host
Click on the red underlined text to get to the source
...
This document synthesizes, from experience in the deployment of hosts
supporting ARP [RFC826 ...
...
DHCP is an effective and widely adopted mechanism for a host to
obtain an IP address for use on a particular network ...
... seven seconds. In principle, this time interval could be shortened,
with the obvious trade-off: the less time a host spends waiting to
see if another host is already using its intended address ...
... with the obvious trade-off: the less time a host spends waiting to
see if another host is already using its intended address, the
greater the risk of inadvertent address ...
... seven-second delay does not apply. However, the DHCP server may be
slow to respond or may be down and not responding at all, so hosts
could benefit from having an alternative way to quickly determine
that a previously obtained address ...
... obtained on the new network is still operable, DNAv4 enables the host
to confirm the new configuration quickly, bypassing restart of the
...
...
The alternative mechanism specified by this document applies when a
host has a previously allocated DHCP address, which was not returned
...
... to the DHCP server via a DHCPRELEASE message, and which still has
time remaining on its lease. In this case, the host may determine
whether it has re-attached to the logical link where this address ...
... broadcast packets may
be sent at rates as low as 1 Mb/sec. Another benefit is that if the
host is not on the link it hoped to find itself on, a broadcast ARP ...
... addressed to the MAC address of the router the host is expecting to
find means that if the host is not on the expected link ...
... router the host is expecting to
find means that if the host is not on the expected link there will be
no device with that MAC address ...
... DHCP INIT-REBOOT), as well as to reduce multi-
second conflict detection delays when a host changes networks.
...
... correctness. In other words, false positives are not
acceptable. DNAv4 must not conclude that a host has returned
to a previously visited link where it has an operable IP
address ...
... the same link in the future. This is acceptable because the
host still operates correctly as it did without DNAv4, just
without the performance ...
... DHCP client or "client" is an Internet host using the Dynamic
Host Configuration Protocol (DHCP) [RFC2131 ...
... client" is an Internet host using the Dynamic
Host Configuration Protocol (DHCP) [RFC2131] to obtain
...
... A DHCP server or "server" is an Internet host that returns
configuration parameters to DHCP clients ...
...
On connecting to a new point of attachment, the host responds to a
"Link Up" indication from the link layer ...
...
For each network that it connects to, it is assumed that the host
saves the following parameters to stable storage:
...
... networks that have operable IPv4 addresses associated
with them, the host selects a subset and attempts to confirm the
configuration for each network, using the reachability ...
... addresses may be tested in parallel.
In order to ensure configuration validity, the host SHOULD only
configure routes for which the next hop address ...
... reachability test is only carried out for a network
when the host has previously completed conflict detection as
recommended in Section 2.2 of the DHCP specification [RFC2131 ...
... DHCP server, having failed to save leases to stable
storage, assigns that same address to another host, and
o the first host ...
... host, and
o the first host returns and, having a still-valid lease with
time remaining, proceeds to use its assigned address ...
... time remaining, proceeds to use its assigned address,
conflicting with the new host that is now using that same
address.
...
... following conditions are true:
[a] The host does not have an operable routable IPv4 address on that
network ...
... network. In this case, the reachability test cannot confirm that
the host has an operable routable IPv4 address, so completing the
reachability ...
... reachability test would serve no purpose.
[b] The host does not know the addresses of any test nodes on that
...
... reachability
test utilizes ARP, which is insecure. Hosts that have been
configured to attempt DHCP authentication SHOULD NOT utilize the
...
...
If the reachability test is successful, the host SHOULD continue to
use the operable routable IPv4 address associated with the confirmed
...
...
If a DHCPv4 client is operational, it is RECOMMENDED that the host
attempt to obtain IPv4 configuration via DHCPv4 ...
... DHCPv4 in parallel with the
reachability tests, with the host using the first answer returned.
This ensures that the DNAv4 procedure will not result in additional
...
... Where the reachability test does not return an answer, this is
typically because the host is not attached to the network whose
configuration is being tested. In such circumstances, there is
...
... unicast ARP Request.
The host MUST set the target protocol address (ar$tpa) to the IPv4
address of the node ...
... IPv4 address. The ARP Request
MUST use the host MAC address as the source, and the test node MAC
address ...
... node MAC
address as the destination. The host includes its MAC address in the
sender hardware address ...
... target protocol address field
(ar$tpa) in the ARP Request. If a match is found, then the host
continues to use that IPv4 address, subject ...
...
The risk of an address conflict is greatest when the host moves
between private networks, since in this case the completion of
...
... against an address conflict on the new network. Until a host has
confirmed the operability of its IPv4 configuration by receipt of a
...
... broadcast safely until after the
candidate configuration has been confirmed. Also, where a host moves
from one private network to another, an ICMP ...
... long as the IPv4 address remains the same. This can occur, for
example, where a host moves from one home network using prefix
...
... MAC address of the test node is not
checked, the host can mistakenly confirm attachment, potentially
resulting in an address conflict. As a result, sending an ICMP ...
... networks, and if DHCPv4 is enabled on the interface, the host SHOULD
attempt to acquire an IPv4 configuration using DHCPv4 ...
... DHCP specification [RFC2131]. If the host supports the Rapid Commit
Option [RFC4039], it is possible that the exchange can be shortened
...
... DHCPREQUEST is sent to the broadcast address so that the host will
receive a response regardless of whether the previously configured
...
... address may be legitimately regarded as being reserved for exclusive
use by the assigned host. DHCP-assigned addresses fit this
...
... address is valid only as long as
that host remains connected to the link, actively defending against
probes ...
... probes for its chosen address. As soon as a host shuts down, sleeps,
or otherwise disconnects from a link, it immediately relinquishes any
...
... bypass that process.
Where the host does not have an operable routable IPv4 address on any
network ...
... DHCP specification [RFC2131]. Where
a host can confirm that it remains connected to a network on which it
possesses an operable routable IPv4 address ...
... address scope utilized by a DHCP server, it is possible that the host
will be unavailable when the DHCP server ...
... DHCP server checks for a conflict prior
to assigning the conflicting address. In this case, a host utilizing
DNAv4 could confirm an address ...
... DNAv4 could confirm an address that had been assigned to another
host.
Typically, an address ...
... reachability test to fail while
DHCP completes successfully, resulting in the host obtaining a
dynamic address where a static address ...
... masquerade as a DHCPv4 server, in order to convince the host that it
was attached to a particular network. This and other threats
...
... The effect of these attacks will typically be limited to denial of
service, unless the host utilizes its IP configuration for other
purposes, such as security ...
... purposes, such as security configuration or location determination.
For example, a host that disables its personal firewall based on
evidence that it had attached to a home network ...
... DNAv4 is NOT RECOMMENDED.
Hosts that depend on secure IP configuration SHOULD NOT use DNAv4 but
...
... Droms, R., "Dynamic Host Configuration Protocol", RFC 2131draft, March 1997. ...
... Park, S., Kim, P., and B. Volz, "Rapid Commit Option for the Dynamic Host Configuration Protocol version 4 (DHCPv4)", RFC 4039prop ...