Zero-configuration networking

From Wikipedia, the free encyclopedia
  (Redirected from Zero configuration networking)
Jump to: navigation, search

Zero-configuration networking (zeroconf) is a methodology and a set of special technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers.

Without zeroconf, a network administrator must set up services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually. Zeroconf is built on three core technologies: assignment of numeric network addresses for networked devices, automatic distribution and resolution of computer hostnames, and automatic location of network services, such as printing devices.

Address selection[edit]

Both IPv4 and IPv6 have standard methods for address autoconfiguration. For link-local addressing IPv4 uses the special block as described in RFC 3927 while IPv6 hosts use the prefix fe80::/10.

Most IPv4 hosts use link-local addressing (IPv4LL) only as a last resort when a DHCP server is unavailable. An IPv4 host otherwise uses its DHCP-assigned address for all communications, global or link-local. One reason is that IPv4 hosts are not required to support multiple addresses per interface, although many do. Another is that not every IPv4 host implements distributed name resolution (e.g., multicast DNS), so discovering the autoconfigured link-local address of another host on the network can be difficult. However, discovering the DHCP-assigned address of another host also requires either distributed name resolution or a unicast DNS server with this information, and some networks feature DNS servers that are automatically updated with DHCP-assigned host and address information.

IPv6 hosts are required to support multiple addresses per interface; moreover, every IPv6 host is required to configure a link-local address even when global addresses are available. IPv6 hosts may additionally self-configure one or more global addresses on receipt of one or more router advertisement messages, thus eliminating the need for a DHCP6 server; see RFC 4862.[1]

Both IPv4 and IPv6 hosts may randomly generate the host-specific part of an autoconfigured address. IPv6 hosts generally combine a prefix of up to 64 bits with a 64-bit EUI-64 derived from the factory-assigned 48-bit IEEE MAC address. The MAC address has the advantage of being globally unique, a property inherited by the EUI-64. The host is normally required to ensure, through multicast queries, that the addresses it generates are not in use by any other host on the local network.

The technique is called Link-Local address assignment in RFC 3927.[2] However, Microsoft refers to this as Automatic Private IP Addressing (APIPA)[3] or Internet Protocol Automatic Configuration (IPAC) (supported since at least Windows 98[4]).

Name resolution[edit]

In 2000, Bill Manning and Bill Woodcock described the Multicast Domain Name Service[5] which spawned the implementations by Apple and Microsoft. Both implementations are very similar. Apple's Multicast DNS (mDNS) is published as the standards track proposal RFC 6762, while Microsoft's Link-local Multicast Name Resolution (LLMNR) is little used and the specification is not an IETF standards track publication. The latter was published as informational RFC 4795.

The two protocols have minor differences in their approach to name resolution. mDNS allows a network device to choose a domain name in the local DNS namespace and announce it using a special multicast IP address. This introduces special semantics for the local domain,[6] which is considered a problem by some members of the IETF.[7] The current LLMNR draft allows a network device to choose any domain name, which is considered a security risk by some members of the IETF.[8] mDNS is compatible with DNS-SD as described in the next section, while LLMNR is not.[9]

Service discovery [edit]

DNS-based service discovery[edit]

DNS-SD is described in RFC 6763. This standard allows clients to discover a named list of services by type in a specified domain using standard DNS queries. The service instance can be described using a DNS SRV [RFC 2782] and DNS TXT [RFC 1035] record. This specification is compatible with both Multicast DNS [mDNS] and with today's existing unicast DNS server and client software. A client discovers the list of available instances of a given service type using a query for a DNS PTR [RFC1035] record with a name of the form "<Service>.<Domain>", which returns a set of zero or more names, which are the names of the aforementioned DNS SRV/TXT record pairs.

Apple's multicast DNS/DNS-SD[edit]

In 1997 Stuart Cheshire proposed[10][self-published source?] adapting Apple Computer's Name Binding Protocol for IP networks. Cheshire subsequently joined Apple and authored IETF draft proposals for Multicast DNS and DNS-based Service Discovery, supporting the transition from AppleTalk to IP networking. In 2002,[11] Apple announced an implementation of both protocols under the name Rendezvous (later renamed Bonjour), included in Mac OS X 10.2 and replacing the Service Location Protocol used in 10.1.[citation needed] In 2013, the proposals were ratified as RFC 6762[12] and RFC 6763.[13]

Multicast DNS (mDNS) is a protocol that uses APIs similar to unicast Domain Name System but implemented over a multicast protocol. Each computer on the LAN stores its own list of DNS resource records (e.g., A, MX, SRV) and joins the mDNS multicast group. When an mDNS client wants to know the IP address of a computer given its name, mDNS client sends a request to a well-known multicast address; the computer with the corresponding A record replies with its IP address. The mDNS multicast address is for IPv4 and ff02::fb for IPv6 link-local addressing.

DNS-based service discovery (DNS-SD) is the other half of Apple's solution, built on top of the Domain Name System; see RFC 6763.[14] It is used in Apple products, many network printers and a number of third party products and applications on various operating systems. The Apple solution uses DNS messages, in contrast to Microsoft's competing technology, SSDP, which uses HTTP messages. It uses DNS SRV, TXT, and PTR records to advertise Service Instance Names. The hosts offering services publish details of available services: instance, service type, domain name and optional configuration parameters. Service types are given informally on a first-come basis. A service type registry exists,[15] maintained and published by[16]

Many Apple Mac OS X networking clients, such as the Safari browser and the iChat instant messaging software, use DNS-SD to locate nearby servers. On MS Windows, some instant messaging and VoIP clients support DNS-SD. Some Unix, BSD, and Linux distributions also include DNS-SD functionality.

