summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKozlov Dmitry <xeb@mail.ru>2012-06-22 18:11:19 +0400
committerKozlov Dmitry <xeb@mail.ru>2012-06-22 18:11:19 +0400
commit4080b4e1ffdb1482ab26557eb46a8121d93ac584 (patch)
tree0732197c98f911a18c024f7b91ec1031de34e10b
parentb57c6b9e838fa7fa39e81164912d518b43de3723 (diff)
downloadaccel-ppp-4080b4e1ffdb1482ab26557eb46a8121d93ac584.tar.gz
accel-ppp-4080b4e1ffdb1482ab26557eb46a8121d93ac584.zip
initial ipoe implementation
Diffstat
-rw-r--r--accel-pppd/CMakeLists.txt3
-rw-r--r--accel-pppd/ctrl/CMakeLists.txt1
-rw-r--r--accel-pppd/ctrl/ipoe/CMakeLists.txt24
-rw-r--r--accel-pppd/ctrl/ipoe/dhcpv4.c538
-rw-r--r--accel-pppd/ctrl/ipoe/dhcpv4.h89
-rw-r--r--accel-pppd/ctrl/ipoe/dhcpv4_options.c290
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.c688
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.h54
-rw-r--r--accel-pppd/ctrl/ipoe/lua.c253
-rw-r--r--accel-pppd/ctrl/ipoe/lua_lpack.c271
-rw-r--r--accel-pppd/ctrl/l2tp/l2tp.c4
-rw-r--r--accel-pppd/ctrl/pppoe/pppoe.c6
-rw-r--r--accel-pppd/ctrl/pptp/pptp.c6
-rw-r--r--accel-pppd/extra/pppd_compat.c32
-rw-r--r--accel-pppd/ifcfg.c49
-rw-r--r--accel-pppd/include/ap_session.h2
l---------accel-pppd/include/iplink.h1
l---------accel-pppd/include/libnetlink.h1
-rw-r--r--accel-pppd/ipdb.h1
-rw-r--r--accel-pppd/libnetlink/iplink.c77
-rw-r--r--accel-pppd/libnetlink/iplink.h8
-rw-r--r--accel-pppd/libnetlink/libnetlink.c (renamed from accel-pppd/shaper/libnetlink.c)44
-rw-r--r--accel-pppd/libnetlink/libnetlink.h (renamed from accel-pppd/shaper/libnetlink.h)0
-rw-r--r--accel-pppd/radius/auth.c28
-rw-r--r--accel-pppd/radius/radius.c4
-rw-r--r--accel-pppd/radius/radius_p.h1
-rw-r--r--accel-pppd/radius/req.c21
-rw-r--r--accel-pppd/shaper/CMakeLists.txt2
-rw-r--r--rfc/rfc2131.txt2523
-rw-r--r--rfc/rfc2132.txt1907
-rw-r--r--rfc/rfc3046.txt787
31 files changed, 7653 insertions, 62 deletions
diff --git a/accel-pppd/CMakeLists.txt b/accel-pppd/CMakeLists.txt
index a65f7fef..787dbd8c 100644
--- a/accel-pppd/CMakeLists.txt
+++ b/accel-pppd/CMakeLists.txt
@@ -66,6 +66,9 @@ ADD_EXECUTABLE(accel-pppd
cli/telnet.c
cli/tcp.c
cli/cli.c
+
+ libnetlink/libnetlink.c
+ libnetlink/iplink.c
pwdb.c
ipdb.c
diff --git a/accel-pppd/ctrl/CMakeLists.txt b/accel-pppd/ctrl/CMakeLists.txt
index 6b37bc4a..9b6a11d6 100644
--- a/accel-pppd/ctrl/CMakeLists.txt
+++ b/accel-pppd/ctrl/CMakeLists.txt
@@ -1,3 +1,4 @@
ADD_SUBDIRECTORY(pptp)
ADD_SUBDIRECTORY(pppoe)
ADD_SUBDIRECTORY(l2tp)
+ADD_SUBDIRECTORY(ipoe)
diff --git a/accel-pppd/ctrl/ipoe/CMakeLists.txt b/accel-pppd/ctrl/ipoe/CMakeLists.txt
new file mode 100644
index 00000000..e2b71cbc
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/CMakeLists.txt
@@ -0,0 +1,24 @@
+INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR})
+
+SET(sources
+ ipoe.c
+ dhcpv4.c
+ dhcpv4_options.c
+)
+
+IF (LUA)
+ include(FindLua51)
+ IF (NOT LUA51_FOUND)
+ MESSAGE(FATAL_ERROR "lua not found")
+ ENDIF (NOT LUA51_FOUND)
+ INCLUDE_DIRECTORIES(${LUA_INCLUDE_DIR})
+ ADD_DEFINITIONS(-DUSE_LUA)
+ SET(sources ${sources} lua.c lua_lpack.c)
+ENDIF (LUA)
+
+ADD_LIBRARY(ipoe SHARED ${sources})
+IF (LUA)
+ TARGET_LINK_LIBRARIES(ipoe ${LUA_LIBRARIES})
+ENDIF(LUA)
+
+INSTALL(TARGETS ipoe LIBRARY DESTINATION lib/accel-ppp)
diff --git a/accel-pppd/ctrl/ipoe/dhcpv4.c b/accel-pppd/ctrl/ipoe/dhcpv4.c
new file mode 100644
index 00000000..2955d6cd
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/dhcpv4.c
@@ -0,0 +1,538 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <pthread.h>
+#include <fcntl.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <net/ethernet.h>
+#include <netinet/ip.h>
+#include <netinet/udp.h>
+#include <netpacket/packet.h>
+#include <arpa/inet.h>
+#include <linux/if.h>
+
+#include "events.h"
+#include "list.h"
+#include "triton.h"
+#include "log.h"
+#include "mempool.h"
+#include "memdebug.h"
+#include "ap_session.h"
+#include "ipdb.h"
+
+#include "dhcpv4.h"
+
+#define DHCP_SERV_PORT 67
+#define DHCP_CLIENT_PORT 68
+#define DHCP_MAGIC "\x63\x82\x53\x63"
+
+
+#define BUF_SIZE 4096
+
+
+static int conf_verbose;
+
+static mempool_t pack_pool;
+static mempool_t opt_pool;
+
+static int dhcpv4_read(struct triton_md_handler_t *h);
+
+struct dhcpv4_serv *dhcpv4_create(struct triton_context_t *ctx, const char *ifname)
+{
+ struct dhcpv4_serv *serv;
+ int sock, raw_sock;
+ struct sockaddr_in addr;
+ struct sockaddr_ll ll_addr;
+ struct ifreq ifr;
+ int f = 1;
+
+ memset(&ifr, 0, sizeof(ifr));
+
+ strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ if (ioctl(sock_fd, SIOCGIFINDEX, &ifr)) {
+ log_error("dhcpv4(%s): ioctl(SIOCGIFINDEX): %s\n", ifname, strerror(errno));
+ return NULL;
+ }
+
+ raw_sock = socket(AF_PACKET, SOCK_RAW, ntohs(ETH_P_IP));
+ if (raw_sock < 0) {
+ log_error("dhcpv4: packet socket is not supported by kernel\n");
+ return NULL;
+ }
+
+ memset(&ll_addr, 0, sizeof(ll_addr));
+ ll_addr.sll_family = AF_PACKET;
+ ll_addr.sll_ifindex = ifr.ifr_ifindex;
+ ll_addr.sll_protocol = ntohs(ETH_P_IP);
+
+ if (bind(raw_sock, (struct sockaddr *)&ll_addr, sizeof(ll_addr))) {
+ log_error("dhcpv4(%s): bind: %s\n", ifname, strerror(errno));
+ close(raw_sock);
+ return NULL;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons(DHCP_SERV_PORT);
+ addr.sin_addr.s_addr = htonl(INADDR_ANY);
+
+ sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+
+ if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &f, sizeof(f)))
+ log_error("setsockopt(SO_REUSEADDR): %s\n", strerror(errno));
+
+
+ if (setsockopt(sock, SOL_SOCKET, SO_BROADCAST, &f, sizeof(f))) {
+ log_error("setsockopt(SO_BROADCAST): %s\n", strerror(errno));
+ goto out_err;
+ }
+
+ if (bind(sock, &addr, sizeof(addr))) {
+ log_error("bind: %s\n", strerror(errno));
+ goto out_err;
+ }
+
+ if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname))) {
+ log_error("setsockopt(SO_BINDTODEVICE): %s\n", strerror(errno));
+ goto out_err;
+ }
+
+ if (ioctl(sock, SIOCGIFHWADDR, &ifr)) {
+ log_error("dhcpv4(%s): ioctl(SIOCGIFHWADDR): %s\n", ifname, strerror(errno));
+ goto out_err;
+ }
+
+ memcpy(serv->hwaddr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
+
+ fcntl(raw_sock, F_SETFL, O_NONBLOCK);
+ fcntl(raw_sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC);
+
+ fcntl(sock, F_SETFL, O_NONBLOCK);
+ fcntl(sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC);
+
+ serv = _malloc(sizeof(*serv));
+ memset(serv, 0, sizeof(*serv));
+
+ serv->ctx = ctx;
+ serv->hnd.fd = sock;
+ serv->hnd.read = dhcpv4_read;
+ serv->raw_sock = raw_sock;
+
+ triton_md_register_handler(ctx, &serv->hnd);
+ triton_md_enable_handler(&serv->hnd, MD_MODE_READ);
+
+ return serv;
+
+out_err:
+ close(raw_sock);
+ close(sock);
+ return NULL;
+}
+
+void dhcpv4_free(struct dhcpv4_serv *serv)
+{
+ triton_md_unregister_handler(&serv->hnd);
+ close(serv->hnd.fd);
+ _free(serv);
+}
+
+void dhcpv4_print_packet(struct dhcpv4_packet *pack, void (*print)(const char *fmt, ...))
+{
+ const char *msg_name[] = {"Discover", "Offer", "Request", "Decline", "Ack", "Nak", "Release", "Inform"};
+
+ print("[DHCPv4 %s xid=%x ", msg_name[pack->msg_type - 1], pack->hdr->xid);
+
+ if (pack->hdr->ciaddr)
+ print("ciaddr=%i.%i.%i.%i ",
+ pack->hdr->ciaddr & 0xff,
+ (pack->hdr->ciaddr >> 8) & 0xff,
+ (pack->hdr->ciaddr >> 16) & 0xff,
+ (pack->hdr->ciaddr >> 24) & 0xff);
+
+ if (pack->hdr->yiaddr)
+ print("yiaddr=%i.%i.%i.%i ",
+ pack->hdr->yiaddr & 0xff,
+ (pack->hdr->yiaddr >> 8) & 0xff,
+ (pack->hdr->yiaddr >> 16) & 0xff,
+ (pack->hdr->yiaddr >> 24) & 0xff);
+
+ if (pack->hdr->siaddr)
+ print("ciaddr=%i.%i.%i.%i ",
+ pack->hdr->siaddr & 0xff,
+ (pack->hdr->siaddr >> 8) & 0xff,
+ (pack->hdr->siaddr >> 16) & 0xff,
+ (pack->hdr->siaddr >> 24) & 0xff);
+
+ if (pack->hdr->giaddr)
+ print("giaddr=%i.%i.%i.%i ",
+ pack->hdr->giaddr & 0xff,
+ (pack->hdr->giaddr >> 8) & 0xff,
+ (pack->hdr->giaddr >> 16) & 0xff,
+ (pack->hdr->giaddr >> 24) & 0xff);
+
+ print("chaddr=%02x:%02x:%02x:%02x:%02x:%02x ",
+ pack->hdr->chaddr[0],
+ pack->hdr->chaddr[1],
+ pack->hdr->chaddr[2],
+ pack->hdr->chaddr[3],
+ pack->hdr->chaddr[4],
+ pack->hdr->chaddr[5],
+ pack->hdr->chaddr[6]);
+
+ dhcpv4_print_options(pack, print);
+
+ print("]\n");
+}
+
+static int parse_opt82(struct dhcpv4_packet *pack, struct dhcpv4_option *opt)
+{
+ uint8_t *ptr = opt->data;
+ uint8_t *endptr = ptr + opt->len;
+ int type, len;
+ struct dhcpv4_option *opt1;
+
+ while (ptr < endptr) {
+ type = *ptr++;
+ len = *ptr++;
+ if (ptr + len > endptr)
+ return -1;
+ if (type == 1 || type == 2) {
+ opt1 = mempool_alloc(opt_pool);
+ if (!opt1) {
+ log_emerg("out of memory\n");
+ return -1;
+ }
+
+ opt1->type = type;
+ opt1->len = len;
+ opt1->data = ptr;
+
+ if (type == 1)
+ pack->agent_circuit_id = opt1;
+ else
+ pack->agent_remote_id = opt1;
+ }
+
+ ptr += len;
+ }
+
+ return 0;
+}
+
+static int dhcpv4_parse_packet(struct dhcpv4_packet *pack, int len)
+{
+ struct dhcpv4_option *opt;
+ uint8_t *ptr, *endptr = pack->data + len;
+
+ if (len < sizeof(struct dhcpv4_hdr)) {
+ if (conf_verbose)
+ log_warn("dhcpv4: short packet received\n");
+ return -1;
+ }
+
+ if (pack->hdr->op != DHCP_OP_REQUEST)
+ return -1;
+
+ if (pack->hdr->htype != 1)
+ return -1;
+
+ if (pack->hdr->hlen != 6)
+ return -1;
+
+ if (memcmp(pack->hdr->magic, DHCP_MAGIC, 4))
+ return -1;
+
+ ptr = pack->data + sizeof(struct dhcpv4_hdr);
+
+ while (ptr < endptr) {
+ if (*ptr == 0) {
+ ptr++;
+ continue;
+ }
+
+ if (*ptr == 0xff)
+ break;
+
+ opt = mempool_alloc(opt_pool);
+ if (!opt) {
+ log_emerg("out of memory\n");
+ return -1;
+ }
+ memset(opt, 0, sizeof(*opt));
+ opt->type = *ptr++;
+ opt->len = *ptr++;
+ opt->data = ptr;
+ ptr += opt->len;
+
+ if (ptr > endptr)
+ return -1;
+
+ list_add_tail(&opt->entry, &pack->options);
+
+ if (opt->type == 53)
+ pack->msg_type = opt->data[0];
+ else if (opt->type == 82)
+ parse_opt82(pack, opt);
+ else if (opt->type == 50)
+ pack->request_ip = *(uint32_t *)opt->data;
+ else if (opt->type == 54)
+ pack->server_id = *(uint32_t *)opt->data;
+ }
+
+ if (pack->msg_type == 0 || pack->msg_type > 8)
+ return -1;
+
+ if (dhcpv4_check_options(pack))
+ return -1;
+
+ /*if (conf_verbose) {
+ log_info2("recv ");
+ print_packet(pack, log_info2);
+ }*/
+
+ return 0;
+}
+
+static struct dhcpv4_packet *dhcpv4_packet_alloc()
+{
+ struct dhcpv4_packet *pack = mempool_alloc(pack_pool);
+
+ if (!pack)
+ return NULL;
+
+ memset(pack, 0, sizeof(*pack));
+
+ INIT_LIST_HEAD(&pack->options);
+
+ pack->hdr = (struct dhcpv4_hdr *)pack->data;
+ pack->ptr = (uint8_t *)(pack->hdr + 1);
+
+ memcpy(pack->hdr->magic, DHCP_MAGIC, 4);
+
+ return pack;
+}
+
+static int dhcpv4_read(struct triton_md_handler_t *h)
+{
+ struct dhcpv4_packet *pack;
+ struct dhcpv4_serv *serv = container_of(h, typeof(*serv), hnd);
+ struct sockaddr_in addr;
+ socklen_t len;
+ int n;
+
+ while (1) {
+ pack = dhcpv4_packet_alloc();
+ if (!pack) {
+ log_emerg("out of memory\n");
+ return 1;
+ }
+
+ len = sizeof(addr);
+ n = recvfrom(h->fd, pack->data, BUF_SIZE, 0, &addr, &len);
+ if (n == -1) {
+ mempool_free(pack);
+ if (errno == EAGAIN)
+ return 0;
+ log_error("dhcpv4: recv: %s\n", strerror(errno));
+ continue;
+ }
+
+ if (dhcpv4_parse_packet(pack, n)) {
+ dhcpv4_packet_free(pack);
+ continue;
+ }
+
+ if (serv->recv)
+ serv->recv(serv, pack);
+ }
+}
+
+uint16_t ip_csum(uint16_t *buf, int len)
+{
+ uint32_t sum=0;
+ int i;
+
+ for (i=0; i < len; i += 2)
+ sum += *buf++;
+
+ // take only 16 bits out of the 32 bit sum and add up the carries
+ while (sum >> 16)
+ sum = (sum & 0xffff) + (sum >> 16);
+
+ // one's complement the result
+ sum = ~sum;
+
+ return sum & 0xffff;
+}
+
+
+static int dhcpv4_send(struct dhcpv4_serv *serv, struct dhcpv4_packet *pack, in_addr_t saddr, in_addr_t daddr)
+{
+ uint8_t hdr[sizeof(struct ether_header) + sizeof(struct iphdr) + sizeof(struct udphdr)];
+ struct ether_header *eth = (struct ether_header *)hdr;
+ struct iphdr *ip = (struct iphdr *)(eth + 1);
+ struct udphdr *udp = (struct udphdr *)(ip + 1);
+ int len = pack->ptr - pack->data;
+ struct iovec iov[2];
+
+ memcpy(eth->ether_dhost, pack->hdr->chaddr, ETH_ALEN);
+ memcpy(eth->ether_shost, serv->hwaddr, ETH_ALEN);
+ eth->ether_type = htons(ETH_P_IP);
+
+ ip->ihl = 5;
+ ip->version = 4;
+ ip->tos = 0x10;
+ ip->tot_len = ntohs(sizeof(*ip) + sizeof(*udp) + len);
+ ip->id = 0;
+ ip->frag_off = 0;
+ ip->ttl = 128;
+ ip->protocol = IPPROTO_UDP;
+ ip->check = 0;
+ ip->saddr = saddr;
+ ip->daddr = daddr;
+ ip->check = ip_csum((uint16_t *)ip, 20);
+
+ udp->source = ntohs(DHCP_SERV_PORT);
+ udp->dest = ntohs(DHCP_CLIENT_PORT);
+ udp->len = htons(sizeof(*udp) + len);
+ udp->check = 0;
+
+ iov[0].iov_base = hdr;
+ iov[0].iov_len = sizeof(hdr);
+ iov[1].iov_base = pack->data;
+ iov[1].iov_len = len;
+
+ len = writev(serv->raw_sock, iov, 2);
+
+ if (len < 0)
+ return -1;
+
+ return 0;
+}
+
+void dhcpv4_packet_free(struct dhcpv4_packet *pack)
+{
+ struct dhcpv4_option *opt;
+
+ while (!list_empty(&pack->options)) {
+ opt = list_entry(pack->options.next, typeof(*opt), entry);
+ list_del(&opt->entry);
+ mempool_free(opt);
+ }
+
+ if (pack->agent_circuit_id)
+ mempool_free(pack->agent_circuit_id);
+
+ if (pack->agent_remote_id)
+ mempool_free(pack->agent_remote_id);
+
+ mempool_free(pack);
+}
+
+int dhcpv4_packet_add_opt(struct dhcpv4_packet *pack, int type, const void *data, int len)
+{
+ struct dhcpv4_option *opt = mempool_alloc(opt_pool);
+
+ if (!opt) {
+ log_emerg("out of memory\n");
+ return -1;
+ }
+
+ *pack->ptr++ = type;
+ *pack->ptr++ = len;
+
+ opt->type = type;
+ opt->len = len;
+ opt->data = pack->ptr;
+ pack->ptr += len;
+
+ memcpy(opt->data, data, len);
+
+ list_add_tail(&opt->entry, &pack->options);
+
+ return 0;
+}
+
+int dhcpv4_send_reply(int msg_type, struct dhcpv4_serv *serv, struct dhcpv4_packet *req, struct ap_session *ses, int lease_time)
+{
+ struct dhcpv4_packet *pack;
+ int val, r;
+
+ pack = dhcpv4_packet_alloc();
+ if (!pack) {
+ log_emerg("out of memory\n");
+ return -1;
+ }
+
+ memcpy(pack->hdr, req->hdr, sizeof(*req->hdr));
+
+ pack->hdr->op = DHCP_OP_REPLY;
+ pack->hdr->yiaddr = ses->ipv4->peer_addr;
+ pack->hdr->siaddr = ses->ipv4->addr;
+
+ if (dhcpv4_packet_add_opt(pack, 53, &msg_type, 1))
+ goto out_err;
+
+ if (dhcpv4_packet_add_opt(pack, 54, &ses->ipv4->addr, 4))
+ goto out_err;
+
+ val = ntohl(lease_time);
+ if (dhcpv4_packet_add_opt(pack, 51, &val, 4))
+ goto out_err;
+
+ if (dhcpv4_packet_add_opt(pack, 3, &ses->ipv4->addr, 4))
+ goto out_err;
+
+ val = htonl(~((1 << (32 - ses->ipv4->mask)) - 1));
+ if (dhcpv4_packet_add_opt(pack, 1, &val, 4))
+ goto out_err;
+
+ *pack->ptr++ = 255;
+
+ if (conf_verbose) {
+ pack->msg_type = msg_type;
+ log_ppp_info2("send ");
+ dhcpv4_print_packet(pack, log_ppp_info2);
+ }
+
+ r = dhcpv4_send(serv, pack, ses->ipv4->addr, ses->ipv4->peer_addr);
+
+ dhcpv4_packet_free(pack);
+
+ return r;
+
+out_err:
+ dhcpv4_packet_free(pack);
+ return -1;
+}
+
+int dhcpv4_send_nak(struct dhcpv4_serv *serv, struct dhcpv4_packet *req)
+{
+
+ return 0;
+}
+
+static void load_config()
+{
+ const char *opt;
+
+ opt = conf_get_opt("ipoe", "verbose");
+ if (opt)
+ conf_verbose = atoi(opt);
+}
+
+static void init()
+{
+ pack_pool = mempool_create(BUF_SIZE + sizeof(struct dhcpv4_packet));
+ opt_pool = mempool_create(sizeof(struct dhcpv4_option));
+
+ load_config();
+
+ triton_event_register_handler(EV_CONFIG_RELOAD, (triton_event_func)load_config);
+}
+
+DEFINE_INIT(100, init);
diff --git a/accel-pppd/ctrl/ipoe/dhcpv4.h b/accel-pppd/ctrl/ipoe/dhcpv4.h
new file mode 100644
index 00000000..52e90a3e
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/dhcpv4.h
@@ -0,0 +1,89 @@
+#ifndef __DHCPV4_H
+#define __DHCPV4_H
+
+#include <stdint.h>
+#include "list.h"
+
+#include "triton.h"
+
+#define __packed __attribute__((packed))
+
+#define DHCP_OP_REQUEST 1
+#define DHCP_OP_REPLY 2
+
+#define DHCPDISCOVER 1
+#define DHCPOFFER 2
+#define DHCPREQUEST 3
+#define DHCPDECLINE 4
+#define DHCPACK 5
+#define DHCPNAK 6
+#define DHCPRELEASE 7
+#define DHCPINFORM 8
+
+struct dhcpv4_hdr
+{
+ uint8_t op;
+ uint8_t htype;
+ uint8_t hlen;
+ uint8_t hops;
+ uint32_t xid;
+ uint16_t sec;
+ uint16_t flags;
+ uint32_t ciaddr;
+ uint32_t yiaddr;
+ uint32_t siaddr;
+ uint32_t giaddr;
+ uint8_t chaddr[16];
+ char sname[64];
+ char file[128];
+ uint8_t magic[4];
+} __packed;
+
+struct dhcpv4_option
+{
+ struct list_head entry;
+ uint8_t type;
+ uint8_t len;
+ uint8_t *data;
+};
+
+struct dhcpv4_packet
+{
+ struct dhcpv4_hdr *hdr;
+ struct list_head options;
+ struct dhcpv4_option *client_id;
+ struct dhcpv4_option *agent_circuit_id;
+ struct dhcpv4_option *agent_remote_id;
+ uint32_t request_ip;
+ uint32_t server_id;
+ int msg_type;
+ uint8_t *ptr;
+ uint8_t data[0];
+};
+
+struct dhcpv4_serv
+{
+ struct triton_context_t *ctx;
+ struct triton_md_handler_t hnd;
+ int raw_sock;
+ uint8_t hwaddr[6];
+ void (*recv)(struct dhcpv4_serv *serv, struct dhcpv4_packet *pack);
+};
+
+struct ap_session;
+
+struct dhcpv4_serv *dhcpv4_create(struct triton_context_t *ctx, const char *ifname);
+void dhcpv4_free(struct dhcpv4_serv *);
+
+
+int dhcpv4_send_reply(int msg_type, struct dhcpv4_serv *serv, struct dhcpv4_packet *req, struct ap_session *ses, int lease_time);
+int dhcpv4_send_nak(struct dhcpv4_serv *serv, struct dhcpv4_packet *req);
+
+void dhcpv4_packet_free(struct dhcpv4_packet *pack);
+
+int dhcpv4_check_options(struct dhcpv4_packet *);
+void dhcpv4_print_options(struct dhcpv4_packet *, void (*)(const char *, ...));
+
+void dhcpv4_print_packet(struct dhcpv4_packet *pack, void (*print)(const char *fmt, ...));
+
+#endif
diff --git a/accel-pppd/ctrl/ipoe/dhcpv4_options.c b/accel-pppd/ctrl/ipoe/dhcpv4_options.c
new file mode 100644
index 00000000..82e64902
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/dhcpv4_options.c
@@ -0,0 +1,290 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <arpa/inet.h>
+
+#include "dhcpv4.h"
+
+struct known_option
+{
+ int type;
+ int min_len;
+ int max_len;
+ int elem_size;
+ const char *name;
+ void (*print)(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+};
+
+static void print_int(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_uint(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_ip(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_str(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_hex(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_route(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_classless_route(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_message_type(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_request_list(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+static void print_relay_agent(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...));
+
+static struct known_option options[] = {
+ { 1, 4, 4, 4, "Subnet", print_ip },
+ { 2, 4, 4, 4, "Time-Offset", print_int },
+ { 3, 4, 255, 4, "Router", print_ip },
+ { 4, 4, 255, 4, "Time-Server", print_ip },
+ { 5, 4, 255, 4, "Name-Server", print_ip },
+ { 6, 4, 255, 4, "DNS", print_ip },
+ //{ 7, 4, 255, 4, "log-server", print_ip },
+ //{ 8, 4, 255, 4, "cookie-server", print_ip },
+ //{ 9, 4, 255, 4, "lpr-server", print_ip },
+ //{ 10, 4, 255, 4, "impress-server", print_ip },
+ //{ 11, 4, 255, 4, "resourse-location", print_ip },
+ { 12, 1, 255, 1, "Host-Name", print_str },
+ //{ 13, 4, 255, 4, "impress-server", print_ip },
+ { 15, 1, 255, 1, "Domain-Name", print_str },
+ { 26, 2, 2, 2, "MTU", print_int },
+ { 28, 4, 4, 4, "Broadcast", print_ip },
+ { 33, 8, 255, 8, "Route", print_route },
+ { 42, 4, 4, 4, "NTP", print_ip },
+ { 43, 1, 255, 1, "Vendor-Specific", print_hex },
+ { 50, 4, 4, 4, "Request-IP", print_ip },
+ { 51, 4, 4, 4, "Lease-Time", print_uint },
+ { 53, 1, 1, 1, "Message-Type", print_message_type },
+ { 54, 4, 4, 4, "Server-ID", print_ip },
+ { 55, 1, 255, 1, "Request-List", print_request_list },
+ { 56, 1, 255, 1, "Message", print_str },
+ { 57, 2, 2, 2, "Max-Message-Size", print_uint },
+ { 58, 4, 4, 4, "T1", print_uint },
+ { 59, 4, 4, 4, "T2", print_uint },
+ { 60, 1, 255, 1, "Vendor-Class", print_hex },
+ { 61, 2, 255, 1, "Client-ID", print_hex },
+ { 82, 3, 255, 1, "Relay-Agent", print_relay_agent },
+ { 121, 5, 255, 1, "Classless-Route", print_classless_route },
+ { 0 },
+};
+
+int dhcpv4_check_options(struct dhcpv4_packet *pack)
+{
+ struct dhcpv4_option *opt;
+ struct known_option *kopt;
+
+ list_for_each_entry(opt, &pack->options, entry) {
+ for (kopt = options; kopt->type; kopt++) {
+ if (kopt->type != opt->type)
+ continue;
+ if (opt->len < kopt->min_len)
+ return -1;
+ if (opt->len > kopt->max_len)
+ return -1;
+ if (opt->len % kopt->elem_size != 0)
+ return -1;
+ break;
+ }
+ }
+
+ return 0;
+}
+
+void dhcpv4_print_options(struct dhcpv4_packet *pack, void (*print)(const char *fmt, ...))
+{
+ struct dhcpv4_option *opt;
+ struct known_option *kopt;
+ int n = 0;
+
+ list_for_each_entry(opt, &pack->options, entry) {
+ if (n)
+ print(" <");
+ else
+ print("<");
+ n++;
+ for (kopt = options; kopt->type && kopt->type != opt->type; kopt++);
+ if (kopt->type) {
+ print("%s ", kopt->name);
+ kopt->print(opt, kopt->elem_size, print);
+ } else {
+ print("Option-%i ");
+ print_hex(opt, 1, print);
+ }
+ print(">");
+ }
+}
+
+
+static void print_int(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ if (opt->len == 2)
+ print("%i", ntohs(*(int16_t *)(opt->data)));
+ else
+ print("%i", ntohl(*(int32_t *)(opt->data)));
+}
+
+static void print_uint(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ if (opt->len == 2)
+ print("%u", ntohs(*(uint16_t *)(opt->data)));
+ else
+ print("%u", ntohl(*(uint32_t *)(opt->data)));
+}
+
+static void print_ip(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ int i, n = opt->len / elem_size;
+ uint32_t ip;
+
+ for (i = 0; i < n; i++) {
+ ip = ntohl(*(uint32_t *)(opt->data + i*elem_size));
+
+ if (i)
+ print(",");
+
+ print("%i.%i.%i.%i",
+ (ip >> 24) & 0xff,
+ (ip >> 16) & 0xff,
+ (ip >> 8) & 0xff,
+ ip & 0xff);
+ }
+}
+
+static void print_str(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ const char *ptr = (const char *)opt->data;
+ const char *endptr = ptr + opt->len;
+
+ for(; ptr < endptr; ptr++)
+ print("%c", *ptr);
+}
+
+static void print_hex(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ const uint8_t *ptr = opt->data;
+ const uint8_t *endptr = ptr + opt->len;
+
+ for(; ptr < endptr; ptr++)
+ print("%02x", *ptr);
+}
+
+static void print_route(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ int i, n = opt->len / 8;
+ uint32_t ip, gw;
+
+ for (i = 0; i < n; i++) {
+ ip = ntohl(*(uint32_t *)(opt->data + i*8));
+ gw = ntohl(*(uint32_t *)(opt->data + i*8 + 4));
+
+ if (i)
+ print(",");
+
+ print("%i.%i.%i.%i via %i.%i.%i.%i",
+ (ip >> 24) & 0xff,
+ (ip >> 16) & 0xff,
+ (ip >> 8) & 0xff,
+ ip & 0xff,
+ (gw >> 24) & 0xff,
+ (gw >> 16) & 0xff,
+ (gw >> 8) & 0xff,
+ gw & 0xff);
+ }
+}
+
+static void print_message_type(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ const char *msg_name[] = {"", "Discover", "Offer", "Request", "Decline", "Ack", "Nak", "Release", "Inform"};
+
+ print("%s", msg_name[opt->data[0]]);
+}
+
+static void print_request_list(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ int i;
+ struct known_option *kopt;
+
+ for (i = 0; i < opt->len; i++) {
+ if (i)
+ print(",");
+ for (kopt = options; kopt->type && kopt->type != opt->data[i]; kopt++);
+ if (kopt->type)
+ print("%s", kopt->name);
+ else
+ print("%i", opt->data[i]);
+ }
+}
+
+static void print_relay_agent(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ const uint8_t *ptr = opt->data;
+ const uint8_t *endptr = ptr + opt->len;
+ const uint8_t *endptr1;
+ int type, len;
+
+ while (ptr < endptr) {
+ if (ptr != opt->data)
+ print(" ");
+ type = *ptr++;
+ len = *ptr++;
+ /*if (ptr + len > endptr) {
+ print(" invalid");
+ return;
+ }*/
+ if (type == 1)
+ print("{Agent-Circuit-ID ");
+ else if (type == 2)
+ print("{Agent-Remote-ID ");
+ else
+ print("{Option-%i ", type);
+
+ endptr1 = ptr + len;
+ for (;ptr < endptr1; ptr++) {
+ if (!isprint(*ptr)) {
+ print("_");
+ break;
+ }
+ print("%c", *ptr);
+ }
+ for (;ptr < endptr1; ptr++)
+ print("%02x", *ptr);
+ print("}");
+ }
+}
+
+static void print_classless_route(const struct dhcpv4_option *opt, int elem_size, void (*print)(const char *fmt, ...))
