draft-ietf-dhc-fqdn-option-07.txt   draft-ietf-dhc-fqdn-option-08.txt 
DHC M. Stapp DHC M. Stapp
Internet-Draft B. Volz Internet-Draft B. Volz
Expires: January 14, 2005 Cisco Systems, Inc. Expires: June 23, 2005 Cisco Systems, Inc.
Y. Rekhter Y. Rekhter
Juniper Networks Juniper Networks
Jul 16, 2004 December 23, 2004
The DHCP Client FQDN Option The DHCP Client FQDN Option
<draft-ietf-dhc-fqdn-option-07.txt> <draft-ietf-dhc-fqdn-option-08.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of section 3 of RFC 3667. By submitting this Internet-Draft, each of section 3 of RFC 3667. By submitting this Internet-Draft, each
author represents that any applicable patent or other IPR claims of author represents that any applicable patent or other IPR claims of
which he or she is aware have been or will be disclosed, and any of which he or she is aware have been or will be disclosed, and any of
which he or she become aware will be disclosed, in accordance with which he or she become aware will be disclosed, in accordance with
RFC 3668. RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as
Internet-Drafts. Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http:// The list of current Internet-Drafts can be accessed at
www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 14, 2005. This Internet-Draft will expire on June 23, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2004).
Abstract Abstract
This document specifies a DHCP for IPv4, DHCPv4, option which can be This document specifies a DHCP for IPv4, DHCPv4, option which can be
used to exchange information about a DHCPv4 client's fully-qualified used to exchange information about a DHCPv4 client's fully-qualified
domain name and about responsibility for updating the DNS RR related domain name and about responsibility for updating the DNS RR related
to the client's address assignment. to the client's address assignment.
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Models of Operation . . . . . . . . . . . . . . . . . . . . . 3 2.1 Models of Operation . . . . . . . . . . . . . . . . . . . 3
4. The Client FQDN Option . . . . . . . . . . . . . . . . . . . . 4 3. The Client FQDN Option . . . . . . . . . . . . . . . . . . . . 4
4.1 The Flags Field . . . . . . . . . . . . . . . . . . . . . 5 3.1 The Flags Field . . . . . . . . . . . . . . . . . . . . . 5
4.2 The RCODE Fields . . . . . . . . . . . . . . . . . . . . . 6 3.2 The RCODE Fields . . . . . . . . . . . . . . . . . . . . . 6
4.3 The Domain Name Field . . . . . . . . . . . . . . . . . . 6 3.3 The Domain Name Field . . . . . . . . . . . . . . . . . . 6
4.3.1 Deprecated ASCII Encoding . . . . . . . . . . . . . . 7 3.3.1 Deprecated ASCII Encoding . . . . . . . . . . . . . . 7
5. DHCP Client Behavior . . . . . . . . . . . . . . . . . . . . . 7 4. DHCP Client Behavior . . . . . . . . . . . . . . . . . . . . . 7
6. DHCP Server Behavior . . . . . . . . . . . . . . . . . . . . . 9 4.1 Interaction With Other Options . . . . . . . . . . . . . . 7
7. DNS Update Conflicts . . . . . . . . . . . . . . . . . . . . . 11 4.2 Client Desires to Update A RRs . . . . . . . . . . . . . . 8
8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 4.3 Client Desires Server to Do DNS Updates . . . . . . . . . 8
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12 4.4 Client Desires No Server DNS Updates . . . . . . . . . . . 8
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.5 Domain Name and DNS Update Issues . . . . . . . . . . . . 9
10.1 Normative References . . . . . . . . . . . . . . . . . . . . 12 5. DHCP Server Behavior . . . . . . . . . . . . . . . . . . . . . 9
5.1 When to Perform DNS Updates . . . . . . . . . . . . . . . 10
6. DNS Update Conflicts . . . . . . . . . . . . . . . . . . . . . 11
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . . . . . . . . . . 12
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
10.1 Normative References . . . . . . . . . . . . . . . . . . . . 13
10.2 Informative References . . . . . . . . . . . . . . . . . . . 13 10.2 Informative References . . . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 14 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 14
Intellectual Property and Copyright Statements . . . . . . . . 15 Intellectual Property and Copyright Statements . . . . . . . . 15
1. Terminology 1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1]. document are to be interpreted as described in RFC 2119 [1].
2. Introduction 2. Introduction
DNS ([2], [3]) maintains (among other things) the information about DNS ([2], [3]) maintains (among other things) the information about
mapping between hosts' Fully Qualified Domain Names (FQDNs) [6] and the mapping between hosts' Fully Qualified Domain Names (FQDNs) [7]
IP addresses assigned to the hosts. The information is maintained in and IP addresses assigned to the hosts. The information is
two types of Resource Records (RRs): A and PTR. The DNS update maintained in two types of Resource Records (RRs): A and PTR. The
specification ([4]) describes a mechanism that enables DNS DNS update specification ([4]) describes a mechanism that enables DNS
information to be updated over a network. information to be updated over a network.
The Dynamic Host Configuration Protocol for IPv4 (DHCPv4 or just DHCP The Dynamic Host Configuration Protocol for IPv4 (DHCPv4 or just DHCP
in this document) [5] provides a mechanism by which a host (a DHCP in this document) [5] provides a mechanism by which a host (a DHCP
client) can acquire certain configuration information, along with its client) can acquire certain configuration information, along with its
address. This document specifies a DHCP option, the Client FQDN address. This document specifies a DHCP option, the Client FQDN
option, which can be used by DHCP clients and servers to exchange option, which can be used by DHCP clients and servers to exchange
information about the client's fully-qualified domain name for an information about the client's fully-qualified domain name for an
address and who has the responsibility for updating the DNS with the address and who has the responsibility for updating the DNS with the
associated A and PTR RRs. associated A and PTR RRs.
