DHC Working Group                                                    
   Internet Draft                                             J. Aiello 
   draft-aiello-dhc-appliance-class-00.txt             Sylantro Systems 
   Expires: July 2001                                      January 2001 
 
 
                Appliance Class Identifier Option for DHCP 
 
    
   Status of this Memo 
 
   This document is an Internet-Draft and is in full conformance with 
   all provisions of Section 10 of RFC2026. 
    
    
   Internet-Drafts are working documents of the Internet Engineering 
   Task Force (IETF), its areas, and its working groups.  Note that      
   other groups may also distribute working documents as Internet-
   Drafts. 
    
   Internet-Drafts are draft documents valid for a maximum of six 
   months and may be updated, replaced, or rendered obsolete by other 
   documents at any time.  It is inappropriate to use Internet-Drafts 
   as reference material or to cite them other than as "work in 
   progress." 
    
   The list of current Internet-Drafts can be accessed at 
        http://www.ietf.org/ietf/1id-abstracts.txt 
   The list of Internet-Draft Shadow Directories can be accessed at 
        http://www.ietf.org/shadow.html. 
    
    
     
    
 
Table of Contents 
    
   1. Abstract........................................................2 
   2. Conventions used in this document...............................2 
   3. DHCP Terminology................................................2 
   4. Overview........................................................2 
   5. The Appliance Class Identifier Option...........................3 
   7. Security Considerations.........................................3 
   9. Acknowledgements................................................4 
   10. Author's Addresses.............................................4 








       Aiello       Informational - Expires July 2001             1 
    
                  Appliance Class Identifier Option      January 2001 
                                    
1. Abstract 
    
   The Appliance Class Identifier option is used by a Dynamic Host 
   Configuration Protocol (DHCP) client to identify the type of 
   appliance it belongs to.  The information contained in this option is 
   an opaque field that represents the appliance class of which 
   identifies the type of client.  Based on this class, a DHCP server 
   selects the appropriate address pool to assign an address to the 
   client and the appropriate configuration parameters.  This option 
   should be selected by the appliance manufacturer and included in the 
   DHCP Discover/Request messages. 
 
2. Conventions used in this document 
    
   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
   "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in 
   this document are to be interpreted as described in RFC-2119 [1]. 
    
3. DHCP Terminology  
        
   - "DHCP client"  
      
   A DHCP client or "client" is an Internet host using DHCP to obtain 
   configuration parameters such as a network address.      
    
   - "DHCP server" 
    
   A DHCP server is an Internet host that returns configuration 
   parameters to DHCP clients. 
    
   - "Appliance" 
    
   An appliance is a DHCP client that not what is a special function 
   device such as an IP phone. 
    
   - "Appliance manufacturer" 
    
   The entity who manufacturers the appliance or has it manufactured in 
   their name. 
    
    
4. Overview 
    
   New and emerging IP based appliances (devices) may need to be 
   identified by DHCP servers differently than other DHCP clients.  
   These new appliances may require IP addresses and DHCP supplied 
   options different than other DHCP clients.  Network devices such as 
   routers and firewalls will require special handling of some 
   appliances.  For example, an IP phone (appliance) may require an IP 
   address that will not be translated by the router and may require 
   unique options such as a Call Agent server IP address or a DNS 
     
       Aiello       Informational - Expires July 2001             2 
    
                  Appliance Class Identifier Option      January 2001 
                                    
   server IP address used exclusively for Voice over IP networks.  
   These appliances may need to have separate IP address pools 
   allocated just for the various appliances.  The client identifies 
   itself as a specific appliance class, by this new option, to the 
   DHCP Server.  The DHCP shall issue an IP address allocated for that 
   appliance type from the DHCP server.  This ensures no computer, 
   printer, etc. receives an IP address allocated for a specific  
   appliance type.  The DHCP server should support multiple Appliance 
   Classes. 
 
    
5. The Appliance Class Identifier Option 
    
   The code for this option is TBD. 
    
   The Appliance Class Identifier is used by the DHCP Client to 
   optionally identify the appliance class it represents.  A DHCP 
   server uses the Appliance Class Identifier to choose the IP address 
   pool it allocates an IP address from and to select any other 
   appliance specific configuration option(s). 
    
   This option carries only one Appliance Class Identifier. 
    
   The DHCP server MUST return the Appliance Class Identifier in the 
   DHCP offer-s. 
    
   The DHCP client must reject the DHCP offer if it does not contain 
   the Appliance Class Identifier. 
    
   The format of this option is as follows: 
    
            Code   Len   Value 
           +-----+-----+-------------------------------------+ 
           | TBD |  N  | Appliance Class Data                | 
           +-----+-----+-------------------------------------+ 
    
   A server not equipped to interpret the appliance class should ignore 
   it.  The server should report the unmatched class event. 
 
 
6. IANA Considerations 
 
   Option TBD has been assigned by IANA for this option. 
 
 
7. Security Considerations 
 
   DHCP currently provides no authentication or security mechanisms.  
   Potential exposures to attack are discussed is section 7 of the 
   protocol specification. 
    
   This lack of authentication mechanism means that a DHCP server cannot 
   check if a client or user is authorized to use a given appliance 
     
       Aiello       Informational - Expires July 2001             3 
    
                  Appliance Class Identifier Option      January 2001 
                                    
   class. This introduces an obvious vulnerability when using the 
   appliance class option.  For example, if the appliance class is used 
   to give out a special parameter (e.g., a particular call agent 
   server), there is no way to authenticate a client and it is therefore 
   impossible to check if a client is authorized to use this parameter. 
    
8. References 
    
    
   [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement 
      Levels", BCP 14, RFC 2119, March 1997 
    
   [2] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 
      1997. 
    
   [3] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor 
      Extensions", RFC 2132, March 1997. 
    
   [4] Bradner, S., "Key words for use in RFCs to Indicate Requirement 
      Levels", BCP 14, RFC 2119, March 1997. 
    
   [5] Stump, G., "User Class Option for DHCP", RFC 3004, November 
      2000. 
    
    
9. Acknowledgements 
   The author would like to thank Eric Nielson for his input and 
   contribution. 
 
    
10. Author's Addresses 
    
   Joe Aiello 
   Sylantro Systems 
   910 East Hamilton, Suite 300 Phone:  1-408-626-3032 
   Campbell, CA USA             Email:  joe.aiello@Sylantro.com 
    
    















     
       Aiello       Informational - Expires July 2001             4