path: root/RELNOTES

		     Internet Software Consortium
	   Dynamic Host Configuration Protocol Distribution
		   Version 3, Beta 1, Patchlevel 7
			   October 27, 1999

			    Release Notes

This is a development snapshot of Version 3 of the Internet Software
Consortium DHCP Distribution.

				PLANS

Version 3 of the ISC DHCP Distribution adds conditional behaviour,
address pools with access control, and client classing.  An interim
implementation of dynamic DNS updates for the server only is included,
but is not supported.  The README file contains information about how
to enable this - it is not compiled into the DHCP server by default.

Features in upcoming releases, starting with 3.1, will include
Dynamic DNS Support, DHCPv4 16-bit option codes, asynchronous DNS
query resolution, DHCP Authentication, and support for a DHCP
Interserver Protocol and live querying and update of the DHCP
database.  Not all of this is done yet (see below).

This release is running in production at the ISC and at quite a few
other sites.  At this point, the 3.0 release is reasonably stable, but
is really only recommended for sites that are in a position to
experiment, or for sites that need the new features.  Bug reports are
enthusiastically solicited.

For information on how to install, configure and run this software,
as well as how to find documentation and report bugs, please consult
the README file.

The interim Dynamic DNS Update support is the result of work by Lans
Carstensen and Brian Dols at Rose-Hulman Institute of Technology, Jim
Watt at Perkin-Elmer, Irina Goble at Integrated Measurement Systems,
and Brian Murrell at BC Tel Advanced Communications.   I'd like to
express my thanks to all of these good people here.

		     Changes since October 27, 1999

- Add new PTR record _after_ zapping old PTR record - otherwise, the net
  result is that there's no PTR record!   Thanks to Irina Goble for catching
  this!

- Clean up a loophole in the code that sets up the pool expiry timer that
  could result in the DNS record for a lease not being cleaned up if a lease
  were granted that expired earlier than what had previously been the earliest
  lease set to expire in that pool.   Thanks to Brian Murrell for catching
  this.

- Fix a printf format inconsistency for Solaris.

		     Changes since October 26, 1999

- Don't log startup messages to stderr if -q is given (all daemons).

- Fix code that cleans up after a name service update failure.

- Fix a null pointer dereference that could occur in the event of a parse
  error.

- Add ddns-updates parameter which can be used to disable DNS updates in
  specific scopes.

- Fix a case where a DHCPINFORM from an unknown subnet would cause a core
  dump.

		     Changes since October 25, 1999

- Fix some format type incompatibilities that were breaking on Solaris.

- Use the new BIND 8.2.2 update code a bit more correctly.

		     Changes on October 25, 1999

- Fix some system-specific type incompatibilities that were breaking builds.

		      Changes since July 7, 1999

- Document use of anonymous CVS.

- Make it possible for the bind include path and library path to be
  configured on a per-system basis, because FreeBSD installs BIND in a
  nonstandard location, and other operating systems may in the future.

- Support OpenBSD and SCO UnixWare 7

- Support BIND 8.2.2, and remove support for BIND 8.2.1, since 8.2.1
  has a known security hole.

- Correct the credits in the README that describe the history of the
  DNS update support.

- Fix a bug in the client having to do with requested option support.

- Fix some printf format errors, and add prototypes to better detect
  them.

- Fix a client bug where the filename was saved in the recorded lease
  when the server name should have been.

- Document "pseudo" in client.

- Allow hostname to be set by client script on Linux, NetBSD, FreeBSD,
  BSD/os and OpenBSD.

- Make RANLIB configurable, for systems that don't have it.

- Fix a potential NULL pointer dereference.

- Add support for infinite leases.

- Allow debugging using the loopback interface.

- Improve the error message requesting that a subnet declaration be
  written.

- Do not try to respond to packets that are too short to be valid.
  We will accept a packet as long as it has everything up to the
  filename field.   Before, we would accept any packet that made it
  through the filter, which means it had a valid UDP header.   Also,
  don't try to parse the option buffer if there wasn't one, since
  there's no valid data there.

- Fix some Linux compile warnings.

- Fix a rare case where if there were only two leases in the pool, the
  server could forget about one.

- Make it possible for an action to be taken when a lease expires.

- Delete NS records when leases are released, and when they expire,
  but only if the server did the update.

- Clean up the dns update string manipulation code.

- Fix TTL calculation, which would be in error the first time a lease
  was assigned.

- Add printers for expr_encode_int* and expr_known.

