends
of server destination addresses with which it has been configured. the Relay-forward message to the list of server destination addresses
with which it has been configured or to the All_DHCP_Servers address
if it has not been explicitly configured with server destination
addresses.
21.2. Relaying of server messages 20.2. Relaying of server messages
When the relay receives a Relay-reply message, it extracts the server The relay agent processes any other options included in the
message from the "server-message" option. If the Relay-reply message Relay-reply message as appropriate to those options. The relay
includes a Interface-id option, the relay forwards the message from agents then discards those options.
the server to the client on the link identified by the Interface-id
option. Otherwise, the relay forwards the message on the link
identified by the link-address field. In either case, the relay
forwards the message to the address in the client-return-address
field in the Relay-reply message.
22. Authentication of DHCP messages If the Relay-reply message includes a Interface-id option, the relay
agent forwards the message from the server to the client on the link
identified by the Interface-id option. Otherwise, the relay agent
forwards the message on the link identified by the link-address
field.
In either case, the relay agent extracts the server message from the
Server Message option (see section 22.11) and forwards the message to
the address in the client-address field in the Relay-reply message.
21. Authentication of DHCP messages
Some network administrators may wish to provide authentication of Some network administrators may wish to provide authentication of
the source and contents of DHCP messages. For example, clients may the source and contents of DHCP messages. For example, clients may
be subject to denial of service attacks through the use of bogus be subject to denial of service attacks through the use of bogus
DHCP servers, or may simply be misconfigured due to unintentionally DHCP servers, or may simply be misconfigured due to unintentionally
instantiated DHCP servers. Network administrators may wish to instantiated DHCP servers. Network administrators may wish to
constrain the allocation of addresses to authorized hosts to avoid constrain the allocation of addresses to authorized hosts to avoid
denial of service attacks in "hostile" environments where the network denial of service attacks in "hostile" environments where the network
medium is not physically secured, such as wireless networks or medium is not physically secured, such as wireless networks or
college residence halls. college residence halls.
Because of the risk of denial of service attacks against DHCP Because of the risk of denial of service attacks against DHCP
clients, the use of authentication is mandated in Reconfigure clients, the use of authentication is mandated in Reconfigure
messages. A DHCP server MUST include an authentication option in messages. A DHCP server MUST include an authentication option in
Reconfigure messages sent to clients. Reconfigure messages sent to clients.
The DHCP authentication mechanism is based on the design of The DHCP authentication mechanism is based on the design of
authentication for DHCP for IPv4 [8]. authentication for DHCP for IPv4 [6].
22.1. DHCP threat model 21.1. DHCP threat model
The threat to DHCP is inherently an insider threat (assuming a The threat to DHCP is inherently an insider threat (assuming a
properly configured network where DHCPv6 ports are blocked on the properly configured network where DHCPv6 ports are blocked on the
perimeter gateways of the enterprise). Regardless of the gateway perimeter gateways of the enterprise). Regardless of the gateway
configuration, however, the potential attacks by insiders and configuration, however, the potential attacks by insiders and
outsiders are the same. outsiders are the same.
The attack specific to a DHCP client is the possibility of the The attack specific to a DHCP client is the possibility of the
establishment of a "rogue" server with the intent of providing establishment of a "rogue" server with the intent of providing
incorrect configuration information to the client. The motivation incorrect configuration information to the client. The motivation
skipping to change at page 53, line 52 skipping to change at page 52, line 9
The threat specific to a DHCP server is an invalid client The threat specific to a DHCP server is an invalid client
masquerading as a valid client. The motivation for this may be for masquerading as a valid client. The motivation for this may be for
"theft of service", or to circumvent auditing for any number of "theft of service", or to circumvent auditing for any number of
nefarious purposes. nefarious purposes.
The threat common to both the client and the server is the resource The threat common to both the client and the server is the resource
"denial of service" (DoS) attack. These attacks typically involve "denial of service" (DoS) attack. These attacks typically involve
the exhaustion of valid addresses, or the exhaustion of CPU or the exhaustion of valid addresses, or the exhaustion of CPU or
network bandwidth, and are present anytime there is a shared network bandwidth, and are present anytime there is a shared
resource. In current practice, redundancy mitigates DoS attacks the resource.
best.
22.2. Security of messages sent between servers and relay agents 21.2. Security of messages sent between servers and relay agents
Relay agents and servers that choose to exchange messages securely Relay agents and servers that choose to exchange messages securely
use the IPsec mechanisms for IPv6 [10]. The way in which IPsec use the IPsec mechanisms for IPv6 [8]. The way in which IPsec
is employed by relay agents and servers is not specified in this is employed by relay agents and servers is not specified in this
document. document.
22.3. Summary of DHCP authentication 21.3. Summary of DHCP authentication
Authentication of DHCP messages is accomplished through the use of Authentication of DHCP messages is accomplished through the use of
the Authentication option. The authentication information carried the Authentication option (see section 22.12). The authentication
in the Authentication option can be used to reliably identify the information carried in the Authentication option can be used to
source of a DHCP message and to confirm that the contents of the DHCP reliably identify the source of a DHCP message and to confirm that
message have not been tampered with. the contents of the DHCP message have not been tampered with.
The Authentication option provides a framework for multiple The Authentication option provides a framework for multiple
authentication protocols. Two such protocols are defined here. authentication protocols. One such protocols is defined here.
Other protocols defined in the future will be specified in separate Other protocols defined in the future will be specified in separate
documents. documents.
The protocol field in the Authentication option identifies the The protocol field in the Authentication option identifies the
specific protocol used to generate the authentication information specific protocol used to generate the authentication information
carried in the option. The algorithm field identifies a specific carried in the option. The algorithm field identifies a specific
algorithm within the authentication protocol; for example, the algorithm within the authentication protocol; for example, the
algorithm field specifies the hash algorithm used to generate the algorithm field specifies the hash algorithm used to generate the
message authentication code (MAC) in the authentication option. The message authentication code (MAC) in the authentication option. The
replay detection method (RDM) field specifies the type of replay replay detection method (RDM) field specifies the type of replay
detection used in the replay detection field. detection used in the replay detection field.
