draft-ietf-dhc-dhcp-dns-09.txt   draft-ietf-dhc-dhcp-dns-10.txt 
Network Working Group Yakov Rekhter Network Working Group Yakov Rekhter
INTERNET-DRAFT Mark Stapp INTERNET-DRAFT Mark Stapp
Cisco Systems Cisco Systems
February 1999 June 1999
Expires August 1999 Expires
December 1999
Interaction between DHCP and DNS Interaction between DHCP and DNS
<draft-ietf-dhc-dhcp-dns-09.txt> <draft-ietf-dhc-dhcp-dns-10.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 40 skipping to change at page 1, line 40
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved. Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract Abstract
DHCP provides a powerful mechanism for IP host autoconfiguration. DHCP provides a powerful mechanism for IP host configuration.
However, the autoconfiguration provided by DHCP does not include However, the configuration capability provided by DHCP does not
updating DNS, and specifically updating the name to address and include updating DNS, and specifically updating the name to address
address to name mappings maintained by DNS. and address to name mappings maintained in the DNS.
This document specifies how DHCP clients and servers should use the This document specifies how DHCP clients and servers should use the
Dynamic DNS Updates mechanism to update the DNS name to address and Dynamic DNS Updates mechanism in [RFC2136] to update the DNS name to
address to name mapping, so that the mappings for DHCP clients would address and address to name mappings so that the mappings for DHCP
be consistent with the IP addresses that the clients acquire via clients will be consistent with the IP addresses that the clients
DHCP. acquire via DHCP.
1. Terminology 1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
2. Interaction between DHCP and DNS 2. Interaction between DHCP and DNS
DNS [RFC1034, RFC1035] maintains (among other things) the information DNS [RFC1034, RFC1035] maintains (among other things) the information
about mapping between hosts' Fully Qualified Domain Names (FQDNs) about mapping between hosts' Fully Qualified Domain Names (FQDNs)
[RFC1594] and IP addresses assigned to the hosts. The information is [RFC1594] and IP addresses assigned to the hosts. The information is
maintained in two types of Resource Records (RRs): A and PTR. The A maintained in two types of Resource Records (RRs): A and PTR. The A
RR contains mapping from a FQDN to an IP address; the PTR RR contains RR contains a mapping from an FQDN to an IP address; the PTR RR con-
mapping from an IP address to a FQDN. tains a mapping from an IP address to a FQDN. The Dynamic DNS
Updates specification [RFC2136] describes a mechanism that enables
DNS information to be updated over a network.
DHCP [RFC1541] provides a mechanism by which a host (a DHCP client) DHCP [RFC2131] provides a mechanism by which a host (a DHCP client)
could acquire certain configuration information, and specifically its could acquire certain configuration information, and specifically its
IP address(es). However, DHCP does not provide any mechanisms to IP address(es). However, DHCP does not provide any mechanisms to
update the DNS RRs that contain the information about mapping between update the DNS RRs that contain the information about mapping between
the host's FQDN and its IP address(es) (A and PTR RRs). Thus the the host's FQDN and its IP address(es) (A and PTR RRs). Thus the
information maintained by DNS for a DHCP client may be incorrect - a information maintained by DNS for a DHCP client may be incorrect - a
host (the client) could acquire its address by using DHCP, but the A host (the client) could acquire its address by using DHCP, but the A
RR for the host's FQDN wouldn't reflect the address that the host RR for the host's FQDN wouldn't reflect the address that the host
acquired, and the PTR RR for the acquired address wouldn't reflect acquired, and the PTR RR for the acquired address wouldn't reflect
the host's FQDN. the host's FQDN.
Dynamic DNS Updates [RFC2136] is a mechanism that enables DNS infor-
mation to be updated over a network.
The Dynamic DNS Update protocol can be used to maintain consistency The Dynamic DNS Update protocol can be used to maintain consistency
between the information stored in the A and PTR RRs and the actual between the information stored in the A and PTR RRs and the actual
address assignment done via DHCP. When a host with a particular FQDN address assignment done via DHCP. When a host with a particular FQDN
acquires its IP address via DHCP, the A RR associated with the host's acquires its IP address via DHCP, the A RR associated with the host's
FQDN would be updated (by using the Dynamic DNS Updates protocol) to FQDN would be updated (by using the Dynamic DNS Updates protocol) to
reflect the new address. Likewise, when an IP address gets assigned reflect the new address. Likewise, when an IP address gets assigned
to a host with a particular FQDN, the PTR RR associated with this to a host with a particular FQDN, the PTR RR associated with this
address would be updated (using the Dynamic DNS Updates protocol) to address would be updated (using the Dynamic DNS Updates protocol) to
reflect the new FQDN. reflect the new FQDN.
Although this document refers to the A and PTR DNS record types and
to DHCP assignment of IPv4 addresses, the same procedures and
requirements should apply for updates to the analogous RR types that
are used when clients are assigned IPv6 addresses via DHCPv6.
3. Models of operation 3. Models of operation
When a DHCP client acquires a new address, both the A RR (for the When a DHCP client acquires a new address, both the A RR (for the
client's FQDN) and the PTR RR (for the acquired address) have to be client's FQDN) and the PTR RR (for the acquired address) have to be
updated. Therefore, we have two separate Dynamic DNS Update transac- updated. Therefore, two separate Dynamic DNS Update transactions
tions. Acquiring an address via DHCP involves two entities: a DHCP occur. Acquiring an address via DHCP involves two entities: a DHCP
client and a DHCP server. In principle each of these entities could client and a DHCP server. In principle each of these entities could
perform none, one, or both of the transactions. However, upon some perform none, one, or both of the transactions. However, upon reflec-
reflection one could realize that not all permutations make sense. tion one could realize that not all permutations make sense. This
This document covers the possible design permutations: document covers the possible design permutations:
(1) DHCP client updates the A RR, DHCP server updates the PTR RR (1) DHCP client updates the A RR, DHCP server updates the PTR RR
(2) DHCP server updates both the A and the PTR RRs (2) DHCP server updates both the A and the PTR RRs
One could observe that the only difference between these two cases is One could observe that the only difference between these two cases is
whether the FQDN to IP address mapping is updated by a DHCP client or whether the FQDN to IP address mapping is updated by a DHCP client or
by a DHCP server. The IP address to FQDN mapping is updated by a DHCP by a DHCP server. The IP address to FQDN mapping is updated by a DHCP
server in both cases. server in both cases.
