On Fri, Feb 27, 2009 at 01:15:22PM -0600, Greg.Rabil at ins.com wrote: > If the client-id is required, then the risk would be the same as with stateful DHCPv6 and the FQDN option, right? No, in that case the server is selecting both the addresses and the hostname, and assigning them. You're proposing that the client supply the addresses, which is not very different from simply updating DNS directly, unless you provide the server with some way of validating that the DUID, FQDN, and addresses are consistent. This is usually done through configuration, or dynamic configuration, where the DUID and FQDN is consistent, to provide assigned address(es) which the elements of the network can then enforce. Thinking further... You also need to work in the mechanism where the client and server negotiate through several trials to a domain name, which means you have to solicit offers, and make a request from the server you've selected, in order to arrive at a single domain name (rather than having 10 servers update 10 names at the same time). And you have to work out the lease time you're now going to be applying to these domain names. They have to be removed from DNS at some point, and clients can probably not be trusted to reliably solicit for their removal. -- David W. Hankins "If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins
Attachment:
pgpe1IxkDlQB4.pgp
Description: PGP signature