idnits 2.17.1 draft-cheshire-ipv4-acd-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing document type: Expected "INTERNET-DRAFT" in the upper left hand corner of the first page ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 2002) is 7925 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 4 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Stuart Cheshire 2 Document: draft-cheshire-ipv4-acd-02.txt Apple Computer 3 Expires 23rd February 2003 23rd August 2002 5 IPv4 Address Conflict Detection 6 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. Internet-Drafts are 12 working documents of the Internet Engineering Task Force (IETF), 13 its areas, and its working groups. Note that other groups may 14 also distribute working documents as Internet-Drafts. 16 Internet-Drafts are draft documents valid for a maximum of six 17 months and may be updated, replaced, or obsoleted by other documents 18 at any time. It is inappropriate to use Internet-Drafts as 19 reference material or to cite them other than as "work in progress." 21 The list of current Internet-Drafts can be accessed at 22 http://www.ietf.org/ietf/1id-abstracts.txt 24 The list of Internet-Draft Shadow Directories can be accessed at 25 http://www.ietf.org/shadow.html 27 Distribution of this memo is unlimited. 29 Abstract 31 When two hosts on the same link attempt to use the same IPv4 address 32 at the same time (except in rare special cases where this has been 33 arranged by prior coordination) problems ensue for one or both hosts. 34 This document describes (i) a simple precaution that a host can take 35 in advance to help prevent this misconfiguration from happening, and 36 (ii) if this misconfiguration does occur, a simple mechanism by which 37 a host can passively detect after-the-fact that it has happened, so 38 that the host may respond to rectify the problem. 40 1. Introduction 42 Historically, accidentally configuring two Internet hosts with the 43 same IP address has often been an annoying and hard-to-diagnose 44 problem. 46 This is unfortunate, because the existing ARP protocol provides 47 an easy way for a host to detect this kind of misconfiguration and 48 report it to the user. The DHCP specification [RFC 2131] briefly 49 mentions the role of ARP in detecting misconfiguration, as 50 illustrated in the following three excerpts from RFC 2131: 52 o the client SHOULD probe the newly received address, 53 e.g., with ARP. 55 o The client SHOULD perform a final check on the parameters 56 (e.g., ARP for allocated network address) 58 o If the client detects that the address is already in use 59 (e.g., through the use of ARP), the client MUST send 60 a DHCPDECLINE message to the server 62 Unfortunately, the DHCP specification does not give any guidance to 63 implementers concerning the number of ARP packets to send, the 64 interval between packets, the total time to wait before concluding 65 that an address may safely be used, or indeed even which kinds of 66 packets a host should be listening for, in order to make this 67 determination. It leaves unspecified the action a host should take 68 if, after concluding that an address may safely be used, it 69 subsequently discovers that it was wrong. It also fails to specify 70 what precautions a DHCP client should take to guard against 71 pathological failure cases, such as DHCP server that repeatedly 72 OFFERs the same address, even though it has been DECLINEd multiple 73 times. 75 The authors of the DHCP specification may have thought the answers to 76 these questions too obvious to mention, but unfortunately this leaves 77 some of the burden of protocol design to each individual implementer. 78 This document seeks to remedy this omission by clearly specifying the 79 required actions for: 81 1. Determining whether use of an address is likely to lead to an 82 addressing conflict. This includes (a) the case where the address 83 is already actively in use by another host on the same link, and 84 (b) the case where two hosts are inadvertently about to begin 85 using the same address, and both are simultaneously in the process 86 of probing to determine whether the address may safely be used. 88 2. Subsequent passive detection that another host on the network is 89 inadvertently using the same address. Even if all hosts observe 90 precautions to avoid using an address that is already in use, 91 conflicts can still occur if two hosts are out of communication at 92 the time of initial interface configuration. This could occur with 93 wireless network interfaces if the hosts are temporarily out of 94 range, or with Ethernet interfaces if the link between two 95 Ethernet hubs is not functioning at the time of address 96 configuration. A well-designed host will handle not only conflicts 97 detected during interface configuration, but also conflicts 98 detected later, for the entire duration of the time that the host 99 is using the address. 