+{
+ const uint8_t *ptr = opt->data;
+ const uint8_t *endptr = ptr + opt->len;
+ int mask, i, mask1 = 0;
+ uint32_t ip;
+ uint32_t gw;
+
+ while (ptr < endptr) {
+ if (ptr != opt->data)
+ print(",");
+
+ mask = *ptr++;
+ ip = ntohl(*(uint32_t *)ptr);
+ for (i = 0; i < mask; i++)
+ mask1 |= (1 << (32 - i));
+ ip &= mask1;
+ if (mask <= 8)
+ ptr++;
+ else if (mask <= 16)
+ ptr += 2;
+ else if (mask <= 24)
+ ptr += 3;
+ else
+ ptr += 4;
+ gw = ntohl(*(uint32_t *)ptr);
+ ptr += 4;
+
+ print("%i.%i.%i.%i/%i via %i.%i.%i.%i",
+ (ip >> 24) & 0xff,
+ (ip >> 16) & 0xff,
+ (ip >> 8) & 0xff,
+ ip & 0xff,
+ mask,
+ (gw >> 24) & 0xff,
+ (gw >> 16) & 0xff,
+ (gw >> 8) & 0xff,
+ gw & 0xff);
+ }
+}
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c
new file mode 100644
index 00000000..2258c622
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/ipoe.c
@@ -0,0 +1,688 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <errno.h>
+#include <string.h>
+#include <fcntl.h>
+#include <time.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <linux/if.h>
+
+#include <pcre.h>
+
+#include "events.h"
+#include "list.h"
+#include "triton.h"
+#include "log.h"
+#include "mempool.h"
+#include "utils.h"
+#include "cli.h"
+#include "ap_session.h"
+#include "pwdb.h"
+#include "ipdb.h"
+
+#include "iplink.h"
+#include "connlimit.h"
+
+#include "ipoe.h"
+
+#include "memdebug.h"
+
+#define USERNAME_IFNAME 0
+#define USERNAME_LUA 1
+
+static int conf_dhcpv4 = 1;
+//static int conf_dhcpv6;
+static int conf_username;
+
+#ifdef USE_LUA
+static const char *conf_lua_username_func;
+#endif
+
+static int conf_offer_timeout = 3;
+static in_addr_t conf_gw_address;
+static int conf_netmask = 24;
+static int conf_lease_time = 600;
+static int conf_lease_timeout = 660;
+static int conf_verbose;
+
+static unsigned int stat_starting;
+static unsigned int stat_active;
+
+static mempool_t ses_pool;
+
+static LIST_HEAD(serv_list);
+
+struct iplink_arg
+{
+ pcre *re;
+ const char *opt;
+};
+
+static void ipoe_session_finished(struct ap_session *s);
+
+static struct ipoe_session *ipoe_session_lookup(struct ipoe_serv *serv, struct dhcpv4_packet *pack)
+{
+ struct ipoe_session *ses;
+
+ list_for_each_entry(ses, &serv->sessions, entry) {
+ if (pack->hdr->xid != ses->xid)
+ continue;
+
+ if (pack->hdr->giaddr != ses->giaddr)
+ continue;
+
+ if (pack->agent_circuit_id && !ses->agent_circuit_id)
+ continue;
+
+ if (pack->agent_remote_id && !ses->agent_remote_id)
+ continue;
+
+ if (pack->client_id && !ses->client_id)
+ continue;
+
+ if (!pack->agent_circuit_id && ses->agent_circuit_id)
+ continue;
+
+ if (!pack->agent_remote_id && ses->agent_remote_id)
+ continue;
+
+ if (!pack->client_id && ses->client_id)
+ continue;
+
+ if (pack->agent_circuit_id) {
+ if (pack->agent_circuit_id->len != ses->agent_circuit_id->len)
+ continue;
+ if (memcmp(pack->agent_circuit_id->data, ses->agent_circuit_id->data, pack->agent_circuit_id->len))
+ continue;
+ }
+
+ if (pack->agent_remote_id) {
+ if (pack->agent_remote_id->len != ses->agent_remote_id->len)
+ continue;
+ if (memcmp(pack->agent_remote_id->data, ses->agent_remote_id->data, pack->agent_remote_id->len))
+ continue;
+ }
+
+ if (pack->client_id) {
+ if (pack->client_id->len != ses->client_id->len)
+ continue;
+ if (memcmp(pack->client_id->data, ses->client_id->data, pack->client_id->len))
+ continue;
+ }
+
+ if (memcmp(pack->hdr->chaddr, ses->hwaddr, 6))
+ continue;
+
+ return ses;
+ }
+
+ return NULL;
+}
+
+static void ipoe_session_timeout(struct triton_timer_t *t)
+{
+ struct ipoe_session *ses = container_of(t, typeof(*ses), timer);
+
+ triton_timer_del(t);
+
+ log_ppp_info2("session timed out\n");
+
+ ap_session_terminate(&ses->ses, TERM_LOST_CARRIER, 0);
+}
+
+static void ipoe_session_set_username(struct ipoe_session *ses)
+{
+#ifdef USE_LUA
+ if (conf_username == USERNAME_LUA) {
+ ipoe_lua_set_username(ses, conf_lua_username_func);
+ } else
+#endif
+ ses->ses.username = _strdup(ses->ses.ifname);
+}
+
+static void ipoe_session_start(struct ipoe_session *ses)
+{
+ int r;
+ char *passwd;
+
+ if (ses->serv->opt_single)
+ strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN);
+
+ ipoe_session_set_username(ses);
+ if (!ses->ses.username) {
+ ipoe_session_finished(&ses->ses);
+ return;
+ }
+
+ triton_event_fire(EV_CTRL_STARTING, &ses->ses);
+ triton_event_fire(EV_CTRL_STARTED, &ses->ses);
+
+ ap_session_starting(&ses->ses);
+
+ r = pwdb_check(&ses->ses, ses->ses.username, 0);
+ if (r == PWDB_NO_IMPL) {
+ passwd = pwdb_get_passwd(&ses->ses, ses->ses.username);
+ if (!passwd)
+ r = PWDB_DENIED;
+ else {
+ r = PWDB_SUCCESS;
+ _free(passwd);
+ }
+ }
+
+ if (r == PWDB_DENIED) {
+ if (conf_ppp_verbose)
+ log_ppp_warn("authentication failed\n");
+ ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0);
+ return;
+ }
+
+ if (ses->dhcpv4_request) {
+ ses->ses.ipv4 = ipdb_get_ipv4(&ses->ses);
+ if (!ses->ses.ipv4) {
+ log_ppp_warn("no free IPv4 address\n");
+ ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0);
+ return;
+ }
+
+ if (conf_gw_address)
+ ses->ses.ipv4->addr = conf_gw_address;
+
+ if (conf_netmask)
+ ses->ses.ipv4->mask = conf_netmask;
+ else if (!ses->ses.ipv4->mask)
+ ses->ses.ipv4->mask = 24;
+
+ dhcpv4_send_reply(DHCPOFFER, ses->serv->dhcpv4, ses->dhcpv4_request, &ses->ses, conf_lease_time);
+
+ dhcpv4_packet_free(ses->dhcpv4_request);
+ ses->dhcpv4_request = NULL;
+ }
+
+ ses->timer.expire = ipoe_session_timeout;
+ ses->timer.period = conf_offer_timeout * 1000;
+ triton_timer_add(&ses->ctx, &ses->timer, 0);
+}
+
+static void ipoe_session_activate(struct ipoe_session *ses)
+{
+ ap_session_activate(&ses->ses);
+
+ if (ses->ses.state == AP_STATE_ACTIVE)
+ dhcpv4_send_reply(DHCPACK, ses->serv->dhcpv4, ses->dhcpv4_request, &ses->ses, conf_lease_time);
+ else
+ dhcpv4_send_nak(ses->serv->dhcpv4, ses->dhcpv4_request);
+
+ dhcpv4_packet_free(ses->dhcpv4_request);
+ ses->dhcpv4_request = NULL;
+}
+
+static void ipoe_session_started(struct ap_session *s)
+{
+ struct ipoe_session *ses = container_of(s, typeof(*ses), ses);
+
+ log_ppp_debug("ipoe: session started\n");
+
+ triton_timer_del(&ses->timer);
+
+ ses->timer.expire = ipoe_session_timeout;
+ ses->timer.period = conf_lease_timeout * 1000;
+ triton_timer_add(&ses->ctx, &ses->timer, 0);
+}
+
+static void ipoe_session_free(struct ipoe_session *ses)
+{
+ if (ses->timer.tpd)
+ triton_timer_del(&ses->timer);
+
+ triton_context_unregister(&ses->ctx);
+
+ if (ses->data)
+ _free(ses->data);
+
+ mempool_free(ses);
+}
+
+static void ipoe_session_finished(struct ap_session *s)
+{
+ struct ipoe_session *ses = container_of(s, typeof(*ses), ses);
+
+ log_ppp_debug("ipoe: session finished\n");
+
+ pthread_mutex_lock(&ses->serv->lock);
+ list_del(&ses->entry);
+ pthread_mutex_unlock(&ses->serv->lock);
+
+ triton_context_call(&ses->ctx, (triton_event_func)ipoe_session_free, ses);
+}
+
+static void ipoe_session_terminate(struct ap_session *s, int hard)
+{
+ ap_session_finished(s);
+}
+
+
+static void ipoe_session_close(struct triton_context_t *ctx)
+{
+ struct ipoe_session *ses = container_of(ctx, typeof(*ses), ctx);
+
+ if (ses->ses.state)
+ ap_session_terminate(&ses->ses, TERM_ADMIN_RESET, 1);
+ else
+ ipoe_session_finished(&ses->ses);
+}
+
+static struct ipoe_session *ipoe_session_create(struct ipoe_serv *serv, struct dhcpv4_packet *pack)
+{
+ struct ipoe_session *ses;
+ int dlen = 0;
+ uint8_t *ptr;
+
+ ses = mempool_alloc(ses_pool);
+ if (!ses) {
+ log_emerg("out of memery\n");
+ return NULL;
+ }
+
+ memset(ses, 0, sizeof(*ses));
+
+ ap_session_init(&ses->ses);
+
+ ses->serv = serv;
+ ses->dhcpv4_request = pack;
+
+ ses->xid = pack->hdr->xid;
+ memcpy(ses->hwaddr, pack->hdr->chaddr, 6);
+ ses->giaddr = pack->hdr->giaddr;
+
+ if (pack->agent_circuit_id)
+ dlen += sizeof(struct dhcp_opt) + pack->agent_circuit_id->len;
+
+ if (pack->agent_remote_id)
+ dlen += sizeof(struct dhcp_opt) + pack->agent_remote_id->len;
+
+ if (pack->client_id)
+ dlen += sizeof(struct dhcp_opt) + pack->client_id->len;
+
+ if (dlen) {
+ ses->data = _malloc(dlen);
+ if (!ses->data) {
+ log_emerg("out of memery\n");
+ mempool_free(ses);
+ return NULL;
+ }
+ ptr = ses->data;
+ }
+
+ if (pack->agent_circuit_id) {
+ ses->agent_circuit_id = (struct dhcp_opt *)ptr;
+ ses->agent_circuit_id->len = pack->agent_circuit_id->len;
+ memcpy(ses->agent_circuit_id->data, pack->agent_circuit_id->data, pack->agent_circuit_id->len);
+ ptr += sizeof(struct dhcp_opt) + pack->agent_circuit_id->len;
+ }
+
+ if (pack->agent_remote_id) {
+ ses->agent_remote_id = (struct dhcp_opt *)ptr;
+ ses->agent_remote_id->len = pack->agent_remote_id->len;
+ memcpy(ses->agent_remote_id->data, pack->agent_remote_id->data, pack->agent_remote_id->len);
+ ptr += sizeof(struct dhcp_opt) + pack->agent_remote_id->len;
+ }
+
+ if (pack->client_id) {
+ ses->client_id = (struct dhcp_opt *)ptr;
+ ses->client_id->len = pack->client_id->len;
+ memcpy(ses->client_id->data, pack->client_id->data, pack->client_id->len);
+ ptr += sizeof(struct dhcp_opt) + pack->client_id->len;
+ }
+
+ ses->ctx.before_switch = log_switch;
+ ses->ctx.close = ipoe_session_close;
+ ses->ctrl.ctx = &ses->ctx;
+ ses->ctrl.started = ipoe_session_started;
+ ses->ctrl.finished = ipoe_session_finished;
+ ses->ctrl.terminate = ipoe_session_terminate;
+ ses->ctrl.type = CTRL_TYPE_IPOE;
+ ses->ctrl.name = "ipoe";
+
+ ses->ctrl.calling_station_id = _malloc(19);
+ ses->ctrl.called_station_id = serv->ifname;
+
+ ptr = ses->hwaddr;
+ sprintf(ses->ctrl.calling_station_id, "%02x:%02x:%02x:%02x:%02x:%02x",
+ ptr[0], ptr[1], ptr[2], ptr[3], ptr[4], ptr[5]);
+
+ ses->ses.ctrl = &ses->ctrl;
+ ses->ses.chan_name = ses->ctrl.calling_station_id;
+
+ triton_context_register(&ses->ctx, &ses->ses);
+
+ triton_context_wakeup(&ses->ctx);
+
+ //pthread_mutex_lock(&serv->lock);
+ list_add_tail(&ses->entry, &serv->sessions);
+ //pthread_mutex_unlock(&serv->lock);
+
+ triton_context_call(&ses->ctx, (triton_event_func)ipoe_session_start, ses);
+
+ return ses;
+}
+
+static void ipoe_dhcpv4_recv(struct dhcpv4_serv *dhcpv4, struct dhcpv4_packet *pack)
+{
+ struct ipoe_serv *serv = container_of(dhcpv4->ctx, typeof(*serv), ctx);
+ struct ipoe_session *ses;
+ //struct dhcpv4_packet *reply;
+
+ pthread_mutex_lock(&serv->lock);
+ if (pack->msg_type == DHCPDISCOVER) {
+ ses = ipoe_session_lookup(serv, pack);
+ if (!ses) {
+ ses = ipoe_session_create(serv, pack);
+
+ if (conf_verbose && ses) {
+ log_switch(dhcpv4->ctx, &ses->ses);
+ log_ppp_info2("recv ");
+ dhcpv4_print_packet(pack, log_ppp_info2);
+ }
+ } else {
+ log_switch(dhcpv4->ctx, &ses->ses);
+
+ if (conf_verbose) {
+ log_ppp_info2("recv ");
+ dhcpv4_print_packet(pack, log_ppp_info2);
+ }
+
+ if (ses->ses.state == AP_STATE_ACTIVE)
+ dhcpv4_send_reply(DHCPOFFER, dhcpv4, pack, &ses->ses, conf_lease_time);
+
+ dhcpv4_packet_free(pack);
+ }
+ } else if (pack->msg_type == DHCPREQUEST) {
+ ses = ipoe_session_lookup(serv, pack);
+
+ if (!ses) {
+ if (conf_verbose) {
+ log_info2("recv ");
+ dhcpv4_print_packet(pack, log_info2);
+ }
+
+ dhcpv4_send_nak(dhcpv4, pack);
+ } else {
+ if (!ses->ses.ipv4 || pack->server_id != ses->ses.ipv4->addr || pack->request_ip != ses->ses.ipv4->peer_addr) {
+ if (conf_verbose) {
+ log_info2("recv ");
+ dhcpv4_print_packet(pack, log_info2);
+ }
+
+ if (ses->ses.ipv4 && pack->request_ip != ses->ses.ipv4->peer_addr)
+ dhcpv4_send_nak(dhcpv4, pack);
+ ap_session_terminate(&ses->ses, TERM_USER_REQUEST, 0);
+ } else {
+ if (conf_verbose) {
+ log_switch(dhcpv4->ctx, &ses->ses);
+ log_ppp_info2("recv ");
+ dhcpv4_print_packet(pack, log_ppp_info2);
+ }
+
+ if (ses->ses.state == AP_STATE_STARTING && !ses->dhcpv4_request) {
+ ses->dhcpv4_request = pack;
+ pack = NULL;
+ triton_context_call(&ses->ctx, (triton_event_func)ipoe_session_activate, ses);
+ }
+ }
+ }
+ if (pack)
+ dhcpv4_packet_free(pack);
+ } else if (pack->msg_type == DHCPDECLINE || pack->msg_type == DHCPRELEASE) {
+ ses = ipoe_session_lookup(serv, pack);
+ if (ses) {
+ if (conf_verbose) {
+ log_switch(dhcpv4->ctx, &ses->ses);
+ log_ppp_info2("recv ");
+ dhcpv4_print_packet(pack, log_ppp_info2);
+ }
+
+ ap_session_terminate(&ses->ses, TERM_USER_REQUEST, 0);
+ }
+ dhcpv4_packet_free(pack);
+ }
+ pthread_mutex_unlock(&serv->lock);
+}
+
+static void ipoe_serv_close(struct triton_context_t *ctx)
+{
+ struct ipoe_serv *serv = container_of(ctx, typeof(*serv), ctx);
+
+ if (serv->dhcpv4)
+ dhcpv4_free(serv->dhcpv4);
+
+ triton_context_unregister(ctx);
+
+ _free(serv->ifname);
+ _free(serv);
+}
+
+static int show_stat_exec(const char *cmd, char * const *fields, int fields_cnt, void *client)
+{
+ cli_send(client, "ipoe:\r\n");
+ cli_sendv(client," starting: %u\r\n", stat_starting);
+ cli_sendv(client," active: %u\r\n", stat_active);
+
+ return CLI_CMD_OK;
+}
+
+void __export ipoe_get_stat(unsigned int **starting, unsigned int **active)
+{
+ *starting = &stat_starting;
+ *active = &stat_active;
+}
+
+static void ipoe_drop_sessions(struct ipoe_serv *serv)
+{
+
+}
+
+static void add_interface(const char *ifname, int ifindex, const char *opt)
+{
+ int opt_single;
+ const char *ptr;
+ struct ipoe_serv *serv;
+
+ ptr = strstr(opt, ",single");
+ if (ptr) {
+ if (ptr[7] && ptr[7] != ',')
+ goto out_err_parse;
+ opt_single = 1;
+ } else
+ opt_single = 0;
+
+
+ list_for_each_entry(serv, &serv_list, entry) {
+ if (strcmp(ifname, serv->ifname) == 0) {
+ serv->active = 1;
+ serv->ifindex = ifindex;
+ if (opt_single && !serv->opt_single)
+ ipoe_drop_sessions(serv);
+ serv->opt_single = opt_single;
+ return;
+ }
+ }
+
+ serv = _malloc(sizeof(*serv));
+ memset(serv, 0, sizeof(*serv));
+ serv->ifname = _strdup(ifname);
+ serv->ifindex = ifindex;
+ serv->opt_single = opt_single;
+ serv->opt_dhcpv4 = conf_dhcpv4;
+ INIT_LIST_HEAD(&serv->sessions);
+ pthread_mutex_init(&serv->lock, NULL);
+
+ triton_context_register(&serv->ctx, NULL);
+
+ if (serv->opt_dhcpv4) {
+ serv->dhcpv4 = dhcpv4_create(&serv->ctx, serv->ifname);
+ if (serv->dhcpv4)
+ serv->dhcpv4->recv = ipoe_dhcpv4_recv;
+ }
+
+ triton_context_wakeup(&serv->ctx);
+
+ return;
+
+out_err_parse:
+ log_error("ipoe: failed to parse '%s'\n", opt);
+}
+
+static void load_interface(const char *opt)
+{
+ const char *ptr;
+ struct ifreq ifr;
+
+ for (ptr = opt; *ptr && *ptr != ','; ptr++);
+
+ if (ptr - opt >= sizeof(ifr.ifr_name))
+ return;
+
+ memcpy(ifr.ifr_name, opt, ptr - opt);
+ ifr.ifr_name[ptr - opt] = 0;
+
+ if (ioctl(sock_fd, SIOCGIFINDEX, &ifr)) {
+ log_error("ipoe: '%s': ioctl(SIOCGIFINDEX): %s\n", ifr.ifr_name, strerror(errno));
+ return;
+ }
+
+ add_interface(ifr.ifr_name, ifr.ifr_ifindex, opt);
+}
+
+static int __load_interface_re(int index, int flags, const char *name, struct iplink_arg *arg)
+{
+ if (pcre_exec(arg->re, NULL, name, strlen(name), 0, 0, NULL, 0) < 0)
+ return 0;
+
+ add_interface(name, index, arg->opt);
+
+ return 0;
+}
+
+static void load_interface_re(const char *opt)
+{
+ pcre *re = NULL;
+ const char *pcre_err;
+ char *pattern;
+ const char *ptr;
+ int pcre_offset;
+ struct iplink_arg arg;
+
+ for (ptr = opt; *ptr && *ptr != ','; ptr++);
+
+ pattern = _malloc(ptr - (opt + 3) + 1);
+ memcpy(pattern, opt + 3, ptr - (opt + 3));
+ pattern[ptr - (opt + 3)] = 0;
+
+ re = pcre_compile2(pattern, 0, NULL, &pcre_err, &pcre_offset, NULL);
+
+ if (!re) {
+ log_error("ipoe: %s at %i\r\n", pcre_err, pcre_offset);
+ return;
+ }
+
+ arg.re = re;
+ arg.opt = opt;
+
+ iplink_list((iplink_list_func)__load_interface_re, &arg);
+
+ pcre_free(re);
+ _free(pattern);
+}
+
+static void load_interfaces(struct conf_sect_t *sect)
+{
+ struct ipoe_serv *serv;
+ struct conf_option_t *opt;
+ struct list_head *pos, *n;
+
+ list_for_each_entry(serv, &serv_list, entry)
+ serv->active = 0;
+
+ list_for_each_entry(opt, &sect->items, entry) {
+ if (strcmp(opt->name, "interface"))
+ continue;
+ if (!opt->val)
+ continue;
+
+ if (strlen(opt->val) > 3 && memcmp(opt->val, "re:", 3) == 0)
+ load_interface_re(opt->val);
+ else
+ load_interface(opt->val);
+ }
+
+ list_for_each_safe(pos, n, &serv_list) {
+ serv = list_entry(pos, typeof(*serv), entry);
+ if (!serv->active) {
+ list_del(&serv->entry);
+ triton_context_call(&serv->ctx, (triton_event_func)ipoe_serv_close, &serv->ctx);
+ }
+ }
+}
+
+static void load_config(void)
+{
+ const char *opt;
+ struct conf_sect_t *s = conf_get_section("ipoe");
+
+ if (!s)
+ return;
+
+ load_interfaces(s);
+
+ opt = conf_get_opt("ipoe", "username");
+ if (opt) {
+ if (strcmp(opt, "ifname") == 0)
+ conf_username = USERNAME_IFNAME;
+#ifdef USE_LUA
+ else if (strlen(opt) > 4 && memcmp(opt, "lua:", 4) == 0) {
+ conf_username = USERNAME_LUA;
+ conf_lua_username_func = opt + 4;
+#endif
+ } else
+ log_emerg("ipoe: unknown username value '%s'\n", opt);
+ }
+
+ opt = conf_get_opt("ipoe", "gw-ip-address");
+ if (opt)
+ conf_gw_address = inet_addr(opt);
+ else
+ conf_gw_address = 0;
+
+ opt = conf_get_opt("ipoe", "netmask");
+ if (opt) {
+ conf_netmask = atoi(opt);
+ if (conf_netmask <= 0 || conf_netmask > 32) {
+ log_error("ipoe: invalid netmask %s\n", opt);
+ conf_netmask = 0;
+ }
+ } else
+ conf_netmask = 0;
+
+ opt = conf_get_opt("ipoe", "verbose");
+ if (opt)
+ conf_verbose = atoi(opt);
+}
+
+static void ipoe_init(void)
+{
+ ses_pool = mempool_create(sizeof(struct ipoe_session));
+
+ load_config();
+
+ cli_register_simple_cmd2(show_stat_exec, NULL, 2, "show", "stat");
+
+ triton_event_register_handler(EV_CONFIG_RELOAD, (triton_event_func)load_config);
+}
+
+DEFINE_INIT(20, ipoe_init);
diff --git a/accel-pppd/ctrl/ipoe/ipoe.h b/accel-pppd/ctrl/ipoe/ipoe.h
new file mode 100644
index 00000000..adbc5cff
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/ipoe.h
@@ -0,0 +1,54 @@
+#ifndef __IPOE_H
+#define __IPOE_H
+
+#include <stdint.h>
+#include <pthread.h>
+
+#include "triton.h"
+#include "ap_session.h"
+#include "dhcpv4.h"
+
+struct ipoe_serv
+{
+ struct list_head entry;
+ struct triton_context_t ctx;
+ char *ifname;
+ int ifindex;
+ int active;
+ int opt_single;
+ int opt_dhcpv4;
+ struct list_head sessions;
+ struct dhcpv4_serv *dhcpv4;
+ pthread_mutex_t lock;
+};
+
+struct dhcp_opt
+{
+ uint8_t len;
+ uint8_t data[0];
+};
+
+struct ipoe_session
+{
+ struct list_head entry;
+ struct triton_context_t ctx;
+ struct triton_timer_t timer;
+ struct ipoe_serv *serv;
+ struct ap_ctrl ctrl;
+ struct ap_session ses;
+ uint8_t hwaddr[6];
+ struct dhcp_opt *client_id;
+ struct dhcp_opt *agent_circuit_id;
+ struct dhcp_opt *agent_remote_id;
+ uint32_t xid;
+ uint32_t giaddr;
+ uint8_t *data;
+ struct dhcpv4_packet *dhcpv4_request;
+};
+
+#ifdef USE_LUA
+int ipoe_lua_set_username(struct ipoe_session *, const char *func);
+#endif
+
+#endif
+
diff --git a/accel-pppd/ctrl/ipoe/lua.c b/accel-pppd/ctrl/ipoe/lua.c
new file mode 100644
index 00000000..77beca6e
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/lua.c
@@ -0,0 +1,253 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <pthread.h>
+
+/* Include the Lua API header files. */
+#include <lua.h>
+#include <lauxlib.h>
+#include <lualib.h>
+
+#include "events.h"
+#include "log.h"
+#include "utils.h"
+
+#include "ipoe.h"
+
+#include "memdebug.h"
+
+#define IPOE_PACKET4 "ipoe.packet4"
+
+static const char *conf_filename;
+static int serial;
+static int file_error;
+
+static __thread lua_State *L;
+static __thread int __serial;
+static pthread_key_t __key;
+
+static int packet4_hdr(lua_State *L);
+static int packet4_ifname(lua_State *L);
+static int packet4_option(lua_State *L);
+static int packet4_options(lua_State *L);
+static int packet4_agent_circuit_id(lua_State *L);
+static int packet4_agent_remote_id(lua_State *L);
+
+int luaopen_lpack(lua_State *L);
+
+static const struct luaL_reg packet4_lib [] = {
+ {"hdr", packet4_hdr},
+ {"ifname", packet4_ifname},
+ {"option", packet4_option},
+ {"options", packet4_options},
+ {"agent_circuit_id", packet4_agent_circuit_id},
+ {"agent_remote_id", packet4_agent_remote_id},
+ {NULL, NULL}
+};
+
+static int luaopen_packet4(lua_State *L)
+{
+ luaL_newmetatable(L, IPOE_PACKET4);
+
+ lua_pushstring(L, "__index");
+ lua_pushvalue(L, -2); /* pushes the metatable */
+ lua_settable(L, -3); /* metatable.__index = metatable */
+
+
+ luaI_openlib(L, NULL, packet4_lib, 0);
+
+ luaI_openlib(L, "packet4", packet4_lib, 0);
+
+ return 1;
+}
+
+static int packet4_hdr(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+ const char *name = luaL_checkstring(L, 2);
+ char str[20];
+ uint8_t *ptr;
+
+ if (!ses)
+ return 0;
+
+ if (!strcmp(name, "xid"))
+ lua_pushinteger(L, ses->dhcpv4_request->hdr->xid);
+ else if (!strcmp(name, "ciaddr")) {
+ u_inet_ntoa(ses->dhcpv4_request->hdr->ciaddr, str);
+ lua_pushstring(L, str);
+ } else if (!strcmp(name, "giaddr")) {
+ u_inet_ntoa(ses->dhcpv4_request->hdr->giaddr, str);
+ lua_pushstring(L, str);
+ } else if (!strcmp(name, "chaddr")) {
+ ptr = ses->dhcpv4_request->hdr->chaddr;
+ sprintf(str, "%02x:%02x:%02x:%02x:%02x:%02x",
+ ptr[0], ptr[1], ptr[2], ptr[3], ptr[4], ptr[5]);
+ lua_pushstring(L, str);
+ }
+
+ return 1;
+}
+
+static int packet4_ifname(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+
+ if (!ses)
+ return 0;
+
+ lua_pushstring(L, ses->serv->ifname);
+
+ return 1;
+}
+
+static int packet4_option(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+ int type = luaL_checkinteger(L, 2);
+ struct dhcpv4_option *opt;
+
+ list_for_each_entry(opt, &ses->dhcpv4_request->options, entry) {
+ if (opt->type == type) {
+ lua_pushlstring(L, (char *)opt->data, opt->len);
+ return 1;
+ }
+ }
+
+ lua_pushnil(L);
+
+ return 1;
+}
+
+static int packet4_options(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+ struct dhcpv4_option *opt;
+ int i = 1;
+
+ if (!ses)
+ return 0;
+
+ lua_newtable(L);
+
+ list_for_each_entry(opt, &ses->dhcpv4_request->options, entry) {
+ lua_pushinteger(L, opt->type);
+ lua_rawseti(L, -2, i++);
+ }
+
+ return 1;
+}
+
+static int packet4_agent_circuit_id(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+
+ if (!ses)
+ return 0;
+
+ if (ses->agent_circuit_id)
+ lua_pushlstring(L, (char *)ses->agent_circuit_id->data, ses->agent_circuit_id->len);
+ else
+ lua_pushnil(L);
+
+ return 1;
+}
+
+static int packet4_agent_remote_id(lua_State *L)
+{
+ struct ipoe_session *ses = luaL_checkudata(L, 1, IPOE_PACKET4);
+
+ if (!ses)
+ return 0;
+
+ if (ses->agent_remote_id)
+ lua_pushlstring(L, (char *)ses->agent_remote_id->data, ses->agent_remote_id->len);
+ else
+ lua_pushnil(L);
+
+ return 1;
+}
+
+static void init_lua()
+{
+ __serial = serial;
+
+ L = lua_open();
+
+ luaL_openlibs(L);
+
+ luaopen_lpack(L);
+ luaopen_packet4(L);
+
+ if (luaL_loadfile(L, conf_filename))
+ goto out_err;
+
+ if (lua_pcall(L, 0, 0, 0))
+ goto out_err;
+
+ file_error = 0;
+
+ pthread_setspecific(__key, L);
+
+ return;
+
+out_err:
+ file_error = 1;
+ log_ppp_error("ipoe: lua: %s\n", lua_tostring(L, -1));
+ lua_close(L);
+ L = NULL;
+}
+
+int ipoe_lua_set_username(struct ipoe_session *ses, const char *func)
+{
+ if (file_error && serial == __serial)
+ return -1;
+
+ if (L && serial != __serial) {
+ lua_close(L);
+ init_lua();
+ } else if (!L)
+ init_lua();
+
+ if (!L)
+ return -1;
+
+ lua_getglobal(L, func);
+ lua_pushlightuserdata(L, ses);
+ luaL_getmetatable(L, IPOE_PACKET4);
+ lua_setmetatable(L, -2);
+
+ if (lua_pcall(L, 1, 1, 0)) {
+ log_ppp_error("ipoe: lua: %s\n", lua_tostring(L, -1));
+ return -1;
+ }
+
+ if (!lua_isstring(L, -1)) {
+ log_ppp_error("ipoe: lua: function '%s' must return a string\n", func);
+ return -1;
+ }
+
+ ses->ses.username = _strdup(lua_tostring(L, -1));
+
+ lua_pop(L, 1);
+
+ return 0;
+}
+
+static void load_config()
+{
+ conf_filename = conf_get_opt("ipoe", "lua-file");
+
+ serial++;
+}
+
+static void init()
+{
+ load_config();
+
+ pthread_key_create(&__key, (void (*)(void *))lua_close);
+
+ triton_event_register_handler(EV_CONFIG_RELOAD, (triton_event_func)load_config);
+}
+
+DEFINE_INIT(100, init);
diff --git a/accel-pppd/ctrl/ipoe/lua_lpack.c b/accel-pppd/ctrl/ipoe/lua_lpack.c
new file mode 100644
index 00000000..22d34774
--- /dev/null
+++ b/accel-pppd/ctrl/ipoe/lua_lpack.c
@@ -0,0 +1,271 @@
+/*
+* lpack.c
+* a Lua library for packing and unpacking binary data
+* Luiz Henrique de Figueiredo <lhf@tecgraf.puc-rio.br>
+* 29 Jun 2007 19:27:20
+* This code is hereby placed in the public domain.
+* with contributions from Ignacio Castaño <castanyo@yahoo.es> and
+* Roberto Ierusalimschy <roberto@inf.puc-rio.br>.