3. Models of Operation 2.1 Models of Operation
When a DHCP client acquires a new address, a site's administrator may When a DHCP client acquires a new address, a site's administrator may
desire that one or both of the A RR for the client's FQDN and the PTR desire that one or both of the A RR for the client's FQDN and the PTR
RR for the acquired address be updated. Therefore, two separate DNS RR for the acquired address be updated. Therefore, two separate DNS
update transactions may occur. Acquiring an address via DHCP update transactions may occur. Acquiring an address via DHCP
involves two entities: a DHCP client and a DHCP server. In principle involves two entities: a DHCP client and a DHCP server. In principle
each of these entities could perform none, one, or both of the each of these entities could perform none, one, or both of the
transactions. However, in practice not all permutations make sense. transactions. However, in practice not all permutations make sense.
The DHCP Client FQDN option is intended to operate in the following The DHCP Client FQDN option is primarily intended to operate in the
two cases: following two cases:
1. DHCP client updates the A RR, DHCP server updates the PTR RR 1. DHCP client updates the A RR, DHCP server updates the PTR RR
2. DHCP server updates both the A and the PTR RRs 2. DHCP server updates both the A and the PTR RRs
The only difference between these two cases is whether the FQDN to IP The only difference between these two cases is whether the FQDN to IP
address mapping is updated by a DHCP client or by a DHCP server. The address mapping is updated by a DHCP client or by a DHCP server. The
IP address to FQDN mapping is updated by a DHCP server in both cases. IP address to FQDN mapping is updated by a DHCP server in both cases.
The reason these two are important, while others are unlikely, has to The reason these two are important, while others are unlikely, has to
do with authority over the respective DNS domain names. A DHCP do with authority over the respective DNS domain names. A DHCP
client may be given authority over mapping its own A RRs, or that client may be given authority over mapping its own A RRs, or that
authority may be restricted to a server to prevent the client from authority may be restricted to a server to prevent the client from
listing arbitrary addresses or associating its address with arbitrary listing arbitrary addresses or associating its address with arbitrary
domain names. In all cases, the only reasonable place for the domain names. In all cases, the only reasonable place for the
authority over the PTR RRs associated with the address is in the DHCP authority over the PTR RRs associated with the address is in the DHCP
server that allocates the address. server that allocates the address.
Note: A third case is supported - the client requests that the server
perform no updates. However, this case is presumed to be rare
because of the authority issues.
In any case, whether a site permits all, some, or no DHCP servers and In any case, whether a site permits all, some, or no DHCP servers and
clients to perform DNS updates into the zones which it controls is clients to perform DNS updates into the zones which it controls is
entirely a matter of local administrative policy. This document does entirely a matter of local administrative policy. This document does
not require any specific administrative policy, and does not propose not require any specific administrative policy, and does not propose
one. The range of possible policies is very broad, from sites where one. The range of possible policies is very broad, from sites where
only the DHCP servers have been given credentials that the DNS only the DHCP servers have been given credentials that the DNS
servers will accept, to sites where each individual DHCP client has servers will accept, to sites where each individual DHCP client has
been configured with credentials which allow the client to modify its been configured with credentials which allow the client to modify its
own domain name. Compliant implementations MAY support some or all own domain name. Compliant implementations may support some or all
of these possibilities. Furthermore, this specification applies only of these possibilities. Furthermore, this specification applies only
to DHCP client and server processes: it does not apply to other to DHCP client and server processes: it does not apply to other
processes which initiate DNS updates. processes which initiate DNS updates.
This document describes a new DHCP option which a client can use to This document describes a new DHCP option which a client can use to
convey all or part of its domain name to a DHCP server. convey all or part of its domain name to a DHCP server.
Site-specific policy determines whether DHCP servers use the names Site-specific policy determines whether DHCP servers use the names
that clients offer or not, and what DHCP servers may do in cases that clients offer or not, and what DHCP servers may do in cases
where clients do not supply domain names. where clients do not supply domain names.
4. The Client FQDN Option 3. The Client FQDN Option
To update the IP address to FQDN mapping a DHCP server needs to know To update the IP address to FQDN mapping a DHCP server needs to know
the FQDN of the client to which the server leases the address. To the FQDN of the client to which the server leases the address. To
allow the client to convey its FQDN to the server this document allow the client to convey its FQDN to the server this document
defines a new DHCP option, called "Client FQDN". The Client FQDN defines a new DHCP option, called "Client FQDN". The Client FQDN
option also contains Flags and RCODE fields which DHCP servers can option also contains Flags, which DHCP servers can use to convey
use to convey information about DNS updates to clients. information about DNS updates to clients, and two deprecated RCODEs.
Clients MAY send the Client FQDN option, setting appropriate Flags Clients MAY send the Client FQDN option, setting appropriate Flags
values, in both their DISCOVER and REQUEST messages. If a client values, in both their DHCPDISCOVER and DHCPREQUEST messages. If a
sends the Client FQDN option in its DISCOVER message, it MUST send client sends the Client FQDN option in its DHCPDISCOVER message, it
the option in subsequent REQUEST messages. MUST send the option in subsequent DHCPREQUEST messages.
The code for this option is 81. Its minimum length is 4. Only one FQDN MAY appear in a message. As per [13], multiple
instances of this option in a message SHOULD be concatentated.
The Format of the Client FQDN Option: The code for this option is 81. Its minimum length is 3.
The Format of the Client FQDN Option is:
Code Len Flags RCODE1 RCODE2 Domain Name Code Len Flags RCODE1 RCODE2 Domain Name
+------+------+------+------+------+------+-- +------+------+------+------+------+------+--
| 81 | n | | | | ... | 81 | n | | | | ...