101 3. Rate-limiting in the case of an excessive number of repeated 102 conflicts. 104 The utility of IPv4 Address Conflict Detection is not limited to DHCP 105 clients. No matter how an address was configured, whether via manual 106 entry by a human user, via information received from a DHCP server, 107 or via any other source of configuration information, detecting 108 conflicts is useful. Upon detecting a conflict, the configuring agent 109 should be notified of the error. In the case where the configuring 110 agent is a human user, that notification may take the form of an 111 error message on a screen, an SNMP trap, or an error message sent via 112 pager. In the case of a DHCP server, that notification takes the form 113 of a DHCP DECLINE message sent to the server. In the case of 114 configuration by some other kind of software, that notification takes 115 the form of an error indication to the software in question, to 116 inform it that the address it selected is in conflict with some other 117 host on the network. The configuring software may choose to cease 118 network operation, or it may automatically select a new address so 119 that the host may re-establish IP connectivity as soon as possible. 121 1.1. Conventions and Terminology Used in this Document 123 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 124 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 125 document are to be interpreted as described in "Key words for use in 126 RFCs to Indicate Requirement Levels" [RFC 2119]. 128 Wherever this document uses the term "sender IP address" or "target 129 IP address" in the context of an ARP packet, it is referring to the 130 fields of the ARP packet identified in the ARP specification [RFC 131 826] as "ar$spa" (Sender Protocol Address) and "ar$tpa" (Target 132 Protocol Address) respectively. For the usage of ARP described in 133 this document, each of these fields always contains an IP address. 135 In this document, the term "ARP Probe" is used to refer to an ARP 136 request packet, broadcast on the local link, with an all-zero 'sender 137 IP address'. The 'sender hardware address' MUST contain the hardware 138 address of the interface sending the packet. The 'target hardware 139 address' field is ignored and SHOULD be set to all zeroes. The 140 'target IP address' field MUST be set to the address being probed. 142 In this document, the term "ARP Announcement" is used to refer to 143 an ARP request packet, broadcast on the local link, identical to 144 the ARP probe described above, except that both the sender and 145 target IP address fields contain the IP address being announced. 147 1.2 Relationship to RFC 826 149 This document does not modify any of the protocol rules in RFC 826. 150 It does not modify the packet format, or the meaning of any 151 of the fields. The existing rules for "Packet Generation" and 152 "Packet Reception" still apply exactly as specified in RFC 826. 154 This document expands on RFC 826 by specifying some additional ARP 155 packets that should be generated when an interface is configured, and 156 an additional check that should be performed on each ARP packet that 157 is received. This additional check does not impose a significant 158 additional CPU burden on hosts, since every host implementing ARP 159 is already required to process every received ARP packet according 160 to the "Packet Reception" rules specified in RFC 826. 162 As specified in RFC 826, an ARP Request packet serves two functions, 163 an assertion and a question: 165 * Assertion: 166 The fields "ar$sha" (Sender Hardware Address) and "ar$spa" (Sender 167 Protocol Address) together serve as an assertion of a fact, that 168 the stated Protocol Address is mapped to the stated Hardware 169 Address. 171 * Question: 172 The fields "ar$tha" (Target Hardware Address, zero) and "ar$tpa" 173 (Target Protocol Address) serve as a question, asking, for the 174 stated Protocol Address, to which Hardware Address it is mapped. 176 This document clarifies what it means to have one without the other. 178 1.2.1 ARP Probe 180 This document standardizes the widely-used natural interpretation of 181 an ARP Request where the Target Protocol Address is non-zero but the 182 Sender Protocol Address is zero, namely that it is a question without 183 an associated assertion (an "ARP Probe"). 