+*/
+
+#define OP_ZSTRING 'z' /* zero-terminated string */
+#define OP_BSTRING 'p' /* string preceded by length byte */
+#define OP_WSTRING 'P' /* string preceded by length word */
+#define OP_SSTRING 'a' /* string preceded by length size_t */
+#define OP_STRING 'A' /* string */
+#define OP_FLOAT 'f' /* float */
+#define OP_DOUBLE 'd' /* double */
+#define OP_NUMBER 'n' /* Lua number */
+#define OP_CHAR 'c' /* char */
+#define OP_BYTE 'b' /* byte = unsigned char */
+#define OP_SHORT 'h' /* short */
+#define OP_USHORT 'H' /* unsigned short */
+#define OP_INT 'i' /* int */
+#define OP_UINT 'I' /* unsigned int */
+#define OP_LONG 'l' /* long */
+#define OP_ULONG 'L' /* unsigned long */
+#define OP_LITTLEENDIAN '<' /* little endian */
+#define OP_BIGENDIAN '>' /* big endian */
+#define OP_NATIVE '=' /* native endian */
+
+#include <ctype.h>
+#include <stdint.h>
+#include <string.h>
+
+#include "lua.h"
+#include "lualib.h"
+#include "lauxlib.h"
+
+static void badcode(lua_State *L, int c)
+{
+ char s[]="bad code `?'";
+ s[sizeof(s)-3]=c;
+ luaL_argerror(L,1,s);
+}
+
+static int doendian(int c)
+{
+ int x=1;
+ int e=*(char*)&x;
+ if (c==OP_LITTLEENDIAN) return !e;
+ if (c==OP_BIGENDIAN) return e;
+ if (c==OP_NATIVE) return 0;
+ return 0;
+}
+
+static void doswap(int swap, void *p, size_t n)
+{
+ if (swap)
+ {
+ char *a=p;
+ int i,j;
+ for (i=0, j=n-1, n=n/2; n--; i++, j--)
+ {
+ char t=a[i]; a[i]=a[j]; a[j]=t;
+ }
+ }
+}
+
+#define UNPACKNUMBER(OP,T) \
+ case OP: \
+ { \
+ T a; \
+ int m=sizeof(a); \
+ if (i+m>len) goto done; \
+ memcpy(&a,s+i,m); \
+ i+=m; \
+ doswap(swap,&a,m); \
+ lua_pushnumber(L,(lua_Number)a); \
+ ++n; \
+ break; \
+ }
+
+#define UNPACKSTRING(OP,T) \
+ case OP: \
+ { \
+ T l; \
+ int m=sizeof(l); \
+ if (i+m>len) goto done; \
+ memcpy(&l,s+i,m); \
+ doswap(swap,&l,m); \
+ if (i+m+l>len) goto done; \
+ i+=m; \
+ lua_pushlstring(L,s+i,l); \
+ i+=l; \
+ ++n; \
+ break; \
+ }
+
+static int l_unpack(lua_State *L) /** unpack(s,f,[init]) */
+{
+ size_t len;
+ const char *s=luaL_checklstring(L,1,&len);
+ const char *f=luaL_checkstring(L,2);
+ int i=luaL_optnumber(L,3,1)-1;
+ int n=0;
+ int swap=0;
+ lua_pushnil(L);
+ while (*f)
+ {
+ int c=*f++;
+ int N=1;
+ if (isdigit(*f))
+ {
+ N=0;
+ while (isdigit(*f)) N=10*N+(*f++)-'0';
+ if (N==0 && c==OP_STRING) { lua_pushliteral(L,""); ++n; }
+ }
+ while (N--) switch (c)
+ {
+ case OP_LITTLEENDIAN:
+ case OP_BIGENDIAN:
+ case OP_NATIVE:
+ {
+ swap=doendian(c);
+ N=0;
+ break;
+ }
+ case OP_STRING:
+ {
+ ++N;
+ if (i+N>len) goto done;
+ lua_pushlstring(L,s+i,N);
+ i+=N;
+ ++n;
+ N=0;
+ break;
+ }
+ case OP_ZSTRING:
+ {
+ size_t l;
+ if (i>=len) goto done;
+ l=strlen(s+i);
+ lua_pushlstring(L,s+i,l);
+ i+=l+1;
+ ++n;
+ break;
+ }
+ UNPACKSTRING(OP_BSTRING, unsigned char)
+ UNPACKSTRING(OP_WSTRING, unsigned short)
+ UNPACKSTRING(OP_SSTRING, size_t)
+ UNPACKNUMBER(OP_NUMBER, lua_Number)
+ UNPACKNUMBER(OP_DOUBLE, double)
+ UNPACKNUMBER(OP_FLOAT, float)
+ UNPACKNUMBER(OP_CHAR, int8_t)
+ UNPACKNUMBER(OP_BYTE, uint8_t)
+ UNPACKNUMBER(OP_SHORT, int16_t)
+ UNPACKNUMBER(OP_USHORT, uint16_t)
+ UNPACKNUMBER(OP_INT, int32_t)
+ UNPACKNUMBER(OP_UINT, uint32_t)
+ UNPACKNUMBER(OP_LONG, int64_t)
+ UNPACKNUMBER(OP_ULONG, uint64_t)
+ case ' ': case ',':
+ break;
+ default:
+ badcode(L,c);
+ break;
+ }
+ }
+done:
+ lua_pushnumber(L,i+1);
+ lua_replace(L,-n-2);
+ return n+1;
+}
+
+#define PACKNUMBER(OP,T) \
+ case OP: \
+ { \
+ T a=(T)luaL_checknumber(L,i++); \
+ doswap(swap,&a,sizeof(a)); \
+ luaL_addlstring(&b,(void*)&a,sizeof(a)); \
+ break; \
+ }
+
+#define PACKSTRING(OP,T) \
+ case OP: \
+ { \
+ size_t l; \
+ const char *a=luaL_checklstring(L,i++,&l); \
+ T ll=(T)l; \
+ doswap(swap,&ll,sizeof(ll)); \
+ luaL_addlstring(&b,(void*)&ll,sizeof(ll)); \
+ luaL_addlstring(&b,a,l); \
+ break; \
+ }
+
+static int l_pack(lua_State *L) /** pack(f,...) */
+{
+ int i=2;
+ const char *f=luaL_checkstring(L,1);
+ int swap=0;
+ luaL_Buffer b;
+ luaL_buffinit(L,&b);
+ while (*f)
+ {
+ int c=*f++;
+ int N=1;
+ if (isdigit(*f))
+ {
+ N=0;
+ while (isdigit(*f)) N=10*N+(*f++)-'0';
+ }
+ while (N--) switch (c)
+ {
+ case OP_LITTLEENDIAN:
+ case OP_BIGENDIAN:
+ case OP_NATIVE:
+ {
+ swap=doendian(c);
+ N=0;
+ break;
+ }
+ case OP_STRING:
+ case OP_ZSTRING:
+ {
+ size_t l;
+ const char *a=luaL_checklstring(L,i++,&l);
+ luaL_addlstring(&b,a,l+(c==OP_ZSTRING));
+ break;
+ }
+ PACKSTRING(OP_BSTRING, unsigned char)
+ PACKSTRING(OP_WSTRING, unsigned short)
+ PACKSTRING(OP_SSTRING, size_t)
+ PACKNUMBER(OP_NUMBER, lua_Number)
+ PACKNUMBER(OP_DOUBLE, double)
+ PACKNUMBER(OP_FLOAT, float)
+ PACKNUMBER(OP_CHAR, int8_t)
+ PACKNUMBER(OP_BYTE, uint8_t)
+ PACKNUMBER(OP_SHORT, int16_t)
+ PACKNUMBER(OP_USHORT, uint16_t)
+ PACKNUMBER(OP_INT, int32_t)
+ PACKNUMBER(OP_UINT, uint32_t)
+ PACKNUMBER(OP_LONG, int64_t)
+ PACKNUMBER(OP_ULONG, uint64_t)
+ case ' ': case ',':
+ break;
+ default:
+ badcode(L,c);
+ break;
+ }
+ }
+ luaL_pushresult(&b);
+ return 1;
+}
+
+static const luaL_reg R[] =
+{
+ {"pack", l_pack},
+ {"unpack", l_unpack},
+ {NULL, NULL}
+};
+
+int luaopen_lpack(lua_State *L)
+{
+#ifdef USE_GLOBALS
+ lua_register(L,"bpack",l_pack);
+ lua_register(L,"bunpack",l_unpack);
+#else
+ luaI_openlib(L, LUA_STRLIBNAME, R, 0);
+#endif
+ return 0;
+}
diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c
index e3db614a..0ad8649c 100644
--- a/accel-pppd/ctrl/l2tp/l2tp.c
+++ b/accel-pppd/ctrl/l2tp/l2tp.c
@@ -144,7 +144,7 @@ static void l2tp_disconnect(struct l2tp_conn_t *conn)
if (conn->tunnel_fd != -1)
close(conn->tunnel_fd);
- triton_event_fire(EV_CTRL_FINISHED, &conn->ppp);
+ triton_event_fire(EV_CTRL_FINISHED, &conn->ppp.ses);
log_ppp_info1("disconnected\n");
@@ -423,7 +423,7 @@ static int l2tp_connect(struct l2tp_conn_t *conn)
conn->ppp.ses.chan_name = _strdup(inet_ntoa(conn->addr.sin_addr));
- triton_event_fire(EV_CTRL_STARTED, &conn->ppp);
+ triton_event_fire(EV_CTRL_STARTED, &conn->ppp.ses);
if (establish_ppp(&conn->ppp))
return -1;
diff --git a/accel-pppd/ctrl/pppoe/pppoe.c b/accel-pppd/ctrl/pppoe/pppoe.c
index 7981eba1..2659a6f5 100644
--- a/accel-pppd/ctrl/pppoe/pppoe.c
+++ b/accel-pppd/ctrl/pppoe/pppoe.c
@@ -120,7 +120,7 @@ static void disconnect(struct pppoe_conn_t *conn)
close(conn->disc_sock);
- triton_event_fire(EV_CTRL_FINISHED, &conn->ppp);
+ triton_event_fire(EV_CTRL_FINISHED, &conn->ppp.ses);
log_ppp_info1("disconnected\n");
@@ -293,8 +293,8 @@ static struct pppoe_conn_t *allocate_channel(struct pppoe_serv_t *serv, const ui
triton_context_register(&conn->ctx, &conn->ppp.ses);
triton_context_wakeup(&conn->ctx);
- triton_event_fire(EV_CTRL_STARTING, &conn->ppp);
- triton_event_fire(EV_CTRL_STARTED, &conn->ppp);
+ triton_event_fire(EV_CTRL_STARTING, &conn->ppp.ses);
+ triton_event_fire(EV_CTRL_STARTED, &conn->ppp.ses);
conn->disc_sock = dup(serv->hnd.fd);
diff --git a/accel-pppd/ctrl/pptp/pptp.c b/accel-pppd/ctrl/pptp/pptp.c
index 59d50984..dddf5edc 100644
--- a/accel-pppd/ctrl/pptp/pptp.c
+++ b/accel-pppd/ctrl/pptp/pptp.c
@@ -91,7 +91,7 @@ static void disconnect(struct pptp_conn_t *conn)
} else if (conn->state != STATE_CLOSE)
__sync_sub_and_fetch(&stat_starting, 1);
- triton_event_fire(EV_CTRL_FINISHED, &conn->ppp);
+ triton_event_fire(EV_CTRL_FINISHED, &conn->ppp.ses);
log_ppp_info1("disconnected\n");
@@ -327,7 +327,7 @@ static int pptp_out_call_rqst(struct pptp_conn_t *conn)
conn->ppp.fd = pptp_sock;
conn->ppp.ses.chan_name = _strdup(inet_ntoa(dst_addr.sa_addr.pptp.sin_addr));
- triton_event_fire(EV_CTRL_STARTED, &conn->ppp);
+ triton_event_fire(EV_CTRL_STARTED, &conn->ppp.ses);
if (establish_ppp(&conn->ppp)) {
close(pptp_sock);
@@ -689,7 +689,7 @@ static int pptp_connect(struct triton_md_handler_t *h)
triton_timer_add(&conn->ctx, &conn->timeout_timer, 0);
triton_context_wakeup(&conn->ctx);
- triton_event_fire(EV_CTRL_STARTING, &conn->ppp);
+ triton_event_fire(EV_CTRL_STARTING, &conn->ppp.ses);
__sync_add_and_fetch(&stat_starting, 1);
}
diff --git a/accel-pppd/extra/pppd_compat.c b/accel-pppd/extra/pppd_compat.c
index 4ed7824e..fcb83c25 100644
--- a/accel-pppd/extra/pppd_compat.c
+++ b/accel-pppd/extra/pppd_compat.c
@@ -107,8 +107,9 @@ static void ip_change_handler(struct sigchld_handler_t *h, int status)
static void ev_ses_starting(struct ap_session *ses)
{
- struct pppd_compat_pd_t *pd = _malloc(sizeof(*pd));
-
+ struct pppd_compat_pd_t *pd;
+
+ pd = _malloc(sizeof(*pd));
if (!pd) {
log_emerg("pppd_compat: out of memory\n");
return;
@@ -232,17 +233,21 @@ static void ev_ses_finishing(struct ap_session *ses)
if (!pd)
return;
- memset(&ifreq, 0, sizeof(ifreq));
- ifreq.stats_ptr = (void *)&ifreq.stats;
- strcpy(ifreq.ifr__name, ses->ifname);
+ if (ses->ctrl->type == CTRL_TYPE_IPOE) {
- if (ioctl(sock_fd, SIOCGPPPSTATS, &ifreq)) {
- log_ppp_error("pppd_compat: failed to get ppp statistics: %s\n", strerror(errno));
- return;
- }
+ } else {
+ memset(&ifreq, 0, sizeof(ifreq));
+ ifreq.stats_ptr = (void *)&ifreq.stats;
+ strcpy(ifreq.ifr__name, ses->ifname);
- pd->bytes_sent = ifreq.stats.p.ppp_obytes;
- pd->bytes_rcvd = ifreq.stats.p.ppp_ibytes;
+ if (ioctl(sock_fd, SIOCGPPPSTATS, &ifreq)) {
+ log_ppp_error("pppd_compat: failed to get ppp statistics: %s\n", strerror(errno));
+ return;
+ }
+
+ pd->bytes_sent = ifreq.stats.p.ppp_obytes;
+ pd->bytes_rcvd = ifreq.stats.p.ppp_ibytes;
+ }
}
static void ev_ses_finished(struct ap_session *ses)
@@ -331,6 +336,9 @@ static void ev_radius_access_accept(struct ev_radius_t *ev)
{
struct pppd_compat_pd_t *pd = find_pd(ev->ses);
+ if (!pd)
+ return;
+
write_radattr(ev->ses, ev->reply, 0);
pd->radattr_saved = 1;
@@ -479,7 +487,7 @@ static struct pppd_compat_pd_t *find_pd(struct ap_session *ses)
}
}
- log_ppp_warn("pppd_compat: pd not found\n");
+ //log_ppp_warn("pppd_compat: pd not found\n");
return NULL;
}
diff --git a/accel-pppd/ifcfg.c b/accel-pppd/ifcfg.c
index a1bb2e34..11251e1a 100644
--- a/accel-pppd/ifcfg.c
+++ b/accel-pppd/ifcfg.c
@@ -9,6 +9,7 @@
#include <arpa/inet.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#include <linux/route.h>
#include "linux_ppp.h"
#include "triton.h"
@@ -55,6 +56,7 @@ void ap_session_ifup(struct ap_session *ses)
{
struct ipv6db_addr_t *a;
struct ifreq ifr;
+ struct rtentry rt;
struct in6_ifreq ifr6;
struct npioctl np;
struct sockaddr_in addr;
@@ -75,16 +77,34 @@ void ap_session_ifup(struct ap_session *ses)
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_addr.s_addr = ses->ipv4->addr;
- memcpy(&ifr.ifr_addr,&addr,sizeof(addr));
+ memcpy(&ifr.ifr_addr, &addr, sizeof(addr));
if (ioctl(sock_fd, SIOCSIFADDR, &ifr))
log_ppp_error("failed to set IPv4 address: %s\n", strerror(errno));
+
+ if (ses->ctrl->type == CTRL_TYPE_IPOE) {
+ addr.sin_addr.s_addr = 0xffffffff;
+ memcpy(&ifr.ifr_netmask, &addr, sizeof(addr));
+ if (ioctl(sock_fd, SIOCSIFNETMASK, &ifr))
+ log_ppp_error("failed to set IPv4 nask: %s\n", strerror(errno));
+ }
addr.sin_addr.s_addr = ses->ipv4->peer_addr;
- memcpy(&ifr.ifr_dstaddr,&addr,sizeof(addr));
-
- if (ioctl(sock_fd, SIOCSIFDSTADDR, &ifr))
- log_ppp_error("failed to set peer IPv4 address: %s\n", strerror(errno));
+
+ if (ses->ctrl->type == CTRL_TYPE_IPOE) {
+ memset(&rt, 0, sizeof(rt));
+ memcpy(&rt.rt_dst, &addr, sizeof(addr));
+ rt.rt_flags = RTF_HOST | RTF_UP;
+ rt.rt_metric = 1;
+ rt.rt_dev = ifr.ifr_name;
+ if (ioctl(sock_fd, SIOCADDRT, &rt, sizeof(rt)))
+ log_ppp_error("failed to add route: %s\n", strerror(errno));
+ } else {
+ memcpy(&ifr.ifr_dstaddr, &addr, sizeof(addr));
+
+ if (ioctl(sock_fd, SIOCSIFDSTADDR, &ifr))
+ log_ppp_error("failed to set peer IPv4 address: %s\n", strerror(errno));
+ }
}
if (ses->ipv6) {
@@ -93,13 +113,16 @@ void ap_session_ifup(struct ap_session *ses)
devconf(ses, "forwarding", "1");
memset(&ifr6, 0, sizeof(ifr6));
- ifr6.ifr6_addr.s6_addr32[0] = htons(0xfe80);
- *(uint64_t *)(ifr6.ifr6_addr.s6_addr + 8) = ses->ipv6->intf_id;
- ifr6.ifr6_prefixlen = 64;
- ifr6.ifr6_ifindex = ses->ifindex;
+
+ if (ses->ctrl->type != CTRL_TYPE_IPOE) {
+ ifr6.ifr6_addr.s6_addr32[0] = htons(0xfe80);
+ *(uint64_t *)(ifr6.ifr6_addr.s6_addr + 8) = ses->ipv6->intf_id;
+ ifr6.ifr6_prefixlen = 64;
+ ifr6.ifr6_ifindex = ses->ifindex;
- if (ioctl(sock6_fd, SIOCSIFADDR, &ifr6))
- log_ppp_error("faild to set LL IPv6 address: %s\n", strerror(errno));
+ if (ioctl(sock6_fd, SIOCSIFADDR, &ifr6))
+ log_ppp_error("faild to set LL IPv6 address: %s\n", strerror(errno));
+ }
list_for_each_entry(a, &ses->ipv6->addr_list, entry) {
if (a->prefix_len == 128)
@@ -154,7 +177,9 @@ void __export ap_session_ifdown(struct ap_session *ses)
memset(&ifr, 0, sizeof(ifr));
strcpy(ifr.ifr_name, ses->ifname);
- ioctl(sock_fd, SIOCSIFFLAGS, &ifr);
+
+ if (ses->ctrl->type != CTRL_TYPE_IPOE)
+ ioctl(sock_fd, SIOCSIFFLAGS, &ifr);
if (ses->ipv4) {
memset(&addr, 0, sizeof(addr));
diff --git a/accel-pppd/include/ap_session.h b/accel-pppd/include/ap_session.h
index 681d05fb..b964c80d 100644
--- a/accel-pppd/include/ap_session.h
+++ b/accel-pppd/include/ap_session.h
@@ -2,7 +2,7 @@
#define __AP_SESSION_H__
#define AP_SESSIONID_LEN 16
-#define AP_IFNAME_LEN 10
+#define AP_IFNAME_LEN 16
#define AP_STATE_STARTING 1
#define AP_STATE_ACTIVE 2
diff --git a/accel-pppd/include/iplink.h b/accel-pppd/include/iplink.h
new file mode 120000
index 00000000..7f0f09d4
--- /dev/null
+++ b/accel-pppd/include/iplink.h
@@ -0,0 +1 @@
+../libnetlink/iplink.h \ No newline at end of file
diff --git a/accel-pppd/include/libnetlink.h b/accel-pppd/include/libnetlink.h
new file mode 120000
index 00000000..d494ddb4
--- /dev/null
+++ b/accel-pppd/include/libnetlink.h
@@ -0,0 +1 @@
+../libnetlink/libnetlink.h \ No newline at end of file
diff --git a/accel-pppd/ipdb.h b/accel-pppd/ipdb.h
index 0d13b76e..69cb12f3 100644
--- a/accel-pppd/ipdb.h
+++ b/accel-pppd/ipdb.h
@@ -11,6 +11,7 @@ struct ipv4db_item_t
struct ipdb_t *owner;
in_addr_t addr;
in_addr_t peer_addr;
+ int mask;
};
struct ipv6db_addr_t
diff --git a/accel-pppd/libnetlink/iplink.c b/accel-pppd/libnetlink/iplink.c
new file mode 100644
index 00000000..ba3ada06
--- /dev/null
+++ b/accel-pppd/libnetlink/iplink.c
@@ -0,0 +1,77 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <fcntl.h>
+#include <net/if_arp.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <string.h>
+#include <errno.h>
+#include <time.h>
+#include <sys/uio.h>
+
+#include "libnetlink.h"
+#include "iplink.h"
+#include "triton.h"
+#include "log.h"
+
+struct arg
+{
+ iplink_list_func func;
+ void *arg;
+};
+
+static int store_nlmsg(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
+{
+ struct ifinfomsg *ifi = NLMSG_DATA(n);
+ struct rtattr *tb[IFLA_MAX + 1];
+ struct arg *a = arg;
+
+ if (n->nlmsg_type != RTM_NEWLINK)
+ return 0;
+
+ if (n->nlmsg_len < NLMSG_LENGTH(sizeof(*ifi)))
+ return -1;
+
+ memset(tb, 0, sizeof(tb));
+ parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), IFLA_PAYLOAD(n));
+
+ if (tb[IFLA_IFNAME] == NULL)
+ return 0;
+
+ //printf("%i %s\n", ifi->ifi_index, RTA_DATA(tb[IFLA_IFNAME]));
+
+ return a->func(ifi->ifi_index, ifi->ifi_flags, RTA_DATA(tb[IFLA_IFNAME]), a->arg);
+}
+
+int __export iplink_list(iplink_list_func func, void *arg)
+{
+ struct rtnl_handle rth;
+ struct arg a = { .func = func, .arg = arg };
+
+ if (rtnl_open(&rth, 0)) {
+ log_emerg("iplink: cannot open rtnetlink\n");
+ return -1;
+ }
+
+ if (rtnl_wilddump_request(&rth, AF_PACKET, RTM_GETLINK) < 0) {
+ log_emerg("iplink: cannot send dump request\n");
+ goto out_err;
+ }
+
+ if (rtnl_dump_filter(&rth, store_nlmsg, &a, NULL, NULL) < 0) {
+ log_emerg("iplink: dump terminated\n");
+ goto out_err;
+ }
+
+ rtnl_close(&rth);
+
+ return 0;
+
+out_err:
+ rtnl_close(&rth);
+
+ return -1;
+}
+
diff --git a/accel-pppd/libnetlink/iplink.h b/accel-pppd/libnetlink/iplink.h
new file mode 100644
index 00000000..70c7c600
--- /dev/null
+++ b/accel-pppd/libnetlink/iplink.h
@@ -0,0 +1,8 @@
+#ifndef __IPLINK_H
+#define __IPLINK_H
+
+typedef int (*iplink_list_func)(int index, int flags, const char *name, void *arg);
+
+int iplink_list(iplink_list_func func, void *arg);
+
+#endif
diff --git a/accel-pppd/shaper/libnetlink.c b/accel-pppd/libnetlink/libnetlink.c
index 74cd5cb5..55a1a67a 100644
--- a/accel-pppd/shaper/libnetlink.c
+++ b/accel-pppd/libnetlink/libnetlink.c
@@ -26,9 +26,11 @@
#include "libnetlink.h"
#include "log.h"
+#define __export __attribute__((visibility("default")))
+
int rcvbuf = 1024 * 1024;
-void rtnl_close(struct rtnl_handle *rth)
+void __export rtnl_close(struct rtnl_handle *rth)
{
if (rth->fd >= 0) {
close(rth->fd);
@@ -36,7 +38,7 @@ void rtnl_close(struct rtnl_handle *rth)
}
}
-int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
+int __export rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
int protocol)
{
socklen_t addr_len;
@@ -85,12 +87,12 @@ int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
return 0;
}
-int rtnl_open(struct rtnl_handle *rth, unsigned subscriptions)
+int __export rtnl_open(struct rtnl_handle *rth, unsigned subscriptions)
{
return rtnl_open_byproto(rth, subscriptions, NETLINK_ROUTE);
}
-int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type)
+int __export rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type)
{
struct {
struct nlmsghdr nlh;
@@ -108,12 +110,12 @@ int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type)
return send(rth->fd, (void*)&req, sizeof(req), 0);
}
-int rtnl_send(struct rtnl_handle *rth, const char *buf, int len)
+int __export rtnl_send(struct rtnl_handle *rth, const char *buf, int len)
{
return send(rth->fd, buf, len, 0);
}
-int rtnl_send_check(struct rtnl_handle *rth, const char *buf, int len)
+int __export rtnl_send_check(struct rtnl_handle *rth, const char *buf, int len)
{
struct nlmsghdr *h;
int status;
@@ -146,7 +148,7 @@ int rtnl_send_check(struct rtnl_handle *rth, const char *buf, int len)
return 0;
}
-int rtnl_dump_request(struct rtnl_handle *rth, int type, void *req, int len)
+int __export rtnl_dump_request(struct rtnl_handle *rth, int type, void *req, int len)
{
struct nlmsghdr nlh;
struct sockaddr_nl nladdr;
@@ -173,7 +175,7 @@ int rtnl_dump_request(struct rtnl_handle *rth, int type, void *req, int len)
return sendmsg(rth->fd, &msg, 0);
}
-int rtnl_dump_filter_l(struct rtnl_handle *rth,
+int __export rtnl_dump_filter_l(struct rtnl_handle *rth,
const struct rtnl_dump_filter_arg *arg)
{
struct sockaddr_nl nladdr;
@@ -266,7 +268,7 @@ skip_it:
}
}
-int rtnl_dump_filter(struct rtnl_handle *rth,
+int __export rtnl_dump_filter(struct rtnl_handle *rth,
rtnl_filter_t filter,
void *arg1,
rtnl_filter_t junk,
@@ -280,7 +282,7 @@ int rtnl_dump_filter(struct rtnl_handle *rth,
return rtnl_dump_filter_l(rth, a);
}
-int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer,
+int __export rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer,
unsigned groups, struct nlmsghdr *answer,
rtnl_filter_t junk,
void *jarg, int ignore_einval)
@@ -405,7 +407,7 @@ int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer,
}
}
-int rtnl_listen(struct rtnl_handle *rtnl,
+int __export rtnl_listen(struct rtnl_handle *rtnl,
rtnl_filter_t handler,
void *jarg)
{
@@ -480,7 +482,7 @@ int rtnl_listen(struct rtnl_handle *rtnl,
}
}
-int rtnl_from_file(FILE *rtnl, rtnl_filter_t handler,
+int __export rtnl_from_file(FILE *rtnl, rtnl_filter_t handler,
void *jarg)
{
int status;
@@ -535,7 +537,7 @@ int rtnl_from_file(FILE *rtnl, rtnl_filter_t handler,
}
}
-int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
+int __export addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
{
int len = RTA_LENGTH(4);
struct rtattr *rta;
@@ -551,7 +553,7 @@ int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
return 0;
}
-int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
+int __export addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
int alen)
{
int len = RTA_LENGTH(alen);
@@ -569,7 +571,7 @@ int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
return 0;
}
-int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len)
+int __export addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len)
{
if (NLMSG_ALIGN(n->nlmsg_len) + NLMSG_ALIGN(len) > maxlen) {
log_error("libnetlink: ""addraw_l ERROR: message exceeded bound of %d\n",maxlen);
@@ -582,7 +584,7 @@ int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len)
return 0;
}
-struct rtattr *addattr_nest(struct nlmsghdr *n, int maxlen, int type)
+struct rtattr __export *addattr_nest(struct nlmsghdr *n, int maxlen, int type)
{
struct rtattr *nest = NLMSG_TAIL(n);
@@ -590,13 +592,13 @@ struct rtattr *addattr_nest(struct nlmsghdr *n, int maxlen, int type)
return nest;
}
-int addattr_nest_end(struct nlmsghdr *n, struct rtattr *nest)
+int __export addattr_nest_end(struct nlmsghdr *n, struct rtattr *nest)
{
nest->rta_len = (void *)NLMSG_TAIL(n) - (void *)nest;
return n->nlmsg_len;
}
-struct rtattr *addattr_nest_compat(struct nlmsghdr *n, int maxlen, int type,
+struct rtattr __export *addattr_nest_compat(struct nlmsghdr *n, int maxlen, int type,
const void *data, int len)
{
struct rtattr *start = NLMSG_TAIL(n);
@@ -606,7 +608,7 @@ struct rtattr *addattr_nest_compat(struct nlmsghdr *n, int maxlen, int type,
return start;
}
-int addattr_nest_compat_end(struct nlmsghdr *n, struct rtattr *start)
+int __export addattr_nest_compat_end(struct nlmsghdr *n, struct rtattr *start)
{
struct rtattr *nest = (void *)start + NLMSG_ALIGN(start->rta_len);
@@ -615,7 +617,7 @@ int addattr_nest_compat_end(struct nlmsghdr *n, struct rtattr *start)
return n->nlmsg_len;
}
-int rta_addattr32(struct rtattr *rta, int maxlen, int type, __u32 data)
+int __export rta_addattr32(struct rtattr *rta, int maxlen, int type, __u32 data)
{
int len = RTA_LENGTH(4);
struct rtattr *subrta;
@@ -632,7 +634,7 @@ int rta_addattr32(struct rtattr *rta, int maxlen, int type, __u32 data)
return 0;
}
-int rta_addattr_l(struct rtattr *rta, int maxlen, int type,
+int __export rta_addattr_l(struct rtattr *rta, int maxlen, int type,
const void *data, int alen)
{
struct rtattr *subrta;
diff --git a/accel-pppd/shaper/libnetlink.h b/accel-pppd/libnetlink/libnetlink.h
index f68bf8a1..f68bf8a1 100644
--- a/accel-pppd/shaper/libnetlink.h
+++ b/accel-pppd/libnetlink/libnetlink.h
diff --git a/accel-pppd/radius/auth.c b/accel-pppd/radius/auth.c
index 6a0b3a96..6cb4e803 100644
--- a/accel-pppd/radius/auth.c
+++ b/accel-pppd/radius/auth.c
@@ -552,3 +552,31 @@ out:
}
+int rad_auth_null(struct radius_pd_t *rpd, const char *username, va_list args)
+{
+ struct rad_req_t *req;
+ int r = PWDB_DENIED;
+
+ req = rad_req_alloc(rpd, CODE_ACCESS_REQUEST, username);
+ if (!req)
+ return PWDB_DENIED;
+
+ if (conf_sid_in_auth)
+ if (rad_packet_add_str(req->pack, NULL, "Acct-Session-Id", rpd->ses->sessionid))
+ return -1;
+
+ r = rad_auth_send(req);
+ if (r == PWDB_SUCCESS) {
+ struct ev_radius_t ev = {
+ .ses = rpd->ses,
+ .request = req->pack,
+ .reply = req->reply,
+ };
+ triton_event_fire(EV_RADIUS_ACCESS_ACCEPT, &ev);
+ }
+
+ rad_req_free(req);
+
+ return r;
+}
+
diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c
index b654f29c..d880ad01 100644
--- a/accel-pppd/radius/radius.c
+++ b/accel-pppd/radius/radius.c
@@ -164,7 +164,9 @@ static int check(struct pwdb_t *pwdb, struct ap_session *ses, const char *userna
r = rad_auth_mschap_v2(rpd, username, args);
break;
}
- break;
+ case 0:
+ r = rad_auth_null(rpd, username, args);
+ break;
}
va_end(args);
diff --git a/accel-pppd/radius/radius_p.h b/accel-pppd/radius/radius_p.h
index e2c48bf9..f8adb465 100644
--- a/accel-pppd/radius/radius_p.h
+++ b/accel-pppd/radius/radius_p.h
@@ -154,6 +154,7 @@ int rad_auth_pap(struct radius_pd_t *rpd, const char *username, va_list args);
int rad_auth_chap_md5(struct radius_pd_t *rpd, const char *username, va_list args);
int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list args);
int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list args);
+int rad_auth_null(struct radius_pd_t *rpd, const char *username, va_list args);
int rad_acct_start(struct radius_pd_t *rpd);
void rad_acct_stop(struct radius_pd_t *rpd);
diff --git a/accel-pppd/radius/req.c b/accel-pppd/radius/req.c
index 33273b43..f452c425 100644
--- a/accel-pppd/radius/req.c
+++ b/accel-pppd/radius/req.c
@@ -71,12 +71,21 @@ struct rad_req_t *rad_req_alloc(struct radius_pd_t *rpd, int code, const char *u
if (rad_packet_add_int(req->pack, NULL, "NAS-Port", ppp->ses.unit_idx))
goto out_err;
}
- if (rad_packet_add_val(req->pack, NULL, "NAS-Port-Type", "Virtual"))
- goto out_err;
- if (rad_packet_add_val(req->pack, NULL, "Service-Type", "Framed-User"))
- goto out_err;
- if (rad_packet_add_val(req->pack, NULL, "Framed-Protocol", "PPP"))
- goto out_err;
+
+ if (req->rpd->ses->ctrl->type == CTRL_TYPE_IPOE) {
+ if (rad_packet_add_val(req->pack, NULL, "NAS-Port-Type", "Ethernet"))
+ goto out_err;
+ } else {
+ if (rad_packet_add_val(req->pack, NULL, "NAS-Port-Type", "Virtual"))
+ goto out_err;
+
+ if (rad_packet_add_val(req->pack, NULL, "Service-Type", "Framed-User"))
+ goto out_err;
+
+ if (rad_packet_add_val(req->pack, NULL, "Framed-Protocol", "PPP"))
+ goto out_err;
+ }
+
if (rpd->ses->ctrl->calling_station_id)
if (rad_packet_add_str(req->pack, NULL, "Calling-Station-Id", rpd->ses->ctrl->calling_station_id))
goto out_err;
diff --git a/accel-pppd/shaper/CMakeLists.txt b/accel-pppd/shaper/CMakeLists.txt
index 515fd839..3c1ac951 100644
--- a/accel-pppd/shaper/CMakeLists.txt
+++ b/accel-pppd/shaper/CMakeLists.txt
@@ -1,4 +1,4 @@
-ADD_LIBRARY(shaper SHARED shaper.c limiter.c leaf_qdisc.c tc_core.c libnetlink.c)
+ADD_LIBRARY(shaper SHARED shaper.c limiter.c leaf_qdisc.c tc_core.c)
INSTALL(TARGETS shaper
LIBRARY DESTINATION lib/accel-ppp
diff --git a/rfc/rfc2131.txt b/rfc/rfc2131.txt
new file mode 100644
index 00000000..f45d9b86
--- /dev/null
+++ b/rfc/rfc2131.txt
@@ -0,0 +1,2523 @@
+
+
+
+
+
+
+Network Working Group R. Droms
+Request for Comments: 2131 Bucknell University
+Obsoletes: 1541 March 1997
+Category: Standards Track
+
+ Dynamic Host Configuration Protocol
+
+Status of this memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Abstract
+
+ The Dynamic Host Configuration Protocol (DHCP) provides a framework
+ for passing configuration information to hosts on a TCPIP network.
