Quarantine addresses for a configurable time

Flavio Poletti flavio at polettix.it
Thu Feb 17 11:20:07 UTC 2011 

On Thu, Feb 17, 2011 at 11:33 AM, Simon Hobson <dhcp1 at thehobsons.co.uk> wrote:
> Flavio Poletti wrote:
>
>>   simple use case: Alice gets address A and after some time releases
>> it. I would like to be able to set a "quarantine-period" during which
>> the released address A can only be re-assigned to Alice and to no one
>> else. After this period, the address is fully released and can be
>> reused for someone else if needed.
>>
>> Conceptually, it's as if Alice renewed the lease for
>> "quarantine-period" seconds instead of releasing it, and it is then
>> released after "quarantine-period" seconds unless Alice asks for an
>> address again.
>>
>> Is it possible by simple configuration of ISC's dhcpd? I tried to look
>> in the documentation but did not find anything applicable, apart from
>> the address hunting algorithm that only gives me some "best effort"
>> but no guarantee that address A can be blocked for some time.
>
> As you've observed, this is the standard allocation technique apart from
> there being no minimum before an address is re-allocated if needed. There is
> no built in method for enforcing a minimum time before an address is
> re-used. It would be  sub-optimal for most people, either :
> 1) There are enough available addresses (relative to the client churn rate),
> in which cases Alice's address won't get re-used for some time
> or
> 2) There aren't enough addresses, and so Alice's address will be needed and
> to reserve it would "break the network" for some other client.
>
>
> There is one method I could see having potential. Newer versions support
> reserved leases - these are never re-assigned to another client no matter
> how long they've been expired. It would need some external scripting, but it
> might be possible to set the reserved flag on Alice's lease while it is
> active (or on all new leases, depending what you are trying to do).
> Periodically, your script checks the status of leases, and for those that
> have been expired for more than your quarantine period, it unsets the
> reserved flag and makes them available for re-allocation.
>
>
> But I do find myself asking ... Why ?

For reasons that are out of our control, the association between the
user and the IP address is cached for some time T in some platforms.
Hence, we need to quarantine Alice's IP Address for at least T, in
order to avoid identity mismatches, even if this might mean that other
users are prevented from accessing the network for a limited time.

Another scenario could be that for lawful reasons it should be
guaranteed that there are periods of "separation" in the usage of an
IP address by different users, which means that released addresses
should be quarantined.

Thank you for your kind feedback, the proposed solution is interesting
but I wonder whether it is not better for us to hack the code and add
support for quarantine periods.

Cheers,

    Flavio.

More information about the dhcp-users mailing list