185 1.2.2 ARP Announcement 187 This document standardizes the widely-used natural interpretation of 188 an ARP Request where the Sender and Target Protocol Address fields 189 contain the same address, namely that it is an assertion without an 190 associated question (an "ARP Announcement"). 192 1.2.3 Broadcast Replies 194 In some applications of IPv4 Address Conflict Detection, it may be 195 advantageous to deliver ARP replies using broadcast instead of 196 unicast because this allows address conflicts to be detected sooner 197 than might otherwise happen. This is not needed in most situations, 198 but certain specialized uses of Address Conflict Detection such as 199 "Dynamic Configuration of IPv4 Link-Local Addresses" [v4LL] can 200 benefit from this optional capability. 202 RFC 826 implies that replies to ARP requests are usually delivered 203 using unicast, but it is also acceptable to deliver ARP replies using 204 broadcast. The "Packet Reception" rules in RFC 826 specify that the 205 content of the "ar$spa" field should be processed *before* examining 206 the "ar$op" field, so any host that correctly implements the Packet 207 Reception algorithm specified in RFC 826 will correctly handle ARP 208 replies delivered via link-layer broadcast. 210 1.3. Applicability 212 The specifications in this document apply to any link-layer network 213 technology that uses ARP [RFC 826] to map from IP addresses to 214 link-layer hardware addresses. 216 2. Address Probing, Announcing, Conflict Detection and Defense 218 This section describes initial probing to safely determine whether 219 an address is already in use, ongoing conflict checking, and optional 220 use of broadcast ARP replies to provide faster conflict detection. 222 2.1 Probing an Address 224 Before beginning to use an IP address (whether received from manual 225 configuration, DHCP, or some other means), a host implementing this 226 specification MUST test to see if the address is already in use, 227 using ARP probes. 229 A host probes to see if an address is already in use by broadcasting 230 an ARP request for the desired address. The client MUST fill in the 231 'sender hardware address' field of the ARP request with the hardware 232 address of the interface through which it is sending the packet. 233 The 'sender IP address' field MUST be set to all zeroes, to avoid 234 polluting ARP caches in other hosts on the same link in the case 235 where the address turns out to be already in use by another host. 236 The 'target hardware address' field is ignored and SHOULD be set to 237 all zeroes. The 'target IP address' field MUST be set to the address 238 being probed. An ARP request constructed this way with an all-zero 239 'sender IP address' is referred to as an "ARP probe". 241 When ready to begin probing, the host should then wait for a random 242 time interval selected uniformly in the range zero to two seconds, 243 and should then send four probe packets, spaced two seconds apart. 244 This initial random delay helps ensure that a large number of hosts 245 powered on at the same time do not all send their initial probe 246 packets simultaneously. 248 If during this period, from the beginning of the probing process 249 until two seconds after the last probe packet is sent, the host 250 receives any ARP packet (request *or* reply) where the packet's 251 'sender IP address' is the address being probed for, then the host 252 MUST treat this address as being in use by some other host, and 253 should indicate to the configuring agent (human operator, DHCP 254 server, etc.) that the proposed address is not acceptable. In 255 addition, if during this period the host receives any ARP probe where 256 the packet's 'target IP address' is the address being probed for, and 257 the packet's 'sender hardware address' is not the hardware address of 258 any of the host's interfaces, then the host MUST similarly treat this 259 as an address conflict and signal an error to the configuring agent 260 as above. This can occur if two (or more) hosts have, for whatever 261 reason, been inadvertently configured with the same address, and both 262 are simultaneously in the process of probing that address to see if 263 it can safely be used. 265 A host implementing this specification MUST maintain a counter of the 266 number of conflicts it has experienced in the process of trying to 267 configure an interface, and if the number of conflicts exceeds ten 268 then the host MUST limit the rate at which it probes for new 269 addresses to no more than one new address per minute. This is to 270 prevent catastrophic ARP storms in pathological failure cases, such 271 as a defective DHCP server that repeatedly assigns the same address 272 to every host that asks for one. 274 If, by two seconds after the transmission of the last ARP probe 275 no conflicting ARP reply has been received, then the host has 276 successfully determined that the desired address may be used safely. 