- Fix the SOCKET/USE_FALLBACK breakage on pre-2.1 Linux systems.

- Fix bug in packet operator.

- Add a contrib/ subdirectory, with a couple of unsupported goodies.

- Fix a bug in allow booting/allow bootp when supplying fixed
  addresses to BOOTP clients.

- Support unicast responses to BOOTP clients with fixed addresses.
  This helps certain SGI boot PROMs and also the IRIX bootp client to
  get IP addresses, at lease for some versions of SGI boot proms and
  IRIX.

- Add support in the server for a -T flag, which checks the syntax of
  the lease database as well as the configuration file.

- Indicate when a DHCPREQUEST has been ignored rather than NAKed
  because the server does not consider itself authoritative.

- Make DHCPRELEASE function a bit more reliably and correctly.

- Don't respond to DHCPINFORM if we're not authoritative.

- Fix a bug in one-lease-per-client (essentially, it didn't do
  anything).

- Fix a bug in subclasses that caused members of a subclass not to be
  considered members of the class of which the subclass is a
  subclass.

		      Changes since June 6, 1999

- Integrated Irina Goble's Dynamic DNS update patches, with some
  changes, thanks to Brian Murrell of BC Tel.   These changes are only
  enabled if you explicitly specify it with the configure script, and
  we currently have no documentation.

- Heavily updated README file.

- Updated dhclient man page to document all current command-line
  arguments.

- Added a -s flag to both the client and server, for debugging only,
  so that the client and server can both be run using the socket API
  on a single machine that has no network interfaces (e.g., with lo0).

- Added support for three new subexpressions that return data:
  leased-address, reverse and binary-to-ascii.

- Fixed a problem where TOKEN_NOT and NOT were both kinds of tokens,
  which prevented "not authoritative" from working.

- Updated the pretty-printer for the 'X' type so that it will output
  ASCII text if the buffer being output contains all printable
  characters.   This is useful, e.g., for using the host-name option
  in the client.

- Add support for an always-broadcast flag, which, when enabled,
  causes the DHCP server to broadcast responses to all clients in the
  scope in which it is enabled, even if the client didn't request that
  the response be broadcast.   This is useful for working around
  clients that have buggy support for the protocol.

- Fix (I hope!) a compilation problem with the declaration of the
  fallback_discard function on some versions of Linux.

- Fix a bug that caused the offered lease time to be zero (or possibly
  some random value from the stack) if the client did not request a
  specific lease duration.

- Add support for a one-lease-per-client flag, which if enabled in the
  scope in which a client appears, causes any leases the client holds
  to be freed as soon as a DHCPREQUEST is received from the client for
  some other IP address.   This will only work if the client has only
  one network interface, so caution is urged in the use of this
  feature.

- Fix a mistake in the example in the dhcpd.conf manual page that
  talks about the "spawn with" statement.

		      Changes since May 27, 1999

- Fix some typos in the token ring code that I made while
  incorporating Andrew's changes.

- Fix some problems with scope evaluation related to BOOTP clients.

		      Changes since May 7, 1999

- Add LPF token ring support, contributed by Andrew Chittenden.

- Fix a serious bug in some server option evaluations, where it was
  looking for the values in the DHCP option space instead of the
  server option space.

- Prevent the server from failing to configure a client that retries
  its initial DHCPDISCOVER too quickly.

- Tweak semantics of lease limits so that if any class a client is in
  has a limit, then the client can't get a lease just because it's
  also in a class with no limits.

- Correct an operator precedence bug in abandoned lease handling.

- Provide more complete documentation for classes and correct errors
  in existing documentation.

- Fix some pointer non-debug code paths.

- Add support for encode_int() operand

- Fix documentation for concat operator.

- Edit dhcp options manual page for consistency.

		     Changes since May 6, 1999

- Reverse precedence of user-supplied parameter request list so that
  user can override client's preferences.

- Do not call abort () when uninitialized pointers are passed to
  allocation functions unless POINTER_DEBUG is defined.

- Fix a bug in parsing colon-seperated hex octet lists in data
  expressions.

- Fix a number of cases where the server would dump core in
  evaluate_*_expression if the options buffer was a NULL pointer.

- Fix incorrect handling of exists subexpression.

		     Changes since April 24, 1999

- In DHCPINFORM, allow for buggy clients that do not set ciaddr by
  using the IP source address from the IP header if ciaddr is zero.

- Fix some memory allocation botches in the DHCP server.