+------+------+------+------+------+------+-- +------+------+------+------+------+------+--
4.1 The Flags Field 3.1 The Flags Field
The Format of the Flags Field: The Format of the Flags Field is:
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| MBZ |N|E|O|S| | MBZ |N|E|O|S|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
When a DHCP client sends the Client FQDN option in its DHCPDISCOVER The "S" bit indicates whether the server SHOULD or SHOULD NOT perform
and/or DHCPREQUEST messages, it sets the "S" bit to indicate that it the A RR (FQDN to address) DNS updates. A client sets the bit to 0
will not perform any DNS updates, and that it expects the DHCP server to indicate the server SHOULD NOT perform the updates and 1 to
to perform any FQDN-to-IP (the A RR) DNS update on its behalf. If indicate the server SHOULD perform the updates. The state of the bit
this bit is clear, the client indicates that it intends to maintain in the reply from the server indicates the action to be taken by the
its own FQDN-to-IP mapping update. server; if 1, the server has taken responsibility for A RR updates
for the FQDN.
If a DHCP server intends to take responsibility for the A RR update
whether or not the client sending the Client FQDN option has set the
"S" bit, it sets both the "O" bit and the "S" bit, and sends the
Client FQDN option in its DHCPOFFER and/or DHCPACK messages.
The data in the Domain Name field SHOULD appear in DNS-style binary The "O" bit indicates whether the server has overridden the client's
encoding (without compression, of course), as described in RFC 1035 preference for the "S" bit. A client MUST set this bit to 0. A
[3]. A client which sends the Client FQDN option SHOULD use this server MUST set this bit to 1 if the "S" bit in its reply to the
encoding. The client MUST set the "E" bit when the data in the client does not match the "S" bit received from the client.
Domain Name field is in DNS binary encoding. If a server receives a
Client FQDN option from a client, and intends to include a Client
FQDN option in its reply, it MUST use the same encoding that the
client used, and MUST set the "E" bit accordingly.
Server implementers should note that earlier draft versions of this The "N" bit indicates whether the server SHOULD NOT perform any DNS
specification permitted an ASCII encoding of the domain name. updates. A client sets this bit to 0 to request that the server
Clients which implemented this encoding were deployed before this SHOULD perform updates (the PTR RR and possibly the A RR based on the
specification was completed. Server implementers which need to "S" bit) or to 1 to request that the server SHOULD NOT perform any
support these clients should note the section on the deprecated ASCII DNS updates. A server sets the "N" bit to indicate whether it SHALL
encoding (Section 4.3.1). (0) or SHALL NOT (1) perform DNS updates. If the "N" bit is 1, the
"S" bit MUST be 0.
A client MAY set the "N" bit in its request messages to indicate that The "E" bit indicates the encoding of the Domain Name field. 1
the server should not perform any DNS updates on its behalf. As we indicates DNS-style binary encoding, without compression, as
mentioned in Section 3, we believe that in general the DHCP server described in RFC 1035 [3] and SHOULD be used by clients. 0 indicates
will be maintaining DNS PTR records on behalf of clients. However, a now deprecated ASCII encoding. Servers MUST use the same encoding
there may be deployments in which clients are configured to perform as received from the client. Server implementers SHOULD note that
all desired DNS updates. The server MAY be configured to honor this earlier draft versions of this specification permitted an ASCII
configuration. If the server has been configured to honor a client's encoding of the domain name and this encoding MUST be used if the "E"
"N" indication, it SHOULD set the "N" bit in Client FQDN options bit is 0. Clients which implemented this encoding were deployed
which it sends to the client in its OFFER or ACK messages. Clients before this specification was completed. Server implementers which
which have set the "N" bit in their requests SHOULD use the state of need to support these clients need to see the section on the
the "N" bit in server responses to determine whether the server was deprecated ASCII encoding (Section 3.3.1).
prepared to honor the client's indication. If a client has set the
"N" bit but its server does not, the client SHOULD conclude that the
server was not configured to honor the client's suggestion, and that
the server may attempt to perform DNS updates on its behalf.
The remaining bits in the Flags field are reserved for future The remaining bits in the Flags field are reserved for future
assignment. DHCP clients and servers which send the Client FQDN assignment. DHCP clients and servers which send the Client FQDN
option MUST set the MBZ bits to 0, and they MUST ignore these bits. option MUST clear the MBZ bits, and they MUST ignore these bits.
4.2 The RCODE Fields 3.2 The RCODE Fields
The RCODE1 and RCODE2 fields are used by a DHCP server to indicate to The RCODE1 and RCODE2 fields are deprecated. A client SHOULD set
a DHCP client the Response Code from any A or PTR RR DNS updates it these to 0 when sending the option and SHOULD ignore them on receipt.
has performed. The server may also use these fields to indicate A server SHOULD set these to 255 when sending the option and MUST
whether it has attempted such an update before sending the DHCPACK ignore them on receipt.
message. Each of these fields is one byte long.
Implementers should note that EDNS0 describes a mechanism for As this option with these fields is already in wide use, the fields
extending the length of a DNS RCODE to 12 bits. EDNS0 is specified are retained. These fields were originally defined for use by a DHCP
in RFC 2671 [7]. Only the least-significant 8 bits of the RCODE from server to indicate to a DHCP client the Response Code from any A
a DNS update will be carried in the Client FQDN option. This (RCODE1) or PTR (RCODE2) RR DNS updates it has performed or a value
provides enough number space to accommodate the RCODEs defined in the of 255 was used to indicate that an update had been initiated but had
DNS update specification. not yet completed. Each of these fields is one byte long. These
fields were defined before EDNS0 [10], which describes a mechanism
for extending the length of a DNS RCODE to 12 bits, which is another
reason to deprecate them.
4.3 The Domain Name Field If the client needs to confirm the DNS update has been done, it MAY
use a DNS query to check whether the mapping is up to date. However,
depending on the load on the DHCP and DNS servers and the DNS
propagation delays, the client can only infer success. If the
information is not found to be up to date in DNS, the servers might
not have completed the updates or zone transfers, or not yet updated
their caches.