278 2.2 Shorter Timeouts on Appropriate Network Technologies 280 The time values specified above are intended for use on technologies 281 such as Ethernet, where switches that implement Spanning Tree 282 [802.1d] often silently discard all packets for several seconds. The 283 time values specified above result in a delay of 8-10 seconds before 284 a chosen IP address may be used. For a desktop machine using DHCP, 285 this may not be a great problem, but for other types of device, 286 particularly portable hand-held wireless devices, a ten-second delay 287 before networking services becomes available may not be acceptable. 288 For this reason, shorter time values may be used on network 289 technologies that allow the device to determine when the link has 290 become active and can be reasonably trusted to deliver packets 291 reliably. On these network technologies the recommended time values 292 are: The host should first wait for a random time interval selected 293 uniformly in the range 0-200 milliseconds, and then send four probe 294 packets, waiting 200 milliseconds after each probe, making a total 295 delay of 800-1000ms before a chosen IP address may be used. 297 Should future versions of the IEEE Spanning Tree Protocol be enhanced 298 to inform clients when the link is ready to begin forwarding packets, 299 then the shorter time values may be used on these networks too. 301 If the situation arises where some hosts on a network are using the 302 optional shorter timeouts and others are not, this does not cause any 303 problems. It simply means that some hosts will be able to configure 304 their interfaces quicker than others. In the unlikely event that an 305 address conflict is not detected during the short address probing 306 phase, the conflict will still be detected by the Ongoing Address 307 Conflict Detection described below in Section 2.4. 309 2.3 Announcing an Address 311 Having determined that a desired address may be used safely, a host 312 implementing this specification MUST then announce that it is 313 commencing to use this address by broadcasting two ARP announcements, 314 spaced two seconds apart. This time interval is not modified by the 315 shorter timeouts described above in Section 2.2. An ARP announcement 316 is identical to the ARP probe described above, except that now the 317 sender and target IP addresses are both set to the host's newly 318 selected IP address. The purpose of these ARP announcements is to 319 make sure that other hosts on the link do not have stale ARP cache 320 entries left over from some other host that may previously have been 321 using the same address. 323 2.4 Ongoing Address Conflict Detection and Address Defense 325 Address conflict detection should not be limited to only the time of 326 initial interface configuration, when a host is sending ARP probes. 327 Address conflict detection is an ongoing process that is in effect 328 for as long as a host is using an address. At any time, if a host 329 receives an ARP packet (request *or* reply) where the 'sender IP 330 address' is the host's own IP address, but the 'sender hardware 331 address' does not match any of the host's own interface addresses, 332 then this is a conflicting ARP packet, indicating some other host 333 also thinks it is validly using this address. To resolve the address 334 conflict, a host must respond to a conflicting ARP packet as 335 described in either (a), (b) or (c) below: 337 (a) Upon receiving a conflicting ARP packet, a host MAY elect to 338 immediately cease using the address, and signal an error to the 339 configuring agent as described above, or 341 (b) If a host currently has active TCP connections or other reasons 342 to prefer to keep the same IP address, and it has not seen any other 343 conflicting ARP packets recently (for Ethernet, within the last ten 344 seconds) then it MAY elect to attempt to defend its address. 345 To defend its address, the host first records the time that the 346 conflicting ARP packet was received, and then broadcasts one single 347 ARP announcement, giving its own IP and hardware addresses. Having 348 done this, the host can then continue to use the address normally 349 without any further special action. However, if this is not the first 350 conflicting ARP packet the host has seen, and the time recorded for 351 the previous conflicting ARP packet is recent (within ten seconds for 352 Ethernet) then the host MUST immediately cease using this address and 353 signal an error to the configuring agent as described above. This is 354 necessary to ensure that two hosts do not get stuck in an endless 355 loop with both hosts trying to defend the same address. 