22.4. Replay detection 21.4. Replay detection
The Replay Detection Method (RDM) field determines the type of replay The Replay Detection Method (RDM) field determines the type of replay
detection used in the Replay Detection field. detection used in the Replay Detection field.
If the RDM field contains 0x00, the replay detection field MUST be If the RDM field contains 0x00, the replay detection field MUST
set to the value of a monotonically increasing counter. Using a be set to the value of a monotonically increasing counter. Using
counter value such as the current time of day (e.g., an NTP-format a counter value such as the current time of day (for example, an
timestamp [12]) can reduce the danger of replay attacks. This method NTP-format timestamp [10]) can reduce the danger of replay attacks.
MUST be supported by all protocols. This method MUST be supported by all protocols.
22.5. Configuration token protocol
If the protocol field is 0, the authentication information field
holds a simple configuration token. The configuration token is an
opaque, unencoded value known to both the sender and receiver. The
sender inserts the configuration token in the DHCP message and the
receiver matches the token from the message to the shared token. If
the configuration option is present and the token from the message
does not match the shared token, the receiver MUST discard the
message.
Configuration token may be used to pass a plain-text configuration
token and provides only weak entity authentication and no message
authentication. This protocol is only useful for rudimentary
protection against inadvertently instantiated DHCP servers.
DISCUSSION:
The intent here is to pass a constant, non-computed token
such as a plain-text password. Other types of entity
authentication using computed tokens such as Kerberos
tickets or one-time passwords will be defined as separate
protocols.
22.6. Delayed authentication protocol 21.5. Delayed authentication protocol
If the protocol field is 1, the message is using the "delayed If the protocol field is 1, the message is using the "delayed
authentication" mechanism. In delayed authentication, the client authentication" mechanism. In delayed authentication, the client
requests authentication in its Solicit message and the server replies requests authentication in its Solicit message and the server replies
with an Advertise message that includes authentication information. with an Advertise message that includes authentication information.
This authentication information contains a nonce value generated by This authentication information contains a nonce value generated by
the source as a message authentication code (MAC) to provide message the source as a message authentication code (MAC) to provide message
authentication and entity authentication. authentication and entity authentication.
The use of a particular technique based on the HMAC protocol [11] The use of a particular technique based on the HMAC protocol [9]
using the MD5 hash [20] is defined here. using the MD5 hash [18] is defined here.
22.6.1. Management issues in the delayed authentication protocol 21.5.1. Management issues in the delayed authentication protocol
The "delayed authentication" protocol does not attempt to address The "delayed authentication" protocol does not attempt to address
situations where a client may roam from one administrative domain situations where a client may roam from one administrative domain
to another, i.e. interdomain roaming. This protocol is focused on to another, i.e. interdomain roaming. This protocol is focused on
solving the intradomain problem where the out-of-band exchange of a solving the intradomain problem where the out-of-band exchange of a
shared secret is feasible. shared key is feasible.
22.6.2. Use of the Authentication option in the delayed authentication 21.5.2. Use of the Authentication option in the delayed authentication
protocol protocol
In a Solicit message, the Authentication option carries the Protocol, In a Solicit message, the Authentication option carries the Protocol,
Algorithm, RDM and Replay detection fields, but no Authentication Algorithm, RDM and Replay detection fields, but no Authentication
information. information.
In an Advertise, Request, Renew, Rebind, Confirm, Decline, Release In an Advertise, Request, Renew, Rebind, Confirm, Decline, Release
or Information-request message, the Authentication option carries or Information-request message, the Authentication option carries
the Protocol, Algorithm, RDM and Replay detection fields and the Protocol, Algorithm, RDM and Replay detection fields and
Authentication information. Authentication information.
The format of the Authentication information is: A DHCP message MUST NOT contain more than one Authentication option
when using the delayed authentication protocol. The Authentication
option should appear as close to the beginning of the options area
in the DHCP message to facilitate processing of the authentication
information.The format of the Authentication information is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Secret ID (32 bits) | | Key ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| HMAC-MD5 (128 bits) | | HMAC-MD5 |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The following definitions will be used in the description of the The following definitions will be used in the description of the
authentication information for delayed authentication, algorithm 1: authentication information for delayed authentication, algorithm 1:
Replay Detection - as defined by the RDM field Replay Detection - as defined by the RDM field
K - a secret value shared between the source and K - a key (secret value) shared
destination of the message; each secret has a between the source and
unique identifier (secret ID) destination of the message;
secret ID - the unique identifier for the secret value each key has a unique
identifier (key ID)
key ID - the unique identifier for the key value
used to generate the MAC for this message used to generate the MAC for this message
HMAC-MD5 - the MAC generating function. HMAC-MD5 - the MAC generating function.
The sender computes the MAC using the HMAC generation algorithm [11] The sender computes the MAC using the HMAC generation algorithm [9]
and the MD5 hash function [20]. The entire DHCP message (except and the MD5 hash function [18]. The entire DHCP message (except
the MAC field of the authentication option itself), including the the MAC field of the authentication option itself), including the
DHCP message header and the options field, is used as input to the DHCP message header and the options field, is used as input to the
HMAC-MD5 computation function. The 'secret ID' field MUST be set to HMAC-MD5 computation function. The 'key ID' field MUST be set to the
the identifier of the secret used to generate the MAC. identifier of the key used to generate the MAC.
DISCUSSION: DISCUSSION:
Algorithm 1 specifies the use of HMAC-MD5. Use of a Algorithm 1 specifies the use of HMAC-MD5. Use of a
different technique, such as HMAC-SHA, will be specified as different technique, such as HMAC-SHA, will be specified as
a separate protocol. a separate protocol.