The reason these two are important, while others are unlikely, has to The reason these two are important, while others are unlikely, has to
do with authority over the respective DNS RRs. A client may be given do with authority over the respective DNS domain names. A client may
authority over mapping its own A RRs, or that may be restricted to a be given authority over mapping its own A RRs, or that authority may
server to prevent the client from listing arbitrary addresses. In be restricted to a server to prevent the client from listing arbi-
all cases, the only reasonable place for the authority over the PTR trary addresses or associating its address with arbitrary domain
RRs associated with the address is in the DHCP server that allocates names. In all cases, the only reasonable place for the authority over
them. the PTR RRs associated with the address is in the DHCP server that
allocates them.
In any case, whether a site permits all, some, or no DHCP servers and
clients to perform DNS updates into the zones which it controls is
entirely a matter of local administrative policy. This document does
not require any specific administrative policy, and does not propose
one. The range of possible policies is very broad, from sites where
only the DHCP servers have been given credentials that the DNS
servers will accept, to sites where each individual DHCP client has
been configured with credentials which allow the client to modify its
own domain name. Compliant implementations will support some or all
of these possibilities.
This document describes a new DHCP option which a client can use to
convey all or part of its domain name to a DHCP server. Site-specific
policy determines whether DHCP servers use the names that clients
offer or not, and what DHCP servers should do in cases where clients
do not supply domain names.
3.1. Client FQDN Option 3.1. Client FQDN Option
To update the IP address to FQDN mapping a DHCP server needs to know To update the IP address to FQDN mapping a DHCP server needs to know
FQDN of the client to which the server leases the address. To allow the FQDN of the client to which the server leases the address. To
the client to convey its FQDN to the server this document defines a allow the client to convey its FQDN to the server this document
new option, called "Client FQDN". defines a new DHCP option, called "Client FQDN". The FQDN Option also
contains Flags and RCode fields which DHCP servers can use to convey
information about DNS updates to clients.
Clients MAY send the FQDN option, setting appropriate Flags values,
in both their DISCOVER and REQUEST messages. If a client sends the
FQDN option in its DISCOVER message, it MUST send the option in sub-
sequent REQUEST messages.
The code for this option is 81. Its minimum length is 4. The code for this option is 81. Its minimum length is 4.
Code Len Flags RCODE1 RCODE2 Domain Name Code Len Flags RCODE1 RCODE2 Domain Name
+------+------+------+------+------+------+-- +------+------+------+------+------+------+--
| 81 | n | | | | ... | 81 | n | | | | ...
+------+------+------+------+------+------+-- +------+------+------+------+------+------+--
The Flags field allows a DHCP client to indicate to a DHCP server 3.1.1. The Flags Field
whether (a) the client wants to be responsible for updating the FQDN
to IP address mapping (if Flags is set to 0), or (b) the client wants This figure presents the format of the Flags field, which is one byte
the server to be responsible for updating the FQDN to IP address map- long:
ping (if Flags is set to 1). The Flags field also allows a DHCP
server to indicate to a DHCP client that the server assumes the 0 1 2 3 4 5 6 7
responsibility for updating the FQDN to IP address mapping, even if +-+-+-+-+-+-+-+-+
the client wants to be responsible for this update (if Flags is set | MBZ |E|O|S|
to 3). +-+-+-+-+-+-+-+-+
When a client sends the FQDN option in its DHCPDISCOVER and/or
DHCPREQUEST messages, it sets the right-most bit (labelled "S") to
indicate that it will not perform any Dynamic DNS updates, and that
it expects the DHCP server to perform any FQDN-to-IP (the A RR) DNS
update on its behalf. If this bit is clear, the client indicates that
it intends to perform its own FQDN-to-IP mapping update.
If a DHCP server intends to take responsibility for the A RR update
whether or not the client sending the FQDN option has set the "S"
bit, it sets both the "O" bit and the "S" bit, and sends the FQDN
option in its corresponding DHCPOFFER and/or DHCPACK messages.
The data in the Domain Name field may appear in one of two formats:
ASCII, or DNS-style binary encoding (without compression, of course).
A client which sends the FQDN option sets the "E" bit to indicate
that the data in the Domain Name field is DNS-encoded, as described
in [RFC1035].
The remaining bits in the Flags field are reserved for future assign-
ment. DHCP clients and servers which send the FQDN option MUST set
the MBZ bits to 0, and they MUST ignore values in the part of the
field labelled "MBZ".
3.1.2. The RCODE Fields
The RCODE1 and RCODE2 fields are used by a DHCP server to indicate to The RCODE1 and RCODE2 fields are used by a DHCP server to indicate to
a DHCP client the Response Code from Dynamic DNS Updates. a DHCP client the Response Code from the an A RR Dynamic DNS Update
performed on the client's behalf. The server also uses these fields
to indicate whether it has attempted such an update before sending
the DHCPACK message. Each of these fields is one byte long.
The Domain Name part of the option carries FQDN of a client. 3.1.3. The Domain Name Field
The Domain Name part of the option carries the FQDN of a DHCP client.