357 (c) If a host has been configured such that it should not give up its 358 address under any circumstances, perhaps because it is an important 359 company server with a well-known IP address, then it MAY elect to 360 defend its address indefinitely. If such a host receives a 361 conflicting ARP packet, then it should take appropriate steps to log 362 useful information such as source Ethernet address from the ARP 363 packet, and inform the administrator of the problem. The number of 364 such notifications should be appropriately controlled to prevent an 365 excessive number of error reports being generated. If the host has 366 not seen any other conflicting ARP packets recently (for Ethernet, 367 within the last ten seconds) then it MUST record the time that the 368 conflicting ARP packet was received, and then broadcast one single 369 ARP announcement, giving its own IP and hardware addresses. Having 370 done this, the host can then continue to use the address normally 371 without any further special action. However, if this is not the first 372 conflicting ARP packet the host has seen, and the time recorded for 373 the previous conflicting ARP packet is recent (within ten seconds for 374 Ethernet) then the host MUST NOT send another defensive ARP 375 announcement. This is necessary to ensure that two misconfigured 376 hosts do not get stuck in an endless loop flooding the network with 377 broadcast traffic while they both try to defend the same address. 379 A host wishing to provide reliable network operation must respond to 380 conflicting ARP packets as described in (a), (b) or (c) above. 381 Ignoring conflicting ARP packets results in seemingly random network 382 failures which can be hard to diagnose and very frustrating for human 383 users. 385 Forced address reconfiguration may be disruptive, causing TCP 386 connections to be broken. However, it is such disruptions should be 387 exceedingly rare, and if inadvertent address duplication happens, 388 then disruption of communication is inevitable. It is not possible 389 for two different hosts using the same IP address on the same network 390 to operate reliably. For most client machines that do not need a 391 fixed IP address, immediately requesting the configuring agent (human 392 user, DHCP client, etc.) to configure a new address as soon as the 393 conflict is detected is the best way to restore useful communication 394 as quickly as possible. The mechanism described above of broadcasting 395 a single ARP announcement to defend the address mitigates the problem 396 somewhat, by helping to improve the chance that one of the two 397 conflicting hosts may be able to retain its address. 399 2.5 Broadcast ARP Replies 401 In a carefully-run network with manually-assigned addresses, or 402 a network with a reliable DHCP server and reliable DHCP clients, 403 address conflicts should occur only in rare failure scenarios, 404 so the passive monitoring described above in Section 2.4 is adequate. 405 If two hosts are using the same IP address, then sooner or later one 406 or other host will broadcast an ARP request, which the other will 407 see, allowing the conflict to be detected and consequently resolved. 409 It is possible however, that a conflicting configuration may persist 410 for a short time before it is detected. Suppose that two hosts A and 411 B have been inadvertently assigned the same IP address X. Suppose 412 further that at the time they were both probing to determine whether 413 the address could safely be used, the communication link between them 414 was non-functional for some reason, so neither detected the conflict 415 at interface-configuration time. Suppose now that the communication 416 link is restored, and a third host C broadcasts an ARP request for 417 address X. Unaware of any conflict, both hosts A and B will send 418 unicast ARP replies to host C. Host C will see both replies, and may 419 be a little confused, but neither host A nor B will see the other's 420 reply, and neither will immediately detect that there is a conflict 421 to be resolved. Hosts A and B will continue to be unaware of the 422 conflict until one or other broadcasts an ARP request of their own. 424 If quicker conflict detection is desired, this MAY be achieved by 425 having hosts send ARP replies using link-level broadcast, instead 426 of sending only ARP requests via broadcast, and replies via unicast. 