Delayed authentication requires a shared secret key for each Delayed authentication requires a shared secret key for each
client on each DHCP server with which that client may wish client on each DHCP server with which that client may wish
to use the DHCP protocol. Each secret key has a unique to use the DHCP protocol. Each key has a unique identifier
identifier that can be used by a receiver to determine which that can be used by a receiver to determine which key was
secret was used to generate the MAC in the DHCP message. used to generate the MAC in the DHCP message. Therefore,
Therefore, delayed authentication may not scale well in an delayed authentication may not scale well in an architecture
architecture in which a DHCP client connects to multiple in which a DHCP client connects to multiple administrative
administrative domains. domains.
22.6.3. Message validation 21.5.3. Message validation
To validate an incoming message, the receiver first checks that To validate an incoming message, the receiver first checks that
the value in the replay detection field is acceptable according the value in the replay detection field is acceptable according to
to the replay detection method specified by the RDM field. Next, the replay detection method specified by the RDM field. Next, the
the receiver computes the MAC as described in [11]. The receiver receiver computes the MAC as described in [9]. The entire DHCP
MUST set the 'MAC' field of the authentication option to all 0s for message (except the MAC field of the authentication option itself),
computation of the MAC. If the MAC computed by the receiver does not is used as input to the HMAC-MDS computation function. If the MAC
match the MAC contained in the authentication option, the receiver computed by the receiver does not match the MAC contained in the
MUST discard the DHCP message. authentication option, the receiver MUST discard the DHCP message.
22.6.4. Key utilization 21.5.4. Key utilization
Each DHCP client has a key, K. The client uses its key to encode Each DHCP client has a key, K. The client uses its key to encode
any messages it sends to the server and to authenticate and verify any messages it sends to the server and to authenticate and verify
any messages it receives from the server. The client's key SHOULD any messages it receives from the server. The client's key SHOULD
be initially distributed to the client through some out-of-band be initially distributed to the client through some out-of-band
mechanism, and SHOULD be stored locally on the client for use in all mechanism, and SHOULD be stored locally on the client for use in all
authenticated DHCP messages. Once the client has been given its key, authenticated DHCP messages. Once the client has been given its key,
it SHOULD use that key for all transactions even if the client's it SHOULD use that key for all transactions even if the client's
configuration changes; e.g., if the client is assigned a new network configuration changes; for example, if the client is assigned a new
address. network address.
Each DHCP server MUST know, or be able to obtain in a secure manner, Each DHCP server MUST know, or be able to obtain in a secure manner,
the keys for all authorized clients. If all clients use the same the keys for all authorized clients. If all clients use the same
key, clients can perform both entity and message authentication for key, clients can perform both entity and message authentication for
all messages received from servers. However, the sharing of keys all messages received from servers. However, the sharing of keys
is strongly discouraged as it allows for unauthorized clients to is strongly discouraged as it allows for unauthorized clients to
masquerade as authorized clients by obtaining a copy of the shared masquerade as authorized clients by obtaining a copy of the shared
key. To authenticate the identity of individual clients, each client key and allows for trivial spoofing of an authenticated DHCP server.
MUST be configured with a unique key. To authenticate the identity of individual clients, each client must
be configured with a unique key.
22.6.5. Client considerations for delayed authentication protocol 21.5.5. Client considerations for delayed authentication protocol
22.6.5.1. Sending Solicit messages 21.5.5.1. Sending Solicit messages
When the client sends a Solicit message and wishes to use When the client sends a Solicit message and wishes to use
authentication, it includes an Authentication option with the desired authentication, it includes an Authentication option with the desired
protocol, algorithm, RDM and replay detection field as described protocol, algorithm, RDM and replay detection field as described
in section 22.6. The client does not include any authentication in section 21.5. The client does not include any authentication
information in the Authentication option. information in the Authentication option.
22.6.5.2. Receiving Advertise messages 21.5.5.2. Receiving Advertise messages
The client validates any Advertise messages containing an The client validates any Advertise messages containing an
Authentication option specifying the delayed authentication protocol Authentication option specifying the delayed authentication protocol
using the validation test described in section 22.6.3. using the validation test described in section 21.5.3.
Client behavior if no Advertise messages include authentication Client behavior if no Advertise messages include authentication
information or pass the validation test is controlled by local policy information or pass the validation test is controlled by local policy
on the client. According to client policy, the client MAY choose to on the client. According to client policy, the client MAY choose to
respond to a Advertise message that has not been authenticated. respond to a Advertise message that has not been authenticated.
The decision to set local policy to accept unauthenticated messages The decision to set local policy to accept unauthenticated messages
should be made with care. Accepting an unauthenticated Advertise should be made with care. Accepting an unauthenticated Advertise
message can make the client vulnerable to spoofing and other message can make the client vulnerable to spoofing and other
attacks. If local users are not explicitly informed that the client attacks. If local users are not explicitly informed that the client
has accepted an unauthenticated Advertise message, the users may has accepted an unauthenticated Advertise message, the users may
incorrectly assume that the client has received an authenticated incorrectly assume that the client has received an authenticated
address and is not subject to DHCP attacks through unauthenticated address and is not subject to DHCP attacks through unauthenticated
messages. messages.
A client MUST be configurable to discard unauthenticated messages, A client MUST be configurable to discard unauthenticated messages,
and SHOULD be configured by default to discard unauthenticated and SHOULD be configured by default to discard unauthenticated
messages. A client MAY choose to differentiate between Advertise messages if the client has been configured with an authentication
messages with no authentication information and Advertise messages key or other authentication information. A client MAY choose to
that do not pass the validation test; for example, a client might differentiate between Advertise messages with no authentication
accept the former and discard the latter. If a client does accept an information and Advertise messages that do not pass the validation
unauthenticated message, the client SHOULD inform any local users and test; for example, a client might accept the former and discard the
SHOULD log the event. latter. If a client does accept an unauthenticated message, the
client SHOULD inform any local users and SHOULD log the event.
