idnits 2.17.1 draft-ietf-dhc-userclass-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 284 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 4 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Engineering Task Force Glenn Stump, IBM 2 INTERNET DRAFT Ralph Droms, Bucknell University 3 Date: May 2000 Ye Gu, Ramesh Vyaghrapuri, 4 Expires: October 2000 Ann Demirtjis, Microsoft 5 Burcak Beser, 3Com 6 Jerome Privat, BT 8 The User Class Option for DHCP 9 11 Status of this Memo 13 The document is an Internet-Draft and is in full conformance with all 14 of the provisions of Section 10 of RFC 2026. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that 18 other groups may also distribute working documents as 19 Internet-Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six months 22 and may be updated, replaced, or obsoleted by other documents at any 23 time. It is inappropriate to use Intenet-Drafts as reference 24 material or to cite them other than as "work in progress." 26 The list of current Internet-Drafts can be accessed at 27 http://www.ietf.org/ietf/1id-abstracts.txt. 29 The list of Internet-Draft Shadow Directories can be accessed at 30 http://www.ietf.org/shadow.html. 32 Abstract 34 This option is used by a DHCP client to optionally identify the 35 type or category of user or applications it represents. The 36 information contained in this option is an opaque field 37 that represents the user class of which the client is a member. 38 Based on this class, a DHCP server selects the appropriate address 39 pool to assign an address to the client and the appropriate 40 configuration parameters. 41 This option should be configurable by a user. 43 1. Introduction 45 It is often desirable to provide different levels of service 46 to different users of an IP network. 47 In order for an IP network to implement this service 48 differentiation, it needs a way to classify users. A simple 49 solution to this is to use source IP addresses for classification. 50 Under this scheme, network administrators first configure network 51 devices such as routers to recognize traffic from a particular 52 source IP address (or address range) and handle it specially to 53 meet the desired level of service. Next, they assign the IP 54 addresses to the hosts of the intended users so that the user will 55 receive the appropriate level of service. They can configure the 56 hosts manually with these addresses. However, they cannot use DHCP 57 for address assignment, even if they are already running a DHCP 58 server in their network. A current RFC-compliant DHCP server assigns 59 IP addresses based on the location of the DHCP Client in the network 60 topology, not the type of user it supports. 61 This document describes a simple extension of the DHCP protocol 62 that enables a DHCP server to assign IP addresses from different 63 address pools depending on the type of users from which it receives 64 DHCP requests. With this new extension, network administrators will 65 be able to use DHCP to hand out the appropriate addresses to clients. 66 An example intended usage is a corporate network subnet consisting 67 of different departments of users, such as Accounting, Legal, Staff, 68 etc. It may be desirable to allocate logical address pools to each 69 of the departments so that network policies may be implemented easily 70 on IP address ranges; and this would facilitate providing 71 differential services, such as network reachibility. 72 A DHCP server can also use the information contained in the User 73 Class to allocate other configuration parameters than the IP 74 address. For example, a DHCP server receiving a request from a 75 client with the User Class set to "accounting auditors" may return 76 an option with the address of a particular database server. 77 Indeed a DHCP server may have a single pool of addresses and 78 only use the user class to select parameters other than IP 79 addresses. 81 2. Requirements Terminology 83 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 84 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and "OPTIONAL" in this 85 document are to be interpreted as described in RFC 2119 [3]. 87 3. DHCP Terminology 89 o "DHCP client" 91 A DHCP client or "client" is an Internet host using DHCP to obtain 92 configuration parameters such as a network address. 94 o "DHCP server" 96 A DHCP server of "server"is an Internet host that returns 97 configuration parameters to DHCP clients. 99 o "binding" 101 A binding is a collection of configuration parameters, including 102 at least an IP address, associated with or "bound to" a DHCP 103 client. Bindings are managed by DHCP servers. 105 4. User Class option 107 This option is used by a DHCP client to optionally identify the 108 type or category of user or applications it represents. 109 A DHCP server uses the User Class option to choose the address 110 pool it allocates an address from and/or to select any other 111 configuration option. 113 This option is a DHCP option [1, 2]. 115 This option MAY carry multiple User Classes. 