dhcp-client passing ISP dsn info to dhcpd

David W. Hankins David_Hankins at isc.org
Thu Apr 27 21:23:58 UTC 2006 

On Thu, Apr 27, 2006 at 07:48:10PM +0100, Simon Hobson wrote:
> fbsd wrote:
> >I use Adelphia cable as my ISP.
> >They are the only provider in my local area who
> >provides 1mb bandwidth as part of standard home rate.
> >
> >So I have to learn to deal with then changing the
> >ip address of their dns boxes every 3 months or so.
> 
> One has to wonder just what these sort of people are thinking ? 
> Probably the same people that come on here from time to time asking 
> how to force customers IPs to change on every renewal !
> 
> The simplest is to simply forget about using their nameservers and 
> run your own - I'm fairly sure a stock install of Bind will have a 
> working config for you. Unless they've filtered port 53 traffic, then 
> you do not have to use their dns servers at all.

That's a single point of failure then.  In software.  Even with a script
to watch it, yo-yo mode is something that can never be 100% guaranteed
to never transpire.  It's something to have to watch and deal with.

It's also a bit of an administrative burden - although BIND9 has never
had what I think of as a security advisory laid against it, there have
been security advisories against the modules BIND9 uses (so it's
vulnerable by association).

It's simpler to just use the ISP's.  There's an advantage to using
their cache, and no real advantage to having your own local cache
unless your bandwidth is very high latency or oft saturated.

Or unless their service is just very poorly run.


There are also a number of reasons why you might not want to encourage
people who aren't going to think carefully about their recursive server
configuration to configure recursive servers.  BCP 38 isn't very widely
deployed yet, for starters.


I've commented on this in the past, in regards to dhcp futures.  I seem
to recall only mentioning this on the dhcp-client@ mailing list.

But "dBus" is something we want to start supporting in dhclient to
make copious use of something called NetworkManager:

	http://www.gnome.org/projects/NetworkManager/

So long as we do that...why not let dhcpd speak dBus?  Common libraries
within a single software package make that kind of thing relatively cheap
and easy.  dBus could become a replacement to OMAPI if we don't select
something else (there's an IETF WG on similar ground), or at least could
be a means to do things OMAPI never developed a facility to.

Also, a strange thing can happen: they can talk to each other.

So instead of configuring:

	option name-servers foo, bar, baz;

You configure:

	option name-servers = dbus-fetch("/org/isc/dhclient/eth0",
					 "option name-servers");

Or even:

	option name-servers = concat(0a:00:00:01,
				     dbus-fetch("/org/isc/dhclient/eth0",
						"option name-servers"));

Or similar (maybe a pick-first-value() in case dbus-fetch() fails).

Now your NAT'd inside network can be configured in whole or in part by
the parameters provided to your dhcp client by your service provider.

-- 
David W. Hankins		"If you don't do it right the first time,
Software Engineer			you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins

More information about the dhcp-users mailing list