427 This is not recommended for general use, but "Dynamic Configuration 428 of IPv4 Link-Local Addresses" [v4LL] makes use of this optional 429 capability, since in that case, detection of address conflicts using 430 ARP is not merely a backup precaution to detect failures of some 431 other configuration mechanism; detection of address conflicts using 432 ARP is the sole configuration mechanism. 434 Sending both requests and replies via broadcast potentially doubles 435 the ARP traffic load on each host on the network. On many networks, 436 ARP traffic is such an insignificant proportion of the total traffic 437 that doubling it makes no practical difference. However, this may not 438 be true of all networks, so broadcast ARP replies should not be used 439 universally. Broadcast ARP replies should be used where the benefit 440 of faster conflict detection outweighs the cost of slightly increased 441 packet processing load on the participant network hosts. 443 3. Security Considerations 445 The ARP protocol [RFC 826] is insecure. A malicious host may send 446 fraudulent ARP packets on the network, interfering with the correct 447 operation of other hosts. For example, it is easy for a host to 448 answer all ARP requests with responses giving its own hardware 449 address, thereby claiming ownership of every address on the network. 451 This specification makes this existing ARP vulnerability no worse, 452 and in some ways makes it better: Instead of failing silently with no 453 indication why, hosts implementing this specification are required to 454 either attempt to reconfigure automatically, or if not that, at least 455 inform the human user of what is happening. 457 4. IANA Considerations 459 This document has no IANA-related considerations. 461 5. Acknowledgements 463 This document arose as a result of discussions on link-local 464 addressing, where it was not clear to many readers which elements of 465 link-local address management were specific to that particular 466 problem, and which elements were generic and applicable to all IPv4 467 address configuration mechanisms. The following people made valuable 468 comments in the course of that work: Bernard Aboba, Jim Busse, Pavani 469 Diwanji, Donald Eastlake 3rd, Peter Ford, Spencer Giacalone, Josh 470 Graessley, Erik Guttman, Myron Hattig, Hugh Holbrook, Richard 471 Johnson, Kim Yong-Woon, Rod Lopez, Satish Mundra, Thomas Narten, Erik 472 Nordmark, Howard Ridenour, Daniel Senie, Dieter Siegmund, Valery 473 Smyslov and Ryan Troll. 475 6. Copyright 477 Copyright (C) The Internet Society 23rd August 2002. 478 All Rights Reserved. 480 This document and translations of it may be copied and furnished to 481 others, and derivative works that comment on or otherwise explain it 482 or assist in its implementation may be prepared, copied, published 483 and distributed, in whole or in part, without restriction of any 484 kind, provided that the above copyright notice and this paragraph are 485 included on all such copies and derivative works. However, this 486 document itself may not be modified in any way, such as by removing 487 the copyright notice or references to the Internet Society or other 488 Internet organizations, except as needed for the purpose of 489 developing Internet standards in which case the procedures for 490 copyrights defined in the Internet Standards process must be 491 followed, or as required to translate it into languages other than 492 English. 494 The limited permissions granted above are perpetual and will not be 495 revoked by the Internet Society or its successors or assigns. 497 This document and the information contained herein is provided on an 498 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 499 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 500 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 501 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 502 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 504 7. References 506 [802.1d] ISO/IEC 10038, ANSI/IEEE Std 802.1D-1993 "MAC Bridges". 508 [RFC 826] D. Plummer, "An Ethernet Address Resolution Protocol -or- 509 Converting Network Addresses to 48-bit Ethernet Address 510 for Transmission on Ethernet Hardware", STD 37, RFC 826, 511 November 1982. 513 [RFC 2119] S. Bradner, "Key words for use in RFCs to Indicate 514 Requirement Levels", RFC 2119, March 1997. 516 [RFC 2131] R. Droms, "Dynamic Host Configuration Protocol", 517 RFC 2131, March 1997. 519 [v4LL] S. Cheshire, B. Aboba, E. Guttman, 520 "Dynamic Configuration of IPv4 Link-Local Addresses", 521 draft-ietf-zeroconf-ipv4-linklocal-06.txt, 522 Work in Progress, August 2002. 524 8. Author's Address 526 Stuart Cheshire 527 Apple Computer, Inc. 528 1 Infinite Loop 529 Cupertino 530 California 95014 531 USA 533 Phone: +1 408 974 3207 534 EMail: rfc@stuartcheshire.org