22.6.5.3. Sending Request, Confirm, Renew, Rebind, Decline or Release 21.5.5.3. Sending Request, Confirm, Renew, Rebind, Decline or Release
messages messages
If the client authenticated the Advertise message through which the If the client authenticated the Advertise message through which the
client selected the server, the client MUST generate authentication client selected the server, the client MUST generate authentication
information for subsequent Request, Confirm, Renew, Rebind or Release information for subsequent Request, Confirm, Renew, Rebind or Release
messages sent to the server as described in section 22.6. When the messages sent to the server as described in section 21.5. When the
client sends a subsequent message, it MUST use the same secret used client sends a subsequent message, it MUST use the same key used by
by the server to generate the authentication information. the server to generate the authentication information.
22.6.5.4. Sending Information-request messages 21.5.5.4. Sending Information-request messages
If the client has negotiated a secret with the server through a If the server has selected a key for the client in a previous message
previous message exchange, the client MUST use the same secret used exchange (see section 21.5.6.1, the client MUST use the same key
by the server to generate the authentication information. If the to generate the authentication information. If the client has not
client has not negotiated a secret with the server, the client MUST previously been given a key with the server, the client MUST use
use a secret that has been selected for the client through some a key that has been selected for the client through some external
external mechanism. mechanism.
22.6.5.5. Receiving Reply messages 21.5.5.5. Receiving Reply messages
If the client authenticated the Advertise it accepted, the client If the client authenticated the Advertise it accepted, the client
MUST validate the associated Reply message from the server. The MUST validate the associated Reply message from the server. The
client MUST discard the Reply if the message fails to pass validation client MUST discard the Reply if the message fails to pass validation
and MAY log the validation failure. If the Reply fails to pass and MAY log the validation failure. If the Reply fails to pass
validation, the client MUST restart the DHCP configuration process by validation, the client MUST restart the DHCP configuration process by
sending a Solicit message. The client MAY choose to remember which sending a Solicit message. The client MAY choose to remember which
server replied with a Reply message that failed to pass validation server replied with a Reply message that failed to pass validation
and discard subsequent messages from that server. and discard subsequent messages from that server.
If the client accepted an Advertise message that did not include If the client accepted an Advertise message that did not include
authentication information or did not pass the validation test, the authentication information or did not pass the validation test, the
client MAY accept an unauthenticated Reply message from the server. client MAY accept an unauthenticated Reply message from the server.
22.6.5.6. Receiving Reconfigure messages 21.5.5.6. Receiving Reconfigure messages
The client MUST validate the Reconfigure message from the server.
The client MUST discard the Reconfigure if the message fails to pass The client MUST discard the Reconfigure if the message fails to pass
validation and MAY log the validation failure. validation and MAY log the validation failure.
22.6.6. Server considerations for delayed authentication protocol 21.5.6. Server considerations for delayed authentication protocol
22.6.6.1. Receiving Solicit messages and Sending Advertise messages 21.5.6.1. Receiving Solicit messages and Sending Advertise messages
The server selects a secret for the client and includes The server selects a key for the client and includes authentication
authentication information in the Advertise message returned to the information in the Advertise message returned to the client as
client as specified in section 22.6. The server MUST record the specified in section 21.5. The server MUST record the identifier of
identifier of the secret selected for the client and use that same the key selected for the client and use that same key for validating
secret for validating subsequent messages with the client. subsequent messages with the client.
22.6.6.2. Receiving Request, Confirm, Renew, Rebind or Release messages 21.5.6.2. Receiving Request, Confirm, Renew, Rebind or Release messages
and Sending Reply messages and Sending Reply messages
The server uses the secret identified in the message and validates The server uses the key identified in the message and validates the
the message as specified in section 22.6.3. If the message fails to message as specified in section 21.5.3. If the message fails to pass
pass validation or the server does not know the secret identified by validation or the server does not know the key identified by the 'key
the 'secret ID' field, the server MUST discard the message and MAY ID' field, the server MUST discard the message and MAY choose to log
choose to log the validation failure. the validation failure.
If the message passes the validation procedure, the server responds If the message passes the validation procedure, the server responds
to the specific message as described in section 19.2. The server to the specific message as described in section 18.2. The server
MUST include authentication information generated using the secret MUST include authentication information generated using the key
identified in the received message as specified in section 22.6. identified in the received message as specified in section 21.5.
22.6.6.3. Sending Reconfigure messages 21.5.6.3. Sending Reconfigure messages
The server MUST include authentication information in a Reconfigure The server MUST include an Authentication option in a Reconfigure
message, generated as specified in section 22.6 using the secret the message, generated as specified in section 21.5 using the key the
server initially negotiated with the client to which the Reconfigure server initially selected for the client to which the Reconfigure
message is to be sent. message is to be sent.
If the server has not previously negotiated a secret with the client, If the server has not previously selected a key for the client, the
the server MUST use a secret that has been selected for the client server MUST use a key that has been selected for the client through
through some external mechanism. some external mechanism.
23. DHCP options 22. DHCP options
Options are used to carry additional information and parameters Options are used to carry additional information and parameters
in DHCP messages. Every option shares a common base format, as in DHCP messages. Every option shares a common base format, as
described in section 23.1. All values in options is represented in described in section 22.1. All values in options are represented in
network order. network order.
This document describes the DHCP options defined as part of the base This document describes the DHCP options defined as part of the base
DHCP specification. Other options may be defined in the future in a DHCP specification. Other options may be defined in the future in
separate document. separate documents.
23.1. Format of DHCP options Unless otherwise noted, each option may appear only in the options
area of a DHCP message and may appear only once. If an option does
appear multiple times, each instance is considered separate and the
data areas of the options MUST NOT be concatenated or otherwise
combined.
