Skip to main content

15. Message Validation

15. Message Validation

Clients and servers SHOULD discard any message that contains options that are not allowed to appear in the received message. For example, an IA option is not allowed to appear in an Information-request message. Clients and servers MAY choose to extract information from such a message if the information is useful to the recipient.

A server MUST discard any Solicit, Confirm, Rebind, or Information-request message it receives with a unicast destination address.

Message validation based on DHCP authentication is discussed in section 21.4.2.

If a server receives a message that contains options it should not contain (such as an Information-request message with an IA option), is missing options it should contain, or is otherwise invalid, it MAY send a Reply (or Advertise if appropriate) with a Server Identifier option, a Client Identifier option if one was included in the message, and a Status Code option with status UnSpecFail.

15.1. Use of Transaction IDs

The "transaction-id" field holds a value used by clients and servers to synchronize server responses to client messages. A client SHOULD generate a random number that cannot easily be guessed or predicted to use as the transaction ID for each new message it sends. Note that if a client generates easily predictable transaction identifiers, it may be more vulnerable to certain types of attacks from off-path intruders. A client MUST leave the transaction ID unchanged in retransmissions of a message.

15.2. Solicit Message

Clients MUST discard any Solicit messages they receive.

Servers MUST discard any Solicit messages that do not include a Client Identifier option or that include a Server Identifier option.

15.3. Advertise Message

Clients MUST discard any Advertise messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The message does not include a Client Identifier option.

  • The contents of the Client Identifier option do not match the client's DUID.

  • The value in the "transaction-id" field does not match the value the client used in its Solicit message.

Servers and relay agents MUST discard any Advertise messages they receive.

15.4. Request Message

Clients MUST discard any Request messages they receive.

Servers MUST discard any Request messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The contents of the Server Identifier option do not match the server's DUID.

  • The message does not include a Client Identifier option.

15.5. Confirm Message

Clients MUST discard any Confirm messages they receive.

Servers MUST discard any Confirm messages that do not include a Client Identifier option or that include a Server Identifier option.

15.6. Renew Message

Clients MUST discard any Renew messages they receive.

Servers MUST discard any Renew messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The contents of the Server Identifier option do not match the server's identifier.

  • The message does not include a Client Identifier option.

15.7. Rebind Message

Clients MUST discard any Rebind messages they receive.

Servers MUST discard any Rebind messages that do not include a Client Identifier option or that include a Server Identifier option.

15.8. Decline Messages

Clients MUST discard any Decline messages they receive.

Servers MUST discard any Decline messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The contents of the Server Identifier option do not match the server's identifier.

  • The message does not include a Client Identifier option.

15.9. Release Message

Clients MUST discard any Release messages they receive.

Servers MUST discard any Release messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The contents of the Server Identifier option do not match the server's identifier.

  • The message does not include a Client Identifier option.

15.10. Reply Message

Clients MUST discard any Reply messages they receive that satisfy any of the following conditions:

  • The message does not include a Server Identifier option.

  • The "transaction-id" field in the message does not match the value used in the original message.

If the client included a Client Identifier option in the original message, the Reply message MUST include a Client Identifier option and the contents of the Client Identifier option MUST match the client's DUID; OR, if the client did not include a Client Identifier option in the original message, the Reply message MUST NOT include a Client Identifier option.

Servers and relay agents MUST discard any Reply messages they receive.

15.11. Reconfigure Message

Servers and relay agents MUST discard any Reconfigure messages they receive.

Clients MUST discard any Reconfigure messages that satisfy any of the following conditions:

  • The message is not unicast to the client.

  • The message does not include a Server Identifier option.

  • The message does not include a Client Identifier option containing the client's DUID.

  • The message does not contain a Reconfigure Message option, and msg-type must be a valid value.

  • The message contains any IA options, and the msg-type in the Reconfigure Message option is INFORMATION-REQUEST.

  • The message does not include DHCP authentication:

    • The message does not contain an authentication option.

    • The message does not pass the authentication validation performed by the client.

15.12. Information-request Message

Clients MUST discard any Information-request messages they receive.

Servers MUST discard any Information-request messages they receive that satisfy any of the following conditions:

  • The message includes a Server Identifier option, and the DUID in the option does not match the server's DUID.

  • The message includes an IA option.

15.13. Relay-forward Message

Clients MUST discard any Relay-forward messages they receive.

15.14. Relay-reply Message

Clients and servers MUST discard any Relay-reply messages they receive.

Last updated on