Change address on every DHCP renewal
Change address on every DHCP renewal
Posted Aug 28, 2025 13:50 UTC (Thu) by farnz (subscriber, #17727)In reply to: Change address on every DHCP renewal by paulj
Parent article: Linux's missing CRL infrastructure
There is a way to introduce feedback, however; if the host changes address frequently, then instead of the pattern being "quick temporary fix done, new fire comes up so it's never redone properly, system fails 2 years later, blame the system", it's "quick temporary fix done, new fire comes up so it's never redone properly, system fails tomorrow, remember the quick temporary fix and make it permanent".
The technical problem is that you're not getting feedback that you've fouled up in a reasonable timescale after making the mistake; the system cannot know that you've fouled up, but it can be reworked so that either it's impossible to foul up (address space large enough that all addresses are deterministic, thus static), or so that the system breaks reasonably soon after you fouled up, not years later (addresses either static, or forcibly changed every 24 hours).
Posted Aug 28, 2025 15:29 UTC (Thu)
by paulj (subscriber, #341)
[Link] (3 responses)
As others have pointed out, in IPv6 there is standardised support, and it would be possible. Don't know if there are common DHCPv6 servers that do it - should be possible though. There are ISP systems that deliberately change IP addresses at regular intervals, to stop residential connections from benefiting from static addresses.
Posted Aug 28, 2025 16:50 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (2 responses)
And yes, there's no good way to do this in IPv4; which means that you've got a choice between doing it badly (thus ensuring that foul ups break near to the time of the foul up) or not doing it at all (and dealing with the fallout when there's a cascade failure that runs into the foul up).
But there's a general tendency for humans to assume that everything that works is working as intended, and that no foul ups have happened - after all, if a foul up had happened, things would stop working. Any time someone says "I've never had a problem doing this before", you're hearing "this used to work, therefore it must be the right thing to do, and not something that happened to work coincidentally".
This leads to a soft-skills requirement on technology - things that work should either be the right thing, or should break quickly so that the person setting it up doesn't go "this has been working for months - you must have done something". Otherwise, the technology gets the blame for the human problems.
Posted Aug 29, 2025 9:28 UTC (Fri)
by paulj (subscriber, #341)
[Link] (1 responses)
Posted Aug 29, 2025 10:06 UTC (Fri)
by farnz (subscriber, #17727)
[Link]
That's been a very hard lesson for the commercial aviation and nuclear industries to learn - but we don't have to relearn it from scratch, we can learn from their mistakes.
Change address on every DHCP renewal
I'm one of the people who's pointed out that IPv6 has standardised support for rotating addresses :-)
Change address on every DHCP renewal
Change address on every DHCP renewal
Sure, and we know that the best way to ensure that humans actually learn that lesson is to not let things appear to work for a long period before breaking due to a human error. Humans need feedback fairly close in time to the mistake in order to learn from their errors. Humans are also guaranteed to have a non-zero undetected error rate - from 0.009% for trivial tasks, to 30% for very difficult tasks - and we need feedback to get us to detect the errors.
Change address on every DHCP renewal