A client may be configured with a fully-qualified domain name, or
with a partial name that is not fully-qualified. If a client knows
only part of its name, it MAY send a single label, indicating that it
knows part of the name but does not necessarily know the zone in
which the name is to be embedded. The data in the Domain Name field
may appear in one of two formats: ASCII (with no terminating NULL),
or DNS encoding as specified in [RFC1035]. If the DHCP client wishes
to use DNS encoding, it MUST set the third-from-rightmost bit in the
Flags field (the "E" bit); if it uses ASCII encoding, it must clear
that Flags bit.
A DHCP client that can only send a single label using ASCII encoding
includes a series of ASCII characters in the Domain Name field,
excluding the "." (dot) character. The client SHOULD follow the
character-set recommendations of [RFC1034] and [RFC1035]. A client
using DNS encoding sends a single label as a single byte count, fol-
lowed by that number of bytes of data, without a terminal reference
to the root.
3.2. DHCP Client behavior 3.2. DHCP Client behavior
The following describes behavior of a DHCP client that implements the The following describes the behavior of a DHCP client that implements
Client FQDN option. the Client FQDN option.
If a client that owns/maintains is own FQDN wants to be responsible If a client that owns/maintains its own FQDN wants to be responsible
for updating the FQDN to IP address mapping for the FQDN and for updating the FQDN to IP address mapping for the FQDN and
address(es) used by the client, then the client MUST include the address(es) used by the client, then the client MUST include the
Client FQDN option in the DHCPREQUEST message originated by the Client FQDN option in the DHCPREQUEST message originated by the
client. The Flags field in the option MUST be set to 0. Once the client. A DHCP client MAY choose to include the Client FQDN option in
its DISCOVER messages as well as its REQUEST messages. The rightmost
bit in the Flags field in the option MUST be set to 0. Once the
client's DHCP configuration is completed (the client receives a client's DHCP configuration is completed (the client receives a
DHCPACK message, and successfully completed a final check on the DHCPACK message, and successfully completes a final check on the
parameters passed in the message), the client MUST originate an parameters passed in the message), the client SHOULD originate an
update for the A RR (associated with the client's FQDN). The update update for the A RR (associated with the client's FQDN). The update
MUST be originated following the procedures described in [RFC2136]. MUST be originated following the procedures described in section 3.4.
If the DHCP server from which the client is requesting a lease
includes the FQDN option in its ACK message, and if the server sets
both the "S" and the "O" bits in the option's Flags field, the client
MUST NOT initiate an update for the name in the Domain Name field.
A client that owns/maintains its own FQDN can choose to delegate the A client can choose to delegate the responsibility for updating the
responsibility for updating the FQDN to IP address mapping for the FQDN to IP address mapping for the FQDN and address(es) used by the
FQDN and address(es) used by the client to the server. In order to client to the server. In order to inform the server of this choice,
inform the server of this choice, the client MUST include the Client the client SHOULD include the Client FQDN option in its DHCPREQUEST
FQDN option in the DHCPREQUEST message originated by the client. The message. The rightmost (or "S") bit in the Flags field in the option
Flags field in the option MUST be set to 1. In this case, the client MUST be set to 1. A client which delegates this responsibility MUST
MAY supply an FQDN in the Client FQDN option, or it MAY leave that NOT attempt to perform a Dynamic DNS update for the name in the
field empty as a signal to the server to generate an FQDN for the Domain Name field of the FQDN option. The client MAY supply an FQDN
client in any manner the server chooses. in the Client FQDN option, or it MAY supply a single label (the
most-specific label), or it MAY leave that field empty as a signal to
the server to generate an FQDN for the client in any manner the
server chooses.
A client that delegates the responsibility for updating the FQDN to Since there is a possibility that the DHCP server may be configured
IP address mapping to a server MAY not receive any indications to complete or replace a domain name that the client was configured
(either positive or negative) from the server whether the server was to send, the client might find it useful to send the FQDN option in
able to perform the update. In this case the client MAY use a DNS its DISCOVER messages. If the DHCP server returns different Domain
query to check whether the mapping is updated. Name data in its OFFER message, the client could use that data in
performing its own eventual A RR update, or in forming the FQDN
option that it sends in its REQUEST message. There is no requirement
that the client send identical FQDN option data in its DISCOVER and
REQUEST messages. In particular, if a client has sent the FQDN option
to its server, and the configuration of the client changes so that
its notion of its domain name changes, it should send the new data in
an FQDN option when it communicates with the server again. This may
allow the DHCP server to update the name associated with the PTR
record, and, if the server updated the A record representing the
client, to delete that record and attempt an update for the client's
current domain name.
A client which delegates the responsibility for updating the FQDN to
IP address mapping to a server might not receive any indication
(either positive or negative) about the status of the update from the
server. The client MAY use a DNS query to check whether the mapping
is updated.
A client MUST set the RCODE1 and RCODE2 fields in the Client FQDN A client MUST set the RCODE1 and RCODE2 fields in the Client FQDN
option to 0 when sending the option. option to 0 when sending the option.
If a client releases its address lease prior to the lease expiration If a client releases its lease prior to the lease expiration time and
time and the client is responsible for updating its A RR(s), the the client is responsible for updating its A RR(s), the client SHOULD
client SHOULD delete the A RR (following the procedures described in delete the A RR (following the procedures described in [RFC2136])
[RFC2136]) associated with the leased address before sending a DHCP associated with the leased address before sending a DHCPRELEASE mes-
RELEASE message. sage. Similarly, if a client was responsible for updating its A RR,
but is unable to renew its lease, the client SHOULD attempt to delete
the A RR before its lease expires. A client which has not been able
to delete an A RR which it added (because it has lost its IP address)
SHOULD add an entry to its logfile and/or notify its administrator.