3.3 The Domain Name Field
The Domain Name part of the option carries all or part of the FQDN of The Domain Name part of the option carries all or part of the FQDN of
a DHCP client. The data in the Domain Name field SHOULD appear in a DHCP client. The data in the Domain Name field SHOULD appear in
uncompressed DNS encoding as specified in RFC 1035 [3]. If the DHCP uncompressed DNS encoding as specified in RFC 1035 [3]. If the DHCP
client uses DNS encoding, it MUST set the third bit in the Flags client uses DNS encoding, it MUST set to 1 the the "E" bit in the
field (the "E" bit). In order to determine whether a name has Flags field. In order to determine whether the FQDN has changed
changed between message exchanges, an unambiguous canonical form is between message exchanges, the client and server MUST NOT alter the
necessary. Eventually, the IETF IDN Working Group is expected to Domain Name field contents unless the FQDN has actually changed.
produce a standard canonicalization specification, and this
specification may be updated to include its standard. Until that
time, servers and clients should be sensitive to canonicalization
when comparing names in the Domain Name field and the name
canonicalization defined in RFC 2535 [10] MAY be used.
A client may be configured with a fully-qualified domain name, or A client MAY be configured with a fully-qualified domain name or with
with a partial name that is not fully-qualified. If a client knows a partial name that is not fully-qualified. If a client knows only
only part of its name, it MAY send a name that is not part of its name, it MAY send a name that is not fully-qualified,
fully-qualified, indicating that it knows part of the name but does indicating that it knows part of the name but does not necessarily
not necessarily know the zone in which the name is to be embedded. A know the zone in which the name is to be embedded.
client which wants to convey part of its FQDN sends a non-terminal
sequence of labels in the Domain Name part of the option. Clients
and servers should assume that the name field contains a
fully-qualified name unless this partial-name format exists.
4.3.1 Deprecated ASCII Encoding To send a fully-qualified domain name, the Domain Name field is set
to the DNS encoded domain name including the terminating zero-length
label. To send a partial name, the Domain Name field is set to the
DNS encoded domain name without the terminating zero-length label.
A client MAY also leave the Domain Name field empty if it desires the
server to provide a name.
3.3.1 Deprecated ASCII Encoding
The DNS encoding specified above MUST be supported by DHCP servers. The DNS encoding specified above MUST be supported by DHCP servers.
However, a substantial population of clients implemented an earlier However, a substantial population of clients implemented an earlier
version of this specification, which permitted an ASCII encoding of draft version of this specification, which permitted an ASCII
the Domain Name field. Server implementations should be aware that encoding of the Domain Name field. Server implementations SHOULD be
clients which send the Client FQDN option with the "E" bit clear are aware that clients which send the Client FQDN option with the "E" bit
using an ASCII version of the Domain Name field. Servers MAY be set to 0 are using an ASCII encoding of the Domain Name field.
prepared to return an ASCII encoded version of the Domain Name field Servers MAY be prepared to return an ASCII encoded version of the
to such clients. The use of ASCII encoding in this option should be Domain Name field to such clients. Servers that are not prepared to
return an ASCII encoded version MUST ignore the Client FQDN option if
the "E" bit is 0. The use of ASCII encoding in this option SHOULD be
considered deprecated. considered deprecated.
A DHCP client which used ASCII encoding was permitted to suggest a A DHCP client which used ASCII encoding was permitted to suggest a
single label if it was not configured with a fully-qualified name. single label if it was not configured with a fully-qualified name.
Such clients send a single label as a series of ASCII characters in Such clients send a single label as a series of ASCII characters in
the Domain Name field, excluding the "." (dot) character. Such the Domain Name field, excluding the "." (dot) character. Such
clients SHOULD follow the character-set recommendations of RFC 1034 clients SHOULD follow the character-set recommendations of RFC 1034
[2] and RFC 1035 [3]. [2] and RFC 1035 [3].
Server implementers should also be aware that some client software Server implementers SHOULD also be aware that some client software
may attempt to use UTF-8 [9] character encoding. This information is could be using UTF-8 [9] character encoding. This information is
included for informational purposes only: this specification does not included for informational purposes only; this specification does not
require any support for UTF-8. require any support for UTF-8.
5. DHCP Client Behavior 4. DHCP Client Behavior
The following describes the behavior of a DHCP client that implements The following describes the behavior of a DHCP client that implements
the Client FQDN option. the Client FQDN option.
Other DHCP options may carry data that is related to the Domain-Name 4.1 Interaction With Other Options
part of the Client FQDN option. The Host-Name option, for example,
contains an ASCII string representation of the client's host-name. Other DHCP options MAY carry data that is related to the Domain Name
In general, a client should not need to send redundant data, and field of the Client FQDN option. The Host Name option [8], for
example, contains an ASCII string representation of the client's host
name. In general, a client does not need to send redundant data, and
therefore clients which send the Client FQDN option in their messages therefore clients which send the Client FQDN option in their messages
MUST NOT also send the Host-Name option. Clients which receive both MUST NOT also send the Host Name option. Clients which receive both
the Host-Name option and the Client FQDN option from a server SHOULD the Host Name option and the Client FQDN option from a server SHOULD
prefer Client FQDN option data. Servers will be asked in Section 6 prefer Client FQDN option data. Section 5 instructs servers to
to ignore the Host-Name option in client messages which include the ignore the Host Name option in client messages which include the
Client FQDN option. Client FQDN option.
4.2 Client Desires to Update A RRs
If a client that owns/maintains its own FQDN wants to be responsible If a client that owns/maintains its own FQDN wants to be responsible
for updating the FQDN to IP address mapping for the FQDN and for updating the FQDN to IP address mapping for the FQDN and
address(es) used by the client, then the client MUST include the address(es) used by the client, the client MUST include the Client
Client FQDN option in the DHCPREQUEST message originated by the FQDN option in the DHCPREQUEST message originated by the client. A
client. A DHCP client MAY choose to include the Client FQDN option DHCP client MAY choose to include the Client FQDN option in its
in its DISCOVER messages as well as its REQUEST messages. The "S" DHCPDISCOVER messages as well as its DHCPREQUEST messages. The "S"
bit in the Flags field in the option MUST be set to 0. Once the bit in the Flags field in the option MUST be 0. The "O" and "N" bits
client's DHCP configuration is completed (the client receives a MUST be 0.