+ DHCP is based on the Bootstrap Protocol (BOOTP) [7], adding the
+ capability of automatic allocation of reusable network addresses and
+ additional configuration options [19]. DHCP captures the behavior of
+ BOOTP relay agents [7, 21], and DHCP participants can interoperate
+ with BOOTP participants [9].
+
+Table of Contents
+
+ 1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . 2
+ 1.1 Changes to RFC1541. . . . . . . . . . . . . . . . . . . . . . 3
+ 1.2 Related Work. . . . . . . . . . . . . . . . . . . . . . . . . 4
+ 1.3 Problem definition and issues . . . . . . . . . . . . . . . . 4
+ 1.4 Requirements. . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 1.5 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 1.6 Design goals. . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 2. Protocol Summary. . . . . . . . . . . . . . . . . . . . . . . 8
+ 2.1 Configuration parameters repository . . . . . . . . . . . . . 11
+ 2.2 Dynamic allocation of network addresses . . . . . . . . . . . 12
+ 3. The Client-Server Protocol. . . . . . . . . . . . . . . . . . 13
+ 3.1 Client-server interaction - allocating a network address. . . 13
+ 3.2 Client-server interaction - reusing a previously allocated
+ network address . . . . . . . . . . . . . . . . . . . . . . . 17
+ 3.3 Interpretation and representation of time values. . . . . . . 20
+ 3.4 Obtaining parameters with externally configured network
+ address . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
+ 3.5 Client parameters in DHCP . . . . . . . . . . . . . . . . . . 21
+ 3.6 Use of DHCP in clients with multiple interfaces . . . . . . . 22
+ 3.7 When clients should use DHCP. . . . . . . . . . . . . . . . . 22
+ 4. Specification of the DHCP client-server protocol. . . . . . . 22
+
+
+
+Droms Standards Track [Page 1]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ 4.1 Constructing and sending DHCP messages. . . . . . . . . . . . 22
+ 4.2 DHCP server administrative controls . . . . . . . . . . . . . 25
+ 4.3 DHCP server behavior. . . . . . . . . . . . . . . . . . . . . 26
+ 4.4 DHCP client behavior. . . . . . . . . . . . . . . . . . . . . 34
+ 5. Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . .42
+ 6. References . . . . . . . . . . . . . . . . . . . . . . . . . .42
+ 7. Security Considerations. . . . . . . . . . . . . . . . . . . .43
+ 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . .44
+ A. Host Configuration Parameters . . . . . . . . . . . . . . . .45
+List of Figures
+ 1. Format of a DHCP message . . . . . . . . . . . . . . . . . . . 9
+ 2. Format of the 'flags' field. . . . . . . . . . . . . . . . . . 11
+ 3. Timeline diagram of messages exchanged between DHCP client and
+ servers when allocating a new network address. . . . . . . . . 15
+ 4. Timeline diagram of messages exchanged between DHCP client and
+ servers when reusing a previously allocated network address. . 18
+ 5. State-transition diagram for DHCP clients. . . . . . . . . . . 34
+List of Tables
+ 1. Description of fields in a DHCP message. . . . . . . . . . . . 10
+ 2. DHCP messages. . . . . . . . . . . . . . . . . . . . . . . . . 14
+ 3. Fields and options used by DHCP servers. . . . . . . . . . . . 28
+ 4. Client messages from various states. . . . . . . . . . . . . . 33
+ 5. Fields and options used by DHCP clients. . . . . . . . . . . . 37
+
+1. Introduction
+
+ The Dynamic Host Configuration Protocol (DHCP) provides configuration
+ parameters to Internet hosts. DHCP consists of two components: a
+ protocol for delivering host-specific configuration parameters from a
+ DHCP server to a host and a mechanism for allocation of network
+ addresses to hosts.
+
+ DHCP is built on a client-server model, where designated DHCP server
+ hosts allocate network addresses and deliver configuration parameters
+ to dynamically configured hosts. Throughout the remainder of this
+ document, the term "server" refers to a host providing initialization
+ parameters through DHCP, and the term "client" refers to a host
+ requesting initialization parameters from a DHCP server.
+
+ A host should not act as a DHCP server unless explicitly configured
+ to do so by a system administrator. The diversity of hardware and
+ protocol implementations in the Internet would preclude reliable
+ operation if random hosts were allowed to respond to DHCP requests.
+ For example, IP requires the setting of many parameters within the
+ protocol implementation software. Because IP can be used on many
+ dissimilar kinds of network hardware, values for those parameters
+ cannot be guessed or assumed to have correct defaults. Also,
+ distributed address allocation schemes depend on a polling/defense
+
+
+
+Droms Standards Track [Page 2]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ mechanism for discovery of addresses that are already in use. IP
+ hosts may not always be able to defend their network addresses, so
+ that such a distributed address allocation scheme cannot be
+ guaranteed to avoid allocation of duplicate network addresses.
+
+ DHCP supports three mechanisms for IP address allocation. In
+ "automatic allocation", DHCP assigns a permanent IP address to a
+ client. In "dynamic allocation", DHCP assigns an IP address to a
+ client for a limited period of time (or until the client explicitly
+ relinquishes the address). In "manual allocation", a client's IP
+ address is assigned by the network administrator, and DHCP is used
+ simply to convey the assigned address to the client. A particular
+ network will use one or more of these mechanisms, depending on the
+ policies of the network administrator.
+
+ Dynamic allocation is the only one of the three mechanisms that
+ allows automatic reuse of an address that is no longer needed by the
+ client to which it was assigned. Thus, dynamic allocation is
+ particularly useful for assigning an address to a client that will be
+ connected to the network only temporarily or for sharing a limited
+ pool of IP addresses among a group of clients that do not need
+ permanent IP addresses. Dynamic allocation may also be a good choice
+ for assigning an IP address to a new client being permanently
+ connected to a network where IP addresses are sufficiently scarce
+ that it is important to reclaim them when old clients are retired.
+ Manual allocation allows DHCP to be used to eliminate the error-prone
+ process of manually configuring hosts with IP addresses in
+ environments where (for whatever reasons) it is desirable to manage
+ IP address assignment outside of the DHCP mechanisms.
+
+ The format of DHCP messages is based on the format of BOOTP messages,
+ to capture the BOOTP relay agent behavior described as part of the
+ BOOTP specification [7, 21] and to allow interoperability of existing
+ BOOTP clients with DHCP servers. Using BOOTP relay agents eliminates
+ the necessity of having a DHCP server on each physical network
+ segment.
+
+1.1 Changes to RFC 1541
+
+ This document updates the DHCP protocol specification that appears in
+ RFC1541. A new DHCP message type, DHCPINFORM, has been added; see
+ section 3.4, 4.3 and 4.4 for details. The classing mechanism for
+ identifying DHCP clients to DHCP servers has been extended to include
+ "vendor" classes as defined in sections 4.2 and 4.3. The minimum
+ lease time restriction has been removed. Finally, many editorial
+ changes have been made to clarify the text as a result of experience
+ gained in DHCP interoperability tests.
+
+
+
+
+Droms Standards Track [Page 3]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+1.2 Related Work
+
+ There are several Internet protocols and related mechanisms that
+ address some parts of the dynamic host configuration problem. The
+ Reverse Address Resolution Protocol (RARP) [10] (through the
+ extensions defined in the Dynamic RARP (DRARP) [5]) explicitly
+ addresses the problem of network address discovery, and includes an
+ automatic IP address assignment mechanism. The Trivial File Transfer
+ Protocol (TFTP) [20] provides for transport of a boot image from a
+ boot server. The Internet Control Message Protocol (ICMP) [16]
+ provides for informing hosts of additional routers via "ICMP
+ redirect" messages. ICMP also can provide subnet mask information
+ through the "ICMP mask request" message and other information through
+ the (obsolete) "ICMP information request" message. Hosts can locate
+ routers through the ICMP router discovery mechanism [8].
+
+ BOOTP is a transport mechanism for a collection of configuration
+ information. BOOTP is also extensible, and official extensions [17]
+ have been defined for several configuration parameters. Morgan has
+ proposed extensions to BOOTP for dynamic IP address assignment [15].
+ The Network Information Protocol (NIP), used by the Athena project at
+ MIT, is a distributed mechanism for dynamic IP address assignment
+ [19]. The Resource Location Protocol RLP [1] provides for location
+ of higher level services. Sun Microsystems diskless workstations use
+ a boot procedure that employs RARP, TFTP and an RPC mechanism called
+ "bootparams" to deliver configuration information and operating
+ system code to diskless hosts. (Sun Microsystems, Sun Workstation
+ and SunOS are trademarks of Sun Microsystems, Inc.) Some Sun
+ networks also use DRARP and an auto-installation mechanism to
+ automate the configuration of new hosts in an existing network.
+
+ In other related work, the path minimum transmission unit (MTU)
+ discovery algorithm can determine the MTU of an arbitrary internet
+ path [14]. The Address Resolution Protocol (ARP) has been proposed
+ as a transport protocol for resource location and selection [6].
+ Finally, the Host Requirements RFCs [3, 4] mention specific
+ requirements for host reconfiguration and suggest a scenario for
+ initial configuration of diskless hosts.
+
+1.3 Problem definition and issues
+
+ DHCP is designed to supply DHCP clients with the configuration
+ parameters defined in the Host Requirements RFCs. After obtaining
+ parameters via DHCP, a DHCP client should be able to exchange packets
+ with any other host in the Internet. The TCP/IP stack parameters
+ supplied by DHCP are listed in Appendix A.
+
+
+
+
+
+Droms Standards Track [Page 4]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Not all of these parameters are required for a newly initialized
+ client. A client and server may negotiate for the transmission of
+ only those parameters required by the client or specific to a
+ particular subnet.
+
+ DHCP allows but does not require the configuration of client
+ parameters not directly related to the IP protocol. DHCP also does
+ not address registration of newly configured clients with the Domain
+ Name System (DNS) [12, 13].
+
+ DHCP is not intended for use in configuring routers.
+
+1.4 Requirements
+
+ Throughout this document, the words that are used to define the
+ significance of particular requirements are capitalized. These words
+ are:
+
+ o "MUST"
+
+ This word or the adjective "REQUIRED" means that the
+ item is an absolute requirement of this specification.
+
+ o "MUST NOT"
+
+ This phrase means that the item is an absolute prohibition
+ of this specification.
+
+ o "SHOULD"
+
+ This word or the adjective "RECOMMENDED" means that there
+ may exist valid reasons in particular circumstances to ignore
+ this item, but the full implications should be understood and
+ the case carefully weighed before choosing a different course.
+
+ o "SHOULD NOT"
+
+ This phrase means that there may exist valid reasons in
+ particular circumstances when the listed behavior is acceptable
+ or even useful, but the full implications should be understood
+ and the case carefully weighed before implementing any behavior
+ described with this label.
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 5]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ o "MAY"
+
+ This word or the adjective "OPTIONAL" means that this item is
+ truly optional. One vendor may choose to include the item
+ because a particular marketplace requires it or because it
+ enhances the product, for example; another vendor may omit the
+ same item.
+
+1.5 Terminology
+
+ This document uses the following terms:
+
+ o "DHCP client"
+
+ A DHCP client is an Internet host using DHCP to obtain
+ configuration parameters such as a network address.
+
+ o "DHCP server"
+
+ A DHCP server is an Internet host that returns configuration
+ parameters to DHCP clients.
+
+ o "BOOTP relay agent"
+
+ A BOOTP relay agent or relay agent is an Internet host or router
+ that passes DHCP messages between DHCP clients and DHCP servers.
+ DHCP is designed to use the same relay agent behavior as specified
+ in the BOOTP protocol specification.
+
+ o "binding"
+
+ A binding is a collection of configuration parameters, including
+ at least an IP address, associated with or "bound to" a DHCP
+ client. Bindings are managed by DHCP servers.
+
+1.6 Design goals
+
+ The following list gives general design goals for DHCP.
+
+ o DHCP should be a mechanism rather than a policy. DHCP must
+ allow local system administrators control over configuration
+ parameters where desired; e.g., local system administrators
+ should be able to enforce local policies concerning allocation
+ and access to local resources where desired.
+
+
+
+
+
+
+
+Droms Standards Track [Page 6]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ o Clients should require no manual configuration. Each client
+ should be able to discover appropriate local configuration
+ parameters without user intervention and incorporate those
+ parameters into its own configuration.
+
+ o Networks should require no manual configuration for individual
+ clients. Under normal circumstances, the network manager
+ should not have to enter any per-client configuration
+ parameters.
+
+ o DHCP should not require a server on each subnet. To allow for
+ scale and economy, DHCP must work across routers or through the
+ intervention of BOOTP relay agents.
+
+ o A DHCP client must be prepared to receive multiple responses
+ to a request for configuration parameters. Some installations
+ may include multiple, overlapping DHCP servers to enhance
+ reliability and increase performance.
+
+ o DHCP must coexist with statically configured, non-participating
+ hosts and with existing network protocol implementations.
+
+ o DHCP must interoperate with the BOOTP relay agent behavior as
+ described by RFC 951 and by RFC 1542 [21].
+
+ o DHCP must provide service to existing BOOTP clients.
+
+ The following list gives design goals specific to the transmission of
+ the network layer parameters. DHCP must:
+
+ o Guarantee that any specific network address will not be in
+ use by more than one DHCP client at a time,
+
+ o Retain DHCP client configuration across DHCP client reboot. A
+ DHCP client should, whenever possible, be assigned the same
+ configuration parameters (e.g., network address) in response
+ to each request,
+
+ o Retain DHCP client configuration across server reboots, and,
+ whenever possible, a DHCP client should be assigned the same
+ configuration parameters despite restarts of the DHCP mechanism,
+
+ o Allow automated assignment of configuration parameters to new
+ clients to avoid hand configuration for new clients,
+
+ o Support fixed or permanent allocation of configuration
+ parameters to specific clients.
+
+
+
+
+Droms Standards Track [Page 7]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+2. Protocol Summary
+
+ From the client's point of view, DHCP is an extension of the BOOTP
+ mechanism. This behavior allows existing BOOTP clients to
+ interoperate with DHCP servers without requiring any change to the
+ clients' initialization software. RFC 1542 [2] details the
+ interactions between BOOTP and DHCP clients and servers [9]. There
+ are some new, optional transactions that optimize the interaction
+ between DHCP clients and servers that are described in sections 3 and
+ 4.
+
+ Figure 1 gives the format of a DHCP message and table 1 describes
+ each of the fields in the DHCP message. The numbers in parentheses
+ indicate the size of each field in octets. The names for the fields
+ given in the figure will be used throughout this document to refer to
+ the fields in DHCP messages.
+
+ There are two primary differences between DHCP and BOOTP. First,
+ DHCP defines mechanisms through which clients can be assigned a
+ network address for a finite lease, allowing for serial reassignment
+ of network addresses to different clients. Second, DHCP provides the
+ mechanism for a client to acquire all of the IP configuration
+ parameters that it needs in order to operate.
+
+ DHCP introduces a small change in terminology intended to clarify the
+ meaning of one of the fields. What was the "vendor extensions" field
+ in BOOTP has been re-named the "options" field in DHCP. Similarly,
+ the tagged data items that were used inside the BOOTP "vendor
+ extensions" field, which were formerly referred to as "vendor
+ extensions," are now termed simply "options."
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 8]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | op (1) | htype (1) | hlen (1) | hops (1) |
+ +---------------+---------------+---------------+---------------+
+ | xid (4) |
+ +-------------------------------+-------------------------------+
+ | secs (2) | flags (2) |
+ +-------------------------------+-------------------------------+
+ | ciaddr (4) |
+ +---------------------------------------------------------------+
+ | yiaddr (4) |
+ +---------------------------------------------------------------+
+ | siaddr (4) |
+ +---------------------------------------------------------------+
+ | giaddr (4) |
+ +---------------------------------------------------------------+
+ | |
+ | chaddr (16) |
+ | |
+ | |
+ +---------------------------------------------------------------+
+ | |
+ | sname (64) |
+ +---------------------------------------------------------------+
+ | |
+ | file (128) |
+ +---------------------------------------------------------------+
+ | |
+ | options (variable) |
+ +---------------------------------------------------------------+
+
+ Figure 1: Format of a DHCP message
+
+ DHCP defines a new 'client identifier' option that is used to pass an
+ explicit client identifier to a DHCP server. This change eliminates
+ the overloading of the 'chaddr' field in BOOTP messages, where
+ 'chaddr' is used both as a hardware address for transmission of BOOTP
+ reply messages and as a client identifier. The 'client identifier'
+ is an opaque key, not to be interpreted by the server; for example,
+ the 'client identifier' may contain a hardware address, identical to
+ the contents of the 'chaddr' field, or it may contain another type of
+ identifier, such as a DNS name. The 'client identifier' chosen by a
+ DHCP client MUST be unique to that client within the subnet to which
+ the client is attached. If the client uses a 'client identifier' in
+ one message, it MUST use that same identifier in all subsequent
+ messages, to ensure that all servers correctly identify the client.
+
+
+
+
+Droms Standards Track [Page 9]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ DHCP clarifies the interpretation of the 'siaddr' field as the
+ address of the server to use in the next step of the client's
+ bootstrap process. A DHCP server may return its own address in the
+ 'siaddr' field, if the server is prepared to supply the next
+ bootstrap service (e.g., delivery of an operating system executable
+ image). A DHCP server always returns its own address in the 'server
+ identifier' option.
+
+ FIELD OCTETS DESCRIPTION
+ ----- ------ -----------
+
+ op 1 Message op code / message type.
+ 1 = BOOTREQUEST, 2 = BOOTREPLY
+ htype 1 Hardware address type, see ARP section in "Assigned
+ Numbers" RFC; e.g., '1' = 10mb ethernet.
+ hlen 1 Hardware address length (e.g. '6' for 10mb
+ ethernet).
+ hops 1 Client sets to zero, optionally used by relay agents
+ when booting via a relay agent.
+ xid 4 Transaction ID, a random number chosen by the
+ client, used by the client and server to associate
+ messages and responses between a client and a
+ server.
+ secs 2 Filled in by client, seconds elapsed since client
+ began address acquisition or renewal process.
+ flags 2 Flags (see figure 2).
+ ciaddr 4 Client IP address; only filled in if client is in
+ BOUND, RENEW or REBINDING state and can respond
+ to ARP requests.
+ yiaddr 4 'your' (client) IP address.
+ siaddr 4 IP address of next server to use in bootstrap;
+ returned in DHCPOFFER, DHCPACK by server.
+ giaddr 4 Relay agent IP address, used in booting via a
+ relay agent.
+ chaddr 16 Client hardware address.
+ sname 64 Optional server host name, null terminated string.
+ file 128 Boot file name, null terminated string; "generic"
+ name or null in DHCPDISCOVER, fully qualified
+ directory-path name in DHCPOFFER.
+ options var Optional parameters field. See the options
+ documents for a list of defined options.
+
+ Table 1: Description of fields in a DHCP message
+
+ The 'options' field is now variable length. A DHCP client must be
+ prepared to receive DHCP messages with an 'options' field of at least
+ length 312 octets. This requirement implies that a DHCP client must
+ be prepared to receive a message of up to 576 octets, the minimum IP
+
+
+
+Droms Standards Track [Page 10]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ datagram size an IP host must be prepared to accept [3]. DHCP
+ clients may negotiate the use of larger DHCP messages through the
+ 'maximum DHCP message size' option. The options field may be further
+ extended into the 'file' and 'sname' fields.
+
+ In the case of a client using DHCP for initial configuration (before
+ the client's TCP/IP software has been completely configured), DHCP
+ requires creative use of the client's TCP/IP software and liberal
+ interpretation of RFC 1122. The TCP/IP software SHOULD accept and
+ forward to the IP layer any IP packets delivered to the client's
+ hardware address before the IP address is configured; DHCP servers
+ and BOOTP relay agents may not be able to deliver DHCP messages to
+ clients that cannot accept hardware unicast datagrams before the
+ TCP/IP software is configured.
+
+ To work around some clients that cannot accept IP unicast datagrams
+ before the TCP/IP software is configured as discussed in the previous
+ paragraph, DHCP uses the 'flags' field [21]. The leftmost bit is
+ defined as the BROADCAST (B) flag. The semantics of this flag are
+ discussed in section 4.1 of this document. The remaining bits of the
+ flags field are reserved for future use. They MUST be set to zero by
+ clients and ignored by servers and relay agents. Figure 2 gives the
+ format of the 'flags' field.
+
+ 1 1 1 1 1 1
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |B| MBZ |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ B: BROADCAST flag
+
+ MBZ: MUST BE ZERO (reserved for future use)
+
+ Figure 2: Format of the 'flags' field
+
+2.1 Configuration parameters repository
+
+ The first service provided by DHCP is to provide persistent storage
+ of network parameters for network clients. The model of DHCP
+ persistent storage is that the DHCP service stores a key-value entry
+ for each client, where the key is some unique identifier (for
+ example, an IP subnet number and a unique identifier within the
+ subnet) and the value contains the configuration parameters for the
+ client.
+
+ For example, the key might be the pair (IP-subnet-number, hardware-
+ address) (note that the "hardware-address" should be typed by the
+
+
+
+Droms Standards Track [Page 11]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ type of hardware to accommodate possible duplication of hardware
+ addresses resulting from bit-ordering problems in a mixed-media,
+ bridged network) allowing for serial or concurrent reuse of a
+ hardware address on different subnets, and for hardware addresses
+ that may not be globally unique. Alternately, the key might be the
+ pair (IP-subnet-number, hostname), allowing the server to assign
+ parameters intelligently to a DHCP client that has been moved to a
+ different subnet or has changed hardware addresses (perhaps because
+ the network interface failed and was replaced). The protocol defines
+ that the key will be (IP-subnet-number, hardware-address) unless the
+ client explicitly supplies an identifier using the 'client
+ identifier' option. A client can query the DHCP service to
+ retrieve its configuration parameters. The client interface to the
+ configuration parameters repository consists of protocol messages to
+ request configuration parameters and responses from the server
+ carrying the configuration parameters.
+
+2.2 Dynamic allocation of network addresses
+
+ The second service provided by DHCP is the allocation of temporary or
+ permanent network (IP) addresses to clients. The basic mechanism for
+ the dynamic allocation of network addresses is simple: a client
+ requests the use of an address for some period of time. The
+ allocation mechanism (the collection of DHCP servers) guarantees not
+ to reallocate that address within the requested time and attempts to
+ return the same network address each time the client requests an
+ address. In this document, the period over which a network address
+ is allocated to a client is referred to as a "lease" [11]. The
+ client may extend its lease with subsequent requests. The client may
+ issue a message to release the address back to the server when the
+ client no longer needs the address. The client may ask for a
+ permanent assignment by asking for an infinite lease. Even when
+ assigning "permanent" addresses, a server may choose to give out
+ lengthy but non-infinite leases to allow detection of the fact that
+ the client has been retired.
+
+ In some environments it will be necessary to reassign network
+ addresses due to exhaustion of available addresses. In such
+ environments, the allocation mechanism will reuse addresses whose
+ lease has expired. The server should use whatever information is
+ available in the configuration information repository to choose an
+ address to reuse. For example, the server may choose the least
+ recently assigned address. As a consistency check, the allocating
+ server SHOULD probe the reused address before allocating the address,
+ e.g., with an ICMP echo request, and the client SHOULD probe the
+ newly received address, e.g., with ARP.
+
+
+
+
+
+Droms Standards Track [Page 12]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+3. The Client-Server Protocol
+
+ DHCP uses the BOOTP message format defined in RFC 951 and given in
+ table 1 and figure 1. The 'op' field of each DHCP message sent from
+ a client to a server contains BOOTREQUEST. BOOTREPLY is used in the
+ 'op' field of each DHCP message sent from a server to a client.
+
+ The first four octets of the 'options' field of the DHCP message
+ contain the (decimal) values 99, 130, 83 and 99, respectively (this
+ is the same magic cookie as is defined in RFC 1497 [17]). The
+ remainder of the 'options' field consists of a list of tagged
+ parameters that are called "options". All of the "vendor extensions"
+ listed in RFC 1497 are also DHCP options. RFC 1533 gives the
+ complete set of options defined for use with DHCP.
+
+ Several options have been defined so far. One particular option -
+ the "DHCP message type" option - must be included in every DHCP
+ message. This option defines the "type" of the DHCP message.
+ Additional options may be allowed, required, or not allowed,
+ depending on the DHCP message type.
+
+ Throughout this document, DHCP messages that include a 'DHCP message
+ type' option will be referred to by the type of the message; e.g., a
+ DHCP message with 'DHCP message type' option type 1 will be referred
+ to as a "DHCPDISCOVER" message.
+
+3.1 Client-server interaction - allocating a network address
+
+ The following summary of the protocol exchanges between clients and
+ servers refers to the DHCP messages described in table 2. The
+ timeline diagram in figure 3 shows the timing relationships in a
+ typical client-server interaction. If the client already knows its
+ address, some steps may be omitted; this abbreviated interaction is
+ described in section 3.2.
+
+ 1. The client broadcasts a DHCPDISCOVER message on its local physical
+ subnet. The DHCPDISCOVER message MAY include options that suggest
+ values for the network address and lease duration. BOOTP relay
+ agents may pass the message on to DHCP servers not on the same
+ physical subnet.
+
+ 2. Each server may respond with a DHCPOFFER message that includes an
+ available network address in the 'yiaddr' field (and other
+ configuration parameters in DHCP options). Servers need not
+ reserve the offered network address, although the protocol will
+ work more efficiently if the server avoids allocating the offered
+ network address to another client. When allocating a new address,
+ servers SHOULD check that the offered network address is not
+
+
+
+Droms Standards Track [Page 13]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ already in use; e.g., the server may probe the offered address
+ with an ICMP Echo Request. Servers SHOULD be implemented so that
+ network administrators MAY choose to disable probes of newly
+ allocated addresses. The server transmits the DHCPOFFER message
+ to the client, using the BOOTP relay agent if necessary.
+
+ Message Use
+ ------- ---
+
+ DHCPDISCOVER - Client broadcast to locate available servers.
+
+ DHCPOFFER - Server to client in response to DHCPDISCOVER with
+ offer of configuration parameters.
+
+ DHCPREQUEST - Client message to servers either (a) requesting
+ offered parameters from one server and implicitly
+ declining offers from all others, (b) confirming
+ correctness of previously allocated address after,
+ e.g., system reboot, or (c) extending the lease on a
+ particular network address.
+
+ DHCPACK - Server to client with configuration parameters,
+ including committed network address.
+
+ DHCPNAK - Server to client indicating client's notion of network
+ address is incorrect (e.g., client has moved to new
+ subnet) or client's lease as expired
+
+ DHCPDECLINE - Client to server indicating network address is already
+ in use.
+
+ DHCPRELEASE - Client to server relinquishing network address and
+ cancelling remaining lease.
+
+ DHCPINFORM - Client to server, asking only for local configuration
+ parameters; client already has externally configured
+ network address.
+
+ Table 2: DHCP messages
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 14]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Server Client Server
+ (not selected) (selected)
+
+ v v v
+ | | |
+ | Begins initialization |
+ | | |
+ | _____________/|\____________ |
+ |/DHCPDISCOVER | DHCPDISCOVER \|
+ | | |
+ Determines | Determines
+ configuration | configuration
+ | | |
+ |\ | ____________/ |
+ | \________ | /DHCPOFFER |
+ | DHCPOFFER\ |/ |
+ | \ | |
+ | Collects replies |
+ | \| |
+ | Selects configuration |
+ | | |
+ | _____________/|\____________ |
+ |/ DHCPREQUEST | DHCPREQUEST\ |
+ | | |
+ | | Commits configuration
+ | | |
+ | | _____________/|
+ | |/ DHCPACK |
+ | | |
+ | Initialization complete |
+ | | |
+ . . .
+ . . .
+ | | |
+ | Graceful shutdown |
+ | | |
+ | |\ ____________ |
+ | | DHCPRELEASE \|
+ | | |
+ | | Discards lease
+ | | |
+ v v v
+ Figure 3: Timeline diagram of messages exchanged between DHCP
+ client and servers when allocating a new network address
+
+
+
+
+
+
+
+Droms Standards Track [Page 15]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ 3. The client receives one or more DHCPOFFER messages from one or more
+ servers. The client may choose to wait for multiple responses.
+ The client chooses one server from which to request configuration
+ parameters, based on the configuration parameters offered in the
+ DHCPOFFER messages. The client broadcasts a DHCPREQUEST message
+ that MUST include the 'server identifier' option to indicate which
+ server it has selected, and that MAY include other options
+ specifying desired configuration values. The 'requested IP
+ address' option MUST be set to the value of 'yiaddr' in the
+ DHCPOFFER message from the server. This DHCPREQUEST message is
+ broadcast and relayed through DHCP/BOOTP relay agents. To help
+ ensure that any BOOTP relay agents forward the DHCPREQUEST message
+ to the same set of DHCP servers that received the original
+ DHCPDISCOVER message, the DHCPREQUEST message MUST use the same
+ value in the DHCP message header's 'secs' field and be sent to the
+ same IP broadcast address as the original DHCPDISCOVER message.
+ The client times out and retransmits the DHCPDISCOVER message if
+ the client receives no DHCPOFFER messages.
+
+ 4. The servers receive the DHCPREQUEST broadcast from the client.
+ Those servers not selected by the DHCPREQUEST message use the
+ message as notification that the client has declined that server's
+ offer. The server selected in the DHCPREQUEST message commits the
+ binding for the client to persistent storage and responds with a
+ DHCPACK message containing the configuration parameters for the
+ requesting client. The combination of 'client identifier' or
+ 'chaddr' and assigned network address constitute a unique
+ identifier for the client's lease and are used by both the client
+ and server to identify a lease referred to in any DHCP messages.
+ Any configuration parameters in the DHCPACK message SHOULD NOT
+ conflict with those in the earlier DHCPOFFER message to which the
+ client is responding. The server SHOULD NOT check the offered
+ network address at this point. The 'yiaddr' field in the DHCPACK
+ messages is filled in with the selected network address.
+
+ If the selected server is unable to satisfy the DHCPREQUEST message
+ (e.g., the requested network address has been allocated), the
+ server SHOULD respond with a DHCPNAK message.