3.3. DHCP Server behavior 3.3. DHCP Server behavior
When a server receives a DHCPREQUEST message from a client, if the When a server receives a DHCPREQUEST message from a client, if the
message contains the Client FQDN option, and the server replies to message contains the Client FQDN option, and the server replies to
the message with a DHCPACK message, the server SHOULD originate an the message with a DHCPACK message, the server SHOULD originate an
update for the PTR RR (associated with the address leased to the update for the PTR RR associated with the address leased to the
client). The update MUST be originated following the procedures client if the server is configured to perform DNS updates. The update
described in Section 3.4. The server MAY complete the update before MUST be originated following the procedures described in Section 3.4.
the server sends the DHCPACK message to the client. In this case the The server MAY complete the update before the server sends the
RCODE from the update [RFC2136] MUST be carried to the client in the DHCPACK message to the client. In this case the RCODE from the update
RCODE1 field of the Client FQDN option in the DHCPACK message and the [RFC2136] MUST be carried to the client in the RCODE1 field of the
RCODE2 field MUST be set to 0. Alternatively, the server MAY send the Client FQDN option in the DHCPACK message. Alternatively, the server
DHCPACK message to the client without waiting for the update to be MAY send the DHCPACK message to the client without waiting for the
completed. In this case the RCODE1 field of the Client FQDN option update to be completed. In this case the RCODE1 field of the Client
in the DHCPACK message MUST be set to 255, and the RCODE2 field MUST FQDN option in the DHCPACK message MUST be set to 255. The choice
be set to 0. The choice between the two alternatives is entirely up between the two alternatives is entirely determined by the configura-
to the DHCP server. tion of the DHCP server. Servers SHOULD support both configuration
options.
In addition, if the Client FQDN option carried in the DHCPREQUEST In addition, if the Client FQDN option carried in the DHCPREQUEST
message has its Flags field set to 1, then the server MUST originate message has the "S" bit in its Flags field set, then the server MAY
an update for the A RR (associated with the FQDN carried in the originate an update for the A RR (associated with the FQDN carried in
option). The update MUST be originated following the procedures the option) if it is configured to do so by the site's administrator,
described in Section 3.4. The server MAY originate the update before and if it has the necessary credentials. The server MAY be configured
the server sends the DHCPACK message to the client. In this case the to use the name supplied by the client, or it MAY be configured to
RCODE from the update [RFC2136] MUST be carried to the client in the modify the supplied name, or substitute a different name.
RCODE2 field of the Client FQDN option in the DHCPACK message.
Alternatively the server MAY send the DHCPACK message to the client The update MUST be originated following the procedures described in
without waiting for the update to be completed. In this case the Section 3.4. The server MAY originate the update before the server
RCODE2 field of the Client FQDN option in the DHCKACK message MUST be sends the DHCPACK message to the client. In this case the RCODE from
set to 255. The choice between the two alternatives is entirely up to the update [RFC2136] MUST be carried to the client in the RCODE2
the DHCP server. field of the Client FQDN option in the DHCPACK message. Alterna-
tively the server MAY send the DHCPACK message to the client without
waiting for the update to be completed. In this case the RCODE2 field
of the Client FQDN option in the DHCPACK message MUST be set to 255.
The choice between the two alternatives is entirely up to the DHCP
server. In either case, if the server intends to perform the DNS
update and the client's REQUEST message included the FQDN option, the
server SHOULD include the FQDN option in its ACK message, and MUST
set the "S" bit in the option's Flags field.
Even if the Client FQDN option carried in the DHCPREQUEST message has Even if the Client FQDN option carried in the DHCPREQUEST message has
its Flags field set to 0 (indicating that the client wants to update the "S" bit its Flags field clear (indicating that the client wants
the A RR), the server MAY (at the determination of the local adminis- to update the A RR), the server MAY, be configured byt the local
trator) update the A RR. The update MUST be originated following the administrator to update the A RR on the client's behalf. A server
procedures described in Section 3.4. The server MAY originate the which is configured to override the client's preference SHOULD
update before the server sends the DHCPACK message to the client. In include an FQDN option in its ACK message, and MUST set both the "O"
this case the RCODE from the update [RFC2136] MUST be carried to the and "S" bits in the FQDN option's Flags field. The update MUST be
client in the RCODE2 field of the Client FQDN option in the DHCPACK originated following the procedures described in Section 3.4. The
message, and the Flags field in the Client FQND option MUST be set to server MAY originate the update before the server sends the DHCPACK
3. Alternatively, the server MAY send the DHCPACK message to the message to the client. In this case the RCODE from the update
client without waiting for the update to be completed. In this case [RFC2136] MUST be carried to the client in the RCODE2 field of the
the RCODE2 field of the Client FQDN option in the DHCKACK message Client FQDN option in the DHCPACK message. Alternatively, the server
MUST be set to 255, and the Flags field in the Client FQDN option MAY send the DHCPACK message to the client without waiting for the
MUST be set to 3. Whether the DNS update occurs before or after the update to be completed. In this case the RCODE2 field of the Client
DHCPACK is sent is entirely up to the DHCP server. FQDN option in the DHCPACK message MUST be set to 255. Whether the
DNS update occurs before or after the DHCPACK is sent is entirely up
to the DHCP server's configuration.
When a server receives a DHCPREQUEST message from a client, and the When a server receives a DHCPREQUEST message from a client, and the
message contains the Client FQDN option, the server MUST ignore the message contains the Client FQDN option, the server MUST ignore the
value carried in the RCODE1 and RCODE2 fields of the option. values carried in the RCODE1 and RCODE2 fields of the option.