DHCPACK message, and successfully completes a final check on the
parameters passed in the message), the client MAY originate an update Once the client's DHCP configuration is completed (the client
for the A RR (associated with the client's FQDN). If the DHCP server receives a DHCPACK message and successfully completes a final check
from which the client is requesting a lease includes the Client FQDN on the parameters passed in the message), the client MAY originate an
option in its ACK message, and if the server sets both the "S" and update for the A RR (associated with the client's FQDN) unless the
the "O" bits in the option's flags field, the DHCP client MUST NOT server has set the "S" bit to 1. If the "S" is 1, the DHCP client
initiate an update for the name in the Domain Name field. MUST NOT initiate an update for the name in the Domain Name field.
4.3 Client Desires Server to Do DNS Updates
A client can choose to delegate the responsibility for updating the A client can choose to delegate the responsibility for updating the
FQDN to IP address mapping for the FQDN and address(es) used by the FQDN to IP address mapping for the FQDN and address(es) used by the
client to the server. In order to inform the server of this choice, client to the server. In order to inform the server of this choice,
the client SHOULD include the Client FQDN option in its DHCPREQUEST the client SHOULD include the Client FQDN option in its DHCPREQUEST
message. The "S" bit in the Flags field in the option MUST be set to message and MAY include the Client FQDN option in its DHCPDISCOVER.
1. A client which delegates this responsibility MUST NOT attempt to The "S" bit in the Flags field in the option MUST be 1. The "O" and
perform a DNS update for the name in the Domain Name field of the "N" bits MUST be 0.
Client FQDN option. The client MAY supply an FQDN in the Client FQDN
option, or it MAY supply a single label (the most-specific label), or
it MAY leave that field empty as a signal to the server to generate
an FQDN for the client in any manner the server chooses.
Since there is a possibility that the DHCP server may be configured 4.4 Client Desires No Server DNS Updates
to complete or replace a domain name that the client was configured
to send, the client might find it useful to send the Client FQDN A client can choose to request that the server perform no DNS updates
option in its DISCOVER messages. If the DHCP server returns on its behalf. In order to inform the server of this choice, the
different Domain Name data in its OFFER message, the client could use client SHOULD include the Client FQDN option in its DHCPREQUEST
that data in performing its own eventual A RR update, or in forming message and MAY include the Client FQDN option in its DHCPDISCOVER.
the Client FQDN option that it sends in its REQUEST message. There The "N" bit in the Flags field in the option MUST be 1 and the "S"
is no requirement that the client send identical Client FQDN option and "O" bits MUST be 0.
data in its DISCOVER and REQUEST messages. In particular, if a
client has sent the Client FQDN option to its server, and the Once the client's DHCP configuration is completed (the client
configuration of the client changes so that its notion of its domain receives a DHCPACK message and successfully completes a final check
name changes, it MAY send the new name data in an Client FQDN option on the parameters passed in the message), the client MAY originate
when it communicates with the server again. This may allow the DHCP its DNS updates provided the server's "N" bit is 1. If the server's
server to update the name associated with the PTR record, and, if the "N" bit is 0, the server MAY perform the PTR RR updates; and, MAY
server updated the A record representing the client, to delete that also perform the A RR updates if the "S" bit is 1.
record and attempt an update for the client's current domain name.
4.5 Domain Name and DNS Update Issues
As there is a possibility that the DHCP server is configured to
complete or replace a domain name that the client sends, the client
MAY find it useful to send the Client FQDN option in its DHCPDISCOVER
messages. If the DHCP server returns different Domain Name data in
its DHCPOFFER message, the client could use that data in performing
its own eventual A RR update, or in forming the Client FQDN option
that it sends in its DHCPREQUEST message. There is no requirement
that the client send identical Client FQDN option data in its
DHCPDISCOVER and DHCPREQUEST messages. In particular, if a client
has sent the Client FQDN option to its server, and the configuration
of the client changes so that its notion of its domain name changes,
it MAY send the new name data in a Client FQDN option when it
communicates with the server again. This MAY cause the DHCP server
to update the name associated with the PTR record, and, if the server
updated the A record representing the client, to delete that record
and attempt an update for the client's current domain name.
A client that delegates the responsibility for updating the FQDN to A client that delegates the responsibility for updating the FQDN to
IP address mapping to a server might not receive any indication IP address mapping to a server will not receive any indication
(either positive or negative) from the server whether the server was (either positive or negative) from the server whether the server was
able to perform the update. In this case the client MAY use a DNS able to perform the update. The client MAY use a DNS query to check
query to check whether the mapping is updated. whether the mapping is up to date (see Section 3.2).
A client MUST set the RCODE1 and RCODE2 fields in the Client FQDN
option to 0 when sending the option.
If a client releases its lease prior to the lease expiration time and If a client releases its lease prior to the lease expiration time and
the client is responsible for updating its A RR, the client SHOULD the client is responsible for updating its A RR, the client SHOULD
delete the A RR associated with the leased address before sending a delete the A RR associated with the leased address before sending a
DHCP RELEASE message. Similarly, if a client was responsible for DHCP RELEASE message. Similarly, if a client was responsible for
updating its A RR, but is unable to renew its lease, the client updating its A RR, but is unable to renew its lease, the client
SHOULD attempt to delete the A RR before its lease expires. A DHCP SHOULD attempt to delete the A RR before its lease expires. A DHCP
client which has not been able to delete an A RR which it added client which has not been able to delete an A RR which it added
(because it has lost the use of its DHCP IP address) should attempt (because it has lost the use of its DHCP IP address) SHOULD attempt
to notify its administrator, perhaps by emitting a log message. to notify its administrator, perhaps by emitting a log message.