+
+ A server MAY choose to mark addresses offered to clients in
+ DHCPOFFER messages as unavailable. The server SHOULD mark an
+ address offered to a client in a DHCPOFFER message as available if
+ the server receives no DHCPREQUEST message from that client.
+
+ 5. The client receives the DHCPACK message with configuration
+ parameters. The client SHOULD perform a final check on the
+ parameters (e.g., ARP for allocated network address), and notes the
+ duration of the lease specified in the DHCPACK message. At this
+
+
+
+Droms Standards Track [Page 16]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ point, the client is configured. If the client detects that the
+ address is already in use (e.g., through the use of ARP), the
+ client MUST send a DHCPDECLINE message to the server and restarts
+ the configuration process. The client SHOULD wait a minimum of ten
+ seconds before restarting the configuration process to avoid
+ excessive network traffic in case of looping.
+
+ If the client receives a DHCPNAK message, the client restarts the
+ configuration process.
+
+ The client times out and retransmits the DHCPREQUEST message if the
+ client receives neither a DHCPACK or a DHCPNAK message. The client
+ retransmits the DHCPREQUEST according to the retransmission
+ algorithm in section 4.1. The client should choose to retransmit
+ the DHCPREQUEST enough times to give adequate probability of
+ contacting the server without causing the client (and the user of
+ that client) to wait overly long before giving up; e.g., a client
+ retransmitting as described in section 4.1 might retransmit the
+ DHCPREQUEST message four times, for a total delay of 60 seconds,
+ before restarting the initialization procedure. If the client
+ receives neither a DHCPACK or a DHCPNAK message after employing the
+ retransmission algorithm, the client reverts to INIT state and
+ restarts the initialization process. The client SHOULD notify the
+ user that the initialization process has failed and is restarting.
+
+ 6. The client may choose to relinquish its lease on a network address
+ by sending a DHCPRELEASE message to the server. The client
+ identifies the lease to be released with its 'client identifier',
+ or 'chaddr' and network address in the DHCPRELEASE message. If the
+ client used a 'client identifier' when it obtained the lease, it
+ MUST use the same 'client identifier' in the DHCPRELEASE message.
+
+3.2 Client-server interaction - reusing a previously allocated network
+ address
+
+ If a client remembers and wishes to reuse a previously allocated
+ network address, a client may choose to omit some of the steps
+ described in the previous section. The timeline diagram in figure 4
+ shows the timing relationships in a typical client-server interaction
+ for a client reusing a previously allocated network address.
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 17]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ 1. The client broadcasts a DHCPREQUEST message on its local subnet.
+ The message includes the client's network address in the
+ 'requested IP address' option. As the client has not received its
+ network address, it MUST NOT fill in the 'ciaddr' field. BOOTP
+ relay agents pass the message on to DHCP servers not on the same
+ subnet. If the client used a 'client identifier' to obtain its
+ address, the client MUST use the same 'client identifier' in the
+ DHCPREQUEST message.
+
+ 2. Servers with knowledge of the client's configuration parameters
+ respond with a DHCPACK message to the client. Servers SHOULD NOT
+ check that the client's network address is already in use; the
+ client may respond to ICMP Echo Request messages at this point.
+
+ Server Client Server
+
+ v v v
+ | | |
+ | Begins |
+ | initialization |
+ | | |
+ | /|\ |
+ | _________ __/ | \__________ |
+ | /DHCPREQU EST | DHCPREQUEST\ |
+ |/ | \|
+ | | |
+ Locates | Locates
+ configuration | configuration
+ | | |
+ |\ | /|
+ | \ | ___________/ |
+ | \ | / DHCPACK |
+ | \ _______ |/ |
+ | DHCPACK\ | |
+ | Initialization |
+ | complete |
+ | \| |
+ | | |
+ | (Subsequent |
+ | DHCPACKS |
+ | ignored) |
+ | | |
+ | | |
+ v v v
+
+ Figure 4: Timeline diagram of messages exchanged between DHCP
+ client and servers when reusing a previously allocated
+ network address
+
+
+
+Droms Standards Track [Page 18]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ If the client's request is invalid (e.g., the client has moved
+ to a new subnet), servers SHOULD respond with a DHCPNAK message to
+ the client. Servers SHOULD NOT respond if their information is not
+ guaranteed to be accurate. For example, a server that identifies a
+ request for an expired binding that is owned by another server SHOULD
+ NOT respond with a DHCPNAK unless the servers are using an explicit
+ mechanism to maintain coherency among the servers.
+
+ If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on
+ the same subnet as the server. The server MUST
+ broadcast the DHCPNAK message to the 0xffffffff broadcast address
+ because the client may not have a correct network address or subnet
+ mask, and the client may not be answering ARP requests.
+ Otherwise, the server MUST send the DHCPNAK message to the IP
+ address of the BOOTP relay agent, as recorded in 'giaddr'. The
+ relay agent will, in turn, forward the message directly to the
+ client's hardware address, so that the DHCPNAK can be delivered even
+ if the client has moved to a new network.
+
+ 3. The client receives the DHCPACK message with configuration
+ parameters. The client performs a final check on the parameters
+ (as in section 3.1), and notes the duration of the lease specified
+ in the DHCPACK message. The specific lease is implicitly identified
+ by the 'client identifier' or 'chaddr' and the network address. At
+ this point, the client is configured.
+
+ If the client detects that the IP address in the DHCPACK message
+ is already in use, the client MUST send a DHCPDECLINE message to the
+ server and restarts the configuration process by requesting a
+ new network address. This action corresponds to the client
+ moving to the INIT state in the DHCP state diagram, which is
+ described in section 4.4.
+
+ If the client receives a DHCPNAK message, it cannot reuse its
+ remembered network address. It must instead request a new
+ address by restarting the configuration process, this time
+ using the (non-abbreviated) procedure described in section
+ 3.1. This action also corresponds to the client moving to
+ the INIT state in the DHCP state diagram.
+
+ The client times out and retransmits the DHCPREQUEST message if
+ the client receives neither a DHCPACK nor a DHCPNAK message. The
+ client retransmits the DHCPREQUEST according to the retransmission
+ algorithm in section 4.1. The client should choose to retransmit
+ the DHCPREQUEST enough times to give adequate probability of
+ contacting the server without causing the client (and the user of
+ that client) to wait overly long before giving up; e.g., a client
+ retransmitting as described in section 4.1 might retransmit the
+
+
+
+Droms Standards Track [Page 19]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ DHCPREQUEST message four times, for a total delay of 60 seconds,
+ before restarting the initialization procedure. If the client
+ receives neither a DHCPACK or a DHCPNAK message after employing
+ the retransmission algorithm, the client MAY choose to use the
+ previously allocated network address and configuration parameters
+ for the remainder of the unexpired lease. This corresponds to
+ moving to BOUND state in the client state transition diagram shown
+ in figure 5.
+
+ 4. The client may choose to relinquish its lease on a network
+ address by sending a DHCPRELEASE message to the server. The
+ client identifies the lease to be released with its
+ 'client identifier', or 'chaddr' and network address in the
+ DHCPRELEASE message.
+
+ Note that in this case, where the client retains its network
+ address locally, the client will not normally relinquish its
+ lease during a graceful shutdown. Only in the case where the
+ client explicitly needs to relinquish its lease, e.g., the client
+ is about to be moved to a different subnet, will the client send
+ a DHCPRELEASE message.
+
+3.3 Interpretation and representation of time values
+
+ A client acquires a lease for a network address for a fixed period of
+ time (which may be infinite). Throughout the protocol, times are to
+ be represented in units of seconds. The time value of 0xffffffff is
+ reserved to represent "infinity".
+
+ As clients and servers may not have synchronized clocks, times are
+ represented in DHCP messages as relative times, to be interpreted
+ with respect to the client's local clock. Representing relative
+ times in units of seconds in an unsigned 32 bit word gives a range of
+ relative times from 0 to approximately 100 years, which is sufficient
+ for the relative times to be measured using DHCP.
+
+ The algorithm for lease duration interpretation given in the previous
+ paragraph assumes that client and server clocks are stable relative
+ to each other. If there is drift between the two clocks, the server
+ may consider the lease expired before the client does. To
+ compensate, the server may return a shorter lease duration to the
+ client than the server commits to its local database of client
+ information.
+
+3.4 Obtaining parameters with externally configured network address
+
+ If a client has obtained a network address through some other means
+ (e.g., manual configuration), it may use a DHCPINFORM request message
+
+
+
+Droms Standards Track [Page 20]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ to obtain other local configuration parameters. Servers receiving a
+ DHCPINFORM message construct a DHCPACK message with any local
+ configuration parameters appropriate for the client without:
+ allocating a new address, checking for an existing binding, filling
+ in 'yiaddr' or including lease time parameters. The servers SHOULD
+ unicast the DHCPACK reply to the address given in the 'ciaddr' field
+ of the DHCPINFORM message.
+
+ The server SHOULD check the network address in a DHCPINFORM message
+ for consistency, but MUST NOT check for an existing lease. The
+ server forms a DHCPACK message containing the configuration
+ parameters for the requesting client and sends the DHCPACK message
+ directly to the client.
+
+3.5 Client parameters in DHCP
+
+ Not all clients require initialization of all parameters listed in
+ Appendix A. Two techniques are used to reduce the number of
+ parameters transmitted from the server to the client. First, most of
+ the parameters have defaults defined in the Host Requirements RFCs;
+ if the client receives no parameters from the server that override
+ the defaults, a client uses those default values. Second, in its
+ initial DHCPDISCOVER or DHCPREQUEST message, a client may provide the
+ server with a list of specific parameters the client is interested
+ in. If the client includes a list of parameters in a DHCPDISCOVER
+ message, it MUST include that list in any subsequent DHCPREQUEST
+ messages.
+
+ The client SHOULD include the 'maximum DHCP message size' option to
+ let the server know how large the server may make its DHCP messages.
+ The parameters returned to a client may still exceed the space
+ allocated to options in a DHCP message. In this case, two additional
+ options flags (which must appear in the 'options' field of the
+ message) indicate that the 'file' and 'sname' fields are to be used
+ for options.
+
+ The client can inform the server which configuration parameters the
+ client is interested in by including the 'parameter request list'
+ option. The data portion of this option explicitly lists the options
+ requested by tag number.
+
+ In addition, the client may suggest values for the network address
+ and lease time in the DHCPDISCOVER message. The client may include
+ the 'requested IP address' option to suggest that a particular IP
+ address be assigned, and may include the 'IP address lease time'
+ option to suggest the lease time it would like. Other options
+ representing "hints" at configuration parameters are allowed in a
+ DHCPDISCOVER or DHCPREQUEST message. However, additional options may
+
+
+
+Droms Standards Track [Page 21]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ be ignored by servers, and multiple servers may, therefore, not
+ return identical values for some options. The 'requested IP address'
+ option is to be filled in only in a DHCPREQUEST message when the
+ client is verifying network parameters obtained previously. The
+ client fills in the 'ciaddr' field only when correctly configured
+ with an IP address in BOUND, RENEWING or REBINDING state.
+
+ If a server receives a DHCPREQUEST message with an invalid 'requested
+ IP address', the server SHOULD respond to the client with a DHCPNAK
+ message and may choose to report the problem to the system
+ administrator. The server may include an error message in the
+ 'message' option.
+
+3.6 Use of DHCP in clients with multiple interfaces
+
+ A client with multiple network interfaces must use DHCP through each
+ interface independently to obtain configuration information
+ parameters for those separate interfaces.
+
+3.7 When clients should use DHCP
+
+ A client SHOULD use DHCP to reacquire or verify its IP address and
+ network parameters whenever the local network parameters may have
+ changed; e.g., at system boot time or after a disconnection from the
+ local network, as the local network configuration may change without
+ the client's or user's knowledge.
+
+ If a client has knowledge of a previous network address and is unable
+ to contact a local DHCP server, the client may continue to use the
+ previous network address until the lease for that address expires.
+ If the lease expires before the client can contact a DHCP server, the
+ client must immediately discontinue use of the previous network
+ address and may inform local users of the problem.
+
+4. Specification of the DHCP client-server protocol
+
+ In this section, we assume that a DHCP server has a block of network
+ addresses from which it can satisfy requests for new addresses. Each
+ server also maintains a database of allocated addresses and leases in
+ local permanent storage.
+
+4.1 Constructing and sending DHCP messages
+
+ DHCP clients and servers both construct DHCP messages by filling in
+ fields in the fixed format section of the message and appending
+ tagged data items in the variable length option area. The options
+ area includes first a four-octet 'magic cookie' (which was described
+ in section 3), followed by the options. The last option must always
+
+
+
+Droms Standards Track [Page 22]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ be the 'end' option.
+
+ DHCP uses UDP as its transport protocol. DHCP messages from a client
+ to a server are sent to the 'DHCP server' port (67), and DHCP
+ messages from a server to a client are sent to the 'DHCP client' port
+ (68). A server with multiple network address (e.g., a multi-homed
+ host) MAY use any of its network addresses in outgoing DHCP messages.
+
+ The 'server identifier' field is used both to identify a DHCP server
+ in a DHCP message and as a destination address from clients to
+ servers. A server with multiple network addresses MUST be prepared
+ to to accept any of its network addresses as identifying that server
+ in a DHCP message. To accommodate potentially incomplete network
+ connectivity, a server MUST choose an address as a 'server
+ identifier' that, to the best of the server's knowledge, is reachable
+ from the client. For example, if the DHCP server and the DHCP client
+ are connected to the same subnet (i.e., the 'giaddr' field in the
+ message from the client is zero), the server SHOULD select the IP
+ address the server is using for communication on that subnet as the
+ 'server identifier'. If the server is using multiple IP addresses on
+ that subnet, any such address may be used. If the server has
+ received a message through a DHCP relay agent, the server SHOULD
+ choose an address from the interface on which the message was
+ recieved as the 'server identifier' (unless the server has other,
+ better information on which to make its choice). DHCP clients MUST
+ use the IP address provided in the 'server identifier' option for any
+ unicast requests to the DHCP server.
+
+ DHCP messages broadcast by a client prior to that client obtaining
+ its IP address must have the source address field in the IP header
+ set to 0.
+
+ If the 'giaddr' field in a DHCP message from a client is non-zero,
+ the server sends any return messages to the 'DHCP server' port on the
+ BOOTP relay agent whose address appears in 'giaddr'. If the 'giaddr'
+ field is zero and the 'ciaddr' field is nonzero, then the server
+ unicasts DHCPOFFER and DHCPACK messages to the address in 'ciaddr'.
+ If 'giaddr' is zero and 'ciaddr' is zero, and the broadcast bit is
+ set, then the server broadcasts DHCPOFFER and DHCPACK messages to
+ 0xffffffff. If the broadcast bit is not set and 'giaddr' is zero and
+ 'ciaddr' is zero, then the server unicasts DHCPOFFER and DHCPACK
+ messages to the client's hardware address and 'yiaddr' address. In
+ all cases, when 'giaddr' is zero, the server broadcasts any DHCPNAK
+ messages to 0xffffffff.
+
+ If the options in a DHCP message extend into the 'sname' and 'file'
+ fields, the 'option overload' option MUST appear in the 'options'
+ field, with value 1, 2 or 3, as specified in RFC 1533. If the
+
+
+
+Droms Standards Track [Page 23]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ 'option overload' option is present in the 'options' field, the
+ options in the 'options' field MUST be terminated by an 'end' option,
+ and MAY contain one or more 'pad' options to fill the options field.
+ The options in the 'sname' and 'file' fields (if in use as indicated
+ by the 'options overload' option) MUST begin with the first octet of
+ the field, MUST be terminated by an 'end' option, and MUST be
+ followed by 'pad' options to fill the remainder of the field. Any
+ individual option in the 'options', 'sname' and 'file' fields MUST be
+ entirely contained in that field. The options in the 'options' field
+ MUST be interpreted first, so that any 'option overload' options may
+ be interpreted. The 'file' field MUST be interpreted next (if the
+ 'option overload' option indicates that the 'file' field contains
+ DHCP options), followed by the 'sname' field.
+
+ The values to be passed in an 'option' tag may be too long to fit in
+ the 255 octets available to a single option (e.g., a list of routers
+ in a 'router' option [21]). Options may appear only once, unless
+ otherwise specified in the options document. The client concatenates
+ the values of multiple instances of the same option into a single
+ parameter list for configuration.
+
+ DHCP clients are responsible for all message retransmission. The
+ client MUST adopt a retransmission strategy that incorporates a
+ randomized exponential backoff algorithm to determine the delay
+ between retransmissions. The delay between retransmissions SHOULD be
+ chosen to allow sufficient time for replies from the server to be
+ delivered based on the characteristics of the internetwork between
+ the client and the server. For example, in a 10Mb/sec Ethernet
+ internetwork, the delay before the first retransmission SHOULD be 4
+ seconds randomized by the value of a uniform random number chosen
+ from the range -1 to +1. Clients with clocks that provide resolution
+ granularity of less than one second may choose a non-integer
+ randomization value. The delay before the next retransmission SHOULD
+ be 8 seconds randomized by the value of a uniform number chosen from
+ the range -1 to +1. The retransmission delay SHOULD be doubled with
+ subsequent retransmissions up to a maximum of 64 seconds. The client
+ MAY provide an indication of retransmission attempts to the user as
+ an indication of the progress of the configuration process.
+
+ The 'xid' field is used by the client to match incoming DHCP messages
+ with pending requests. A DHCP client MUST choose 'xid's in such a
+ way as to minimize the chance of using an 'xid' identical to one used
+ by another client. For example, a client may choose a different,
+ random initial 'xid' each time the client is rebooted, and
+ subsequently use sequential 'xid's until the next reboot. Selecting
+ a new 'xid' for each retransmission is an implementation decision. A
+ client may choose to reuse the same 'xid' or select a new 'xid' for
+ each retransmitted message.
+
+
+
+Droms Standards Track [Page 24]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Normally, DHCP servers and BOOTP relay agents attempt to deliver
+ DHCPOFFER, DHCPACK and DHCPNAK messages directly to the client using
+ uicast delivery. The IP destination address (in the IP header) is
+ set to the DHCP 'yiaddr' address and the link-layer destination
+ address is set to the DHCP 'chaddr' address. Unfortunately, some
+ client implementations are unable to receive such unicast IP
+ datagrams until the implementation has been configured with a valid
+ IP address (leading to a deadlock in which the client's IP address
+ cannot be delivered until the client has been configured with an IP
+ address).
+
+ A client that cannot receive unicast IP datagrams until its protocol
+ software has been configured with an IP address SHOULD set the
+ BROADCAST bit in the 'flags' field to 1 in any DHCPDISCOVER or
+ DHCPREQUEST messages that client sends. The BROADCAST bit will
+ provide a hint to the DHCP server and BOOTP relay agent to broadcast
+ any messages to the client on the client's subnet. A client that can
+ receive unicast IP datagrams before its protocol software has been
+ configured SHOULD clear the BROADCAST bit to 0. The BOOTP
+ clarifications document discusses the ramifications of the use of the
+ BROADCAST bit [21].
+
+ A server or relay agent sending or relaying a DHCP message directly
+ to a DHCP client (i.e., not to a relay agent specified in the
+ 'giaddr' field) SHOULD examine the BROADCAST bit in the 'flags'
+ field. If this bit is set to 1, the DHCP message SHOULD be sent as
+ an IP broadcast using an IP broadcast address (preferably 0xffffffff)
+ as the IP destination address and the link-layer broadcast address as
+ the link-layer destination address. If the BROADCAST bit is cleared
+ to 0, the message SHOULD be sent as an IP unicast to the IP address
+ specified in the 'yiaddr' field and the link-layer address specified
+ in the 'chaddr' field. If unicasting is not possible, the message
+ MAY be sent as an IP broadcast using an IP broadcast address
+ (preferably 0xffffffff) as the IP destination address and the link-
+ layer broadcast address as the link-layer destination address.
+
+4.2 DHCP server administrative controls
+
+ DHCP servers are not required to respond to every DHCPDISCOVER and
+ DHCPREQUEST message they receive. For example, a network
+ administrator, to retain stringent control over the clients attached
+ to the network, may choose to configure DHCP servers to respond only
+ to clients that have been previously registered through some external
+ mechanism. The DHCP specification describes only the interactions
+ between clients and servers when the clients and servers choose to
+ interact; it is beyond the scope of the DHCP specification to
+ describe all of the administrative controls that system
+ administrators might want to use. Specific DHCP server
+
+
+
+Droms Standards Track [Page 25]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ implementations may incorporate any controls or policies desired by a
+ network administrator.
+
+ In some environments, a DHCP server will have to consider the values
+ of the vendor class options included in DHCPDISCOVER or DHCPREQUEST
+ messages when determining the correct parameters for a particular
+ client.
+
+ A DHCP server needs to use some unique identifier to associate a
+ client with its lease. The client MAY choose to explicitly provide
+ the identifier through the 'client identifier' option. If the client
+ supplies a 'client identifier', the client MUST use the same 'client
+ identifier' in all subsequent messages, and the server MUST use that
+ identifier to identify the client. If the client does not provide a
+ 'client identifier' option, the server MUST use the contents of the
+ 'chaddr' field to identify the client. It is crucial for a DHCP
+ client to use an identifier unique within the subnet to which the
+ client is attached in the 'client identifier' option. Use of
+ 'chaddr' as the client's unique identifier may cause unexpected
+ results, as that identifier may be associated with a hardware
+ interface that could be moved to a new client. Some sites may choose
+ to use a manufacturer's serial number as the 'client identifier', to
+ avoid unexpected changes in a clients network address due to transfer
+ of hardware interfaces among computers. Sites may also choose to use
+ a DNS name as the 'client identifier', causing address leases to be
+ associated with the DNS name rather than a specific hardware box.
+
+ DHCP clients are free to use any strategy in selecting a DHCP server
+ among those from which the client receives a DHCPOFFER message. The
+ client implementation of DHCP SHOULD provide a mechanism for the user
+ to select directly the 'vendor class identifier' values.
+
+4.3 DHCP server behavior
+
+ A DHCP server processes incoming DHCP messages from a client based on
+ the current state of the binding for that client. A DHCP server can
+ receive the following messages from a client:
+
+ o DHCPDISCOVER
+
+ o DHCPREQUEST
+
+ o DHCPDECLINE
+
+ o DHCPRELEASE
+
+ o DHCPINFORM
+
+
+
+
+Droms Standards Track [Page 26]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Table 3 gives the use of the fields and options in a DHCP message by
+ a server. The remainder of this section describes the action of the
+ DHCP server for each possible incoming message.
+
+4.3.1 DHCPDISCOVER message
+
+ When a server receives a DHCPDISCOVER message from a client, the
+ server chooses a network address for the requesting client. If no
+ address is available, the server may choose to report the problem to
+ the system administrator. If an address is available, the new address
+ SHOULD be chosen as follows:
+
+ o The client's current address as recorded in the client's current
+ binding, ELSE
+
+ o The client's previous address as recorded in the client's (now
+ expired or released) binding, if that address is in the server's
+ pool of available addresses and not already allocated, ELSE
+
+ o The address requested in the 'Requested IP Address' option, if that
+ address is valid and not already allocated, ELSE
+
+ o A new address allocated from the server's pool of available
+ addresses; the address is selected based on the subnet from which
+ the message was received (if 'giaddr' is 0) or on the address of
+ the relay agent that forwarded the message ('giaddr' when not 0).
+
+ As described in section 4.2, a server MAY, for administrative
+ reasons, assign an address other than the one requested, or may
+ refuse to allocate an address to a particular client even though free
+ addresses are available.
+
+ Note that, in some network architectures (e.g., internets with more
+ than one IP subnet assigned to a physical network segment), it may be
+ the case that the DHCP client should be assigned an address from a
+ different subnet than the address recorded in 'giaddr'. Thus, DHCP
+ does not require that the client be assigned as address from the
+ subnet in 'giaddr'. A server is free to choose some other subnet,
+ and it is beyond the scope of the DHCP specification to describe ways
+ in which the assigned IP address might be chosen.
+
+ While not required for correct operation of DHCP, the server SHOULD
+ NOT reuse the selected network address before the client responds to
+ the server's DHCPOFFER message. The server may choose to record the
+ address as offered to the client.
+
+ The server must also choose an expiration time for the lease, as
+ follows:
+
+
+
+Droms Standards Track [Page 27]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ o IF the client has not requested a specific lease in the
+ DHCPDISCOVER message and the client already has an assigned network
+ address, the server returns the lease expiration time previously
+ assigned to that address (note that the client must explicitly
+ request a specific lease to extend the expiration time on a
+ previously assigned address), ELSE
+
+ o IF the client has not requested a specific lease in the
+ DHCPDISCOVER message and the client does not have an assigned
+ network address, the server assigns a locally configured default
+ lease time, ELSE
+
+ o IF the client has requested a specific lease in the DHCPDISCOVER
+ message (regardless of whether the client has an assigned network
+ address), the server may choose either to return the requested
+ lease (if the lease is acceptable to local policy) or select
+ another lease.
+
+Field DHCPOFFER DHCPACK DHCPNAK
+----- --------- ------- -------
+'op' BOOTREPLY BOOTREPLY BOOTREPLY
+'htype' (From "Assigned Numbers" RFC)
+'hlen' (Hardware address length in octets)
+'hops' 0 0 0
+'xid' 'xid' from client 'xid' from client 'xid' from client
+ DHCPDISCOVER DHCPREQUEST DHCPREQUEST
+ message message message
+'secs' 0 0 0
+'ciaddr' 0 'ciaddr' from 0
+ DHCPREQUEST or 0
+'yiaddr' IP address offered IP address 0
+ to client assigned to client
+'siaddr' IP address of next IP address of next 0
+ bootstrap server bootstrap server
+'flags' 'flags' from 'flags' from 'flags' from
+ client DHCPDISCOVER client DHCPREQUEST client DHCPREQUEST
+ message message message
+'giaddr' 'giaddr' from 'giaddr' from 'giaddr' from
+ client DHCPDISCOVER client DHCPREQUEST client DHCPREQUEST
+ message message message
+'chaddr' 'chaddr' from 'chaddr' from 'chaddr' from
+ client DHCPDISCOVER client DHCPREQUEST client DHCPREQUEST
+ message message message
+'sname' Server host name Server host name (unused)
+ or options or options
+'file' Client boot file Client boot file (unused)
+ name or options name or options
+'options' options options
+
+
+
+Droms Standards Track [Page 28]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+Option DHCPOFFER DHCPACK DHCPNAK
+------ --------- ------- -------
+Requested IP address MUST NOT MUST NOT MUST NOT
+IP address lease time MUST MUST (DHCPREQUEST) MUST NOT
+ MUST NOT (DHCPINFORM)
+Use 'file'/'sname' fields MAY MAY MUST NOT
+DHCP message type DHCPOFFER DHCPACK DHCPNAK
+Parameter request list MUST NOT MUST NOT MUST NOT
+Message SHOULD SHOULD SHOULD
+Client identifier MUST NOT MUST NOT MAY
+Vendor class identifier MAY MAY MAY
+Server identifier MUST MUST MUST
+Maximum message size MUST NOT MUST NOT MUST NOT
+All others MAY MAY MUST NOT
+
+ Table 3: Fields and options used by DHCP servers
+
+ Once the network address and lease have been determined, the server
+ constructs a DHCPOFFER message with the offered configuration
+ parameters. It is important for all DHCP servers to return the same
+ parameters (with the possible exception of a newly allocated network
+ address) to ensure predictable client behavior regardless of which
+ server the client selects. The configuration parameters MUST be
+ selected by applying the following rules in the order given below.
+ The network administrator is responsible for configuring multiple
+ DHCP servers to ensure uniform responses from those servers. The
+ server MUST return to the client:
+
+ o The client's network address, as determined by the rules given
+ earlier in this section,
+
+ o The expiration time for the client's lease, as determined by the
+ rules given earlier in this section,
+
+ o Parameters requested by the client, according to the following
+ rules:
+
+ -- IF the server has been explicitly configured with a default
+ value for the parameter, the server MUST include that value
+ in an appropriate option in the 'option' field, ELSE
+
+ -- IF the server recognizes the parameter as a parameter
+ defined in the Host Requirements Document, the server MUST
+ include the default value for that parameter as given in the
+ Host Requirements Document in an appropriate option in the
+ 'option' field, ELSE
+
+ -- The server MUST NOT return a value for that parameter,
+
+
+
+Droms Standards Track [Page 29]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ The server MUST supply as many of the requested parameters as
+ possible and MUST omit any parameters it cannot provide. The
+ server MUST include each requested parameter only once unless
+ explicitly allowed in the DHCP Options and BOOTP Vendor
+ Extensions document.
+
+ o Any parameters from the existing binding that differ from the Host
+ Requirements Document defaults,
+
+ o Any parameters specific to this client (as identified by
+ the contents of 'chaddr' or 'client identifier' in the DHCPDISCOVER
+ or DHCPREQUEST message), e.g., as configured by the network
+ administrator,
+
+ o Any parameters specific to this client's class (as identified
+ by the contents of the 'vendor class identifier'
+ option in the DHCPDISCOVER or DHCPREQUEST message),
+ e.g., as configured by the network administrator; the parameters
+ MUST be identified by an exact match between the client's vendor
+ class identifiers and the client's classes identified in the
+ server,
+
+ o Parameters with non-default values on the client's subnet.
+
+ The server MAY choose to return the 'vendor class identifier' used to
+ determine the parameters in the DHCPOFFER message to assist the
+ client in selecting which DHCPOFFER to accept. The server inserts
+ the 'xid' field from the DHCPDISCOVER message into the 'xid' field of
+ the DHCPOFFER message and sends the DHCPOFFER message to the
+ requesting client.
+
+4.3.2 DHCPREQUEST message
+
+ A DHCPREQUEST message may come from a client responding to a
+ DHCPOFFER message from a server, from a client verifying a previously
+ allocated IP address or from a client extending the lease on a
+ network address. If the DHCPREQUEST message contains a 'server
+ identifier' option, the message is in response to a DHCPOFFER
+ message. Otherwise, the message is a request to verify or extend an
+ existing lease. If the client uses a 'client identifier' in a
+ DHCPREQUEST message, it MUST use that same 'client identifier' in all
+ subsequent messages. If the client included a list of requested
+ parameters in a DHCPDISCOVER message, it MUST include that list in
+ all subsequent messages.
+
+
+
+
+
+
+
+Droms Standards Track [Page 30]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Any configuration parameters in the DHCPACK message SHOULD NOT
+ conflict with those in the earlier DHCPOFFER message to which the
+ client is responding. The client SHOULD use the parameters in the
+ DHCPACK message for configuration.
+
+ Clients send DHCPREQUEST messages as follows:
+
+ o DHCPREQUEST generated during SELECTING state:
+
+ Client inserts the address of the selected server in 'server
+ identifier', 'ciaddr' MUST be zero, 'requested IP address' MUST be
+ filled in with the yiaddr value from the chosen DHCPOFFER.
+
+ Note that the client may choose to collect several DHCPOFFER
+ messages and select the "best" offer. The client indicates its
+ selection by identifying the offering server in the DHCPREQUEST
+ message. If the client receives no acceptable offers, the client
+ may choose to try another DHCPDISCOVER message. Therefore, the
+ servers may not receive a specific DHCPREQUEST from which they can
+ decide whether or not the client has accepted the offer. Because
+ the servers have not committed any network address assignments on
+ the basis of a DHCPOFFER, servers are free to reuse offered
+ network addresses in response to subsequent requests. As an
+ implementation detail, servers SHOULD NOT reuse offered addresses
+ and may use an implementation-specific timeout mechanism to decide
+ when to reuse an offered address.
+
+ o DHCPREQUEST generated during INIT-REBOOT state:
+
+ 'server identifier' MUST NOT be filled in, 'requested IP address'
+ option MUST be filled in with client's notion of its previously
+ assigned address. 'ciaddr' MUST be zero. The client is seeking to
+ verify a previously allocated, cached configuration. Server SHOULD
+ send a DHCPNAK message to the client if the 'requested IP address'
+ is incorrect, or is on the wrong network.
+
+ Determining whether a client in the INIT-REBOOT state is on the
+ correct network is done by examining the contents of 'giaddr', the
+ 'requested IP address' option, and a database lookup. If the DHCP
+ server detects that the client is on the wrong net (i.e., the
+ result of applying the local subnet mask or remote subnet mask (if
+ 'giaddr' is not zero) to 'requested IP address' option value
+ doesn't match reality), then the server SHOULD send a DHCPNAK
+ message to the client.
+
+
+
+
+
+
+
+Droms Standards Track [Page 31]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ If the network is correct, then the DHCP server should check if
+ the client's notion of its IP address is correct. If not, then the
+ server SHOULD send a DHCPNAK message to the client. If the DHCP
+ server has no record of this client, then it MUST remain silent,
+ and MAY output a warning to the network administrator. This
+ behavior is necessary for peaceful coexistence of non-
+ communicating DHCP servers on the same wire.
+
+ If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on
+ the same subnet as the server. The server MUST broadcast the
+ DHCPNAK message to the 0xffffffff broadcast address because the
+ client may not have a correct network address or subnet mask, and
+ the client may not be answering ARP requests.