When a DHCP server sends the Client FQDN option to a client in the When a DHCP server sends the Client FQDN option to a client in the
DHCPACK message, the server MUST copy the Domain Name fields from the DHCPACK message, the server MUST copy the Domain Name field from the
Client FQDN option that the client sent to the server in the DHCPRE- Client FQDN option that the client sent to the server in the DHCPRE-
QUEST message. QUEST message. If, however, the client sent only a single label, or
if the DHCP server has been configured to assign the client a name
different from the one the client has sent, the server SHOULD send
its notion of the complete FQDN for the client. The server MUST use
the same encoding format (ASCII or DNS-encoding) that the client used
in the FQDN option in its DHCPREQUEST, and MUST set the "E" bit in
the option's Flags field accordingly.
If the DHCPREQUST message received by a DHCP server from a DHCP If the DHCPREQUEST message received by a DHCP server from a DHCP
client doesn't carry the Client FQDN option (e.g., the client doesn't client doesn't carry the Client FQDN option (e.g., the client doesn't
implement the Client FQDN option), and the DHCP client acquires its implement the Client FQDN option), and the DHCP client acquires its
FQDN from a DHCP server (as part of a normal DHCP transaction), then FQDN from a DHCP server (as part of a normal DHCP transaction), then
the server MAY be configured to update both A and PTR RRs. The the server MAY be configured to update both A and PTR RRs. Any
updates MUST be originated following the procedures described in Sec- updates MUST be originated following the procedures described in Sec-
tion 3.4. tion 3.4. In this case, the server MAY NOT wish to return the FQDN
option to a client which may not be able to understand it. If it can,
the DHCP server MAY (optionally) return the host part of the domain
name that it will use for the client in the host-name DHCP option
(defined in [RFC2132]). Note that it may not be possible to con-
sistently encode some domain name data in the format specified by the
host-name option.
If a server detects that a lease on an address that the server leases If a server detects that a lease on an address that the server leases
to a client expires, the server SHOULD delete the PTR RR associated to a client has expired or has been released by the client, the
with the address. In addition, if the A RR (of the client) was ini- server SHOULD delete the PTR RR which it associated with the address
tially updated by the server, the server SHOULD also delete the A RR. via DNS Dynamic Update. In addition, if the server added an A RR on
The deletion MUST follow the procedures described in [RFC2136]. behalf of the client, the server SHOULD also delete the A RR. The
deletion MUST follow the procedures described in Section 3.4.
If a server terminates a lease on an address prior to the lease If a server terminates a lease on an address prior to the lease's
expiration time, the server SHOULD delete the PTR RR associated with expiration time, for instance by sending a DHCPNAK to a client, the
the address. In addition, if the server (that leased the address) server SHOULD delete the PTR RR which it associated with the address
initially updated the A RR (of the client), the server SHOULD also via DNS Dynamic Update. In addition, if the server took responsibil-
delete the A RR. The deletion MUST follow the procedures described in ity for the client's A RR , the server SHOULD also delete that A RR.
[RFC2136]. The deletion MUST follow the procedures described in Section 3.4.
3.4. Procedures for performing DNS updates 3.4. Procedures for performing DNS updates
There are two principal issues that need to be addressed concerning A There are two principal issues that need to be addressed concerning A
RR DNS updates: RR DNS updates:
o Name Collisions o Name Collisions
If the entity updating the A RR (either the DHCP client or DHCP If the entity updating the A RR (either the DHCP client or DHCP
server) attempts to perform a DNS update with a DNS name that is server) attempts to perform a DNS update to a domain name that
already in use, what should be done? In some scenarios these has an A RR which is already in use by a different DHCP client,
name collisions are unlikely, in some scenarios they are very what should be done? Similarly, should a DHCP client or server
likely: update a domain name which has an A RR that has been configured
by an administrator? In either of these cases, the domain name
in question would either have an additional A RR, or would have
its original A RR replaced by the new record. Either of these
effects may be considered undesirable in some sites. This
specification describes behavior designed to prevent these
undesirable effects, and requires that implementations make this
behavior the default. In some scenarios these name collisions
are unlikely, in some scenarios they are very likely:
1. Client updates A RR, uses DNSSEC: Name collisions in 1. Client updates A RR, uses DNSSEC: Name collisions in this
this scenario are unlikely (though not impossible), since scenario are unlikely (though not impossible), since for the
for the client to use DNSSEC, it has already received client to use DNSSEC, it has already received credentials
credentials specific to the name it will add. This implies specific to the name it desires to use. This implies that
that the name has already been allocated (through some the name has already been allocated (through some
implementation- or organization-specific procedure, and implementation- or organization-specific procedure, and
presumably uniquely) to that client. presumably uniquely) to that client.
2. Client updates A RR, uses some form of TSIG: Name 2. Client updates A RR, uses some form of TSIG: Name colli-
collisions in this scenario are possible, since the sions in this scenario are possible, since the credentials
credentials necessary for the client to update DNS are not necessary for the client to update DNS are not necessarily
name specific. Thus, for the client to be attempting to name-specific. Thus, for the client to be attempting to
update a unique name requires the existence of some update a unique name requires the existence of some adminis-
administrative procedure to ensure client configuration trative procedure to ensure client configuration with unique
with unique names. names.
3. Server updates the A RR, uses a name for the client 3. Server updates the A RR, uses a name for the client which
which is known to the server: Name collisions in this is known to the server: Name collisions in this scenario are
scenario are likely unless prevented by the server' name likely unless prevented by the server's name configuration
configuration procedures. See Section 7 for security issues procedures. See Section 5 for security issues with this form
with this form of deployment. of deployment.
4. Server updates the A RR, uses a name supplied by the 4. Server updates the A RR, uses a name supplied by the
client: Name collisions in this scenario are highly client: Name collisions in this scenario are highly likely,
likely, even with administrative procedures designed to even with administrative procedures designed to prevent them.
prevent them. (This scenario is a popular one in (This scenario is a popular one in real-world deployments in
real-world deployments in many types of organizations.) many types of organizations.) See Section 5 for security
See Section 7 for security issues with this type of issues with this type of deployment.
deployment.