22.1. Format of DHCP options
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| option-code | option-len | | option-code | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| option-data | | option-data |
| (option-len octets) | | (option-len octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 60, line 39 skipping to change at page 58, line 30
option-len An unsigned integer giving the length of the option-len An unsigned integer giving the length of the
option-data field in this option in octets. option-data field in this option in octets.
option-data The data for the option; the format of this data option-data The data for the option; the format of this data
depends on the definition of the option. depends on the definition of the option.
DHCPv6 options are scoped by using encapsulation. Some options apply DHCPv6 options are scoped by using encapsulation. Some options apply
generally to the client, some are specific to an IA, and some are generally to the client, some are specific to an IA, and some are
specific to the addresses within an IA. These latter two cases are specific to the addresses within an IA. These latter two cases are
discussed in sections 23.4 and 23.5. discussed in sections 22.4 and 22.6.
23.2. Client Identifier option 22.2. Client Identifier option
The Client Identifier option is used to carry a DUID identifying a The Client Identifier option is used to carry a DUID identifying a
client between a client and a server. The Client Identifier option client between a client and a server. The Client Identifier option
MUST appear before any IA options in the DHCP message. The format of MUST appear before any IA options in the DHCP message. The format of
the DUID option is: the Client Identifier option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_CLIENTID | option-len | | OPTION_CLIENTID | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. DUID . . DUID .
. (variable length) . . (variable length) .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_CLIENTID (TBD) option-code OPTION_CLIENTID (1)
option-len Length of DUID in octets option-len Length of DUID in octets
option-data The DUID for the client DUID The DUID for the client
23.3. Server Identifier option 22.3. Server Identifier option
The Server Identifier option is used to carry a DUID identifying The Server Identifier option is used to carry a DUID identifying
a server between a client and a server. The format of the Server a server between a client and a server. The format of the Server
Identifier option is: Identifier option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_SERVERID | option-len | | OPTION_SERVERID | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. DUID . . DUID .
. (variable length) . . (variable length) .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_SERVERID (TBD) option-code OPTION_SERVERID (2)
option-len Length of DUID in octets option-len Length of DUID in octets
option-data The DUID for the server DUID The DUID for the server
23.4. Identity association option 22.4. Identity Association option
The identity association option is used to carry an identity The Identity Association option (IA option) is used to carry an
association, the parameters associated with the IA and the addresses identity association, the parameters associated with the IA and the
assigned to the IA. addresses associated with the IA.
Addresses appearing in an IA option are not temporary addresses (see
section 22.5).
The format of the IA option is: The format of the IA option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION IA | option-len | | OPTION_IA | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IAID (4 octets) | | IAID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| T1 | | T1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| T2 | | T2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IA Status | | | |
+-+-+-+-+-+-+-+-+ | . IA-options .
. Options .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_IA (TBD) option-code OPTION_IA (3)
option-len See section 23. option-len 12 + length of IA-options field
IAID The unique identifier for this IA. IAID The unique identifier for this IA; the IAID
must be unique among the identifiers for all
of this client's IAs. The number space for
IA IAIDs is separate from the number space
for IA_TA IAIDs.
T1 The time at which the client contacts the T1 The time at which the client contacts the
server from which the addresses in the IA server from which the addresses in the IA
were obtained to extend the lifetimes of the were obtained to extend the lifetimes of
addresses assigned to the IA. the addresses assigned to the IA; T1 is a
time duration relative to the current time
expressed in units of seconds
T2 The time at which the client contacts any T2 The time at which the client contacts any
available server to extend the lifetimes of available server to extend the lifetimes of
the addresses assigned to the IA. the addresses assigned to the IA; T2 is a
time duration relative to the current time
expressed in units of seconds
IA status Status of the IA in this option. IA-options Options associated with this IA.
options Options associated with this IA. The IA-options field encapsulates those options that are specific
to this IA. For example, all of the IA Address Options carrying the
addresses associated with this IA are in the IA-options field.
The Options field encapsulates those options that are specific An IA option may only appear in the options area of a DHCP message.
to this IA. For example, all of the Address Options carrying the A DHCP message may contain multiple IA options.
addresses associated with this IA are in the Options field.
The status of any operations involving this IA is indicated in a
Status Code option in the IA-options field.
Note that an IA has no explicit "lifetime" or "lease length" of Note that an IA has no explicit "lifetime" or "lease length" of
its own. When the lifetimes of all of the addresses in an IA have its own. When the lifetimes of all of the addresses in an IA have
expired, the IA can be considered as having expired. T1 and T2 expired, the IA can be considered as having expired. T1 and T2
are included to give servers explicit control over when a client are included to give servers explicit control over when a client
recontacts the server about a specific IA. recontacts the server about a specific IA.
In a message sent by a client to a server, values in the T1 and In a message sent by a client to a server, values in the T1 and
T2 fields indicate the client's preference for those parameters. T2 fields indicate the client's preference for those parameters.
The client may send 0 if it has no preference for T1 and T2. In a The client may send 0 if it has no preference for T1 and T2. In a
message sent by a server to a client, the client MUST use the values message sent by a server to a client, the client MUST use the values
in the T1 and T2 fields for the T1 and T2 parameters. The values in in the T1 and T2 fields for the T1 and T2 parameters. The values in
the T1 and T2 fields are the number of seconds until T1 and T2. the T1 and T2 fields are the number of seconds until T1 and T2.
The server MUST set the T1 and T2 times to values that will allow The server selects the T1 and T2 times to allow the client to extend
the client to extend as appropriate the lifetimes of any addresses the lifetimes of any addresses in the IA before the lifetimes expire,
in the IA. If the server does not intend for a client to extend the even if the server is unavailable for some short period of time.
lifetimes of a particular address in an IA, the server MAY set the Recommended values for T1 and T2 are .5 and .8 times the shortest
renewal time values to occur after the lifetimes on that address preferred lifetime of the addresses in the IA, respectively. If the
expire. server does not intend for a client to extend the lifetimes of the
addresses in an IA, the server sets T1 and T2 to 0.