- Use parameter request list option from scope if it is present and
  client didn't send one.

- Allow for RFC1541 clients that set ciaddr when REQUESTING by
  checking server-identifier option as well as ciaddr before
  unicasting.

- Add support for concat data subexpression.

- Add support for specifying option data as a data expression instead
  of in the option's specified format.

- Fix a compile error on some Linux 2.0-based distributions.

		     Changes since April 23, 1999

- Fix a duplicate declaration of the object file copyright in dlpi.c.   Sigh.

		     Changes since April 12, 1999

- Fix a bug that would cause a core dump in DHCPINFORM.

- Document DHCP server lease allocation algorithm in dhcpd.conf manual
  page.    Also document pool access control lists.

- Add support for site-defined option spaces.

- Do not respond with NAK if ciaddr is set and giaddr/interface origin
  network segment doesn't match, since ciaddr means client is
  unicasting using IP routing.

- Support DHCPINFORM even on unknown networks.

- Make pool scope less specific than class scope.

- Enforce maximum lease length after applying default lease time.

- Add support for a bunch of options that were added in RFC2132.

- Undo a mistaken change in the interface discovery code that caused
  (e.g.) lo0 to be recognized as a broadcast interface.

- Tweak (hopefully fix) UDP/IP checksum algorithm.

- Support compilation on MacOS X.


		     Changes since April 8, 1999

- Support DHCPINFORM.

- Fix up some references to error() which I didn't notice earlier
  because I don't do compilation testing on Linux.

- Add a boolean expression, "known", which returns true if the client
  whose request is currently being processed has a host declaration.

- Do path keyword substitution on unformatted manual pages before
  installing them.

- Use length from UDP header to compute UDP checksum, because some
  buggy relay agents send UDP header lengths that disagree with IP
  header length and actual bytes sent.

- Make error logging when packets with bad checksums or lengths are
  received work more correctly.

- Fix a null pointer dereference that would occur when processing
  bootp packets from networks to which the server was not directly
  connected.

		     Changes since March 30, 1999

- Install unformatted manual pages on Linux

- SGI Irix support

- Generalize option support and add parser support for defining new
  option spaces.

- Support for generating vendor-encapsulated-options option from
  user-specified option space, rather than having to encode it as
  hex.

- Fix hash table code to do the right thing with nul-terminated
  strings - before they'd all get hashed into the same bucket.

- Fix a parser bug caused by dereferencing an uninitialized variable
  that prevented the parser from working correctly on some systems but
  allowed it to work on others.

- Document how to define new options, as well as how to set up
  vendor-encapsulated-options option.

- When responding to bootp clients, use the subnet mask from the
  subnet declaration as we do for DHCP clients if no explicit subnet
  mask option was defined.

- Add always-send-rfc1048 option to force the server to send
  rfc1048-style options (what everybody uses now) even if the client
  doesn't send the right magic cookie.

- Fix some bugs in class support that became obvious when I tried to
  use the vendor-encapsulated-option support in a reasonable way.

- Fix some memory leaks.

	    Changes since March 29, 1999 (second snapshot)

- Fix a memory allocation bug

- Move support for allow and deny keywords (WRT to server option
  space) into common code so that they can be used within
  conditionals.

	    Changes since March 29, 1999 (first snapshot)

- Build two new manual pages.

- Undo IFF_POINTOPOINT change from March 26.

- Add entry, exit and resolv.conf building hooks to dhclient-script.

		     Changes since March 26, 1999

- Set broadcast flag in DHCPDISCOVER packet if appropriate.

- Fix parsing of pool permits and address range statements.

- Account for tabs in parse_warn().

		     Changes since March 15, 1999

- Only use min-secs parameter on DHCPDISCOVER packets.

- Restore support for server-identifier keyword.

- Fix dhcp-class-identifier name to be vendor-class-identifier.

- Add support for defining new DHCP options, e.g.:

	option new-option-name code 198 = array of ip-address;
	option new-option-name 10.20.30.1, 10.20.30.2;

- Support added for AIX 4.1.5.0 (and hopefully other versions).

- Use /var/run instead of /etc on Digital Unix.

- Change DHCP client exponential backoff code to back off more slowly,
  so that it is more robust in lossy environments, at the expense of
  being a bit less polite to the server.

- Don't request a specific lease interval in the client unless the
  user says to do so.

- Don't print DHCPXXX in wrong xxx messages unless DEBUG is defined.

- Fix handling of secs field.

- Fix handling of append statement.