6. DHCP Server Behavior 5. DHCP Server Behavior
When a server receives a DHCPREQUEST message from a client, if the The following describes the behavior of a DHCP server that implements
message contains the Client FQDN option, and the server replies to the Client FQDN option when the client's message includes the Client
the message with a DHCPACK message, the server may be configured to FQDN option.
originate an update for the PTR RR (associated with the address
leased to the client). The server MAY complete the update before the
server sends the DHCPACK message to the client. In this case the
RCODE from the update MUST be carried to the client in the RCODE1
field of the Client FQDN option in the DHCPACK message.
Alternatively, the server MAY send the DHCPACK message to the client
without waiting for the update to be completed. In this case the
RCODE1 field of the Client FQDN option in the DHCPACK message MUST be
set to 255. The choice between the two alternatives is entirely
determined by the configuration of the DHCP server. Servers SHOULD
support both configuration options.
When a server receives a DHCPREQUEST message containing the Client The server examines its configuration and the Flag bits in the
FQDN option, the server MUST ignore the values carried in the RCODE1 client's Client FQDN option to determine how to respond:
and RCODE2 fields of the option.
In addition, if the Client FQDN option carried in the DHCPREQUEST o If the client's "E" bit is 0 and the server does not support ASCII
message has the "S" bit in its Flags field set, then the server MAY encoding (Section 3.3.1), the server SHOULD ignore the Client FQDN
originate an update for the A RR (associated with the FQDN carried in option.
the option) if it is configured to do so by the site's administrator,
and if it has the necessary credentials. The server MAY be
configured to use the name supplied in the client's Client FQDN
option, or it MAY be configured to modify the supplied name, or
substitute a different name.
The server MAY originate the update before the server sends the o The server sets to 0 the "S", "O", and "N" Flag bits in its copy
DHCPACK message to the client. In this case the RCODE from the of the option it will return to the client. The server copies the
update RFC 2136 [4] MUST be carried to the client in the RCODE2 field client's "E" bit.
of the Client FQDN option in the DHCPACK message. Alternatively the o If the client's "N" bit is 1 and the server's configuration allows
server MAY send the DHCPACK message to the client without waiting for it to honor the client's request for no server initiated DNS
the update to be completed. In this case the RCODE2 field of the updates, the server sets the "N" bit to 1.
Client FQDN option in the DHCPACK message MUST be set to 255. The o Otherwise, if the client's "S" bit is 1 and the servers's
choice between the two alternatives is entirely a matter of the DHCP configuration allows it to honor the client's request for the
server's configuration. In either case, if the server intends to server to initiate A RR DNS updates and if it has the necessary
perform the DNS update and the client's REQUEST message included the credentials, the server sets the "S" to 1. If the server's "S"
Client FQDN option, the server SHOULD include the Client FQDN option bit does not match the client's "S" bit, the server sets the "O"
in its ACK message. If the server includes the Client FQDN option, bit to 1.
it MUST set the "S" bit in the option's Flags field and MUST clear
the "O" bit.
Even if the Client FQDN option carried in the DHCPREQUEST message has The server MAY be configured to use the name supplied in the client's
the "S" bit in its Flags field clear (indicating that the client Client FQDN option, or it MAY be configured to modify the supplied
wants to update the A RR), the server MAY be configured by the local name, or substitute a different name. The server SHOULD send its
administrator to update the A RR on the client's behalf. A server notion of the complete FQDN for the client in the Domain Name field.
which is configured to override the client's preference SHOULD The server MAY simply copy the Domain Name field from the Client FQDN
include a Client FQDN option in its ACK message, and MUST set both option that the client sent to the server. The server MUST use the
the "O" and "S" bits in the Client FQDN option's Flags field. The same encoding format (ASCII or DNS binary encoding) that the client
server MAY originate the update before the server sends the DHCPACK used in the Client FQDN option in its DHCPDISCOVER or DHCPREQUEST,
message to the client. In this case the RCODE from the update RFC and MUST set the "E" bit in the option's Flags field accordingly.
2136 [4] MUST be carried to the client in the RCODE2 field of the
Client FQDN option in the DHCPACK message. Alternatively, the server
MAY send the DHCPACK message to the client without waiting for the
update to be completed. In this case the RCODE2 field of the Client
FQDN option in the DHCPACK message MUST be set to 255. Whether the
DNS update occurs before or after the DHCPACK is sent is entirely up
to the DHCP server's configuration.
When a DHCP server sends the Client FQDN option to a client in the If a client sends both the Client FQDN and Host Name option, the
DHCPACK message, the DHCP server SHOULD send its notion of the server SHOULD ignore the Host Name option.
complete FQDN for the client in the Domain Name field. The server
MAY simply copy the Domain Name field from the Client FQDN option
that the client sent to the server in the DHCPREQUEST message. The
DHCP server MAY be configured to complete or modify the domain name
which a client sent, or it MAY be configured to substitute a
different name.
If the server initiates a DNS update that is not complete until after The server SHOULD set the RCODE1 and RCODE2 fields to 255 before
the server has replied to the DHCP client, the server's interaction sending the Client FQDN message to the client in a DHCPOFFER or
with the DNS server may cause the DHCP server to change the domain DHCPACK.
name that it associates with the client. This may occur, for
example, if the server detects and resolves a domain-name conflict.
In such cases, the domain name that the server returns to the DHCP
client may change between two DHCP exchanges.
The server MUST use the same encoding format (ASCII or DNS binary 5.1 When to Perform DNS Updates
encoding) that the client used in the Client FQDN option in its
DHCPREQUEST, and MUST set the "E" bit in the option's Flags field
accordingly.
If a client's DHCPREQUEST message doesn't carry the Client FQDN The server SHOULD NOT perform any DNS updates if the "N" bit is 1 in
option (e.g., the client doesn't implement the Client FQDN option), the Flags field of the Client FQDN option in the DHCPACK messages (to
the server MAY be configured to update either or both of the A and be) sent to the client. However, the server SHOULD delete any RRs
PTR RRs. which it previously added via DNS updates for the client.
