Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 84740 invoked from network); 25 Feb 2008 13:49:13 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 25 Feb 2008 13:49:13 -0000 Received: (qmail 72570 invoked by uid 500); 25 Feb 2008 13:49:08 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 72531 invoked by uid 500); 25 Feb 2008 13:49:08 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 72519 invoked by uid 99); 25 Feb 2008 13:49:08 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Feb 2008 05:49:08 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of damjan.jov@gmail.com designates 209.85.198.186 as permitted sender) Received: from [209.85.198.186] (HELO rv-out-0910.google.com) (209.85.198.186) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Feb 2008 13:48:32 +0000 Received: by rv-out-0910.google.com with SMTP id g11so895150rvb.25 for ; Mon, 25 Feb 2008 05:48:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=pGLD1EGNRHUd1Js6+9IztjgoNjGgXd/NaufLiNozRV8=; b=AT529KJ/yJKkCisRjfUBHlk6q9T+kJz2wrZiNb9nsF/ohrzIpwiwwL3TmAg2Yog6Bul3IC8yAT+IPgHm9Zv33gqKn81O0Ue7y4+hPGLigXHLWq0FbDZKaycqE9lBkKf3BSvDjdruvvxg9Yin9/tKOW6+CJXBya3ijUQVG78DgUQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NVD9278aOGqwuofKsgUWDQrgvWsWdJQ7xtlZhW5fGnEPXOqOmSjP6K9rfs0g+4h+oqS3spTrSAMMWfL7zNZz/i9/G2JpkJxjQUQe4uGBajw8Sv94p5Gr4e+tSmGHFzN/9nGF/scRTWtPxPAQdiVz9hTgpXsO7a7Rl7lp+HObxo8= Received: by 10.140.251.1 with SMTP id y1mr2077912rvh.292.1203947320683; Mon, 25 Feb 2008 05:48:40 -0800 (PST) Received: by 10.141.76.8 with HTTP; Mon, 25 Feb 2008 05:48:40 -0800 (PST) Message-ID: <9e89675b0802250548o23ece7adoa79b44472d0a3696@mail.gmail.com> Date: Mon, 25 Feb 2008 15:48:40 +0200 From: "Damjan Jovanovic" To: "Apache Directory Developers List" Subject: Re: DHCP protocol In-Reply-To: <47B96B45.7030101@levigo.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <9e89675b0802170822r7bab645epc16dbfbf56ae70ac@mail.gmail.com> <47B94D8C.6080004@levigo.de> <9e89675b0802180317p5535fe4bk23781bc3e3259db8@mail.gmail.com> <47B96B45.7030101@levigo.de> X-Virus-Checked: Checked by ClamAV on apache.org On Feb 18, 2008 1:25 PM, J=F6rg Henne wrote: > Damjan Jovanovic schrieb: > > There is a few other possibilities. > > > > You can bind to 0.0.0.0 and attach the socket to a device using > > SO_BINDTODEVICE, then you'll only receive UDP broadcasts from that > > device; unfortunately that option can be set by root only, but that's > > not a problem since you need to be root to open ports under 1024 that > > LDAP, DNS, NTP and DHCP use. > > > The problem with this solution is that it doesn't properly work under > Windows. We tried that :-/ In my books, the less works under Windows the better :-). > Plus: one needs JNI for SO_BINDTODEVICE, although JNA does the trick > rather painlessly. > The solution we currently use is to have several front-end > implementations depending on the underlying OS. > > Java 7 is supposed to be able to tell you where the packet came from, > > at least for Windows >=3D XP. But I see that bug is still open, guess > > Sun hasn't gotten around to it yet. > > > > I'll have to see. Well I've thought about it, and... Raw sockets are a nightmare - too platform-specific, quirky, inefficient (you get many packets you don't need to see) and require root access. But, it's the only way to unicast to a particular MAC address like the RFC says we should in some cases. Moving on - SO_BINDTODEVICE is also platform-specific and seems a bit of a hack (it changes how routing is done). Plus you need a socket per interface, which means you use more sockets, and if network interfaces are created or destroyed while the DHCP server is running it has to deal with it. Using recvmsg() seems nice, it's only 1 socket, and it tells you where the packet came from. > I have little hope that this will make it into the release... Little hope? When last I checked, Sun was accepting patches to Java :-). I've mailed the appropriate mailing list and offered to patch DatagramPacket and co to provide the packet's destination address and the NetworkInterface it came through, and they've sent me some preliminary code I can carry on from. So, luck witholding, it will make it into not just Java 7, but maybe even some of the prerelease builds. > > What DHCP server does openthinclient.org use? > > > We don't do DHCP but PXE, which is a protocol used to inject network > boot configuration and is based on DHCP. For DHCP there is a > proof-of-concept implementation, but no backend. The code > openthinclient.org uses is based on the ADS DHCP code, but has been > extended to make it actually work :-) The bigbang branch seems much further ahead than trunk, I'm not sure there is much for me to do any more. > Joerg Henne > > > Damjan