DHCP release on poweroff if MACaddr is local scope
Robert Moskowitz
rgm at htt-consult.com
Tue Sep 16 15:07:55 UTC 2014
I am working in the IEEE 802 Privacy Recommendations Study Group:
http://www.ieee802.org/PrivRecsg/
There will be matching work on this in the IETF, but the WorkGroup has
not been chartered (will be after the November IETF meeting).
Minimally we will be developing a Recommended Practice for using
Randomized Local MAC Addresses to enhance device privacy. IEEE 802.1
may recommend segmenting the local scope address space to separate items
like Virtual Machines, from ephemeral privacy addresses. The SDN
community has already asked to get a part of the local address space
carved out for them.
But there is considerable ripple effects when a device, based on some
policy TBD, keeps changing its MAC Address. The most obvious one is
DHCP address leases. Using tools like MACspoof:
https://github.com/feross/SpoofMAC
You can begin to see what happens. Much of the smarts for the client for
WiFi will go into the WPA Supplicant and Jouni Malinen is already
working on this. But I am also working on it for wired connections and
can see a general advantage where at poweroff (or reboot) a device
includes sending a DHCP Release.
Yes, this only helps in a limited set of cases (not where you unplug
from the wired cafe), but every case where we can 'make things better'
seems wise.
In the IETF there will probably be recommendations on Lease times for
local scope addresses.
I welcome any comments on this.
More information about the test
mailing list