If a server detects that a lease on an address that the server leases The server MAY perform the PTR RR DNS update (unless the "N" bit is
to a client has expired, the server SHOULD delete any PTR RR which it 1).
added via DNS update. In addition, if the server added an A RR on
the client's behalf, the server SHOULD also delete the A RR.
If a server terminates a lease on an address prior to the lease's The server MAY perform the A RR DNS update if the "S" bit is 1 in the
Flags field of the Client FQDN option in the DHCPACK message (to be)
sent to the client.
The server MAY perform these updates even if the client's DHCPREQUEST
did not carry the Client FQDN option. The server MUST NOT initiate
DNS updates when responding to DHCPDISCOVER messages from a client.
The server MAY complete its DNS updates (PTR RR or PTR and A RR)
before the server sends the DHCPACK message to the client.
Alternatively, the server MAY send the DHCPACK message to the client
without waiting for the update to be completed. Whether the DNS
update occurs before or after the DHCPACK is sent is entirely up to
the DHCP server's configuration.
If the server's A RR DNS update does not complete until after the
server has replied to the DHCP client, the server's interaction with
the DNS server MAY cause the DHCP server to change the domain name
that it associates with the client. This can occur, for example, if
the server detects and resolves a domain-name conflict [6]. In such
cases, the domain name that the server returns to the DHCP client
would change between two DHCP exchanges.
If the server previously performed DNS updates for the client and the
client's information has not changed, the server MAY skip performing
additional DNS updates.
When a server detects that a lease on an address that the server
leases to a client has expired, the server SHOULD delete any PTR RR
which it added via DNS update. In addition, if the server added an A
RR on the client's behalf, the server SHOULD also delete the A RR.
When a server terminates a lease on an address prior to the lease's
expiration time, for instance by sending a DHCPNAK to a client, the expiration time, for instance by sending a DHCPNAK to a client, the
server SHOULD delete any PTR RR which it associated with the address server SHOULD delete any PTR RR which it associated with the address
via DNS Update. In addition, if the server took responsibility for via DNS update. In addition, if the server took responsibility for
an A RR, the server SHOULD also delete that A RR. an A RR, the server SHOULD also delete that A RR.
7. DNS Update Conflicts 6. DNS Update Conflicts
This document does not resolve how a DHCP client or server prevent This document does not resolve how a DHCP client or server prevent
name conflicts. This document addresses only how a DHCP client and name conflicts. This document addresses only how a DHCP client and
server negotiate who will perform the DNS updates and the fully server negotiate who will perform the DNS updates and the fully
qualified domain name requested or used. qualified domain name requested or used.
Implementers of this work will need to consider how name conflicts Implementers of this work will need to consider how name conflicts
will be prevented. It may be that the DNS updater must hold a will be prevented. If a DNS updater needs a security token in order
security token in order to successfully perform DNS updates on a to successfully perform DNS updates on a specific name, name
specific name, in which case name conflicts can only occur if conflicts can only occur if multiple clients are given a security
multiple clients are given a security token for that name. Or, the token for that name. Or, if the fully qualified domains are based on
fully qualified domains may be based on the specific address bound to the specific address bound to a client, conflicts SHOULD NOT occur.
a client and in this case conflicts should not occur. However, Or, a name conflict resolution technique as described in "Resolving
without this level of security in the DNS system or use of Name Conflicts" [6]) SHOULD be used.
non-conflicting names, other techniques need to be developed. This
is an area for future work (see "Resolving Name Conflicts" [12]). 7. IANA Considerations
IANA has already assigned DHCP option 81 to the Client FQDN option.
As this document updates the option's use, IANA is requested to
reference this document for option 81.
8. Security Considerations 8. Security Considerations
Unauthenticated updates to the DNS can lead to tremendous confusion, Unauthenticated updates to the DNS can lead to tremendous confusion,
through malicious attack or through inadvertent misconfiguration. through malicious attack or through inadvertent misconfiguration.
Administrators should be wary of permitting unsecured DNS updates to Administrators need to be wary of permitting unsecured DNS updates to
zones which are exposed to the global Internet. Both DHCP clients zones which are exposed to the global Internet. Both DHCP clients
and servers SHOULD use some form of update request origin and servers should use some form of update request origin
authentication procedure (e.g., Secure DNS Dynamic Update [11]) when authentication procedure (e.g., Secure DNS Dynamic Update [11]) when
performing DNS updates. performing DNS updates.
Whether a DHCP client may be responsible for updating an FQDN to IP Whether a DHCP client is responsible for updating an FQDN to IP
address mapping or whether this is the responsibility of the DHCP address mapping or whether this is the responsibility of the DHCP
server is a site-local matter. The choice between the two server is a site-local matter. The choice between the two
alternatives may be based on the security model that is used with the alternatives is likely based on the security model that is used with
DNS update protocol (e.g., only a client may have sufficient the DNS update protocol (e.g., only a client may have sufficient
credentials to perform updates to the FQDN to IP address mapping for credentials to perform updates to the FQDN to IP address mapping for
its FQDN). its FQDN).
Whether a DHCP server is always responsible for updating the FQDN to Whether a DHCP server is always responsible for updating the FQDN to
IP address mapping (in addition to updating the IP to FQDN mapping), IP address mapping (in addition to updating the IP to FQDN mapping),
regardless of the wishes of an individual DHCP client, is also a regardless of the wishes of an individual DHCP client, is also a
site-local matter. The choice between the two alternatives may be site-local matter. The choice between the two alternatives is likely
based on the security model that is being used with DNS updates. In based on the security model that is being used with DNS updates. In
cases where a DHCP server is performing DNS updates on behalf of a cases where a DHCP server is performing DNS updates on behalf of a
client, the DHCP server should be sure of the DNS name to use for the client, the DHCP server should be sure of the DNS name to use for the
client, and of the identity of the client. client, and of the identity of the client.