+
+ If 'giaddr' is set in the DHCPREQUEST message, the client is on a
+ different subnet. The server MUST set the broadcast bit in the
+ DHCPNAK, so that the relay agent will broadcast the DHCPNAK to the
+ client, because the client may not have a correct network address
+ or subnet mask, and the client may not be answering ARP requests.
+
+ o DHCPREQUEST generated during RENEWING state:
+
+ 'server identifier' MUST NOT be filled in, 'requested IP address'
+ option MUST NOT be filled in, 'ciaddr' MUST be filled in with
+ client's IP address. In this situation, the client is completely
+ configured, and is trying to extend its lease. This message will
+ be unicast, so no relay agents will be involved in its
+ transmission. Because 'giaddr' is therefore not filled in, the
+ DHCP server will trust the value in 'ciaddr', and use it when
+ replying to the client.
+
+ A client MAY choose to renew or extend its lease prior to T1. The
+ server may choose not to extend the lease (as a policy decision by
+ the network administrator), but should return a DHCPACK message
+ regardless.
+
+ o DHCPREQUEST generated during REBINDING state:
+
+ 'server identifier' MUST NOT be filled in, 'requested IP address'
+ option MUST NOT be filled in, 'ciaddr' MUST be filled in with
+ client's IP address. In this situation, the client is completely
+ configured, and is trying to extend its lease. This message MUST
+ be broadcast to the 0xffffffff IP broadcast address. The DHCP
+ server SHOULD check 'ciaddr' for correctness before replying to
+ the DHCPREQUEST.
+
+
+
+
+
+
+Droms Standards Track [Page 32]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ The DHCPREQUEST from a REBINDING client is intended to accommodate
+ sites that have multiple DHCP servers and a mechanism for
+ maintaining consistency among leases managed by multiple servers.
+ A DHCP server MAY extend a client's lease only if it has local
+ administrative authority to do so.
+
+4.3.3 DHCPDECLINE message
+
+ If the server receives a DHCPDECLINE message, the client has
+ discovered through some other means that the suggested network
+ address is already in use. The server MUST mark the network address
+ as not available and SHOULD notify the local system administrator of
+ a possible configuration problem.
+
+4.3.4 DHCPRELEASE message
+
+ Upon receipt of a DHCPRELEASE message, the server marks the network
+ address as not allocated. The server SHOULD retain a record of the
+ client's initialization parameters for possible reuse in response to
+ subsequent requests from the client.
+
+4.3.5 DHCPINFORM message
+
+ The server responds to a DHCPINFORM message by sending a DHCPACK
+ message directly to the address given in the 'ciaddr' field of the
+ DHCPINFORM message. The server MUST NOT send a lease expiration time
+ to the client and SHOULD NOT fill in 'yiaddr'. The server includes
+ other parameters in the DHCPACK message as defined in section 4.3.1.
+
+4.3.6 Client messages
+
+ Table 4 details the differences between messages from clients in
+ various states.
+
+ ---------------------------------------------------------------------
+ | |INIT-REBOOT |SELECTING |RENEWING |REBINDING |
+ ---------------------------------------------------------------------
+ |broad/unicast |broadcast |broadcast |unicast |broadcast |
+ |server-ip |MUST NOT |MUST |MUST NOT |MUST NOT |
+ |requested-ip |MUST |MUST |MUST NOT |MUST NOT |
+ |ciaddr |zero |zero |IP address |IP address|
+ ---------------------------------------------------------------------
+
+ Table 4: Client messages from different states
+
+
+
+
+
+
+
+Droms Standards Track [Page 33]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+4.4 DHCP client behavior
+
+ Figure 5 gives a state-transition diagram for a DHCP client. A
+ client can receive the following messages from a server:
+
+ o DHCPOFFER
+
+ o DHCPACK
+
+ o DHCPNAK
+
+ The DHCPINFORM message is not shown in figure 5. A client simply
+ sends the DHCPINFORM and waits for DHCPACK messages. Once the client
+ has selected its parameters, it has completed the configuration
+ process.
+
+ Table 5 gives the use of the fields and options in a DHCP message by
+ a client. The remainder of this section describes the action of the
+ DHCP client for each possible incoming message. The description in
+ the following section corresponds to the full configuration procedure
+ previously described in section 3.1, and the text in the subsequent
+ section corresponds to the abbreviated configuration procedure
+ described in section 3.2.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 34]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ -------- -------
+| | +-------------------------->| |<-------------------+
+| INIT- | | +-------------------->| INIT | |
+| REBOOT |DHCPNAK/ +---------->| |<---+ |
+| |Restart| | ------- | |
+ -------- | DHCPNAK/ | | |
+ | Discard offer | -/Send DHCPDISCOVER |
+-/Send DHCPREQUEST | | |
+ | | | DHCPACK v | |
+ ----------- | (not accept.)/ ----------- | |
+| | | Send DHCPDECLINE | | |
+| REBOOTING | | | | SELECTING |<----+ |
+| | | / | | |DHCPOFFER/ |
+ ----------- | / ----------- | |Collect |
+ | | / | | | replies |
+DHCPACK/ | / +----------------+ +-------+ |
+Record lease, set| | v Select offer/ |
+timers T1, T2 ------------ send DHCPREQUEST | |
+ | +----->| | DHCPNAK, Lease expired/ |
+ | | | REQUESTING | Halt network |
+ DHCPOFFER/ | | | |
+ Discard ------------ | |
+ | | | | ----------- |
+ | +--------+ DHCPACK/ | | |
+ | Record lease, set -----| REBINDING | |
+ | timers T1, T2 / | | |
+ | | DHCPACK/ ----------- |
+ | v Record lease, set ^ |
+ +----------------> ------- /timers T1,T2 | |
+ +----->| |<---+ | |
+ | | BOUND |<---+ | |
+ DHCPOFFER, DHCPACK, | | | T2 expires/ DHCPNAK/
+ DHCPNAK/Discard ------- | Broadcast Halt network
+ | | | | DHCPREQUEST |
+ +-------+ | DHCPACK/ | |
+ T1 expires/ Record lease, set | |
+ Send DHCPREQUEST timers T1, T2 | |
+ to leasing server | | |
+ | ---------- | |
+ | | |------------+ |
+ +->| RENEWING | |
+ | |----------------------------+
+ ----------
+ Figure 5: State-transition diagram for DHCP clients
+
+
+
+
+
+
+
+Droms Standards Track [Page 35]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+4.4.1 Initialization and allocation of network address
+
+ The client begins in INIT state and forms a DHCPDISCOVER message.
+ The client SHOULD wait a random time between one and ten seconds to
+ desynchronize the use of DHCP at startup. The client sets 'ciaddr'
+ to 0x00000000. The client MAY request specific parameters by
+ including the 'parameter request list' option. The client MAY
+ suggest a network address and/or lease time by including the
+ 'requested IP address' and 'IP address lease time' options. The
+ client MUST include its hardware address in the 'chaddr' field, if
+ necessary for delivery of DHCP reply messages. The client MAY
+ include a different unique identifier in the 'client identifier'
+ option, as discussed in section 4.2. If the client included a list
+ of requested parameters in a DHCPDISCOVER message, it MUST include
+ that list in all subsequent messages.
+
+ The client generates and records a random transaction identifier and
+ inserts that identifier into the 'xid' field. The client records its
+ own local time for later use in computing the lease expiration. The
+ client then broadcasts the DHCPDISCOVER on the local hardware
+ broadcast address to the 0xffffffff IP broadcast address and 'DHCP
+ server' UDP port.
+
+ If the 'xid' of an arriving DHCPOFFER message does not match the
+ 'xid' of the most recent DHCPDISCOVER message, the DHCPOFFER message
+ must be silently discarded. Any arriving DHCPACK messages must be
+ silently discarded.
+
+ The client collects DHCPOFFER messages over a period of time, selects
+ one DHCPOFFER message from the (possibly many) incoming DHCPOFFER
+ messages (e.g., the first DHCPOFFER message or the DHCPOFFER message
+ from the previously used server) and extracts the server address from
+ the 'server identifier' option in the DHCPOFFER message. The time
+ over which the client collects messages and the mechanism used to
+ select one DHCPOFFER are implementation dependent.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 36]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+Field DHCPDISCOVER DHCPREQUEST DHCPDECLINE,
+ DHCPINFORM DHCPRELEASE
+----- ------------ ----------- -----------
+'op' BOOTREQUEST BOOTREQUEST BOOTREQUEST
+'htype' (From "Assigned Numbers" RFC)
+'hlen' (Hardware address length in octets)
+'hops' 0 0 0
+'xid' selected by client 'xid' from server selected by
+ DHCPOFFER message client
+'secs' 0 or seconds since 0 or seconds since 0
+ DHCP process started DHCP process started
+'flags' Set 'BROADCAST' Set 'BROADCAST' 0
+ flag if client flag if client
+ requires broadcast requires broadcast
+ reply reply
+'ciaddr' 0 (DHCPDISCOVER) 0 or client's 0 (DHCPDECLINE)
+ client's network address client's network
+ network address (BOUND/RENEW/REBIND) address
+ (DHCPINFORM) (DHCPRELEASE)
+'yiaddr' 0 0 0
+'siaddr' 0 0 0
+'giaddr' 0 0 0
+'chaddr' client's hardware client's hardware client's hardware
+ address address address
+'sname' options, if options, if (unused)
+ indicated in indicated in
+ 'sname/file' 'sname/file'
+ option; otherwise option; otherwise
+ unused unused
+'file' options, if options, if (unused)
+ indicated in indicated in
+ 'sname/file' 'sname/file'
+ option; otherwise option; otherwise
+ unused unused
+'options' options options (unused)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 37]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+Option DHCPDISCOVER DHCPREQUEST DHCPDECLINE,
+ DHCPINFORM DHCPRELEASE
+------ ------------ ----------- -----------
+Requested IP address MAY MUST (in MUST
+ (DISCOVER) SELECTING or (DHCPDECLINE),
+ MUST NOT INIT-REBOOT) MUST NOT
+ (INFORM) MUST NOT (in (DHCPRELEASE)
+ BOUND or
+ RENEWING)
+IP address lease time MAY MAY MUST NOT
+ (DISCOVER)
+ MUST NOT
+ (INFORM)
+Use 'file'/'sname' fields MAY MAY MAY
+DHCP message type DHCPDISCOVER/ DHCPREQUEST DHCPDECLINE/
+ DHCPINFORM DHCPRELEASE
+Client identifier MAY MAY MAY
+Vendor class identifier MAY MAY MUST NOT
+Server identifier MUST NOT MUST (after MUST
+ SELECTING)
+ MUST NOT (after
+ INIT-REBOOT,
+ BOUND, RENEWING
+ or REBINDING)
+Parameter request list MAY MAY MUST NOT
+Maximum message size MAY MAY MUST NOT
+Message SHOULD NOT SHOULD NOT SHOULD
+Site-specific MAY MAY MUST NOT
+All others MAY MAY MUST NOT
+
+ Table 5: Fields and options used by DHCP clients
+
+ If the parameters are acceptable, the client records the address of
+ the server that supplied the parameters from the 'server identifier'
+ field and sends that address in the 'server identifier' field of a
+ DHCPREQUEST broadcast message. Once the DHCPACK message from the
+ server arrives, the client is initialized and moves to BOUND state.
+ The DHCPREQUEST message contains the same 'xid' as the DHCPOFFER
+ message. The client records the lease expiration time as the sum of
+ the time at which the original request was sent and the duration of
+ the lease from the DHCPACK message. The client SHOULD perform a
+ check on the suggested address to ensure that the address is not
+ already in use. For example, if the client is on a network that
+ supports ARP, the client may issue an ARP request for the suggested
+ request. When broadcasting an ARP request for the suggested address,
+ the client must fill in its own hardware address as the sender's
+ hardware address, and 0 as the sender's IP address, to avoid
+ confusing ARP caches in other hosts on the same subnet. If the
+
+
+
+Droms Standards Track [Page 38]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ network address appears to be in use, the client MUST send a
+ DHCPDECLINE message to the server. The client SHOULD broadcast an ARP
+ reply to announce the client's new IP address and clear any outdated
+ ARP cache entries in hosts on the client's subnet.
+
+4.4.2 Initialization with known network address
+
+ The client begins in INIT-REBOOT state and sends a DHCPREQUEST
+ message. The client MUST insert its known network address as a
+ 'requested IP address' option in the DHCPREQUEST message. The client
+ may request specific configuration parameters by including the
+ 'parameter request list' option. The client generates and records a
+ random transaction identifier and inserts that identifier into the
+ 'xid' field. The client records its own local time for later use in
+ computing the lease expiration. The client MUST NOT include a
+ 'server identifier' in the DHCPREQUEST message. The client then
+ broadcasts the DHCPREQUEST on the local hardware broadcast address to
+ the 'DHCP server' UDP port.
+
+ Once a DHCPACK message with an 'xid' field matching that in the
+ client's DHCPREQUEST message arrives from any server, the client is
+ initialized and moves to BOUND state. The client records the lease
+ expiration time as the sum of the time at which the DHCPREQUEST
+ message was sent and the duration of the lease from the DHCPACK
+ message.
+
+4.4.3 Initialization with an externally assigned network address
+
+ The client sends a DHCPINFORM message. The client may request
+ specific configuration parameters by including the 'parameter request
+ list' option. The client generates and records a random transaction
+ identifier and inserts that identifier into the 'xid' field. The
+ client places its own network address in the 'ciaddr' field. The
+ client SHOULD NOT request lease time parameters.
+
+ The client then unicasts the DHCPINFORM to the DHCP server if it
+ knows the server's address, otherwise it broadcasts the message to
+ the limited (all 1s) broadcast address. DHCPINFORM messages MUST be
+ directed to the 'DHCP server' UDP port.
+
+ Once a DHCPACK message with an 'xid' field matching that in the
+ client's DHCPINFORM message arrives from any server, the client is
+ initialized.
+
+ If the client does not receive a DHCPACK within a reasonable period
+ of time (60 seconds or 4 tries if using timeout suggested in section
+ 4.1), then it SHOULD display a message informing the user of the
+ problem, and then SHOULD begin network processing using suitable
+
+
+
+Droms Standards Track [Page 39]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ defaults as per Appendix A.
+
+4.4.4 Use of broadcast and unicast
+
+ The DHCP client broadcasts DHCPDISCOVER, DHCPREQUEST and DHCPINFORM
+ messages, unless the client knows the address of a DHCP server. The
+ client unicasts DHCPRELEASE messages to the server. Because the
+ client is declining the use of the IP address supplied by the server,
+ the client broadcasts DHCPDECLINE messages.
+
+ When the DHCP client knows the address of a DHCP server, in either
+ INIT or REBOOTING state, the client may use that address in the
+ DHCPDISCOVER or DHCPREQUEST rather than the IP broadcast address.
+ The client may also use unicast to send DHCPINFORM messages to a
+ known DHCP server. If the client receives no response to DHCP
+ messages sent to the IP address of a known DHCP server, the DHCP
+ client reverts to using the IP broadcast address.
+
+4.4.5 Reacquisition and expiration
+
+ The client maintains two times, T1 and T2, that specify the times at
+ which the client tries to extend its lease on its network address.
+ T1 is the time at which the client enters the RENEWING state and
+ attempts to contact the server that originally issued the client's
+ network address. T2 is the time at which the client enters the
+ REBINDING state and attempts to contact any server. T1 MUST be
+ earlier than T2, which, in turn, MUST be earlier than the time at
+ which the client's lease will expire.
+
+ To avoid the need for synchronized clocks, T1 and T2 are expressed in
+ options as relative times [2].
+
+ At time T1 the client moves to RENEWING state and sends (via unicast)
+ a DHCPREQUEST message to the server to extend its lease. The client
+ sets the 'ciaddr' field in the DHCPREQUEST to its current network
+ address. The client records the local time at which the DHCPREQUEST
+ message is sent for computation of the lease expiration time. The
+ client MUST NOT include a 'server identifier' in the DHCPREQUEST
+ message.
+
+ Any DHCPACK messages that arrive with an 'xid' that does not match
+ the 'xid' of the client's DHCPREQUEST message are silently discarded.
+ When the client receives a DHCPACK from the server, the client
+ computes the lease expiration time as the sum of the time at which
+ the client sent the DHCPREQUEST message and the duration of the lease
+ in the DHCPACK message. The client has successfully reacquired its
+ network address, returns to BOUND state and may continue network
+ processing.
+
+
+
+Droms Standards Track [Page 40]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ If no DHCPACK arrives before time T2, the client moves to REBINDING
+ state and sends (via broadcast) a DHCPREQUEST message to extend its
+ lease. The client sets the 'ciaddr' field in the DHCPREQUEST to its
+ current network address. The client MUST NOT include a 'server
+ identifier' in the DHCPREQUEST message.
+
+ Times T1 and T2 are configurable by the server through options. T1
+ defaults to (0.5 * duration_of_lease). T2 defaults to (0.875 *
+ duration_of_lease). Times T1 and T2 SHOULD be chosen with some
+ random "fuzz" around a fixed value, to avoid synchronization of
+ client reacquisition.
+
+ A client MAY choose to renew or extend its lease prior to T1. The
+ server MAY choose to extend the client's lease according to policy
+ set by the network administrator. The server SHOULD return T1 and
+ T2, and their values SHOULD be adjusted from their original values to
+ take account of the time remaining on the lease.
+
+ In both RENEWING and REBINDING states, if the client receives no
+ response to its DHCPREQUEST message, the client SHOULD wait one-half
+ of the remaining time until T2 (in RENEWING state) and one-half of
+ the remaining lease time (in REBINDING state), down to a minimum of
+ 60 seconds, before retransmitting the DHCPREQUEST message.
+
+ If the lease expires before the client receives a DHCPACK, the client
+ moves to INIT state, MUST immediately stop any other network
+ processing and requests network initialization parameters as if the
+ client were uninitialized. If the client then receives a DHCPACK
+ allocating that client its previous network address, the client
+ SHOULD continue network processing. If the client is given a new
+ network address, it MUST NOT continue using the previous network
+ address and SHOULD notify the local users of the problem.
+
+4.4.6 DHCPRELEASE
+
+ If the client no longer requires use of its assigned network address
+ (e.g., the client is gracefully shut down), the client sends a
+ DHCPRELEASE message to the server. Note that the correct operation
+ of DHCP does not depend on the transmission of DHCPRELEASE messages.
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 41]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+5. Acknowledgments
+
+ The author thanks the many (and too numerous to mention!) members of
+ the DHC WG for their tireless and ongoing efforts in the development
+ of DHCP and this document.
+
+ The efforts of J Allard, Mike Carney, Dave Lapp, Fred Lien and John
+ Mendonca in organizing DHCP interoperability testing sessions are
+ gratefully acknowledged.
+
+ The development of this document was supported in part by grants from
+ the Corporation for National Research Initiatives (CNRI), Bucknell
+ University and Sun Microsystems.
+
+6. References
+
+ [1] Acetta, M., "Resource Location Protocol", RFC 887, CMU, December
+ 1983.
+
+ [2] Alexander, S., and R. Droms, "DHCP Options and BOOTP Vendor
+ Extensions", RFC 1533, Lachman Technology, Inc., Bucknell
+ University, October 1993.
+
+ [3] Braden, R., Editor, "Requirements for Internet Hosts --
+ Communication Layers", STD 3, RFC 1122, USC/Information Sciences
+ Institute, October 1989.
+
+ [4] Braden, R., Editor, "Requirements for Internet Hosts --
+ Application and Support, STD 3, RFC 1123, USC/Information
+ Sciences Institute, October 1989.
+
+ [5] Brownell, D, "Dynamic Reverse Address Resolution Protocol
+ (DRARP)", Work in Progress.
+
+ [6] Comer, D., and R. Droms, "Uniform Access to Internet Directory
+ Services", Proc. of ACM SIGCOMM '90 (Special issue of Computer
+ Communications Review), 20(4):50--59, 1990.
+
+ [7] Croft, B., and J. Gilmore, "Bootstrap Protocol (BOOTP)", RFC 951,
+ Stanford and SUN Microsystems, September 1985.
+
+ [8] Deering, S., "ICMP Router Discovery Messages", RFC 1256, Xerox
+ PARC, September 1991.
+
+ [9] Droms, D., "Interoperation between DHCP and BOOTP", RFC 1534,
+ Bucknell University, October 1993.
+
+
+
+
+
+Droms Standards Track [Page 42]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ [10] Finlayson, R., Mann, T., Mogul, J., and M. Theimer, "A Reverse
+ Address Resolution Protocol", RFC 903, Stanford, June 1984.
+
+ [11] Gray C., and D. Cheriton, "Leases: An Efficient Fault-Tolerant
+ Mechanism for Distributed File Cache Consistency", In Proc. of
+ the Twelfth ACM Symposium on Operating Systems Design, 1989.
+
+ [12] Mockapetris, P., "Domain Names -- Concepts and Facilities", STD
+ 13, RFC 1034, USC/Information Sciences Institute, November 1987.
+
+ [13] Mockapetris, P., "Domain Names -- Implementation and
+ Specification", STD 13, RFC 1035, USC/Information Sciences
+ Institute, November 1987.
+
+ [14] Mogul J., and S. Deering, "Path MTU Discovery", RFC 1191,
+ November 1990.
+
+ [15] Morgan, R., "Dynamic IP Address Assignment for Ethernet Attached
+ Hosts", Work in Progress.
+
+ [16] Postel, J., "Internet Control Message Protocol", STD 5, RFC 792,
+ USC/Information Sciences Institute, September 1981.
+
+ [17] Reynolds, J., "BOOTP Vendor Information Extensions", RFC 1497,
+ USC/Information Sciences Institute, August 1993.
+
+ [18] Reynolds, J., and J. Postel, "Assigned Numbers", STD 2, RFC 1700,
+ USC/Information Sciences Institute, October 1994.
+
+ [19] Jeffrey Schiller and Mark Rosenstein. A Protocol for the Dynamic
+ Assignment of IP Addresses for use on an Ethernet. (Available
+ from the Athena Project, MIT), 1989.
+
+ [20] Sollins, K., "The TFTP Protocol (Revision 2)", RFC 783, NIC,
+ June 1981.
+
+ [21] Wimer, W., "Clarifications and Extensions for the Bootstrap
+ Protocol", RFC 1542, Carnegie Mellon University, October 1993.
+
+7. Security Considerations
+
+ DHCP is built directly on UDP and IP which are as yet inherently
+ insecure. Furthermore, DHCP is generally intended to make
+ maintenance of remote and/or diskless hosts easier. While perhaps
+ not impossible, configuring such hosts with passwords or keys may be
+ difficult and inconvenient. Therefore, DHCP in its current form is
+ quite insecure.
+
+
+
+
+Droms Standards Track [Page 43]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+ Unauthorized DHCP servers may be easily set up. Such servers can
+ then send false and potentially disruptive information to clients
+ such as incorrect or duplicate IP addresses, incorrect routing
+ information (including spoof routers, etc.), incorrect domain
+ nameserver addresses (such as spoof nameservers), and so on.
+ Clearly, once this seed information is in place, an attacker can
+ further compromise affected systems.
+
+ Malicious DHCP clients could masquerade as legitimate clients and
+ retrieve information intended for those legitimate clients. Where
+ dynamic allocation of resources is used, a malicious client could
+ claim all resources for itself, thereby denying resources to
+ legitimate clients.
+
+8. Author's Address
+
+ Ralph Droms
+ Computer Science Department
+ 323 Dana Engineering
+ Bucknell University
+ Lewisburg, PA 17837
+
+ Phone: (717) 524-1145
+ EMail: droms@bucknell.edu
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Droms Standards Track [Page 44]
+
+RFC 2131 Dynamic Host Configuration Protocol March 1997
+
+
+A. Host Configuration Parameters
+
+ IP-layer_parameters,_per_host:_
+
+ Be a router on/off HRC 3.1
+ Non-local source routing on/off HRC 3.3.5
+ Policy filters for
+ non-local source routing (list) HRC 3.3.5
+ Maximum reassembly size integer HRC 3.3.2
+ Default TTL integer HRC 3.2.1.7
+ PMTU aging timeout integer MTU 6.6
+ MTU plateau table (list) MTU 7
+ IP-layer_parameters,_per_interface:_
+ IP address (address) HRC 3.3.1.6
+ Subnet mask (address mask) HRC 3.3.1.6
+ MTU integer HRC 3.3.3
+ All-subnets-MTU on/off HRC 3.3.3
+ Broadcast address flavor 0x00000000/0xffffffff HRC 3.3.6
+ Perform mask discovery on/off HRC 3.2.2.9
+ Be a mask supplier on/off HRC 3.2.2.9
+ Perform router discovery on/off RD 5.1
+ Router solicitation address (address) RD 5.1
+ Default routers, list of:
+ router address (address) HRC 3.3.1.6
+ preference level integer HRC 3.3.1.6
+ Static routes, list of:
+ destination (host/subnet/net) HRC 3.3.1.2
+ destination mask (address mask) HRC 3.3.1.2
+ type-of-service integer HRC 3.3.1.2
+ first-hop router (address) HRC 3.3.1.2
+ ignore redirects on/off HRC 3.3.1.2
+ PMTU integer MTU 6.6
+ perform PMTU discovery on/off MTU 6.6
+
+ Link-layer_parameters,_per_interface:_
+ Trailers on/off HRC 2.3.1
+ ARP cache timeout integer HRC 2.3.2.1
+ Ethernet encapsulation (RFC 894/RFC 1042) HRC 2.3.3
+
+ TCP_parameters,_per_host:_
+ TTL integer HRC 4.2.2.19
+ Keep-alive interval integer HRC 4.2.3.6
+ Keep-alive data size 0/1 HRC 4.2.3.6
+
+Key:
+
+ MTU = Path MTU Discovery (RFC 1191, Proposed Standard)
+ RD = Router Discovery (RFC 1256, Proposed Standard)
+
+
+
+Droms Standards Track [Page 45]
+
diff --git a/rfc/rfc2132.txt b/rfc/rfc2132.txt
new file mode 100644
index 00000000..e9c4f4b3
--- /dev/null
+++ b/rfc/rfc2132.txt
@@ -0,0 +1,1907 @@
+
+
+
+
+
+
+Network Working Group S. Alexander
+Request for Comments: 2132 Silicon Graphics, Inc.
+Obsoletes: 1533 R. Droms
+Category: Standards Track Bucknell University
+ March 1997
+
+ DHCP Options and BOOTP Vendor Extensions
+
+Status of this memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Abstract
+
+ The Dynamic Host Configuration Protocol (DHCP) [1] provides a
+ framework for passing configuration information to hosts on a TCP/IP
+ network. Configuration parameters and other control information are
+ carried in tagged data items that are stored in the 'options' field
+ of the DHCP message. The data items themselves are also called
+ "options."
+
+ This document specifies the current set of DHCP options. Future
+ options will be specified in separate RFCs. The current list of
+ valid options is also available in ftp://ftp.isi.edu/in-
+ notes/iana/assignments [22].
+
+ All of the vendor information extensions defined in RFC 1497 [2] may
+ be used as DHCP options. The definitions given in RFC 1497 are
+ included in this document, which supersedes RFC 1497. All of the
+ DHCP options defined in this document, except for those specific to
+ DHCP as defined in section 9, may be used as BOOTP vendor information
+ extensions.
+
+Table of Contents
+
+ 1. Introduction .............................................. 2
+ 2. BOOTP Extension/DHCP Option Field Format .................. 4
+ 3. RFC 1497 Vendor Extensions ................................ 5
+ 4. IP Layer Parameters per Host .............................. 11
+ 5. IP Layer Parameters per Interface ........................ 13
+ 6. Link Layer Parameters per Interface ....................... 16
+ 7. TCP Parameters ............................................ 17
+ 8. Application and Service Parameters ........................ 18
+ 9. DHCP Extensions ........................................... 25
+
+
+
+Alexander & Droms Standards Track [Page 1]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ 10. Defining new extensions ................................... 31
+ 11. Acknowledgements .......................................... 31
+ 12. References ................................................ 32
+ 13. Security Considerations ................................... 33
+ 14. Authors' Addresses ........................................ 34
+
+1. Introduction
+
+ This document specifies options for use with both the Dynamic Host
+ Configuration Protocol and the Bootstrap Protocol.
+
+ The full description of DHCP packet formats may be found in the DHCP
+ specification document [1], and the full description of BOOTP packet
+ formats may be found in the BOOTP specification document [3]. This
+ document defines the format of information in the last field of DHCP
+ packets ('options') and of BOOTP packets ('vend'). The remainder of
+ this section defines a generalized use of this area for giving
+ information useful to a wide class of machines, operating systems and
+ configurations. Sites with a single DHCP or BOOTP server that is
+ shared among heterogeneous clients may choose to define other, site-
+ specific formats for the use of the 'options' field.
+
+ Section 2 of this memo describes the formats of DHCP options and
+ BOOTP vendor extensions. Section 3 describes options defined in
+ previous documents for use with BOOTP (all may also be used with
+ DHCP). Sections 4-8 define new options intended for use with both
+ DHCP and BOOTP. Section 9 defines options used only in DHCP.
+
+ References further describing most of the options defined in sections
+ 2-6 can be found in section 12. The use of the options defined in
+ section 9 is described in the DHCP specification [1].
+
+ Information on registering new options is contained in section 10.
+
+ This document updates the definition of DHCP/BOOTP options that
+ appears in RFC1533. The classing mechanism has been extended to
+ include vendor classes as described in section 8.4 and 9.13. The new
+ procedure for defining new DHCP/BOOTP options in described in section
+ 10. Several new options, including NIS+ domain and servers, Mobile
+ IP home agent, SMTP server, TFTP server and Bootfile server, have
+ been added. Text giving definitions used throughout the document has
+ been added in section 1.1. Text emphasizing the need for uniqueness
+ of client-identifiers has been added to section 9.14.
+
+
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 2]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+1.1 Requirements
+
+ Throughout this document, the words that are used to define the
+ significance of particular requirements are capitalized. These words
+ are:
+
+ o "MUST"
+
+ This word or the adjective "REQUIRED" means that the item is an
+ absolute requirement of this specification.
+
+ o "MUST NOT"
+
+ This phrase means that the item is an absolute prohibition of
+ this specification.
+
+ o "SHOULD"
+
+ This word or the adjective "RECOMMENDED" means that there may
+ exist valid reasons in particular circumstances to ignore this
+ item, but the full implications should be understood and the case
+ carefully weighed before choosing a different course.
+
+ o "SHOULD NOT"
+
+ This phrase means that there may exist valid reasons in
+ particular circumstances when the listed behavior is acceptable
+ or even useful, but the full implications should be understood
+ and the case carefully weighed before implementing any behavior
+ described with this label.
+
+ o "MAY"
+
+ This word or the adjective "OPTIONAL" means that this item is
+ truly optional. One vendor may choose to include the item
+ because a particular marketplace requires it or because it
+ enhances the product, for example; another vendor may omit the
+ same item.
+
+1.2 Terminology
+
+ This document uses the following terms:
+
+ o "DHCP client"
+
+ A DHCP client or "client" is an Internet host using DHCP to
+ obtain configuration parameters such as a network address.
+
+
+
+
+Alexander & Droms Standards Track [Page 3]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ o "DHCP server"
+
+ A DHCP server of "server"is an Internet host that returns
+ configuration parameters to DHCP clients.
+
+ o "binding"
+
+ A binding is a collection of configuration parameters, including
+ at least an IP address, associated with or "bound to" a DHCP
+ client. Bindings are managed by DHCP servers.
+
+2. BOOTP Extension/DHCP Option Field Format
+
+
+ DHCP options have the same format as the BOOTP 'vendor extensions'
+ defined in RFC 1497 [2]. Options may be fixed length or variable
+ length. All options begin with a tag octet, which uniquely
+ identifies the option. Fixed-length options without data consist of
+ only a tag octet. Only options 0 and 255 are fixed length. All
+ other options are variable-length with a length octet following the
+ tag octet. The value of the length octet does not include the two
+ octets specifying the tag and length. The length octet is followed
+ by "length" octets of data. Options containing NVT ASCII data SHOULD
+ NOT include a trailing NULL; however, the receiver of such options
+ MUST be prepared to delete trailing nulls if they exist. The
+ receiver MUST NOT require that a trailing null be included in the
+ data. In the case of some variable-length options the length field
+ is a constant but must still be specified.
+
+ Any options defined subsequent to this document MUST contain a length
+ octet even if the length is fixed or zero.
+
+ All multi-octet quantities are in network byte-order.
+
+ When used with BOOTP, the first four octets of the vendor information
+ field have been assigned to the "magic cookie" (as suggested in RFC
+ 951). This field identifies the mode in which the succeeding data is
+ to be interpreted. The value of the magic cookie is the 4 octet
+ dotted decimal 99.130.83.99 (or hexadecimal number 63.82.53.63) in
+ network byte order.
+
+ All of the "vendor extensions" defined in RFC 1497 are also DHCP
+ options.
+
+ Option codes 128 to 254 (decimal) are reserved for site-specific
+ options.
+
+
+
+
+
+Alexander & Droms Standards Track [Page 4]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Except for the options in section 9, all options may be used with
+ either DHCP or BOOTP.
+
+ Many of these options have their default values specified in other
+ documents. In particular, RFC 1122 [4] specifies default values for
+ most IP and TCP configuration parameters.