T1 is the time at which the client SHOULD begin the lifetime T1 is the time at which the client begins the lifetime extension
extension process by sending a Renew message to the server that process by sending a Renew message to the server that originally
originally assigned the addresses to the IA. T2 is the time at which assigned the addresses to the IA. T2 is the time at which the client
the client SHOULD start sending a Rebind message to any server. A starts sending a Rebind message to any server.
client MAY begin the lifetime extension process prior to T1 if it
needs additional addresses for some reason.
T1 and T2 are specified as unsigned integers that specify the time T1 and T2 are specified as unsigned integers that specify the time
in seconds relative to the time at which the messages containing the in seconds relative to the time at which the messages containing the
option is received. option is received.
23.5. IA Address option 22.5. Identity Association for Temporary Addresses option
The Identity Association for Temporary Addresses (IA_TA) option is
used to carry an IA, the parameters associated with the IA and the
addresses associated with the IA. All of the addresses in this option
are used by the client as temporary addresses, as defined in RFC
3041.
The format of the IA_TA option is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_IA_TA | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IAID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. IA-options .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_IA_TA (4)
option-len 4 + length of IA-options field
IAID The unique identifier for this IA; the IAID
must be unique among the identifiers for all
of this client's IAs. The number space for
IA_TA IAIDs is separate from the number space
for IA IAIDs.
IA-options Options associated with this IA.
The IA-Options field encapsulates those options that are specific
to this IA. For example, all of the IA Address Options carrying the
addresses associated with this IA are in the IA-options field.
Each IA_TA carries one "set" of temporary addresses; that is, at most
one address from each prefix assigned to the link to which the client
is attached.
An IA_TA option may only appear in the options area of a DHCP
message. A DHCP message may contain multiple IA_TA options.
The status of any operations involving this IA is indicated in a
Status Code option in the IA-options field.
Note that an IA has no explicit "lifetime" or "lease length" of
its own. When the lifetimes of all of the addresses in an IA have
expired, the IA can be considered as having expired.
A server MUST return the same set of temporary address for the same
IA_TA (as identified by the IAID) as long as those addresses are
still valid. After the lifetimes of the addresses in an IA_TA have
expired, the IAID may be reused to identify a new IA_TA with new
temporary addresses.
An identity association for temporary addresses option MUST NOT
appear in a Renew or Rebind message. This option MAY appear in a
Confirm message if the lifetimes on the temporary addresses in the
associated IA have not expired.
22.6. IA Address option
The IA Address option is used to specify IPv6 addresses associated The IA Address option is used to specify IPv6 addresses associated
with an IA. The IA Address option must be encapsulated in the with an IA. The IA Address option must be encapsulated in the
Options field of an Identity Association option. The Options field Options field of an Identity Association option. The Options field
encapsulates those options that are specific to this address. encapsulates those options that are specific to this address.
The format of the IA Address option is: The format of the IA Address option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_IAADDR | option-len | | OPTION_IAADDR | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|T| addr status | prefix length | | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| IPv6 address | | IPv6 address |
| (16 octets) | | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |
| | preferred lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| pref. lifetime (cont.) | valid lifetime | | preferred-lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| valid-lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| valid lifetime (cont.) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
. . . .
. Options . . IAaddr-options .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_IADDR (TBD) option-code OPTION_IADDR (5)
option-len See section 23.
T When set to 1, indicates that this address is a
"temporary address" [16]; when set to 0, the address
is not a temporary address.
addr status Status of this address in this IA.
prefix length Prefix length for this address. option-len 24 + length of IAaddr-options field
IPv6 address An IPv6 address IPv6 address An IPv6 address
preferred lifetime The preferred lifetime for the IPv6 address in preferred-lifetime The preferred lifetime for the IPv6 address in
the option. the option, expressed in units of seconds
valid lifetime The valid lifetime for the IPv6 address in the valid-lifetime The valid lifetime for the IPv6 address in the
option option, expressed in units of seconds
options Options associated with this address IAaddr-options Options associated with this address
In a message sent by a client to a server, values in the preferred In a message sent by a client to a server, values in the preferred
and valid lifetime fields indicate the client's preference for those and valid lifetime fields indicate the client's preference for those
parameters. The client may send 0 if it has no preference for the parameters. The client may send 0 if it has no preference for the
preferred and valid lifetimes. In a message sent by a server to a preferred and valid lifetimes. In a message sent by a server to a
client, the client MUST use the values in the preferred and valid client, the client MUST use the values in the preferred and valid
lifetime fields for the preferred and valid lifetimes. The values in lifetime fields for the preferred and valid lifetimes. The values in
the preferred and valid lifetimes are the number of seconds remaining the preferred and valid lifetimes are the number of seconds remaining
in each lifetime. in each lifetime.
One or more IA Address Options can appear anywhere in an IA option. An IA Address option may appear only in an IA option or an IA_TA
option. More than one IA Address Options can appear in an IA option
23.6. Requested Temporary Addresses (RTA) Option or an IA_TA option.
The Requested Temporary Addresses (RTA) option is used by a client to
request a server to assign additional temporary addresses to an IA.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_RTA | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| num-requested |
+-+-+-+-+-+-+-+-+
option-code OPTION_RTA (TBD)
option-len See section 23.
num-requested The number of additional temporary addresses the
client is requesting. This is an unsigned value.
This option MUST only be sent by a client and only in a Solicit, The status of any operations involving this IA Address is indicated
Request, Renew, or Rebind message. It MUST only appear encapsulated in a Status Code option in the IAaddr-options field.
within an Identity association option. A client MUST only include
this option when it wants to have additional temporary address
allocated; a client SHOULD NOT send this option if 'num-requested' is
0.
23.7. Option Request option 22.7. Option Request option
The Option Request option is used to identify a list of options in a The Option Request option is used to identify a list of options in a
message between a client and a server. message between a client and a server.