Currently, it is difficult for DHCP servers to develop much Currently, it is difficult for DHCP servers to develop much
confidence in the identities of its clients, given the absence of confidence in the identities of its clients, given the absence of
entity authentication from the DHCP protocol itself. There are many entity authentication from the DHCP protocol itself. There are many
ways for a DHCP server to develop a DNS name to use for a client, but ways for a DHCP server to develop a DNS name to use for a client, but
only in certain relatively unusual circumstances will the DHCP server only in certain relatively unusual circumstances will the DHCP server
know for certain the identity of the client. If DHCP Authentication know for certain the identity of the client. If DHCP Authentication
[13] becomes widely deployed this may become more customary. [12] becomes widely deployed this may become more customary.
One example of a situation which offers some extra assurances is one One example of a situation which offers some extra assurances is one
where the DHCP client is connected to a network through an MCNS cable where the DHCP client is connected to a network through an MCNS cable
modem, and the CMTS (head-end) ensures that MAC address spoofing modem, and the CMTS (head-end) ensures that MAC address spoofing
simply does not occur. Another example of a configuration that might simply does not occur. Another example of a configuration that might
be trusted is one where clients obtain network access via a network be trusted is one where clients obtain network access via a network
access server using PPP. The NAS itself might be obtaining IP access server using PPP. The NAS itself might be obtaining IP
addresses via DHCP, encoding a client identification into the DHCP addresses via DHCP, encoding a client identification into the DHCP
client-id option. In this case, the network access server as well as client-id option. In this case, the network access server as well as
the DHCP server might be operating within a trusted environment, in the DHCP server might be operating within a trusted environment, in
which case the DHCP server could be configured to trust that the user which case the DHCP server could be configured to trust that the user
authentication and authorization procedure of the remote access authentication and authorization procedure of the remote access
server was sufficient, and would therefore trust the client server was sufficient, and would therefore trust the client
identification encoded within the DHCP client-id. identification encoded within the DHCP client-id.
9. Acknowledgements 9. Acknowledgements
Many thanks to Mark Beyer, Jim Bound, Ralph Droms, Robert Elz, Peter Many thanks to Mark Beyer, Jim Bound, Ralph Droms, Robert Elz, Peter
Ford, Edie Gunter, Andreas Gustafsson, R. Barr Hibbs, Kim Kinnear, Ford, Olafur Gudmundsson, Edie Gunter, Andreas Gustafsson, David W.
Stuart Kwan, Ted Lemon, Ed Lewis, Michael Lewis, Josh Littlefield, Hankins, R. Barr Hibbs, Kim Kinnear, Stuart Kwan, Ted Lemon, Ed
Michael Patton, and Glenn Stump for their review and comments. Lewis, Michael Lewis, Josh Littlefield, Michael Patton, Jyrki Soini,
and Glenn Stump for their review and comments.
10. References 10. References
10.1 Normative References 10.1 Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
[2] Mockapetris, P., "Domain names - concepts and facilities", STD [2] Mockapetris, P., "Domain names - concepts and facilities", STD
13, RFC 1034, November 1987. 13, RFC 1034, November 1987.
skipping to change at page 13, line 16 skipping to change at page 13, line 39
[3] Mockapetris, P., "Domain names - implementation and [3] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987. specification", STD 13, RFC 1035, November 1987.
[4] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound, "Dynamic [4] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound, "Dynamic
Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April
1997. 1997.
[5] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, [5] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
March 1997. March 1997.
[6] Stapp, M. and B. Volz, "Resolution of DNS Name Conflicts Among
DHCP Clients (draft-ietf-dhc-ddns-resolution-*.txt)", September
2004.
10.2 Informative References 10.2 Informative References
[6] Marine, A., Reynolds, J. and G. Malkin, "FYI on Questions and [7] Marine, A., Reynolds, J. and G. Malkin, "FYI on Questions and
Answers - Answers to Commonly asked "New Internet User" Answers - Answers to Commonly asked "New Internet User"
Questions", RFC 1594, March 1994. Questions", RFC 1594, March 1994.
[7] Vixie, P., "Extension Mechanisms for DNS (EDNS0)", RFC 2671, [8] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor
August 1999. Extensions", RFC 2132, March 1997.
[8] Vixie, P., Gudmundsson, O., Eastlake, D. and B. Wellington,
"Secret Key Transaction Authentication for DNS (TSIG)", RFC
2845, May 2000.
[9] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC [9] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC
2279, January 1998. 2279, January 1998.
[10] Eastlake, D., "Domain Name System Security Extensions", RFC [10] Vixie, P., "Extension Mechanisms for DNS (EDNS0)", RFC 2671,
2535, March 1999. August 1999.
[11] Wellington, B., "Secure Domain Name System (DNS) Dynamic [11] Wellington, B., "Secure Domain Name System (DNS) Dynamic
Update", RFC 3007, November 2000. Update", RFC 3007, November 2000.
[12] Stapp, M. and B. Volz, "Resolution of DNS Name Conflicts Among [12] Droms, R. and W. Arbaugh, "Authentication for DHCP Messages",
DHCP Clients (draft-ietf-dhc-ddns-resolution-*.txt)", July
2004.
[13] Droms, R. and W. Arbaugh, "Authentication for DHCP Messages",
RFC 3118, June 2001. RFC 3118, June 2001.
[13] Lemon, T. and S. Cheshire, "Encoding Long Options in the
Dynamic Host Configuration Protocol (DHCPv4)", RFC 3396,
November 2002.
Authors' Addresses Authors' Addresses
Mark Stapp Mark Stapp
Cisco Systems, Inc. Cisco Systems, Inc.
1414 Massachusetts Ave. 1414 Massachusetts Ave.
Boxborough, MA 01719 Boxborough, MA 01719
USA USA
Phone: 978.936.1535 Phone: 978.936.1535
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/