Yes, I can.
The ISC's DHCP server (www.isc.org) does this (I'm not sure whether it
uses MD5 to encode the client identity or not). Ted might know for sure.
As does Cisco's Network Registrar (though it presently doesn't encode
the data using MD5).
And, I'm pretty sure several other DHCP vendors do this -- though
whether they're using MD5 or not I can't be sure.
These servers are in production all over and have been doing this for
From: Harald Tveit Alvestrand [mailto:harald(_at_)alvestrand(_dot_)no]
Sent: Monday, November 28, 2005 5:14 PM
To: Bernie Volz (volz); Steven M. Bellovin; Ted Lemon
Cc: dhcwg(_at_)ietf(_dot_)org; Pekka Savola; ietf(_at_)ietf(_dot_)org;
Subject: RE: [dhcwg] Re: DHCID and the use of MD5 [Re: Last
Call: 'Resolution ofFQDN Conflicts among DHCP Clients' to
--On mandag, november 28, 2005 17:00:39 -0500 "Bernie Volz (volz)"
I confess that I don't see the problem. The updater would do a DNS
query for DHCID RRs; it would be given all of the stored
That's not how the current update algorithm works. Sure, we could do
almost anything but we'll be debating this for the next 100
has already gone on for almost 10 years!!!
Can we get serious about this and really ask what are we trying to
And where were you folks when IPv6 was designed to use the
as the interface identifier. Come on.
We're trying to make it NON-TRIVIAL, not impossible.
This technique has been in use for years by implementations
records because we've been unable to get the DHCID RR approved.
this puzzle seems to have several distinct pieces:
- the DHCP options to talk about DNS names. Nobody seems to
have any large
problem with that.
- the mechanism for detecting conflicts. Nobody seems to have
problem with that.
- the exact mechanism by which one stores a value identifying
the client in
the DNS without giving out useful information about the
where all the shouting is.
Can you verify for me that all three parts are being done today in
production, in just the way (apart from RR type) specified in
Ietf mailing list