+
+ Many options supply one or more 32-bit IP address. Use of IP
+ addresses rather than fully-qualified Domain Names (FQDNs) may make
+ future renumbering of IP hosts more difficult. Use of these
+ addresses is discouraged at sites that may require renumbering.
+
+3. RFC 1497 Vendor Extensions
+
+ This section lists the vendor extensions as defined in RFC 1497.
+ They are defined here for completeness.
+
+3.1. Pad Option
+
+ The pad option can be used to cause subsequent fields to align on
+ word boundaries.
+
+ The code for the pad option is 0, and its length is 1 octet.
+
+ Code
+ +-----+
+ | 0 |
+ +-----+
+
+3.2. End Option
+
+ The end option marks the end of valid information in the vendor
+ field. Subsequent octets should be filled with pad options.
+
+ The code for the end option is 255, and its length is 1 octet.
+
+ Code
+ +-----+
+ | 255 |
+ +-----+
+
+3.3. Subnet Mask
+
+ The subnet mask option specifies the client's subnet mask as per RFC
+ 950 [5].
+
+ If both the subnet mask and the router option are specified in a DHCP
+ reply, the subnet mask option MUST be first.
+
+
+
+Alexander & Droms Standards Track [Page 5]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for the subnet mask option is 1, and its length is 4 octets.
+
+ Code Len Subnet Mask
+ +-----+-----+-----+-----+-----+-----+
+ | 1 | 4 | m1 | m2 | m3 | m4 |
+ +-----+-----+-----+-----+-----+-----+
+
+3.4. Time Offset
+
+ The time offset field specifies the offset of the client's subnet in
+ seconds from Coordinated Universal Time (UTC). The offset is
+ expressed as a two's complement 32-bit integer. A positive offset
+ indicates a location east of the zero meridian and a negative offset
+ indicates a location west of the zero meridian.
+
+ The code for the time offset option is 2, and its length is 4 octets.
+
+ Code Len Time Offset
+ +-----+-----+-----+-----+-----+-----+
+ | 2 | 4 | n1 | n2 | n3 | n4 |
+ +-----+-----+-----+-----+-----+-----+
+
+3.5. Router Option
+
+ The router option specifies a list of IP addresses for routers on the
+ client's subnet. Routers SHOULD be listed in order of preference.
+
+ The code for the router option is 3. The minimum length for the
+ router option is 4 octets, and the length MUST always be a multiple
+ of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 3 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.6. Time Server Option
+
+ The time server option specifies a list of RFC 868 [6] time servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for the time server option is 4. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 6]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 4 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.7. Name Server Option
+
+ The name server option specifies a list of IEN 116 [7] name servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for the name server option is 5. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 5 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.8. Domain Name Server Option
+
+ The domain name server option specifies a list of Domain Name System
+ (STD 13, RFC 1035 [8]) name servers available to the client. Servers
+ SHOULD be listed in order of preference.
+
+ The code for the domain name server option is 6. The minimum length
+ for this option is 4 octets, and the length MUST always be a multiple
+ of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 6 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.9. Log Server Option
+
+ The log server option specifies a list of MIT-LCS UDP log servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for the log server option is 7. The minimum length for this
+ option is 4 octets, and the length MUST always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 7 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+
+
+Alexander & Droms Standards Track [Page 7]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+3.10. Cookie Server Option
+
+ The cookie server option specifies a list of RFC 865 [9] cookie
+ servers available to the client. Servers SHOULD be listed in order
+ of preference.
+
+ The code for the log server option is 8. The minimum length for this
+ option is 4 octets, and the length MUST always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 8 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.11. LPR Server Option
+
+ The LPR server option specifies a list of RFC 1179 [10] line printer
+ servers available to the client. Servers SHOULD be listed in order
+ of preference.
+
+ The code for the LPR server option is 9. The minimum length for this
+ option is 4 octets, and the length MUST always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 9 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.12. Impress Server Option
+
+ The Impress server option specifies a list of Imagen Impress servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for the Impress server option is 10. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 10 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.13. Resource Location Server Option
+
+ This option specifies a list of RFC 887 [11] Resource Location
+ servers available to the client. Servers SHOULD be listed in order
+ of preference.
+
+
+
+Alexander & Droms Standards Track [Page 8]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 11. The minimum length for this option
+ is 4 octets, and the length MUST always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 11 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.14. Host Name Option
+
+ This option specifies the name of the client. The name may or may
+ not be qualified with the local domain name (see section 3.17 for the
+ preferred way to retrieve the domain name). See RFC 1035 for
+ character set restrictions.
+
+ The code for this option is 12, and its minimum length is 1.
+
+ Code Len Host Name
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 12 | n | h1 | h2 | h3 | h4 | h5 | h6 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+3.15. Boot File Size Option
+
+ This option specifies the length in 512-octet blocks of the default
+ boot image for the client. The file length is specified as an
+ unsigned 16-bit integer.
+
+ The code for this option is 13, and its length is 2.
+
+ Code Len File Size
+ +-----+-----+-----+-----+
+ | 13 | 2 | l1 | l2 |
+ +-----+-----+-----+-----+
+
+3.16. Merit Dump File
+
+ This option specifies the path-name of a file to which the client's
+ core image should be dumped in the event the client crashes. The
+ path is formatted as a character string consisting of characters from
+ the NVT ASCII character set.
+
+ The code for this option is 14. Its minimum length is 1.
+
+ Code Len Dump File Pathname
+ +-----+-----+-----+-----+-----+-----+---
+ | 14 | n | n1 | n2 | n3 | n4 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+
+
+Alexander & Droms Standards Track [Page 9]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+3.17. Domain Name
+
+ This option specifies the domain name that client should use when
+ resolving hostnames via the Domain Name System.
+
+ The code for this option is 15. Its minimum length is 1.
+
+ Code Len Domain Name
+ +-----+-----+-----+-----+-----+-----+--
+ | 15 | n | d1 | d2 | d3 | d4 | ...
+ +-----+-----+-----+-----+-----+-----+--
+
+3.18. Swap Server
+
+ This specifies the IP address of the client's swap server.
+
+ The code for this option is 16 and its length is 4.
+
+ Code Len Swap Server Address
+ +-----+-----+-----+-----+-----+-----+
+ | 16 | n | a1 | a2 | a3 | a4 |
+ +-----+-----+-----+-----+-----+-----+
+
+3.19. Root Path
+
+ This option specifies the path-name that contains the client's root
+ disk. The path is formatted as a character string consisting of
+ characters from the NVT ASCII character set.
+
+ The code for this option is 17. Its minimum length is 1.
+
+ Code Len Root Disk Pathname
+ +-----+-----+-----+-----+-----+-----+---
+ | 17 | n | n1 | n2 | n3 | n4 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+3.20. Extensions Path
+
+ A string to specify a file, retrievable via TFTP, which contains
+ information which can be interpreted in the same way as the 64-octet
+ vendor-extension field within the BOOTP response, with the following
+ exceptions:
+
+ - the length of the file is unconstrained;
+ - all references to Tag 18 (i.e., instances of the
+ BOOTP Extensions Path field) within the file are
+ ignored.
+
+
+
+
+Alexander & Droms Standards Track [Page 10]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 18. Its minimum length is 1.
+
+ Code Len Extensions Pathname
+ +-----+-----+-----+-----+-----+-----+---
+ | 18 | n | n1 | n2 | n3 | n4 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+4. IP Layer Parameters per Host
+
+ This section details the options that affect the operation of the IP
+ layer on a per-host basis.
+
+4.1. IP Forwarding Enable/Disable Option
+
+ This option specifies whether the client should configure its IP
+ layer for packet forwarding. A value of 0 means disable IP
+ forwarding, and a value of 1 means enable IP forwarding.
+
+ The code for this option is 19, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 19 | 1 | 0/1 |
+ +-----+-----+-----+
+
+4.2. Non-Local Source Routing Enable/Disable Option
+
+ This option specifies whether the client should configure its IP
+ layer to allow forwarding of datagrams with non-local source routes
+ (see Section 3.3.5 of [4] for a discussion of this topic). A value
+ of 0 means disallow forwarding of such datagrams, and a value of 1
+ means allow forwarding.
+
+ The code for this option is 20, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 20 | 1 | 0/1 |
+ +-----+-----+-----+
+
+4.3. Policy Filter Option
+
+ This option specifies policy filters for non-local source routing.
+ The filters consist of a list of IP addresses and masks which specify
+ destination/mask pairs with which to filter incoming source routes.
+
+ Any source routed datagram whose next-hop address does not match one
+ of the filters should be discarded by the client.
+
+
+
+Alexander & Droms Standards Track [Page 11]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ See [4] for further information.
+
+ The code for this option is 21. The minimum length of this option is
+ 8, and the length MUST be a multiple of 8.
+
+ Code Len Address 1 Mask 1
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+ | 21 | n | a1 | a2 | a3 | a4 | m1 | m2 | m3 | m4 |
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+ Address 2 Mask 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+ | a1 | a2 | a3 | a4 | m1 | m2 | m3 | m4 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+
+4.4. Maximum Datagram Reassembly Size
+
+ This option specifies the maximum size datagram that the client
+ should be prepared to reassemble. The size is specified as a 16-bit
+ unsigned integer. The minimum value legal value is 576.
+
+ The code for this option is 22, and its length is 2.
+
+ Code Len Size
+ +-----+-----+-----+-----+
+ | 22 | 2 | s1 | s2 |
+ +-----+-----+-----+-----+
+
+4.5. Default IP Time-to-live
+
+ This option specifies the default time-to-live that the client should
+ use on outgoing datagrams. The TTL is specified as an octet with a
+ value between 1 and 255.
+
+ The code for this option is 23, and its length is 1.
+
+ Code Len TTL
+ +-----+-----+-----+
+ | 23 | 1 | ttl |
+ +-----+-----+-----+
+
+4.6. Path MTU Aging Timeout Option
+
+ This option specifies the timeout (in seconds) to use when aging Path
+ MTU values discovered by the mechanism defined in RFC 1191 [12]. The
+ timeout is specified as a 32-bit unsigned integer.
+
+ The code for this option is 24, and its length is 4.
+
+
+
+
+Alexander & Droms Standards Track [Page 12]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Timeout
+ +-----+-----+-----+-----+-----+-----+
+ | 24 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+4.7. Path MTU Plateau Table Option
+
+ This option specifies a table of MTU sizes to use when performing
+ Path MTU Discovery as defined in RFC 1191. The table is formatted as
+ a list of 16-bit unsigned integers, ordered from smallest to largest.
+ The minimum MTU value cannot be smaller than 68.
+
+ The code for this option is 25. Its minimum length is 2, and the
+ length MUST be a multiple of 2.
+
+ Code Len Size 1 Size 2
+ +-----+-----+-----+-----+-----+-----+---
+ | 25 | n | s1 | s2 | s1 | s2 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+5. IP Layer Parameters per Interface
+
+ This section details the options that affect the operation of the IP
+ layer on a per-interface basis. It is expected that a client can
+ issue multiple requests, one per interface, in order to configure
+ interfaces with their specific parameters.
+
+5.1. Interface MTU Option
+
+ This option specifies the MTU to use on this interface. The MTU is
+ specified as a 16-bit unsigned integer. The minimum legal value for
+ the MTU is 68.
+
+ The code for this option is 26, and its length is 2.
+
+ Code Len MTU
+ +-----+-----+-----+-----+
+ | 26 | 2 | m1 | m2 |
+ +-----+-----+-----+-----+
+
+5.2. All Subnets are Local Option
+
+ This option specifies whether or not the client may assume that all
+ subnets of the IP network to which the client is connected use the
+ same MTU as the subnet of that network to which the client is
+ directly connected. A value of 1 indicates that all subnets share
+ the same MTU. A value of 0 means that the client should assume that
+ some subnets of the directly connected network may have smaller MTUs.
+
+
+
+Alexander & Droms Standards Track [Page 13]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 27, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 27 | 1 | 0/1 |
+ +-----+-----+-----+
+
+5.3. Broadcast Address Option
+
+ This option specifies the broadcast address in use on the client's
+ subnet. Legal values for broadcast addresses are specified in
+ section 3.2.1.3 of [4].
+
+ The code for this option is 28, and its length is 4.
+
+ Code Len Broadcast Address
+ +-----+-----+-----+-----+-----+-----+
+ | 28 | 4 | b1 | b2 | b3 | b4 |
+ +-----+-----+-----+-----+-----+-----+
+
+5.4. Perform Mask Discovery Option
+
+ This option specifies whether or not the client should perform subnet
+ mask discovery using ICMP. A value of 0 indicates that the client
+ should not perform mask discovery. A value of 1 means that the
+ client should perform mask discovery.
+
+ The code for this option is 29, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 29 | 1 | 0/1 |
+ +-----+-----+-----+
+
+5.5. Mask Supplier Option
+
+ This option specifies whether or not the client should respond to
+ subnet mask requests using ICMP. A value of 0 indicates that the
+ client should not respond. A value of 1 means that the client should
+ respond.
+
+ The code for this option is 30, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 30 | 1 | 0/1 |
+ +-----+-----+-----+
+
+
+
+
+Alexander & Droms Standards Track [Page 14]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+5.6. Perform Router Discovery Option
+
+ This option specifies whether or not the client should solicit
+ routers using the Router Discovery mechanism defined in RFC 1256
+ [13]. A value of 0 indicates that the client should not perform
+ router discovery. A value of 1 means that the client should perform
+ router discovery.
+
+ The code for this option is 31, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 31 | 1 | 0/1 |
+ +-----+-----+-----+
+
+5.7. Router Solicitation Address Option
+
+ This option specifies the address to which the client should transmit
+ router solicitation requests.
+
+ The code for this option is 32, and its length is 4.
+
+ Code Len Address
+ +-----+-----+-----+-----+-----+-----+
+ | 32 | 4 | a1 | a2 | a3 | a4 |
+ +-----+-----+-----+-----+-----+-----+
+
+5.8. Static Route Option
+
+ This option specifies a list of static routes that the client should
+ install in its routing cache. If multiple routes to the same
+ destination are specified, they are listed in descending order of
+ priority.
+
+ The routes consist of a list of IP address pairs. The first address
+ is the destination address, and the second address is the router for
+ the destination.
+
+ The default route (0.0.0.0) is an illegal destination for a static
+ route. See section 3.5 for information about the router option.
+
+ The code for this option is 33. The minimum length of this option is
+ 8, and the length MUST be a multiple of 8.
+
+
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 15]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Destination 1 Router 1
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+ | 33 | n | d1 | d2 | d3 | d4 | r1 | r2 | r3 | r4 |
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+ Destination 2 Router 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+ | d1 | d2 | d3 | d4 | r1 | r2 | r3 | r4 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+
+6. Link Layer Parameters per Interface
+
+ This section lists the options that affect the operation of the data
+ link layer on a per-interface basis.
+
+6.1. Trailer Encapsulation Option
+
+ This option specifies whether or not the client should negotiate the
+ use of trailers (RFC 893 [14]) when using the ARP protocol. A value
+ of 0 indicates that the client should not attempt to use trailers. A
+ value of 1 means that the client should attempt to use trailers.
+
+ The code for this option is 34, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 34 | 1 | 0/1 |
+ +-----+-----+-----+
+
+6.2. ARP Cache Timeout Option
+
+ This option specifies the timeout in seconds for ARP cache entries.
+ The time is specified as a 32-bit unsigned integer.
+
+ The code for this option is 35, and its length is 4.
+
+ Code Len Time
+ +-----+-----+-----+-----+-----+-----+
+ | 35 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+6.3. Ethernet Encapsulation Option
+
+ This option specifies whether or not the client should use Ethernet
+ Version 2 (RFC 894 [15]) or IEEE 802.3 (RFC 1042 [16]) encapsulation
+ if the interface is an Ethernet. A value of 0 indicates that the
+ client should use RFC 894 encapsulation. A value of 1 means that the
+ client should use RFC 1042 encapsulation.
+
+
+
+
+Alexander & Droms Standards Track [Page 16]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 36, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 36 | 1 | 0/1 |
+ +-----+-----+-----+
+
+7. TCP Parameters
+
+ This section lists the options that affect the operation of the TCP
+ layer on a per-interface basis.
+
+7.1. TCP Default TTL Option
+
+ This option specifies the default TTL that the client should use when
+ sending TCP segments. The value is represented as an 8-bit unsigned
+ integer. The minimum value is 1.
+
+ The code for this option is 37, and its length is 1.
+
+ Code Len TTL
+ +-----+-----+-----+
+ | 37 | 1 | n |
+ +-----+-----+-----+
+
+7.2. TCP Keepalive Interval Option
+
+ This option specifies the interval (in seconds) that the client TCP
+ should wait before sending a keepalive message on a TCP connection.
+ The time is specified as a 32-bit unsigned integer. A value of zero
+ indicates that the client should not generate keepalive messages on
+ connections unless specifically requested by an application.
+
+ The code for this option is 38, and its length is 4.
+
+ Code Len Time
+ +-----+-----+-----+-----+-----+-----+
+ | 38 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+7.3. TCP Keepalive Garbage Option
+
+ This option specifies the whether or not the client should send TCP
+ keepalive messages with a octet of garbage for compatibility with
+ older implementations. A value of 0 indicates that a garbage octet
+ should not be sent. A value of 1 indicates that a garbage octet
+ should be sent.
+
+
+
+
+Alexander & Droms Standards Track [Page 17]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 39, and its length is 1.
+
+ Code Len Value
+ +-----+-----+-----+
+ | 39 | 1 | 0/1 |
+ +-----+-----+-----+
+
+8. Application and Service Parameters
+
+ This section details some miscellaneous options used to configure
+ miscellaneous applications and services.
+
+8.1. Network Information Service Domain Option
+
+ This option specifies the name of the client's NIS [17] domain. The
+ domain is formatted as a character string consisting of characters
+ from the NVT ASCII character set.
+
+ The code for this option is 40. Its minimum length is 1.
+
+ Code Len NIS Domain Name
+ +-----+-----+-----+-----+-----+-----+---
+ | 40 | n | n1 | n2 | n3 | n4 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+8.2. Network Information Servers Option
+
+ This option specifies a list of IP addresses indicating NIS servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for this option is 41. Its minimum length is 4, and the
+ length MUST be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 41 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.3. Network Time Protocol Servers Option
+
+ This option specifies a list of IP addresses indicating NTP [18]
+ servers available to the client. Servers SHOULD be listed in order
+ of preference.
+
+ The code for this option is 42. Its minimum length is 4, and the
+ length MUST be a multiple of 4.
+
+
+
+
+Alexander & Droms Standards Track [Page 18]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 42 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.4. Vendor Specific Information
+
+ This option is used by clients and servers to exchange vendor-
+ specific information. The information is an opaque object of n
+ octets, presumably interpreted by vendor-specific code on the clients
+ and servers. The definition of this information is vendor specific.
+ The vendor is indicated in the vendor class identifier option.
+ Servers not equipped to interpret the vendor-specific information
+ sent by a client MUST ignore it (although it may be reported).
+ Clients which do not receive desired vendor-specific information
+ SHOULD make an attempt to operate without it, although they may do so
+ (and announce they are doing so) in a degraded mode.
+
+ If a vendor potentially encodes more than one item of information in
+ this option, then the vendor SHOULD encode the option using
+ "Encapsulated vendor-specific options" as described below:
+
+ The Encapsulated vendor-specific options field SHOULD be encoded as a
+ sequence of code/length/value fields of identical syntax to the DHCP
+ options field with the following exceptions:
+
+ 1) There SHOULD NOT be a "magic cookie" field in the encapsulated
+ vendor-specific extensions field.
+
+ 2) Codes other than 0 or 255 MAY be redefined by the vendor within
+ the encapsulated vendor-specific extensions field, but SHOULD
+ conform to the tag-length-value syntax defined in section 2.
+
+ 3) Code 255 (END), if present, signifies the end of the
+ encapsulated vendor extensions, not the end of the vendor
+ extensions field. If no code 255 is present, then the end of
+ the enclosing vendor-specific information field is taken as the
+ end of the encapsulated vendor-specific extensions field.
+
+ The code for this option is 43 and its minimum length is 1.
+
+ Code Len Vendor-specific information
+ +-----+-----+-----+-----+---
+ | 43 | n | i1 | i2 | ...
+ +-----+-----+-----+-----+---
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 19]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ When encapsulated vendor-specific extensions are used, the
+ information bytes 1-n have the following format:
+
+ Code Len Data item Code Len Data item Code
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+ | T1 | n | d1 | d2 | ... | T2 | n | D1 | D2 | ... | ... |
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
+
+8.5. NetBIOS over TCP/IP Name Server Option
+
+ The NetBIOS name server (NBNS) option specifies a list of RFC
+ 1001/1002 [19] [20] NBNS name servers listed in order of preference.
+
+ The code for this option is 44. The minimum length of the option is
+ 4 octets, and the length must always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+----
+ | 44 | n | a1 | a2 | a3 | a4 | b1 | b2 | b3 | b4 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+----
+
+8.6. NetBIOS over TCP/IP Datagram Distribution Server Option
+
+ The NetBIOS datagram distribution server (NBDD) option specifies a
+ list of RFC 1001/1002 NBDD servers listed in order of preference. The
+ code for this option is 45. The minimum length of the option is 4
+ octets, and the length must always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+----
+ | 45 | n | a1 | a2 | a3 | a4 | b1 | b2 | b3 | b4 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+----
+
+8.7. NetBIOS over TCP/IP Node Type Option
+
+ The NetBIOS node type option allows NetBIOS over TCP/IP clients which
+ are configurable to be configured as described in RFC 1001/1002. The
+ value is specified as a single octet which identifies the client type
+ as follows:
+
+ Value Node Type
+ ----- ---------
+ 0x1 B-node
+ 0x2 P-node
+ 0x4 M-node
+ 0x8 H-node
+
+
+
+
+
+Alexander & Droms Standards Track [Page 20]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ In the above chart, the notation '0x' indicates a number in base-16
+ (hexadecimal).
+
+ The code for this option is 46. The length of this option is always
+ 1.
+
+ Code Len Node Type
+ +-----+-----+-----------+
+ | 46 | 1 | see above |
+ +-----+-----+-----------+
+
+8.8. NetBIOS over TCP/IP Scope Option
+
+ The NetBIOS scope option specifies the NetBIOS over TCP/IP scope
+ parameter for the client as specified in RFC 1001/1002. See [19],
+ [20], and [8] for character-set restrictions.
+
+ The code for this option is 47. The minimum length of this option is
+ 1.
+
+ Code Len NetBIOS Scope
+ +-----+-----+-----+-----+-----+-----+----
+ | 47 | n | s1 | s2 | s3 | s4 | ...
+ +-----+-----+-----+-----+-----+-----+----
+
+8.9. X Window System Font Server Option
+
+ This option specifies a list of X Window System [21] Font servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for this option is 48. The minimum length of this option is
+ 4 octets, and the length MUST be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+ | 48 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+
+8.10. X Window System Display Manager Option
+
+ This option specifies a list of IP addresses of systems that are
+ running the X Window System Display Manager and are available to the
+ client.
+
+ Addresses SHOULD be listed in order of preference.
+
+
+
+
+
+Alexander & Droms Standards Track [Page 21]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for the this option is 49. The minimum length of this option
+ is 4, and the length MUST be a multiple of 4.
+
+ Code Len Address 1 Address 2
+
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+ | 49 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+---
+
+8.11. Network Information Service+ Domain Option
+
+ This option specifies the name of the client's NIS+ [17] domain. The
+ domain is formatted as a character string consisting of characters
+ from the NVT ASCII character set.
+
+ The code for this option is 64. Its minimum length is 1.
+
+ Code Len NIS Client Domain Name
+ +-----+-----+-----+-----+-----+-----+---
+ | 64 | n | n1 | n2 | n3 | n4 | ...
+ +-----+-----+-----+-----+-----+-----+---
+
+8.12. Network Information Service+ Servers Option
+
+ This option specifies a list of IP addresses indicating NIS+ servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+ The code for this option is 65. Its minimum length is 4, and the
+ length MUST be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 65 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.13. Mobile IP Home Agent option
+
+ This option specifies a list of IP addresses indicating mobile IP
+ home agents available to the client. Agents SHOULD be listed in
+ order of preference.
+
+ The code for this option is 68. Its minimum length is 0 (indicating
+ no home agents are available) and the length MUST be a multiple of 4.
+ It is expected that the usual length will be four octets, containing
+ a single home agent's address.
+
+
+
+
+
+Alexander & Droms Standards Track [Page 22]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Home Agent Addresses (zero or more)
+ +-----+-----+-----+-----+-----+-----+--
+ | 68 | n | a1 | a2 | a3 | a4 | ...
+ +-----+-----+-----+-----+-----+-----+--
+
+8.14. Simple Mail Transport Protocol (SMTP) Server Option
+
+ The SMTP server option specifies a list of SMTP servers available to
+ the client. Servers SHOULD be listed in order of preference.
+
+ The code for the SMTP server option is 69. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 69 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.15. Post Office Protocol (POP3) Server Option
+
+ The POP3 server option specifies a list of POP3 available to the
+ client. Servers SHOULD be listed in order of preference.
+
+ The code for the POP3 server option is 70. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 70 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.16. Network News Transport Protocol (NNTP) Server Option
+
+ The NNTP server option specifies a list of NNTP available to the
+ client. Servers SHOULD be listed in order of preference.
+
+ The code for the NNTP server option is 71. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 71 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+
+
+
+
+Alexander & Droms Standards Track [Page 23]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+8.17. Default World Wide Web (WWW) Server Option
+
+ The WWW server option specifies a list of WWW available to the
+ client. Servers SHOULD be listed in order of preference.
+
+ The code for the WWW server option is 72. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 72 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.18. Default Finger Server Option
+
+ The Finger server option specifies a list of Finger available to the
+ client. Servers SHOULD be listed in order of preference.
+
+ The code for the Finger server option is 73. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 73 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.19. Default Internet Relay Chat (IRC) Server Option
+
+ The IRC server option specifies a list of IRC available to the
+ client. Servers SHOULD be listed in order of preference.
+
+ The code for the IRC server option is 74. The minimum length for
+ this option is 4 octets, and the length MUST always be a multiple of
+ 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 74 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.20. StreetTalk Server Option
+
+ The StreetTalk server option specifies a list of StreetTalk servers
+ available to the client. Servers SHOULD be listed in order of
+ preference.
+
+
+
+
+Alexander & Droms Standards Track [Page 24]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for the StreetTalk server option is 75. The minimum length
+ for this option is 4 octets, and the length MUST always be a multiple
+ of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 75 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+8.21. StreetTalk Directory Assistance (STDA) Server Option
+
+ The StreetTalk Directory Assistance (STDA) server option specifies a
+ list of STDA servers available to the client. Servers SHOULD be
+ listed in order of preference.
+
+ The code for the StreetTalk Directory Assistance server option is 76.
+ The minimum length for this option is 4 octets, and the length MUST
+ always be a multiple of 4.
+
+ Code Len Address 1 Address 2
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+ | 76 | n | a1 | a2 | a3 | a4 | a1 | a2 | ...
+ +-----+-----+-----+-----+-----+-----+-----+-----+--
+
+9. DHCP Extensions
+
+ This section details the options that are specific to DHCP.
+
+9.1. Requested IP Address
+
+ This option is used in a client request (DHCPDISCOVER) to allow the
+ client to request that a particular IP address be assigned.
+
+ The code for this option is 50, and its length is 4.
+
+ Code Len Address
+ +-----+-----+-----+-----+-----+-----+
+ | 50 | 4 | a1 | a2 | a3 | a4 |
+ +-----+-----+-----+-----+-----+-----+
+
+9.2. IP Address Lease Time
+
+ This option is used in a client request (DHCPDISCOVER or DHCPREQUEST)
+ to allow the client to request a lease time for the IP address. In a
+ server reply (DHCPOFFER), a DHCP server uses this option to specify
+ the lease time it is willing to offer.
+
+
+
+
+
+Alexander & Droms Standards Track [Page 25]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The time is in units of seconds, and is specified as a 32-bit
+ unsigned integer.
+
+ The code for this option is 51, and its length is 4.
+
+ Code Len Lease Time
+ +-----+-----+-----+-----+-----+-----+
+ | 51 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+9.3. Option Overload
+
+ This option is used to indicate that the DHCP 'sname' or 'file'
+ fields are being overloaded by using them to carry DHCP options. A
+ DHCP server inserts this option if the returned parameters will
+ exceed the usual space allotted for options.
+
+ If this option is present, the client interprets the specified
+ additional fields after it concludes interpretation of the standard
+ option fields.
+
+ The code for this option is 52, and its length is 1. Legal values
+ for this option are:
+
+ Value Meaning
+ ----- --------
+ 1 the 'file' field is used to hold options
+ 2 the 'sname' field is used to hold options
+ 3 both fields are used to hold options
+
+ Code Len Value
+ +-----+-----+-----+
+ | 52 | 1 |1/2/3|
+ +-----+-----+-----+
+
+9.4 TFTP server name
+
+ This option is used to identify a TFTP server when the 'sname' field
+ in the DHCP header has been used for DHCP options.
+
+ The code for this option is 66, and its minimum length is 1.
+
+ Code Len TFTP server
+ +-----+-----+-----+-----+-----+---
+ | 66 | n | c1 | c2 | c3 | ...
+ +-----+-----+-----+-----+-----+---
+
+
+
+
+
+Alexander & Droms Standards Track [Page 26]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+9.5 Bootfile name
+
+ This option is used to identify a bootfile when the 'file' field in
+ the DHCP header has been used for DHCP options.
+
+ The code for this option is 67, and its minimum length is 1.
+
+ Code Len Bootfile name
+ +-----+-----+-----+-----+-----+---
+ | 67 | n | c1 | c2 | c3 | ...
+ +-----+-----+-----+-----+-----+---
+
+9.6. DHCP Message Type
+
+ This option is used to convey the type of the DHCP message. The code
+ for this option is 53, and its length is 1. Legal values for this
+ option are:
+
+ Value Message Type
+ ----- ------------
+ 1 DHCPDISCOVER
+ 2 DHCPOFFER
+ 3 DHCPREQUEST
+ 4 DHCPDECLINE
+ 5 DHCPACK
+ 6 DHCPNAK
+ 7 DHCPRELEASE
+ 8 DHCPINFORM
+
+ Code Len Type
+ +-----+-----+-----+
+ | 53 | 1 | 1-9 |
+ +-----+-----+-----+
+
+9.7. Server Identifier
+
+ This option is used in DHCPOFFER and DHCPREQUEST messages, and may
+ optionally be included in the DHCPACK and DHCPNAK messages. DHCP
+ servers include this option in the DHCPOFFER in order to allow the
+ client to distinguish between lease offers. DHCP clients use the
+ contents of the 'server identifier' field as the destination address
+ for any DHCP messages unicast to the DHCP server. DHCP clients also
+ indicate which of several lease offers is being accepted by including
+ this option in a DHCPREQUEST message.
+
+ The identifier is the IP address of the selected server.
+
+ The code for this option is 54, and its length is 4.
+
+
+
+Alexander & Droms Standards Track [Page 27]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ Code Len Address
+ +-----+-----+-----+-----+-----+-----+
+ | 54 | 4 | a1 | a2 | a3 | a4 |
+ +-----+-----+-----+-----+-----+-----+
+
+9.8. Parameter Request List
+
+ This option is used by a DHCP client to request values for specified
+ configuration parameters. The list of requested parameters is
+ specified as n octets, where each octet is a valid DHCP option code
+ as defined in this document.
+
+ The client MAY list the options in order of preference. The DHCP
+ server is not required to return the options in the requested order,
+ but MUST try to insert the requested options in the order requested
+ by the client.
+
+ The code for this option is 55. Its minimum length is 1.
+
+ Code Len Option Codes
+ +-----+-----+-----+-----+---
+ | 55 | n | c1 | c2 | ...
+ +-----+-----+-----+-----+---
+
+9.9. Message
+
+ This option is used by a DHCP server to provide an error message to a
+ DHCP client in a DHCPNAK message in the event of a failure. A client
+ may use this option in a DHCPDECLINE message to indicate the why the
+ client declined the offered parameters. The message consists of n
+ octets of NVT ASCII text, which the client may display on an
+ available output device.
+
+ The code for this option is 56 and its minimum length is 1.
+
+ Code Len Text
+ +-----+-----+-----+-----+---
+ | 56 | n | c1 | c2 | ...
+ +-----+-----+-----+-----+---
+
+9.10. Maximum DHCP Message Size
+
+ This option specifies the maximum length DHCP message that it is
+ willing to accept. The length is specified as an unsigned 16-bit
+ integer. A client may use the maximum DHCP message size option in
+ DHCPDISCOVER or DHCPREQUEST messages, but should not use the option
+ in DHCPDECLINE messages.
+
+
+
+
+Alexander & Droms Standards Track [Page 28]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The code for this option is 57, and its length is 2. The minimum
+ legal value is 576 octets.
+
+ Code Len Length
+ +-----+-----+-----+-----+
+ | 57 | 2 | l1 | l2 |
+ +-----+-----+-----+-----+
+
+9.11. Renewal (T1) Time Value
+
+ This option specifies the time interval from address assignment until
+ the client transitions to the RENEWING state.