The format of the Option Request option is: The format of the Option Request option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_ORO | option-len | | OPTION_ORO | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| requested-option-code-1 | requested-option-code-2 | | requested-option-code-1 | requested-option-code-2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | | ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_ORO (TBD) option-code OPTION_ORO (6)
option-len See section 23. option-len 2 * number of requested options
requested-option-code-n The option code for an option requested by requested-option-code-n The option code for an option requested by
the client. the client.
A client MAY include an Option Request option in a Solicit, Request, A client MAY include an Option Request option in a Solicit, Request,
Renew, Rebind, Confirm or Information-request message to inform the Renew, Rebind, Confirm or Information-request message to inform the
server about options the client wants the server to send to the server about options the client wants the server to send to the
client. client.
23.8. Preference option 22.8. Preference option
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_PREFERENCE | option-len | | OPTION_PREFERENCE | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| pref value | | pref-value |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
option-code OPTION_PREFERENCE (TBD) option-code OPTION_PREFERENCE (7)
option-len 1.
option-len See section 23.
pref value The preference value for the server in this message. pref-value The preference value for the server in this message.
A server MAY include a Preference option in an Advertise message to A server MAY include a Preference option in an Advertise message to
control the selection of a server by the client. See section 18.1.3 control the selection of a server by the client. See section 17.1.3
for the use of the Preference option by the client and the for the use of the Preference option by the client and the
interpretation of Preference option data value. interpretation of Preference option data value.
23.9. Elapsed Time 22.9. Elapsed Time
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_ELAPSED_TIME | option-len | | OPTION_ELAPSED_TIME | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| elapsed time | | elapsed-time |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_ELAPSED_TIME (TBD) option-code OPTION_ELAPSED_TIME (8)
option-len See section 23. option-len 2.
elapsed time The amount of time since the client began its elapsed-time The amount of time since the client began its
current DHCP transaction. This time is expressed in current DHCP transaction. This time is expressed in
hundredths of a second (10^-2 seconds). hundredths of a second (10^-2 seconds).
A client MAY include an Elapsed Time option in messages to indicate A client SHOULD include an Elapsed Time option in messages to
how long the client has been trying to complete a DHCP transaction. indicate how long the client has been trying to complete a DHCP
Servers and Relay Agents MAY use the data value in this option transaction. Servers and Relay Agents use the data value in this
as input to policy controlling how a server responds to a client option as input to policy controlling how a server responds to a
message. client message. For example, the elapsed time option allows a
secondary DHCP server to respond to a request when a primary server
hasn't answered in a reasonable time.
23.10. Client message option 22.10. Client message option
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_CLIENT_MSG | option-len | | OPTION_CLIENT_MSG | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
. DHCP client message . . DHCP-client-message .
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_CLIENT_MSG (TBD) option-code OPTION_CLIENT_MSG (9)
option-len See section 23. option-len Length of DHCP client message.
DHCP client message The message received from the client; DHCP-client-message The message received from the client;
forwarded verbatim to the server. forwarded verbatim to the server.
A relay agent forwards a message from a client to a server as the A relay agent forwards a message from a client to a server as the
contents of a Client Message option in a Relay-forward message. contents of a Client Message option in a Relay-forward message.
23.11. Server message option 22.11. Server message option
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_SERVER_MSG | option-len | | OPTION_SERVER_MSG | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
. DHCP server message . . DHCP-server-message .
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_SERVER_MSG (TBD) option-code OPTION_SERVER_MSG (10)
option-len See section 23. option-len Length of DHCP server message.
DHCP server message The message received from the server; DHCP-server-message The message received from the server;
forwarded verbatim to the client. forwarded verbatim to the client.
A server sends a DHCP message to be forwarded to a client by a relay A server sends a DHCP message to be forwarded to a client by a relay
agent as the contents of a Server Message option in a Relay-reply agent as the contents of a Server Message option in a Relay-reply
message. message.
23.12. Authentication option 22.12. Authentication option
The Authentication option carries authentication information to The Authentication option carries authentication information to
authenticate the identity and contents of DHCP messages. The use of authenticate the identity and contents of DHCP messages. The
the Authentication option is described in section 22. If present, use of the Authentication option is described in section 21. If
the Authentication option MUST appear as the first option in the DHCP the Authentication option appears in a DHCP message, it should be
message. included as close to the beginning of the options field as possible
for improved efficiency of authentication processing.
The format of the Authentication option is: The format of the Authentication option is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_AUTH | option-len | | OPTION_AUTH | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Protocol | Algorithm | RDM | Replay detect.| | Protocol | Algorithm | RDM | Replay detect.|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay Detection (64 bits) | | Replay Detection (64 bits) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay cont. | Auth. Info | | Replay cont. | Auth. Info |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Authentication Information | | Authentication Information |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_AUTH (TBD) option-code OPTION_AUTH (11)
option-len See section 23. option-len 12 + length of Authentication
Information field
protocol The authentication protocol used in protocol The authentication protocol used in
this authentication option this authentication option
algorithm The algorithm used in the algorithm The algorithm used in the
authentication protocol authentication protocol
RDM The replay detection method used in RDM The replay detection method used in
this authentication option this authentication option
Replay detection The replay detection information for Replay detection The replay detection information for
the RDM the RDM
Authentication information The authentication information, Authentication information The authentication information,
as specified by the protocol and as specified by the protocol and
algorithm used in this authentication algorithm used in this authentication
option option
23.13. Server unicast option 22.13. Server unicast option
The server MAY send this option to a client to indicate to the client The server sends this option to a client to indicate to the client
that is allowed to unicast messages to the server. The server that it is allowed to unicast messages to the server. The server
specifies the IPv6 address to which the client is to send unicast specifies the IPv6 address to which the client is to send unicast
messages in the server-address field. When a client receives this messages in the server-address field. When a client receives this
option, where permissible, the client MAY send messages directly to option, where permissible and appropriate, the client sends messages
the server using the IPv6 address specified in the server-address directly to the server using the IPv6 address specified in the
field of the option. server-address field of the option.
