Internet Systems Consortium DHCP Distribution
- Version 4.4.2b1
- 18 December 2019
-
+ Version 4.4.3
+ 26 January 2022
Release Notes
NEW FEATURES
MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0
license terms.
-While release 4.4.2b1 is primarily a maintenance release that addresses a number
-of defects, it does introduce a few new features:
-
-- Keama - Keama is a migration utility that assists in converting ISC DHCP
- server configuration files to Kea configuration files. It is found in the
- keama subdirectory and includes a README.md file with instructions on how
- to build it as well as a manpage on its usage.
-
-- Two new server parameters related to ping checking were added:
-
-1. ping-cltt-secs which allows the user to specify the number of seconds
- that must elapse since CLTT before a ping check is conducted.
-
-2. ping-timeout-ms which allows the user to specify the amount of time the
- server waits for a ping-check response in milliseconds rather than in
- seconds.
-
-In general, the areas of focus for ISC DHCP 4.4 were:
-
-1. Dynamic DNS additions
-2. dhclient improvements
-3. Support for dynamic shared libraries
-
-Dynamic DNS Improvements:
-
-- We added three new server configuration parameters which influence DDNS
- conflict resolution:
-
- 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior
- to mitigate issues with non-compliant clients in dual stack environments.
-
- 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching
- requirement of DNS conflict resolution.
-
- 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to
- allow unguarded DNS entries to be overwritten in certain cases
-
-- The server now honors update-static-leases parameter for static DHCPv6
- hosts.
-
-dhclient Improvements:
+NOTE: The client and relay components are reaching their End-Of-Life cycle.
+4.4.3 is the final release that features them.
- - We've added three command line parameters to dhclient:
+While release 4.4.3 is primarily a maintenance release that addresses a number
+of issues, it does introduce a few of small new features:
- 1. --prefix-len-hint - directs dhclient to use the given length as
- the prefix length hint when requesting prefixes
+1. BIND libraries updated to the latest 9.11.36. This fixes a number of compilation
+ issues on various systems, including OpenWRT.
+ [gitlab #218, #171, #180, #192]
- 2. --decline-wait-time - instructs the client to wait the given number
- of seconds after declining an IPv4 address before issuing a discover
+2. Improve PRNG initialization. There is now a new configure flag --with-randomdev=PATH
+ that specifies the device to read the initial seed from. That is typically
+ /dev/random (the default value) or /dev/urandom, but may be other as preferred on
+ your system. If this option is enabled, dhclient will use the file as a seed. If
+ not, the earlier algorithm (get last 4 bytes of hardware addresses from all network
+ interfaces that have them, use current time and process ID).
- 3. --address-prefix-len - specifies the prefix length passed by dhclient
- into the client script (via the environment variable ip6_prefixlen) with
- each IPv6 address. We added this parameter because we have changed the
- default value from 64 to 128 in order to be compliant with RFC3315bis
- draft (-09, page 64) and RFC5942, Section 4, point 1.
- **WARNING**: The new default value of 128 may not be backwardly compatible
- with your environment. If you are operating without a router, such as
- between VMs on a host, you may find they cannot see each other with prefix
- length of 128. In such cases, you'll need to either provide routing or use
- the command line parameter to set the value to 64. Alternatively you may
- change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN
- in includes/site.h.
+3. The IPv6-only preferred option, defined in RFC8925, is now supported.
+ [gitlab #132]
- - dhclient will now generate a DHCPv6 DECLINE message when the client script
- indicates a DAD failure
+4. Compilation fixed for gcc-10.
+ [gitlab #117]
-Dynamic shared library support:
+5. Client fix: wrong argument to memcpy()
+ [gitlab #190]
- Configure script, configure.ac+lt, which supports libtool is now provided
- with the source tar ball. This script can be used to configure ISC DHCP
- to build with libtool and thus use dynamic shared libraries.
-
-Other Highlights:
-
- - The server now supports dhcp-cache-threshold for DHCPv6 operations
- - The server now supports DHPv6 address allocation based on EUI-64 DUIDs
- - Experimental support for alternate relay port in the both the server
- and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
+6. The server's limit on the size of lease file that can be loaded at start up
+ is now only enforced on 32-bit systems.
+ [gitlab #64]
For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
Consortium. This product includes cryptographic software written
by Eric Young (eay@cryptsoft.com).
+ Changes since 4.4.2 (New Features)
+
+- BIND9 version updated to latest 9.11.36. Thanks to Philip Prindeville
+ for testing on OpenWRT.
+ [Gitlab #218]
+
+- Added support of the new DHCPv4 option v6-only-preferred specified
+in RFC 8925. A new reason code, V6ONLY, was added to the client script
+and the client Linux script sample was updated.
+ [Gitlab #132]
+
+ Changes since 4.4.2 (Bug Fixes)
+
+- Minor corrections to allow compilation under gcc 10.
+ [Gitlab #117]
+
+- Corrected logic in dhclient that causes it to decline DHCPv4 leases if the
+ client script exits abnormally (i.e. crashes).
+ [Gitlab #123]
+
+- The limit on the size of lease file that can be loaded at start up
+ is now only enforced on 32-bit systems.
+ [Gitlab #92]
+
+- After a report about predictable seeding of transaction identifier
+ pseudo-random generation on systems where process identifiers are not
+ random the already existing --with-randomdev configure argument was
+ extended. Please remember its default is "/dev/random" which is not
+ convenient on all systems.
+ [Gitlab #197]
+
+- Minor dhclient code fix to remove compilation warnings.
+ [Gitlab #190]
+
+- Removed hard-coded MD5 algorithm name in OMAPI connection logic. Prior
+ to this using any other algorithm via key-algorithm statement would
+ allow OMAPI connections to made but subsequent actions such as updating
+ an object to fail.
+ [Gitlab #148]
+
Changes since 4.4.2b1 (Bug Fixes)
- Added a clarification on DHCPINFORMs and server authority to
& Mitigations for reporting the issue.
[#71]
+- Corrected unresolved symbol errors building relay_unittests when
+ configured to build using libtool.
+ [#80]
+
Changes since 4.4.1 (New Features)
- A new configuration parameter, ping-cltt-secs (v4 operation only), has