Scenarios 3 and 4 are much more attractive given some form of Scenarios 3 and 4 are much more attractive given some form of
DHCP Authentication, but the difficulties remain. DHCP Authentication, but the difficulties remain.
Scenarios 2, 3, and 4 rely on administrative procedures to Scenarios 2, 3, and 4 rely on administrative procedures to
ensure name uniqueness for DNS updates, and these procedures may ensure name uniqueness for DNS updates, and these procedures may
break down. Experience has shown that, in fact, these pro- break down. Experience has shown that, in fact, these pro-
cedures will break down at least occasionally. The question is cedures will break down at least occasionally. The question is
what to do when these procedures break down or, for example in what to do when these procedures break down or, for example in
scenario #4, may not even exist. scenario #4, may not even exist.
skipping to change at page 7, line 50 skipping to change at page 11, line 4
modes of operation to the administrator of the combined DHCP-DNS modes of operation to the administrator of the combined DHCP-DNS
capability: first-update-wins (i.e., the first updating entity capability: first-update-wins (i.e., the first updating entity
gets the name) or most-recent-update-wins (i.e., the last updat- gets the name) or most-recent-update-wins (i.e., the last updat-
ing entity for a name gets the name). ing entity for a name gets the name).
o Multiple DHCP servers o Multiple DHCP servers
If multiple DHCP servers are able to update the same DNS zones, If multiple DHCP servers are able to update the same DNS zones,
or if DHCP servers are performing A RR updates on behalf of DHCP or if DHCP servers are performing A RR updates on behalf of DHCP
clients, and more than one DHCP server may be able to serve clients, and more than one DHCP server may be able to serve
addresses to the same DHCP clients, the DHCP servers should be addresses to the same population of DHCP clients, the DHCP
able to provide reasonable DNS name update behavior for DHCP servers should be able to provide reasonable DNS name update
clients. behavior for DHCP clients.
The solution to both of these problems is for the updating entities The solution to both of these problems is for the updating entities
(both DHCP clients or DHCP servers) to be able to cooperate when (either DHCP clients or DHCP servers) to be able to cooperate when
updating DNS A RRs. updating DNS A RRs.
Specifically, a KEY RR, described in [RFC2065] is used to associate Specifically, a KEY RR, described in [RFC2535] is used to associate
client ownership information with a DNS name and the A RR associated client ownership information with a DNS name and the A RR associated
with that name. When either a client or server adds an A RR for a with that name. When either a client or server adds an A RR for a
client, it also adds a KEY RR which specifies a unique client iden- client, it also adds a KEY RR which specifies a unique client iden-
tity (based on a "client specifier" created from the client's tity (based on a "client specifier" created from the client's
client-id or MAC address: see Appendix A). In this model, only one A client-id or MAC address: see Appendix A). In this model, only one A
RR is associated with a given DNS name at a time. RR is associated with a given DNS name at a time.
By associating this ownership information with each A RR, cooperating By associating this ownership information with each A RR, cooperating
DNS updating entities may determine whether their client is the first DNS updating entities may determine whether their client is the first
or last updater of the name (and implement the appropriately config- or last updater of the name (and implement the appropriately config-
skipping to change at page 9, line 32 skipping to change at page 12, line 35
DISCUSSION: DISCUSSION:
The updating entity may be configured to allow the existing owner The updating entity may be configured to allow the existing owner
to keep the name, and to perform disambiguation on the name of the to keep the name, and to perform disambiguation on the name of the
current client in order to attempt to generate a similar but current client in order to attempt to generate a similar but
unique name for the current client. In this case, once such a unique name for the current client. In this case, once such a
similar name has been generated, the updating entity should res- similar name has been generated, the updating entity should res-
tart the process of adding an A RR as specified in this section. tart the process of adding an A RR as specified in this section.
3.4.2. 2 Adding PTR RR Entries to DNS 3.4.2. Adding PTR RR Entries to DNS
The DHCP server submits a DNS query which deletes all of the PTR RRs The DHCP server submits a DNS query which deletes all of the PTR RRs
associated with the lease IP address, and adds a PTR RR whose data is associated with the lease IP address, and adds a PTR RR whose data is
the client's (possibly disambiguated) host name. The server also adds the client's (possibly disambiguated) host name. The server also adds
a KEY RR whose data is the client's client-identity as described in a KEY RR whose data is the client's client-identity as described in
Appendix A. Appendix A.
3.4.3. Removing Entries from DNS 3.4.3. Removing Entries from DNS
The first rule in removing DNS entries is be sure that an entity The first rule in removing DNS entries is be sure that an entity
removing a DNS entry is only removing an entry that it added. removing a DNS entry is only removing an entry for which it is
responsible.
When a lease expires or a DHCP client issues a DHCPRELEASE request, When a lease expires or a DHCP client issues a DHCPRELEASE request,
the DHCP server SHOULD delete the PTR RR that matches the DHCP bind- the DHCP server SHOULD delete the PTR RR that matches the DHCP bind-
ing, if one was successfully added. The server's update query SHOULD ing, if one was successfully added. The server's update query SHOULD
assert that the name in the PTR record matches the name of the client assert that the name in the PTR record matches the name of the client
whose lease has expired or been released. whose lease has expired or been released.
The entity chosen to handle the A record for this client (either the The entity chosen to handle the A record for this client (either the
client or the server) SHOULD delete the A record that was added when client or the server) SHOULD delete the A and KEY records that were
the lease was made to the client. added when the lease was made to the client.
In order to perform this delete, the updater prepares an UPDATE query In order to perform this delete, the updater prepares an UPDATE query
which contains two prerequisites. The first prerequisite asserts which contains two prerequisites. The first prerequisite asserts
that the KEY RR exists whose data is the client identity described in that the KEY RR exists whose data is the client identity described in
Appendix A. The second prerequisite asserts that the data in the A RR Appendix A. The second prerequisite asserts that the data in the A RR
contains the IP address of the lease that has expired or been contains the IP address of the lease that has expired or been
released. released.
