[c-nsp] DHCP Binding Expiration

Justin Shore justin at justinshore.com
Mon Feb 9 14:30:16 EST 2009


Church, Charles wrote:
> Interesting.  Might be fun (in a dorky networking kind of way) to look
> at a packet capture of it.  Maybe the client doesn't like the lease
> time, or it's tied into DDNS somehow.  I looked a bit, and found in the
> RFC (http://www.faqs.org/rfcs/rfc2131.html) a blurb about lease times:
> 
> "The client may ask for a
>    permanent assignment by asking for an infinite lease.  Even when
>    assigning "permanent" addresses, a server may choose to give out
>    lengthy but non-infinite leases to allow detection of the fact that
>    the client has been retired. "
> 
> I've seen those infinite leases before, never cared enough to look into
> it.  Might be interesting to find out why though...

One thing on my to do list is to figure out how to always reject lease 
extension requests to force the CPE to pull a new IP every time a lease 
expires.  This would prevent many of the less technical users from 
trying to run a publicly-accessible server.  Set the lease time to 2 
hours, client tries to extend the lease at 50% of the lease (1hr) and 
the server NAKs.  The only question is will the client continue to 
request the IP until the lease expires before falling back and do a 
DISCOVER at the 2hr mark (interrupting the flow of traffic) or will it 
do a bcast DISCOVER in response to the NAK and immediately switch to the 
new IP once it gets an OFFER 1hr before the original lease expires, thus 
interrupting traffic again.

I've seen systems do something similar before (or at least I thought 
they were).  When I first got Cox CATV I could only keep my IP for about 
a day before it changed.  One way to mitigate the flow of traffic 
problem would be to grant short lease extensions automatically until the 
wee hours of the morning and then force the change.  Something to think 
about.

It's on my list right behind setting up an OSS walled garden and 
convincing the boss to replace our 7 different DHCP & provisioning 
systems with CNR.  Oh, and finishing my IPv6 deployment.

Thanks for the info
  Justin


More information about the cisco-nsp mailing list