Re: DHCP off topic

[Petr Prcek Janda <prcek zavinac netbox bod cz>]

On Tue, Apr 01, 2008 at 11:12:21AM +0200, Tomas Pelka wrote:
> Petr Prcek Janda napsal(a):
> > On Sun, Mar 30, 2008 at 11:43:13PM +0200, Tomas Pelka wrote:
> >   
> >> Dobry vecer,
> >> resim takovy drobny problem, trochu off topic priznavam. S kolegou jsem 
> >> se preli o nasledujicim problemu.
> >> Princip cinnosti DHCP je jiste kazdemu znam. Nejprve klientska stanice 
> >> posila DHCP_DISCOVER a server odpovida zpravou DHCP_OFFER. Soucasti 
> >> DHCP_OFFER je i tzv. transaction_ID (podle toho server pozna ktera 
> >> relace kam patri, alespon tak si to vysvetluji). Otazkou je na jakou MAC 
> >> adresu je DHCP_OFFER odesilan? V RFC 2131 je napsano ze existuji dva 
> >> pristupy:
> >>   1)posila na FF:FF:FF... (striktni varianta)
> >>   2)na MAC klienta, ktery o IP zadal (liberalnejsi varianta).
> >> Opravte me pokud jsem neco uvedl nepresne.
> >>
> >> Vi nekdo jestli existuji zaznamy a kde je najit o tom ktery OS jakou 
> >> varinatu pouziva?
> >>
> >>     
> >
> > Tak jste me zviklal kouknout do toho rfc, jestli jsem blbej ja, nebo
> > spatne ctete
> >
> > xid (4) Transaction ID, a random number chosen by the
> >         client, used by the client and server to
> >         associate messages and responses
> >     between a client and a server.
> >
> > A k vasemu dotazu - imho to vubec nezalezi na libovuli OS 
> > (nevim, co ten do toho na co kecat), nebo DHCP serveru, ale je dost 
> > striktne definovano, kdy se to na jakou adresu posila.
> >
> >    If the 'giaddr' field in a DHCP message from a client is non-zero,
> >    the server sends any return messages to the 'DHCP server' port on the
> >    BOOTP relay agent whose address appears in 'giaddr'. If the 'giaddr'
> >    field is zero and the 'ciaddr' field is nonzero, then the server
> >    unicasts DHCPOFFER and DHCPACK messages to the address in 'ciaddr'.
> >    If 'giaddr' is zero and 'ciaddr' is zero, and the broadcast bit is
> >    set, then the server broadcasts DHCPOFFER and DHCPACK messages to
> >    0xffffffff. If the broadcast bit is not set and 'giaddr' is zero and
> >    'ciaddr' is zero, then the server unicasts DHCPOFFER and DHCPACK
> >    messages to the client's hardware address and 'yiaddr' address.  In
> >    all cases, when 'giaddr' is zero, the server broadcasts any DHCPNAK
> >    messages to 0xffffffff.
> >
> >
> >     S pozdravem 
> >
> >                             Petr Janda
> > --
> > email: /bin/sh -c 'A=netbox; B=janda; printf "%s zavinac %s bod cz\n" ${B} 
> > ${A}'
> >
> > ________________________________________________
> > CZdebian-l maillist  -  CZdebian-l zavinac debian bod cz
> > http://www.debian.cz/mailman/listinfo/czdebian-l
> > E-mail (un)subscriptions: czdebian-l-request zavinac debian bod cz
> >   
> Jeste z RFC:
> 
> /Normally, DHCP servers and BOOTP relay agents attempt to deliver 
> DHCPOFFER, DHCPACK and DHCPNAK messages directly to the client using 
> uicast delivery. The IP destination address (in the IP header) is set to 
> the DHCP 'yiaddr' address and the link-layer destination address is set 
> to the DHCP 'chaddr' address. Unfortunately, some client implementations 
> are unable to receive such unicast IP datagrams until the implementation 
> has been configured with a valid IP address (leading to a deadlock in 
> which the client's IP address cannot be delivered until the client has 
> been configured with an IP address).//
> 
> A client that cannot receive unicast IP datagrams until its protocol 
> software has been configured with an IP address SHOULD set the BROADCAST 
> bit in the 'flags' field to 1 in any DHCPDISCOVER or DHCPREQUEST 
> messages that client sends. The BROADCAST bit will provide a hint to the 
> DHCP server and BOOTP relay agent to broadcast any messages to the 
> client on the client's subnet. A client that can receive unicast IP 
> datagrams before its protocol software has been configured SHOULD clear 
> the BROADCAST bit to 0. The BOOTP clarifications document discusses the 
> ramifications of the use of the BROADCAST bit [21].//
> 
> A server or relay agent sending or relaying a DHCP message directly to a 
> DHCP client (i.e., not to a relay agent specified in the 'giaddr' field) 
> SHOULD examine the BROADCAST bit in the 'flags' field. If this bit is 
> set to 1, the DHCP message SHOULD be sent as an IP broadcast using an IP 
> broadcast address (preferably 0xffffffff) as the IP destination address 
> and the link-layer broadcast address as the link-layer destination 
> address. If the BROADCAST bit is cleared to 0, the message SHOULD be 
> sent as an IP unicast to the IP address specified in the 'yiaddr' field 
> and the link-layer address specified in the 'chaddr' field. If 
> unicasting is not possible, the message MAY be sent as an IP broadcast 
> using an IP broadcast address (preferably 0xffffffff) as the IP 
> destination address and the link- layer broadcast address as the 
> link-layer destination address.
> 
> /Takze to asi bude zaviset na linkove vrstve a ta je dle meho nazoru 
> implementovana v OS, ne? Ale treba se pletu.
> 
> Koukam ze jsem spatne polozil otazku, asi me melo jednat o IP a ne MAC.
> 
Hlavne se jedna o otazku na OS dhcp klienta, ne o OS na DHCP serveru,
jak jsem to puvodne pochopil.
Jako nejjednodussi zpusob, jak to zjistit me napada tcpdump (wireshark),
ale o nejakem seznamu kde se jaky pristup vyuziva nevim.

        
        S pozdravem 

                                Petr Janda
--
email: /bin/sh -c 'A=netbox; B=janda; printf "%s zavinac %s bod cz\n" ${B} ${A}'