If the query fails, the updater MUST conclude that it cannot delete If the query's prerequisites fail, the updater MUST NOT delete the
the DNS name. It may be that the host whose lease on the server has DNS name. It may be that the host whose lease on the server has
expired has moved to another network and obtained a lease from a dif- expired has moved to another network and obtained a lease from a dif-
ferent server, which has caused the client's A RR to be replaced. It ferent server, which has caused the client's A RR to be replaced. It
may also be that some other client has been configured with a name may also be that some other client has been configured with a name
that matches the name of the DHCP client, and the policy was that the that matches the name of the DHCP client, and the administrative pol-
last client to specify the name would get the name. In this case, icy at the site was that the last client to specify the name would
the KEY RR will no longer match the updater's notion of the client- get the name. In this case, the KEY RR will no longer match the
identity of the host pointed to by the DNS name. updater's notion of the client-identity of the host pointed to by the
DNS name.
4. Updating other RRs 4. Updating other RRs
The procedures described in this document only cover updates to the A The procedures described in this document only cover updates to the A
and PTR RRs. Updating other types of RRs is outside the scope of this and PTR RRs. Updating other types of RRs is outside the scope of this
document. document.
5. Security Considerations 5. Security Considerations
Whether the client wants to be responsible for updating the FQDN to Whether the client may be responsible for updating the FQDN to IP
IP address mapping, or whether the client wants to delegate this address mapping, or whether the this responsibility lies with the
responsibility to a server is a local to the client matter. The DHCP server is a site-local matter. The choice between the two alter-
choice between the two alternatives may be based on a particular natives may be based on a particular security model that is used with
security model that is used with the Dynamic DNS Update protocol the Dynamic DNS Update protocol (e.g., only a client may have suffi-
(e.g., only a client may have sufficient credentials to perform cient credentials to perform updates to the FQDN to IP address map-
updates to the FQDN to IP address mapping for its FQDN). ping for its FQDN).
Whether a DHCP server is always responsible for updating the FQDN to Whether a DHCP server is always responsible for updating the FQDN to
IP address mapping (in addition to updating the IP to FQDN mapping), IP address mapping (in addition to updating the IP to FQDN mapping),
regarless of the wishes of a DHCP client, is a local to the server regardless of the wishes of a DHCP client, is also a site-local
matter. The choice between the two alternatives may be based on a matter. The choice between the two alternatives may be based on a
particular security model. particular security model.
The client SHOULD use some form of data origin authentication pro- The client SHOULD use some form of data origin authentication pro-
cedures (e.g., DNSSEC [DNSSEC]) when performing DNS updates. cedures (e.g. [TSIG], [DNSSEC]) when performing DNS updates.
While the DHCP client SHOULD be the one to update the DNS A record, While the DHCP client MAY be the one to update the DNS A record, in
in certain specialized cases a DHCP server MAY do so instead. In certain specialized cases a DHCP server MAY do so instead. In this
this case, the DHCP server MUST be sure of both the name to use for case, the DHCP server MUST be sure of both the name to use for the
the client, as well as the identity of the client. client, as well as the identity of the client.
In the general case, both of these conditions are not satisfied -- In the general case, both of these conditions are not satisfied --
one needs to be mindful of the possibility of MAC address spoofing in one needs to be mindful of the possibility of MAC address spoofing in
a DHCP packet. It is not difficult for a DHCP server to know unambi- a DHCP packet. It is not difficult for a DHCP server to know unambi-
guously the DNS name to use for a client, but only in certain rela- guously the DNS name to use for a client, but only in certain cir-
tively unusual circumstances will the DHCP server know for sure the cumstances will the DHCP server know for sure the identity of the
identity of the client. One example of such a circumstance is where client. If DHCP authentication [DHCPAUTH] becomes widely deployed
the DHCP client is connected to a network through an MCNS cable this may become more customary. An example of a situation which
modem, and the CMTS (head-end) of the cable modem ensures that MAC offers some extra assurances is one where the DHCP client is con-
address spoofing simply does not occur. nected to a network through an MCNS cable modem, and the CMTS (head-
end) of the cable modem ensures that MAC address spoofing simply does
not occur.
Another example where the DHCP server would know the identity of the Another example where the DHCP server would know the identity of the
client would be in a case where it was interacting with a remote client would be in a case where it was interacting with a remote
access server which encoded a client identification into the DHCP access server which encoded a client identification into the DHCP
client-id option. In this case, the remote access server as well as client-id option. In this case, the remote access server as well as
the DHCP server would be operating within a trusted environment, and the DHCP server would be operating within a trusted environment, and
the DHCP server could trust that the user authentication and authori- the DHCP server could trust that the user authentication and authori-
zation procedure of the remote access server was sufficient, and zation procedure of the remote access server was sufficient, and
would therefore trust the client identification encoded within the would therefore trust the client identification encoded within the
DHCP client-id. DHCP client-id.
skipping to change at page 11, line 45 skipping to change at page 14, line 52
The KEY RR used to hold the DHCP client's identity is formatted as The KEY RR used to hold the DHCP client's identity is formatted as
follows: follows:
The name of the KEY RR is the name of the A or PTR RR which refers to The name of the KEY RR is the name of the A or PTR RR which refers to
the client. the client.
The flags field is set to 0x42 - that is, the 1 bit and the 6 bit are The flags field is set to 0x42 - that is, the 1 bit and the 6 bit are
set. set.
The protocol field is set to 0. The protocol field is set to [TBD].
The algorithm field is set to 254. The algorithm field is set to [TBD].