- Fix documentation for append and prepend statements.

- Fix server support for parameter request list and maximum message
  size.

- Parameterize more hardware types in discover_interfaces.   Check for
  IFF_BROADCAST instead of !IFF_POINTOPOINT

- Print kernel configuration warning message if we get EINVAL when
  opening or configuring the Linux packet filter.

- Fix a bug in UDP checksum code (thanks to John Nemeth for figuring
  this out) and re-enable UDP checksumming.   This allows the client
  to work with some buggy DHCP servers that can't handle zero
  checksums in the UDP header - in particular, the one John's cable
  modem ISP is using.

- Don't report packet header checksum errors unless we see a lot of
  them.   It's perfectly normal for some number of checksum errors to
  occur.

- Refer to the dhcpd.leases man page when printing an error message
  prior to exiting because there's no lease database.

- Add information to the README telling the reader how to get to the
  manual pages.

- Fix the server packet transmission code to unicast when it can.

- Fix a typo in the dhcpd.conf manual page.



		      CHANGES SINCE VERSION 2.0

- Support for conditional behaviour - i.e., what the client sends can
  be used to determine what response the client gets, in a very
  general way.

- Support for client classing - that is, clients can be assigned to
  classes based on what they send, and then address assignments can be
  made based on the client's class.   A per-class limit on the number
  of addresses assignable can be made.   It is possible to spawn new
  classes on the fly based on a template, so that address limitations
  can be done on a per-customer basis - e.g., when using relay agent
  options, a particular customer's circuit ID can be used to classify
  all hosts at the customer site as part of a class which is generated
  on the fly the first time the circuit ID is seen.   The class
  template from which this class is created can specify a limit of,
  say, four leases.   This would have the effect of limiting all
  customer sites behind relay agents that attach circuit IDs to the
  packets they forward to a maximum of four leases each.

- Memory allocation behaviour has been completely redone.

- Support for more than one pool of addresses per network segment.
  This permits clients to be allocated addresses out of different
  ranges, even within a subnet, based on what classes they're in,
  whether or not they are known (have host declarations), whether or
  not they have authenticated, and that sort of thing.   Parameters,
  including things like lease times and also things like options to be
  sent to the client, can vary from address pool to address pool.

			    UPCOMING WORK

I have a bunch of unintegrated code to do authentication.  The only
reason it's not integrated is that I've decided it's incorrect, and
I'm going to have to hack the in-memory database to make it correct.
So expect the lease data structure to change, and probably expect the
host data structure to change as well, in order to fully support
authentication.  Some bits of authentication support are already
scattered here and there.  You may see references in the code to the
failover protocol.  I was testing some theories, but this code isn't
functional in any sense, although it will be in the future.

Integration between DHCP and Dynamic DNS is the most-requested
feature, and you can expect work on this to occur in the near future.
Irina Goble has some code that several people are running with 2.0
with some success right now, and while I don't promise to integrate
this particular code, something will certainly be happening in April
or May.

There's already some support for DHCPv4NG 16-bit option codes, but it's
not complete, and won't be very interesting until we have a DHCP
futures draft out and Microsoft implements it in their clients.   When
this draft is a bit closer to completion, the ISC will release a
sample implementation - it's not too hard, and it'll be cool to be
able to say at the IETF that there's something available, even if it
won't be deployable for a while yet.   You will be able to run the
DHCPv4NG server with existing DHCPv4 clients, because the protocol
provides for interoperability between new servers and old clients, as
well as new clients and old servers.

The all-singing, all-dancing Interserver Protocol has been put on the
back burner in favor of the DHCP Failover Protocol, which solves the
problem of providing redundant DHCP service with no more than two DHCP
servers.   This protocol is coming along quite nicely - we had a
meeting in February at Cisco, and lots of progress was made.   Cisco
and Process Software both have implementations of an older version of
the protocol, and will presumably have support for the new protocol in
the not-too-distant future.   The ISC will go straight to the new
protocol, once the next draft comes out and as time allows.

Live querying and update of the DHCP database will involve creating a
unix domain or secure (peer-to-peer IPSEC or TLS) TCP socket to the
DHCP server, sending requests for information, receiving responses,
and sending updates.   Most of the read-only DHCP status information
will be available through SNMP, but the private query/update socket
will allow, for example, registration of clients without restarting
the server, and adjusting parameters on classes - e.g., reducing or
increasing the number of leases clients in a particular spawned class
may hold.

We will be providing anonymous CVS support as soon as we can.