+
+ The value is in units of seconds, and is specified as a 32-bit
+ unsigned integer.
+
+ The code for this option is 58, and its length is 4.
+
+ Code Len T1 Interval
+ +-----+-----+-----+-----+-----+-----+
+ | 58 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+9.12. Rebinding (T2) Time Value
+
+ This option specifies the time interval from address assignment until
+ the client transitions to the REBINDING state.
+
+ The value is in units of seconds, and is specified as a 32-bit
+ unsigned integer.
+
+ The code for this option is 59, and its length is 4.
+
+ Code Len T2 Interval
+ +-----+-----+-----+-----+-----+-----+
+ | 59 | 4 | t1 | t2 | t3 | t4 |
+ +-----+-----+-----+-----+-----+-----+
+
+9.13. Vendor class identifier
+
+ This option is used by DHCP clients to optionally identify the vendor
+ type and configuration of a DHCP client. The information is a string
+ of n octets, interpreted by servers. Vendors may choose to define
+ specific vendor class identifiers to convey particular configuration
+ or other identification information about a client. For example, the
+ identifier may encode the client's hardware configuration. Servers
+ not equipped to interpret the class-specific information sent by a
+ client MUST ignore it (although it may be reported). Servers that
+
+
+
+Alexander & Droms Standards Track [Page 29]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ respond SHOULD only use option 43 to return the vendor-specific
+ information to the client.
+
+ The code for this option is 60, and its minimum length is 1.
+
+ Code Len Vendor class Identifier
+ +-----+-----+-----+-----+---
+ | 60 | n | i1 | i2 | ...
+ +-----+-----+-----+-----+---
+
+9.14. Client-identifier
+
+ This option is used by DHCP clients to specify their unique
+ identifier. DHCP servers use this value to index their database of
+ address bindings. This value is expected to be unique for all
+ clients in an administrative domain.
+
+ Identifiers SHOULD be treated as opaque objects by DHCP servers.
+
+ The client identifier MAY consist of type-value pairs similar to the
+ 'htype'/'chaddr' fields defined in [3]. For instance, it MAY consist
+ of a hardware type and hardware address. In this case the type field
+ SHOULD be one of the ARP hardware types defined in STD2 [22]. A
+ hardware type of 0 (zero) should be used when the value field
+ contains an identifier other than a hardware address (e.g. a fully
+ qualified domain name).
+
+ For correct identification of clients, each client's client-
+ identifier MUST be unique among the client-identifiers used on the
+ subnet to which the client is attached. Vendors and system
+ administrators are responsible for choosing client-identifiers that
+ meet this requirement for uniqueness.
+
+ The code for this option is 61, and its minimum length is 2.
+
+ Code Len Type Client-Identifier
+ +-----+-----+-----+-----+-----+---
+ | 61 | n | t1 | i1 | i2 | ...
+ +-----+-----+-----+-----+-----+---
+
+
+
+
+
+
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 30]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+10. Defining new extensions
+
+ The author of a new DHCP option will follow these steps to obtain
+ acceptance of the option as a part of the DHCP Internet Standard:
+
+ 1. The author devises the new option.
+ 2. The author requests a number for the new option from IANA by
+ contacting:
+ Internet Assigned Numbers Authority (IANA)
+ USC/Information Sciences Institute
+ 4676 Admiralty Way
+ Marina del Rey, California 90292-6695
+
+ or by email as: iana@iana.org
+
+ 3. The author documents the new option, using the newly obtained
+ option number, as an Internet Draft.
+ 4. The author submits the Internet Draft for review through the IETF
+ standards process as defined in "Internet Official Protocol
+ Standards" (STD 1). The new option will be submitted for eventual
+ acceptance as an Internet Standard.
+ 5. The new option progresses through the IETF standards process; the
+ new option will be reviewed by the Dynamic Host Configuration
+ Working Group (if that group still exists), or as an Internet
+ Draft not submitted by an IETF working group.
+ 6. If the new option fails to gain acceptance as an Internet
+ Standard, the assigned option number will be returned to IANA for
+ reassignment.
+
+ This procedure for defining new extensions will ensure that:
+
+ * allocation of new option numbers is coordinated from a single
+ authority,
+ * new options are reviewed for technical correctness and
+ appropriateness, and
+ * documentation for new options is complete and published.
+
+11. Acknowledgements
+
+ The author thanks the many (and too numerous to mention!) members of
+ the DHC WG for their tireless and ongoing efforts in the development
+ of DHCP and this document.
+
+ The efforts of J Allard, Mike Carney, Dave Lapp, Fred Lien and John
+ Mendonca in organizing DHCP interoperability testing sessions are
+ gratefully acknowledged.
+
+
+
+
+
+Alexander & Droms Standards Track [Page 31]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ The development of this document was supported in part by grants from
+ the Corporation for National Research Initiatives (CNRI), Bucknell
+ University and Sun Microsystems.
+
+12. References
+
+ [1] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
+ Bucknell University, March 1997.
+
+ [2] Reynolds, J., "BOOTP Vendor Information Extensions", RFC 1497,
+ USC/Information Sciences Institute, August 1993.
+
+ [3] Croft, W., and J. Gilmore, "Bootstrap Protocol", RFC 951,
+ Stanford University and Sun Microsystems, September 1985.
+
+ [4] Braden, R., Editor, "Requirements for Internet Hosts -
+ Communication Layers", STD 3, RFC 1122, USC/Information Sciences
+ Institute, October 1989.
+
+ [5] Mogul, J., and J. Postel, "Internet Standard Subnetting
+ Procedure", STD 5, RFC 950, USC/Information Sciences Institute,
+ August 1985.
+
+ [6] Postel, J., and K. Harrenstien, "Time Protocol", STD 26, RFC
+ 868, USC/Information Sciences Institute, SRI, May 1983.
+
+ [7] Postel, J., "Name Server", IEN 116, USC/Information Sciences
+ Institute, August 1979.
+
+ [8] Mockapetris, P., "Domain Names - Implementation and
+ Specification", STD 13, RFC 1035, USC/Information Sciences
+ Institute, November 1987.
+
+ [9] Postel, J., "Quote of the Day Protocol", STD 23, RFC 865,
+ USC/Information Sciences Institute, May 1983.
+
+ [10] McLaughlin, L., "Line Printer Daemon Protocol", RFC 1179, The
+ Wollongong Group, August 1990.
+
+ [11] Accetta, M., "Resource Location Protocol", RFC 887, CMU,
+ December 1983.
+
+ [12] Mogul, J. and S. Deering, "Path MTU Discovery", RFC 1191,
+ DECWRL, Stanford University, November 1990.
+
+ [13] Deering, S., "ICMP Router Discovery Messages", RFC 1256,
+ Xerox PARC, September 1991.
+
+
+
+
+Alexander & Droms Standards Track [Page 32]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+ [14] Leffler, S. and M. Karels, "Trailer Encapsulations", RFC 893,
+ U. C. Berkeley, April 1984.
+
+ [15] Hornig, C., "Standard for the Transmission of IP Datagrams over
+ Ethernet Networks", RFC 894, Symbolics, April 1984.
+
+ [16] Postel, J. and J. Reynolds, "Standard for the Transmission of
+ IP Datagrams Over IEEE 802 Networks", RFC 1042, USC/Information
+ Sciences Institute, February 1988.
+
+ [17] Sun Microsystems, "System and Network Administration", March
+ 1990.
+
+ [18] Mills, D., "Internet Time Synchronization: The Network Time
+ Protocol", RFC 1305, UDEL, March 1992.
+
+ [19] NetBIOS Working Group, "Protocol Standard for a NetBIOS Service
+ on a TCP/UDP transport: Concepts and Methods", STD 19, RFC 1001,
+ March 1987.
+
+ [20] NetBIOS Working Group, "Protocol Standard for a NetBIOS Service
+ on a TCP/UDP transport: Detailed Specifications", STD 19, RFC
+ 1002, March 1987.
+
+ [21] Scheifler, R., "FYI On the X Window System", FYI 6, RFC 1198,
+ MIT Laboratory for Computer Science, January 1991.
+
+ [22] Reynolds, J., and J. Postel, "Assigned Numbers", STD 2, RFC 1700,
+ USC/Information Sciences Institute, July 1992.
+
+13. Security Considerations
+
+ Security issues are not discussed in this memo.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 33]
+
+RFC 2132 DHCP Options and BOOTP Vendor Extensions March 1997
+
+
+14. Authors' Addresses
+
+ Steve Alexander
+ Silicon Graphics, Inc.
+ 2011 N. Shoreline Boulevard
+ Mailstop 510
+ Mountain View, CA 94043-1389
+
+ Phone: (415) 933-6172
+ EMail: sca@engr.sgi.com
+
+
+ Ralph Droms
+ Bucknell University
+ Lewisburg, PA 17837
+
+ Phone: (717) 524-1145
+ EMail: droms@bucknell.edu
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Alexander & Droms Standards Track [Page 34]
+
diff --git a/rfc/rfc3046.txt b/rfc/rfc3046.txt
new file mode 100644
index 00000000..18d70144
--- /dev/null
+++ b/rfc/rfc3046.txt
@@ -0,0 +1,787 @@
+
+
+
+
+
+
+Network Working Group M. Patrick
+Request for Comments: 3046 Motorola BCS
+Category: Standards Track January 2001
+
+
+ DHCP Relay Agent Information Option
+
+Status of this Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2001). All Rights Reserved.
+
+Abstract
+
+ Newer high-speed public Internet access technologies call for a
+ high-speed modem to have a local area network (LAN) attachment to one
+ or more customer premise hosts. It is advantageous to use the
+ Dynamic Host Configuration Protocol (DHCP) as defined in RFC 2131 to
+ assign customer premise host IP addresses in this environment.
+ However, a number of security and scaling problems arise with such
+ "public" DHCP use. This document describes a new DHCP option to
+ address these issues. This option extends the set of DHCP options as
+ defined in RFC 2132.
+
+ The new option is called the Relay Agent Information option and is
+ inserted by the DHCP relay agent when forwarding client-originated
+ DHCP packets to a DHCP server. Servers recognizing the Relay Agent
+ Information option may use the information to implement IP address or
+ other parameter assignment policies. The DHCP Server echoes the
+ option back verbatim to the relay agent in server-to-client replies,
+ and the relay agent strips the option before forwarding the reply to
+ the client.
+
+ The "Relay Agent Information" option is organized as a single DHCP
+ option that contains one or more "sub-options" that convey
+ information known by the relay agent. The initial sub-options are
+ defined for a relay agent that is co-located in a public circuit
+ access unit. These include a "circuit ID" for the incoming circuit,
+ and a "remote ID" which provides a trusted identifier for the remote
+ high-speed modem.
+
+
+
+
+Patrick Standards Track [Page 1]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+Table of Contents
+
+ 1 Introduction........................................... 2
+ 1.1 High-Speed Circuit Switched Data Networks.............. 2
+ 1.2 DHCP Relay Agent in the Circuit Access Equipment....... 4
+ 2.0 Relay Agent Information Option......................... 5
+ 2.1 Agent Operation........................................ 6
+ 2.1.1 Reforwarded DHCP requests............................ 7
+ 2.2 Server Operation....................................... 7
+ 3.0 Relay Agent Information Suboptions..................... 8
+ 3.1 Agent Circuit ID....................................... 8
+ 3.2 Agent Remote ID........................................ 9
+ 4.0 Issues Resolved........................................ 9
+ 5.0 Security Considerations................................ 10
+ 6.0 IANA Considerations.................................... 11
+ 7.0 Intellectual Property Notice........................... 12
+ 8.0 References............................................. 12
+ 9.0 Glossary............................................... 13
+ 10.0 Author's Address...................................... 13
+ 11.0 Full Copyright Statement ............................. 14
+
+1 Introduction
+
+1.1 High-Speed Circuit Switched Data Networks
+
+ Public Access to the Internet is usually via a circuit switched data
+ network. Today, this is primarily implemented with dial-up modems
+ connecting to a Remote Access Server. But higher speed circuit
+ access networks also include ISDN, ATM, Frame Relay, and Cable Data
+ Networks. All of these networks can be characterized as a "star"
+ topology where multiple users connect to a "circuit access unit" via
+ switched or permanent circuits.
+
+ With dial-up modems, only a single host PC attempts to connect to the
+ central point. The PPP protocol is widely used to assign IP
+ addresses to be used by the single host PC.
+
+ The newer high-speed circuit technologies, however, frequently
+ provide a LAN interface (especially Ethernet) to one or more host
+ PCs. It is desirable to support centralized assignment of the IP
+ addresses of host computers connecting on such circuits via DHCP.
+ The DHCP server can be, but usually is not, co-implemented with the
+ centralized circuit concentration access device. The DHCP server is
+ often connected as a separate server on the "Central LAN" to which
+ the central access device (or devices) attach.
+
+
+
+
+
+
+Patrick Standards Track [Page 2]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+ A common physical model for high-speed Internet circuit access is
+ shown in Figure 1, below.
+
+ +---------------+ |
+ Central | Circuit |-- ckt 1--- Modem1-- Host-|- Host A
+ LAN | | Access | Lan |- Host B
+ | | Unit 1 | |- Host C
+ |-----| |-- |
+ | |(relay agent) |...
++---------+ | +---------------+
+| DHCP |--|
+| Server | |
++---------+ |
+ |
+ | +---------------+
++---------+ | | Circuit |-- ckt 1--- Modem2-- Host--- Host D
+| Other | | | Access | Lan
+| Servers |--|-----| Unit 2 |
+| (Web, | | | |-- ckt 2--- Modem3-- Host--- Host E
+| DNS) | | |(relay agent) |... Lan
+| | +---------------+
++---------+
+
+ Figure 1: DHCP High Speed Circuit Access Model
+
+ Note that in this model, the "modem" connects to a LAN at the user
+ site, rather than to a single host. Multiple hosts are implemented
+ at this site. Although it is certainly possible to implement a full
+ IP router at the user site, this requires a relatively expensive
+ piece of equipment (compared to typical modem costs). Furthermore, a
+ router requires an IP address not only for every host, but for the
+ router itself. Finally, a user-side router requires a dedicated
+ Logical IP Subnet (LIS) for each user. While this model is
+ appropriate for relatively small corporate networking environments,
+ it is not appropriate for large, public accessed networks. In this
+ scenario, it is advantageous to implement an IP networking model that
+ does not allocate an IP address for the modem (or other networking
+ equipment device at the user site), and especially not an entire LIS
+ for the user side LAN.
+
+ Note that using this method to obtain IP addresses means that IP
+ addresses can only be obtained while communication to the central
+ site is available. Some host lan installations may use a local DHCP
+ server or other methods to obtain IP addresses for in-house use.
+
+
+
+
+
+
+
+Patrick Standards Track [Page 3]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+1.2 DHCP Relay Agent in the Circuit Access Unit
+
+ It is desirable to use DHCP to assign the IP addresses for public
+ high-speed circuit access. A number of circuit access units (e.g.,
+ RAS's, cable modem termination systems, ADSL access units, etc)
+ connect to a LAN (or local internet) to which is attached a DHCP
+ server.
+
+ For scaling and security reasons, it is advantageous to implement a
+ "router hop" at the circuit access unit, much like high-capacity
+ RAS's do today. The circuit access equipment acts as both a router
+ to the circuits and as the DHCP relay agent.
+
+ The advantages of co-locating the DHCP relay agent with the circuit
+ access equipment are:
+
+ DHCP broadcast replies can be routed to only the proper circuit,
+ avoiding, say, the replication of the DCHP reply broadcast onto
+ thousands of access circuits;
+
+ The same mechanism used to identify the remote connection of the
+ circuit (e.g., a user ID requested by a Remote Access Server acting
+ as the circuit access equipment) may be used as a host identifier by
+ DHCP, and used for parameter assignment. This includes centralized
+ assignment of IP addresses to hosts. This provides a secure remote
+ ID from a trusted source -- the relay agent.
+
+ A number of issues arise when forwarding DHCP requests from hosts
+ connecting publicly accessed high-speed circuits with LAN connections
+ at the host. Many of these are security issues arising from DHCP
+ client requests from untrusted sources. How does the relay agent
+ know to which circuit to forward replies? How does the system
+ prevent DHCP IP exhaustion attacks? This is when an attacker
+ requests all available IP addresses from a DHCP server by sending
+ requests with fabricated client MAC addresses. How can an IP address
+ or LIS be permanently assigned to a particular user or modem? How
+ does one prevent "spoofing" of client identifier fields used to
+ assign IP addresses? How does one prevent denial of service by
+ "spoofing" other client's MAC addresses?
+
+ All of these issues may be addressed by having the circuit access
+ equipment, which is a trusted component, add information to DHCP
+ client requests that it forwards to the DHCP server.
+
+
+
+
+
+
+
+
+Patrick Standards Track [Page 4]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+2.0 Relay Agent Information Option
+
+ This document defines a new DHCP Option called the Relay Agent
+ Information Option. It is a "container" option for specific agent-
+ supplied sub-options. The format of the Relay Agent Information
+ option is:
+
+ Code Len Agent Information Field
+ +------+------+------+------+------+------+--...-+------+
+ | 82 | N | i1 | i2 | i3 | i4 | | iN |
+ +------+------+------+------+------+------+--...-+------+
+
+ The length N gives the total number of octets in the Agent
+ Information Field. The Agent Information field consists of a
+ sequence of SubOpt/Length/Value tuples for each sub-option, encoded
+ in the following manner:
+
+ SubOpt Len Sub-option Value
+ +------+------+------+------+------+------+--...-+------+
+ | 1 | N | s1 | s2 | s3 | s4 | | sN |
+ +------+------+------+------+------+------+--...-+------+
+ SubOpt Len Sub-option Value
+ +------+------+------+------+------+------+--...-+------+
+ | 2 | N | i1 | i2 | i3 | i4 | | iN |
+ +------+------+------+------+------+------+--...-+------+
+
+ No "pad" sub-option is defined, and the Information field shall NOT
+ be terminated with a 255 sub-option. The length N of the DHCP Agent
+ Information Option shall include all bytes of the sub-option
+ code/length/value tuples. Since at least one sub-option must be
+ defined, the minimum Relay Agent Information length is two (2). The
+ length N of the sub-options shall be the number of octets in only
+ that sub-option's value field. A sub-option length may be zero. The
+ sub-options need not appear in sub-option code order.
+
+ The initial assignment of DHCP Relay Agent Sub-options is as follows:
+
+ DHCP Agent Sub-Option Description
+ Sub-option Code
+ --------------- ----------------------
+ 1 Agent Circuit ID Sub-option
+ 2 Agent Remote ID Sub-option
+
+
+
+
+
+
+
+
+
+Patrick Standards Track [Page 5]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+2.1 Agent Operation
+
+ Overall adding of the DHCP relay agent option SHOULD be configurable,
+ and SHOULD be disabled by default. Relay agents SHOULD have separate
+ configurables for each sub-option to control whether it is added to
+ client-to-server packets.
+
+ A DHCP relay agent adding a Relay Agent Information field SHALL add
+ it as the last option (but before 'End Option' 255, if present) in
+ the DHCP options field of any recognized BOOTP or DHCP packet
+ forwarded from a client to a server.
+
+ Relay agents receiving a DHCP packet from an untrusted circuit with
+ giaddr set to zero (indicating that they are the first-hop router)
+ but with a Relay Agent Information option already present in the
+ packet SHALL discard the packet and increment an error count. A
+ trusted circuit may contain a trusted downstream (closer to client)
+ network element (bridge) between the relay agent and the client that
+ MAY add a relay agent option but not set the giaddr field. In this
+ case, the relay agent does NOT add a "second" relay agent option, but
+ forwards the DHCP packet per normal DHCP relay agent operations,
+ setting the giaddr field as it deems appropriate.
+
+ The mechanisms for distinguishing between "trusted" and "untrusted"
+ circuits are specific to the type of circuit termination equipment,
+ and may involve local administration. For example, a Cable Modem
+ Termination System may consider upstream packets from most cable
+ modems as "untrusted", but an ATM switch terminating VCs switched
+ through a DSLAM may consider such VCs as "trusted" and accept a relay
+ agent option added by the DSLAM.
+
+ Relay agents MAY have a configurable for the maximum size of the DHCP
+ packet to be created after appending the Agent Information option.
+ Packets which, after appending the Relay Agent Information option,
+ would exceed this configured maximum size shall be forwarded WITHOUT
+ adding the Agent Information option. An error counter SHOULD be
+ incremented in this case. In the absence of this configurable, the
+ agent SHALL NOT increase a forwarded DHCP packet size to exceed the
+ MTU of the interface on which it is forwarded.
+
+ The Relay Agent Information option echoed by a server MUST be removed
+ by either the relay agent or the trusted downstream network element
+ which added it when forwarding a server-to-client response back to
+ the client.
+
+
+
+
+
+
+
+Patrick Standards Track [Page 6]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+ The agent SHALL NOT add an "Option Overload" option to the packet or
+ use the "file" or "sname" fields for adding Relay Agent Information
+ option. It SHALL NOT parse or remove Relay Agent Information options
+ that may appear in the sname or file fields of a server-to-client
+ packet forwarded through the agent.
+
+ The operation of relay agents for specific sub-options is specified
+ with that sub-option.
+
+ Relay agents are NOT required to monitor or modify client-originated
+ DHCP packets addressed to a server unicast address. This includes
+ the DHCP-REQUEST sent when entering the RENEWING state.
+
+ Relay agents MUST NOT modify DHCP packets that use the IPSEC
+ Authentication Header or IPSEC Encapsulating Security Payload [6].
+
+2.1.1 Reforwarded DHCP requests
+
+ A DHCP relay agent may receive a client DHCP packet forwarded from a
+ BOOTP/DHCP relay agent closer to the client. Such a packet will have
+ giaddr as non-zero, and may or may not already have a DHCP Relay
+ Agent option in it.
+
+ Relay agents configured to add a Relay Agent option which receive a
+ client DHCP packet with a nonzero giaddr SHALL discard the packet if
+ the giaddr spoofs a giaddr address implemented by the local agent
+ itself.
+
+ Otherwise, the relay agent SHALL forward any received DHCP packet
+ with a valid non-zero giaddr WITHOUT adding any relay agent options.
+ Per RFC 2131, it shall also NOT modify the giaddr value.
+
+2.2 Server Operation
+
+ DHCP servers unaware of the Relay Agent Information option will
+ ignore the option upon receive and will not echo it back on
+ responses. This is the specified server behavior for unknown
+ options.
+
+ DHCP servers claiming to support the Relay Agent Information option
+ SHALL echo the entire contents of the Relay Agent Information option
+ in all replies. Servers SHOULD copy the Relay Agent Information
+ option as the last DHCP option in the response. Servers SHALL NOT
+ place the echoed Relay Agent Information option in the overloaded
+ sname or file fields. If a server is unable to copy a full Relay
+ Agent Information field into a response, it SHALL send the response
+ without the Relay Information Field, and SHOULD increment an error
+ counter for the situation.
+
+
+
+Patrick Standards Track [Page 7]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+ The operation of DHCP servers for specific sub-options is specified
+ with that sub-option.
+
+ Note that DHCP relay agents are not required to monitor unicast DHCP
+ messages sent directly between the client and server (i.e., those
+ that aren't sent via a relay agent). However, some relay agents MAY
+ chose to do such monitoring and add relay agent options.
+ Consequently, servers SHOULD be prepared to handle relay agent
+ options in unicast messages, but MUST NOT expect them to always be
+ there.
+
+3.0 Relay Agent Information Sub-options
+
+3.1 Agent Circuit ID Sub-option
+
+ This sub-option MAY be added by DHCP relay agents which terminate
+ switched or permanent circuits. It encodes an agent-local identifier
+ of the circuit from which a DHCP client-to-server packet was
+ received. It is intended for use by agents in relaying DHCP
+ responses back to the proper circuit. Possible uses of this field
+ include:
+
+ - Router interface number
+ - Switching Hub port number
+ - Remote Access Server port number
+ - Frame Relay DLCI
+ - ATM virtual circuit number
+ - Cable Data virtual circuit number
+
+ Servers MAY use the Circuit ID for IP and other parameter assignment
+ policies. The Circuit ID SHOULD be considered an opaque value, with
+ policies based on exact string match only; that is, the Circuit ID
+ SHOULD NOT be internally parsed by the server.
+
+ The DHCP server SHOULD report the Agent Circuit ID value of current
+ leases in statistical reports (including its MIB) and in logs. Since
+ the Circuit ID is local only to a particular relay agent, a circuit
+ ID should be qualified with the giaddr value that identifies the
+ relay agent.
+
+ SubOpt Len Circuit ID
+ +------+------+------+------+------+------+------+------+--
+ | 1 | n | c1 | c2 | c3 | c4 | c5 | c6 | ...
+ +------+------+------+------+------+------+------+------+--
+
+
+
+
+
+
+
+Patrick Standards Track [Page 8]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+3.2 Agent Remote ID Sub-option
+
+ This sub-option MAY be added by DHCP relay agents which terminate
+ switched or permanent circuits and have mechanisms to identify the
+ remote host end of the circuit. The Remote ID field may be used to
+ encode, for instance:
+
+ -- a "caller ID" telephone number for dial-up connection
+ -- a "user name" prompted for by a Remote Access Server
+ -- a remote caller ATM address
+ -- a "modem ID" of a cable data modem
+ -- the remote IP address of a point-to-point link
+ -- a remote X.25 address for X.25 connections
+
+ The remote ID MUST be globally unique.
+
+ DHCP servers MAY use this option to select parameters specific to
+ particular users, hosts, or subscriber modems. The option SHOULD be
+ considered an opaque value, with policies based on exact string match
+ only; that is, the option SHOULD NOT be internally parsed by the
+ server.
+
+ The relay agent MAY use this field in addition to or instead of the
+ Agent Circuit ID field to select the circuit on which to forward the
+ DHCP reply (e.g., Offer, Ack, or Nak). DHCP servers SHOULD report
+ this value in any reports or MIBs associated with a particular
+ client.
+
+ SubOpt Len Agent Remote ID
+ +------+------+------+------+------+------+------+------+--
+ | 2 | n | r1 | r2 | r3 | r4 | r5 | r6 | ...
+ +------+------+------+------+------+------+------+------+--
+
+4.0 Issues Resolved
+
+ The DHCP relay agent option resolves several issues in an environment
+ in which untrusted hosts access the internet via a circuit based
+ public network. This resolution assumes that all DHCP protocol
+ traffic by the public hosts traverse the DHCP relay agent and that
+ the IP network between the DHCP relay agent and the DHCP server is
+ uncompromised.
+
+ Broadcast Forwarding
+
+ The circuit access equipment forwards the normally broadcasted
+ DHCP response only on the circuit indicated in the Agent Circuit
+ ID.
+
+
+
+
+Patrick Standards Track [Page 9]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+ DHCP Address Exhaustion
+
+ In general, the DHCP server may be extended to maintain a database
+ with the "triplet" of
+
+ (client IP address, client MAC address, client remote ID)
+
+ The DHCP server SHOULD implement policies that restrict the number
+ of IP addresses to be assigned to a single remote ID.
+
+ Static Assignment
+
+ The DHCP server may use the remote ID to select the IP address to
+ be assigned. It may permit static assignment of IP addresses to
+ particular remote IDs, and disallow an address request from an
+ unauthorized remote ID.
+
+ IP Spoofing
+
+ The circuit access device may associate the IP address assigned by
+ a DHCP server in a forwarded DHCP Ack packet with the circuit to
+ which it was forwarded. The circuit access device MAY prevent
+ forwarding of IP packets with source IP addresses -other than-
+ those it has associated with the receiving circuit. This prevents
+ simple IP spoofing attacks on the Central LAN, and IP spoofing of
+ other hosts.
+
+ Client Identifier Spoofing
+
+ By using the agent-supplied Agent Remote ID option, the untrusted
+ and as-yet unstandardized client identifier field need not be used
+ by the DHCP server.
+
+ MAC Address Spoofing
+
+ By associating a MAC address with an Agent Remote ID, the DHCP
+ server can prevent offering an IP address to an attacker spoofing
+ the same MAC address on a different remote ID.
+
+5.0 Security Considerations
+
+ DHCP as currently defined provides no authentication or security
+ mechanisms. Potential exposures to attack are discussed in section 7
+ of the DHCP protocol specification in RFC 2131 [1].
+
+ This document introduces mechanisms to address several security
+ attacks on the operation of IP address assignment, including IP
+ spoofing, Client ID spoofing, MAC address spoofing, and DHCP server
+
+
+
+Patrick Standards Track [Page 10]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+ address exhaustion. It relies on an implied trusted relationship
+ between the DHCP Relay Agent and the DHCP server, with an assumed
+ untrusted DHCP client. It introduces a new identifer, the "Remote
+ ID", that is also assumed to be trusted. The Remote ID is provided
+ by the access network or modem and not by client premise equipment.
+ Cryptographic or other techniques to authenticate the remote ID are
+ certainly possible and encouraged, but are beyond the scope of this
+ document.
+
+ This option is targeted towards environments in which the network
+ infrastructure -- the relay agent, the DHCP server, and the entire
+ network in which those two devices reside -- is trusted and secure.
+ As used in this document, the word "trusted" implies that
+ unauthorized DHCP traffic cannot enter the trusted network except
+ through secured and trusted relay agents and that all devices
+ internal to the network are secure and trusted. Potential deployers
+ of this option should give careful consideration to the potential
+ security vulnerabilities that are present in this model before
+ deploying this option in actual networks.
+
+ Note that any future mechanisms for authenticating DHCP client to
+ server communications must take care to omit the DHCP Relay Agent
+ option from server authentication calculations. This was the
+ principal reason for organizing the DHCP Relay Agent Option as a
+ single option with sub-options, and for requiring the relay agent to
+ remove the option before forwarding to the client.
+
+ While it is beyond the scope of this document to specify the general
+ forwarding algorithm of public data circuit access units, note that
+ automatic reforwarding of IP or ARP broadcast packets back downstream
+ exposes serious IP security risks. For example, if an upstream
+ broadcast DHCP-DISCOVER or DHCP-REQUEST were re-broadcast back
+ downstream, any public host may easily spoof the desired DHCP server.
+
+6.0 IANA Considerations
+
+ IANA is required to maintain a new number space of "DHCP Relay Agent
+ Sub-options", located in the BOOTP-DHCP Parameters Registry. The
+ initial sub-options are described in section 2.0 of this document.
+
+ IANA assigns future DHCP Relay Agent Sub-options with a "IETF
+ Consensus" policy as described in RFC 2434 [3]. Future proposed
+ sub-options are to be referenced symbolically in the Internet-Drafts
+ that describe them, and shall be assigned numeric codes by IANA when
+ approved for publication as an RFC.
+
+
+
+
+
+
+Patrick Standards Track [Page 11]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+7.0 Intellectual Property Notices
+
+ This section contains two notices as required by [5] for standards
+ track documents.
+
+ The IETF takes no position regarding the validity or scope of any
+ intellectual property or other rights that might be claimed to
+ pertain to the implementation or use of the technology described in
+ this document or the extent to which any license under such rights
+ might or might not be available; neither does it represent that it
+ has made any effort to identify any such rights. Information on the
+ IETF's procedures with respect to rights in standards-track and
+ standards-related documentation can be found in BCP-11. Copies of
+ claims of rights made available for publication and any assurances of
+ licenses to be made available, or the result of an attempt made to
+ obtain a general license or permission for the use of such
+ proprietary rights by implementors or users of this specification can
+ be obtained from the IETF Secretariat.
+
+ The IETF has been notified of intellectual property rights claimed in
+ regard to some or all of the specification contained in this
+ document. For more information consult the online list of claimed
+ rights.
+
+8.0 References
+
+ [1] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
+ March 1997.
+
+ [2] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor
+ Extension", RFC 2132, March 1997.
+
+ [3] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
+ Considerations Section in RFCs", BCP 26, RFC 2434, October 1998.
+
+ [4] Bradner, S., "Key words for use in RFCs to Indicate Requirement
+ Levels", BCP 14, RFC 2119, March 1997.
+
+ [5] Bradner, S., "The Internet Standards Process -- Revision 3", BCP
+ 9, RFC 2026, October 1996.
+
+ [6] Kent, S. and R. Atkinson, "Security Architecture for the
+ Internet Protocol", RFC 2401, November 1998.
+
+
+
+
+
+
+
+
+Patrick Standards Track [Page 12]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+9.0 Glossary
+
+ DSLAM Digital Subscriber Link Access Multiplexer
+ IANA Internet Assigned Numbers Authority
+ LIS Logical IP Subnet
+ MAC Message Authentication Code
+ RAS Remote Access Server
+
+10.0 Author's Address
+
+ Michael Patrick
+ Motorola Broadband Communications Sector
+ 20 Cabot Blvd., MS M4-30
+ Mansfield, MA 02048
+
+ Phone: (508) 261-5707
+ EMail: michael.patrick@motorola.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Patrick Standards Track [Page 13]
+
+RFC 3046 DHCP Relay Agent Information Option January 2001
+
+
+11.0 Full Copyright Statement
+
+ Copyright (C) The Internet Society (2001). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Patrick Standards Track [Page 14]
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 19:21:56 +0000