Fri, 28 Apr 2006
Zeroconf IP addresses
I always wondered why some Windows computers have an IP address from the 169.254/16 prefix. I have even seen this address on Apple and Linux systems. Today my curiousity was big enough, so I have looked up the answer.
Well, this block of IP addresses is allocated for "IPv4 link-local addresses", and the protocol for assigning the address from this block is described in RFC 3927. So far I knew the term "link-local address" in connection with IPv6 only. In IPv6, they are addresses, which are thought to be unique inside the same LAN. It seems that Apple and Microsoft (and Sun too) have decided that they need something similar for IPv4, in order to allow "ad-hoc" peer to peer communication between two "random" neighbour computers, without any prior configuration.
I was surprised that the address allocation protocol described by RFC 3927 is pretty simple and straightforward - usually I do something similar manually when I am on a foreign network without a valid IP address and with no BootP/DHCP server. It works the following way:
- Make up some IP address from the 169.254/16 prefix.
- Send an ARP query for this address.
- If an ARP response is received, restart from the first point, choosing a different IP address this time.
- If no ARP response is received, start using this IP address, and send an gratuitous ARP response.
The RFC 3927 formalizes this algorithm (defining proper timeouts, etc.), and adds a description of what to do when the IP address conflict is discovered later (such as after joining the two previously independent networks). Yes, it is insecure, and prune to the DoS attacks, but it is simple, does not require any type of new packets, and works with legacy hosts.