116 Servers may interpret the meanings of multiple class 117 specifications in an implementation dependent or 118 configuration dependent manner, and so the use of multiple 119 classes by a DHCP client should be based on the specific server 120 implementation and configuration which will be used to process 121 that User class option. 123 The code for this option is TBD. 124 Each User Class value is indicated in an opaque field and is 125 preceded by a one-byte field giving its length. 126 Let n be the number of User Classes carried in the 127 option. The length of the option as specified in Len must be 128 the sum of the lengths of each of the class names plus n: 129 Len= Len1 + Len2 + ...+ Lenn + n. 131 Code Len Len1 Len2 132 +-----+-----+-----+----------+-----+--------------+---- 133 | TBD | N | L1 | class 1 | L2 | class 2 |... 134 +-----+-----+-----+----------+-----+--------------+---- 136 A server that is not equipped to interpret any given user class 137 specified by a client MUST ignore it (although it may be reported). 138 If a server recognizes one or more user classes specified by the 139 client, but does not recognize one or more other user classes 140 specified by the client, the server MAY use the user classes it 141 recognizes. 143 DHCP clients implementing this option SHOULD allow users to enter 144 one or more user class values. 146 5. Security Considerations 148 DHCP currently provides no authentication or security 149 mechanisms. Potential exposures to attack are discussed 150 is section 7 of the protocol specification [1]. 151 This lack of authentication mechanism means that a DHCP server 152 cannot check if a client or user is authorised to use a 153 given User Class. 155 6. References 157 [1] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, 158 March 1997. 160 [2] S. Alexander, R. Droms, "DHCP Options and BOOTP Vendor 161 Extensions", RFC 2132, March 1997. 163 [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement 164 Levels," RFC 2119, March 1997. 166 7. Acknowledgments 168 This document combines ideas from draft-ietf-dhc-userclass-03.txt 169 (by Glenn Stump and Ralph Droms) and 170 draft-ietf-dhc-useraddr-00.txt (by Ye Gu, Ramesh Vyaghrapuri and 171 Burcak Beser). It has been published as a revision to 172 draft-ietf-dhc-userclass-05.txt. 173 Thanks to Ted Lemon, Steve Gonczi, Kim Kinnear, Bernie Volz, 174 Richard Jones, Barr Hibbs for their comments and suggestions. 176 8. Author Information 178 Glenn Stump 179 IBM Networking Software 180 P.O. Box 12195 181 RTP, NC 27709 182 Phone: (919) 301-4277 183 Email: stumpga@us.ibm.com 185 Ralph Droms 186 Computer Science Department 187 323 Dana Engineering 188 Bucknell University 189 Lewisburg, PA 17837 190 Phone: (717) 524-1145 191 Email: droms@bucknell.edu 193 Ye Gu 194 Microsoft Corporation 195 One Microsoft Way 196 Redmond, WA 98052 197 Phone: 425 936 8601 198 Email: yegu@microsoft.com 200 Ramesh Vyaghrapuri 201 Microsoft Corporation 202 One Microsoft Way 203 Redmond, WA 98052 204 Phone: 425 703 9581 205 Email: rameshv@microsoft.com 207 Burcak Beser 208 3Com Corporation 209 3800 Golf Road 210 Rolling Meadows, IL 211 Phone: 847 262 2195 212 Email: Burcak_Beser@3com.com 214 Ann Demirtjis 215 Microsoft Corporation 216 One Microsoft Way 217 Redmond WA 98052 218 Phone: 425-705-2254 219 Email: annd@microsoft.com 221 Jerome Privat 222 BT Advanced Communications Technology Centre 223 Adastral Park, Martlesham Heath, IP5 3RE 224 UK 225 Phone: +44 1473 648910 226 Email: jerome.privat@bt.com 228 9. Expiration 230 This document will expire on October 2000. 232 Copyright Statement 234 Copyright (c) The Internet Society (1999). All Rights Reserved. 235 This document and translations of it may be copied and furnished to 236 others, and derivative works that comment on or otherwise explain it 237 or assist in its implementation may be prepared, copied, published 238 and distributed, in whole or in part, without restriction of any 239 kind, provided that the above copyright notice and this paragraph are 240 included on all such copies and derivative works. However, this 241 document itself may not be modified in any way, such as by removing 242 the copyright notice or references to the Internet Society or other 243 Internet organizations, except as needed for the purpose of 244 developing Internet standards in which case the procedures for 245 copyrights defined in the Internet Standards process must be 246 followed, or as required to translate it into languages other than 247 English. 249 The limited permissions granted above are perpetual and will not be 250 revoked by the Internet Society or its successors or assigns. 252 This document and the information contained herein is provided on an 253 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 254 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 255 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 256 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 257 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.