Details about when the client may send messages to the server using Details about when the client may send messages to the server using
unicast are in section 19. unicast are in section 18.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_UNICAST | option-len | | OPTION_UNICAST | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| server-address | | server-address |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_UNICAST (TBD) option-code OPTION_UNICAST (12)
option-len See section 23. option-len 16
server-address The IP address to which the client should send server-address The IP address to which the client should send
messages delivered using unicast messages delivered using unicast
23.14. Status Code Option 22.14. Status Code Option
This option returns a status indication related to the DHCP message This option returns a status indication related to the DHCP message
in which it appears. or option in which it appears.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_STATUS_CODE | option-len | | OPTION_STATUS_CODE | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| status-code | status-message | | status-code | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| ... | . .
. status-message .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_STATUS_CODE (TBD) option-code OPTION_STATUS_CODE (13)
option-len 2 + length of status-message
option-len See section 23.
status-code The numeric code for the status encoded in status-code The numeric code for the status encoded in
this option. The status codes are defined in this option. The status codes are defined in
section 7.4. section 5.5.
status-message A UTF-8 encoded text string, which MUST NOT status-message A UTF-8 encoded text string, which MUST NOT
be null-terminated. be null-terminated.
23.15. User Class Option A Status Code option may appear in a DHCP message option, or in the
options area of another option.
22.15. Rapid Commit option
A client MAY include this option in a Solicit message if the client
is prepared to perform the Solicit-Reply message exchange described
in section 17.1.1.
A server MUST include this option in a Reply message sent in response
to a Solicit message when completing the Solicit-Reply message
exchange.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_RAPID_COMMIT | 0 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_RAPID_COMMIT (14)
option-len 0
22.16. User Class Option
This option is used by a client to identify the type or category of This option is used by a client to identify the type or category of
user or applications it represents. The information contained in the user or applications it represents. The information contained in the
data area of this option is contained in one or more opaque fields data area of this option is contained in one or more opaque fields
that represent the user class or classes of which the client is a that represent the user class or classes of which the client is a
member. The user class information carried in this option MUST be member. The user class information carried in this option MUST be
configurable on the client. configurable on the client.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_USER_CLASS | option-len | | OPTION_USER_CLASS | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| user class data | . .
| . . . | . user-class-data .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_USER_CLASS (15)
option-code TBD option-len Length of user class data field
option-len See section 23.
user class data The user classes carried by the client. user-class-data The user classes carried by the client.
The data area of the user class option MUST contain one or more The data area of the user class option MUST contain one or more
instances of user class data. Each instance of the user class data instances of user class data. Each instance of the user class data
is formatted as follows: is formatted as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
| user class len | user class data | | user-class-len | opaque-data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
The user class len is two octets long and specifies the length of the The user-class-len is two octets long and specifies the length of the
opaque user class data in network order. opaque user class data in network order.
Servers can interpret the meanings of multiple class specifications Servers can interpret the meanings of multiple class specifications
in an implementation dependent or configuration dependent manner, in an implementation dependent or configuration dependent manner, and
and so the use of multiple classes by a DHCP client should be based so the use of multiple classes by a DHCP client should be based on
on the specific server implementation and configuration which will the specific server implementation and configuration which will be
be used to process that User class option. Servers not equipped to used to process that User class option.
interpret the user class information sent by a client MUST ignore it
(although it may be reported).
23.16. Vendor Class Option 22.17. Vendor Class Option
This option is used by clients and servers to exchange This option is used by a client to identify the vendor that
vendor-specific information. The definition of this information manufactured the hardware on which the client is running. The
is vendor specific. The vendor is indicated in the vendor information contained in the data area of this option is contained
class identifier option. Servers not equipped to interpret in one or more opaque fields that identify details of the hardware
the vendor-specific information sent by a client MUST ignore it configuration.
(although it may be reported). Clients which do not receive desired
vendor-specific information SHOULD make an attempt to operate without
it, although they may do so (and announce they are doing so) in a
degraded mode.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_VENDOR_CLASS | option-len | | OPTION_VENDOR_CLASS | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| vendor-id | | enterprise-number |
. . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. . . .
. vendor-class-data .
. . . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_VENDOR_CLASS (16)
option-len 4 + length of vendor class data field
enterprise-number The vendor's registered Enterprise Number as
registered with IANA.
vendor-class-data The hardware configuration of the host on
which the client is running.
Each instance of the vendor-class-data is formatted as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
| vendor-class-len | opaque-data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
The vendor-class-len is two octets long and specifies the length of
the opaque vendor class data in network order.
A DHCP message MUST NOT contain more than one Vendor Class option.
22.18. Vendor-specific Information option
This option is used by clients and servers to exchange
vendor-specific information. The definition of this information is
vendor specific. The vendor is indicated in the enterprise-number
field. Clients that do not receive desired vendor-specific
information SHOULD make an attempt to operate without it, although
they may do so (and announce they are doing so) in a degraded mode.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_VENDOR_OPTS | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| enterprise-number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| option-data |
. . . .
. option-data .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code TBD option-code OPTION_VENDOR_OPTS (17)
option-len See section 23. option-len 4 + length of option-data field
vendor-id A domain name belonging to the vendor used to enterprise-number The vendor's registered Enterprise Number as
identify the vendor that defined this vendor registered with IANA.
class option.
option-data An opaque object of option-len octets, option-data An opaque object of option-len octets,
presumably interpreted by vendor-specific interpreted by vendor-specific code on the
code on the clients and servers clients and servers
The vendor-id must adhere to the rules in section 10.
The Encapsulated vendor-specific options field MUST be encoded as The encapsulated vendor-specific options field MUST be encoded as a
a sequence of code/length/value fields of identical format to the sequence of code/length/value fields of identical format to the DHCP
DHCP options field. Each of the encapsulated options is formatted as options field. The option codes are defined by the vendor identified
follows. in the enterprise-number field and are not managed by IANA. Each of
the encapsulated options is formatted as follows.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+