The first byte in the key field contains the length of the client- The first byte in the key field contains the length of the client-
identity, and is followed by that number of bytes. If a DHCP client identity, and is followed by that number of bytes of client-identity
sent the client-id option in its request, the client-identity MUST be data. If a DHCP client sent the client-id option in its request mes-
identical to the data in the client-id option. If a client did not sage, the client-identity MUST be identical to the data in the
send the client-id option, the client-identity is constructed from client-id option. If a client did not send the client-id option, the
the htype byte, the hlen byte, and hlen bytes of the client's chaddr client-identity is constructed from the htype byte, the hlen byte,
from its request message. and hlen bytes of the client's chaddr from its request message.
7. References 7. References
[RFC1034] P. Mockapetris, "Domain names - concepts and facilities", [RFC1034] P. Mockapetris, "Domain names - concepts and facilities",
RFC1034, 11/01/1987 RFC1034, 11/01/1987
[RFC1035] P. Mockapetris, "Domain names - implementation and specifi- [RFC1035] P. Mockapetris, "Domain names - implementation and specif-
cation", RFC1035, 11/01/1987 ication", RFC1035, 11/01/1987
[RFC2131] R. Droms, "Dynamic Host Configuration Protocol", RFC2131, [RFC2131] R. Droms, "Dynamic Host Configuration Protocol", RFC2131,
March 1997 March 1997.
[RFC2132] S. Alexander, R. Droms, "DHCP Options and BOOTP Vendor
Extensions", RFC2132, March 1997.
[RFC1594] A. Marine, J. Reynolds, G. Malkin, "FYI on Questions and [RFC1594] A. Marine, J. Reynolds, G. Malkin, "FYI on Questions and
Answer Answers to Commonly asked ``New Internet User'' Answer Answers to Commonly asked ``New Internet User''
Questions", RFC1594, 03/11/1994 Questions", RFC1594, 03/11/1994
[DNSSEC]
[RFC2136] P. Vixie, S. Thomson, Y. Rekhter, J. Bound, "Dynamic [RFC2136] P. Vixie, S. Thomson, Y. Rekhter, J. Bound, "Dynamic
Updates in the Domain Name System (DNS UPDATE)", RFC2136, Updates in the Domain Name System (DNS UPDATE)", RFC2136,
April 1997 April 1997
[RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Require- [RFC2119] Bradner, S. "Key words for use in RFCs to Indicate
ment Levels", RFC 2119. Requirement Levels", RFC2119.
[RFC2065] D. Eastlake, C. Kaufman, "Domain Name System Security [DNSSEC] D. Eastlake, "Domain Name System Security Extensions",
Extensions", RFC 2065, January 1997. RFC2535, March 1999.
[TSIG] P. Vixie, O. Gudmundsson, D. Eastlake, B. Wellington,
"Secret Key Transaction Signatures for DNS", draft-ietf-
dnsind-tsig-*, Work in Progress.
[DHCPAUTH] R. Droms, W. Arbaugh, "Authentication for DHCP Messages",
draft-ietf-dhc-authentication-*, Work in Progress.
8. Acknowledgements 8. Acknowledgements
Many thanks to Mark Beyer, Jim Bound, Ralph Droms, Peter Ford, Many thanks to Mark Beyer, Jim Bound, Ralph Droms, Robert Elz,
Edie Gunter, Kim Kinnear, Stuart Kwan, Ted Lemon, Michael Lewis, Peter Ford, Edie Gunter, R. Barr Hibbs, Kim Kinnear, Stuart Kwan,
Michael Patton, and Glenn Stump for their review and comments. Ted Lemon, Michael Lewis, Michael Patton, and Glenn Stump for
their review and comments.
9. Author information 9. Author information
Yakov Rekhter Yakov Rekhter
Cisco Systems, Inc. Cisco Systems, Inc.
170 Tasman Dr. 170 Tasman Dr.
San Jose, CA 95134 San Jose, CA 95134
Phone: (914) 235-2128 Phone: (914) 235-2128
email: yakov@cisco.com email: yakov@cisco.com
Mark Stapp Mark Stapp
Cisco Systems Cisco Systems, Inc.
250 Apollo Drive 250 Apollo Drive
Chelmsford, MA 01824 Chelmsford, MA 01824
Phone: (978) 244-8498 Phone: (978) 244-8498
email: mjs@cisco.com email: mjs@cisco.com
10. Full Copyright Statement 10. Full Copyright Statement
Copyright (C) The Internet Society (1999). All Rights Reserved. Copyright (C) The Internet Society (1999). All Rights Reserved.
This document and translations of it may be copied and furnished This document and translations of it may be copied and furnished
to others, and derivative works that comment on or otherwise to others, and derivative works that comment on or otherwise
explain it or assist in its implmentation may be prepared, copied, explain it or assist in its implementation may be prepared,
published and distributed, in whole or in part, without restric- copied, published and distributed, in whole or in part, without
tion of any kind, provided that the above copyright notice and restriction of any kind, provided that the above copyright notice
this paragraph are included on all such copies and derivative and this paragraph are included on all such copies and derivative
works. However, this document itself may not be modified in any works. However, this document itself may not be modified in any
way, such as by removing the copyright notice or references to the way, such as by removing the copyright notice or references to the
Internet Society or other Internet organizations, except as needed Internet Society or other Internet organizations, except as needed
for the purpose of developing Internet standards in which case for the purpose of developing Internet standards in which case
the procedures for copyrights defined in the Internet Standards the procedures for copyrights defined in the Internet Standards
process must be followed, or as required to translate it into process must be followed, or as required to translate it into
languages other than English. languages other than English.
The limited permissions granted above are perpetual and will not The limited permissions granted above are perpetual and will not
be revoked by the Internet Society or its successors or assigns. be revoked by the Internet Society or its successors or assigns.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/