Microsoft's UPnP SSDP[edit]

Simple Service Discovery Protocol (SSDP) is a UPnP protocol, used in MS Windows XP and several brands of network equipment. SSDP uses HTTP notification announcements that give a service-type URI and a Unique Service Name (USN). Service types are regulated by the Universal Plug and Play Steering Committee.

SSDP is supported in many SOHO firewall appliances, where host computers behind it may pierce holes for applications. It is also used in media center systems, where media exchange between host computers and the media center is facilitated using SSDP.

Efforts toward an IETF standard protocol[edit]

Service Location Protocol (SLP) is supported by Hewlett-Packard's network printers, Novell, and Sun Microsystems. SLP is described in RFC 2608 and RFC 3224 and implementations are available for both Solaris and Linux.


RFC 3927, a standard for choosing addresses for networked items, was published in March 2005 by the Zeroconf IETF working group, which included individuals from Apple, Sun, and Microsoft.[17]

LLMNR was submitted for official adoption in the DNSEXT IETF working group, however failed to gain consensus and thus has been published as informational RFC only: RFC 4795.[18]

Following the failure of LLMNR to become an Internet standard, Apple was asked by the IETF to submit the mDNS/DNS-SD specs for publication as informational RFC as well, given that mDNS/DNS-SD is used much more widely than LLMNR. In February 2013 mDNS and DNS-SD were published as Standards Track Proposals RFC 6762 and RFC 6763.

RFC 2608, the SLP standard for figuring out where to get services, was published by the SVRLOC IETF working group.[19]

Security issues[edit]

Because mDNS operates under a different trust model than unicast DNS—trusting the entire network rather than a designated DNS server, it is vulnerable to spoofing attacks by any system within the multicast IP range. Like SNMP and many other network management protocols, it can also be used by attackers to quickly gain detailed knowledge of the network and its machines.[20]

Major implementations[edit]

Apple Bonjour[edit]

Bonjour (formerly known as Rendezvous) from Apple Inc., uses multicast DNS and DNS Service Discovery. Apple changed its preferred zeroconf technology from SLP to mDNS and DNS-SD between Mac OS X 10.1 and 10.2, though SLP continues to be supported by Mac OS X.

Apple's mDNSResponder has interfaces for C and Java[21] and is available on BSD, Apple Mac OS X, Linux, other POSIX based operating systems and MS Windows. The Windows downloads are available from Apple's website.[22]


Avahi is a Zeroconf implementation for Linux and BSDs. It implements IPv4LL, mDNS and DNS-SD. It is part of most Linux distributions, and is installed by default on some. If run in conjunction with nss-mdns it also offers host name resolution.[23]

Avahi also implements binary compatibility libraries that emulate Bonjour and the historical mDNS implementation Howl, so software made to use those implementations can also utilize Avahi through the emulation interfaces.

MS Windows CE 5.0[edit]

Microsoft Windows CE 5.0 includes Microsoft's own implementation of LLMNR.

Link-local IPv4 addresses[edit]

There are some link-local IPv4 address implementations available:

  • Apple Mac OS and MS Windows have supported link-local addresses since 1998. Apple released its open-source implementation in the Darwin bootp package.
  • Avahi contains an implementation of IPv4LL in the avahi-autoipd tool.
  • Zero-Conf IP (zcip).[24]
  • BusyBox can embed a simple IPv4LL implementation.
  • Stablebox,[25] a fork from Busybox, offers a slightly modified IPv4LL implementation named llad.
  • Zeroconf,[26] a package based on Simple IPv4LL, a shorter implementation by Arthur van Hoff.[27]

The above implementations are all stand-alone daemons or plugins for DHCP clients that only deal with link-local IP addresses. Another approach is to include support in new or existing DHCP clients:

  • Elvis Pfützenreuter has written a patch for the uDHCP client/server.[28]
  • dhcpcd[29] is an opensource DHCP client for Linux and BSD that includes IPv4LL support. It is included as standard in NetBSD.

Neither of these implementations addresses kernel issues like broadcasting ARP replies[30] or closing existing network connections.

See also[edit]


  • Guttman, Erik (2001), "Autoconfiguration for IP Networking: Enabling Local Communication", IEEE Internet Computing 5 (3): 81–86, doi:10.1109/4236.935181 
  1. ^ RFC 4862, IETF 
  2. ^ RFC 3927, IETF 
  3. ^ "Apipa", MS Developer Network, Microsoft 
  4. ^ "How to use automatic TCP/IP addressing without a DHCP server", Knowledge base, Microsoft 
  5. ^ Manning, Multicast Domain Name Service (draft), Water springs 
  6. ^ Re: Last Call: 'Linklocal Multicast Name Resolution (LLMNR)' to Proposed Standard (electronic mail message), IETF 
  7. ^ Re: Summary of the LLMNR Last Call (electronic mail message), IETF 
  8. ^ Summary of the LLMNR Last Call (electronic mail message), IETF 
  9. ^ More details on the differences (electronic mail message), IETF 
  10. ^ Cheshire, Stuart, Name Binding Protocol over IP (rant) 
  11. ^ Zero conf 
  12. ^ "RFC 6762 Document History". IETF. 
  13. ^ "RFC 6763 Document History". IETF. 
  14. ^ RFC 6763, IETF 
  15. ^ Service types, DNS-SD 
  16. ^ DNS-SD 
  17. ^ Zero Configuration Networking (zeroconf) Charter, IETF 
  18. ^ DNS Extensions (dnsext) Charter, IETF 
  19. ^ Service Location Protocol (svrloc) Charter, IETF 
  20. ^ Name (MDNS) Poisoning Attacks Inside the LAN (World Wide Web log), GNU citizen 
  21. ^ A Rendezvous with Java, Mac Dev Center, 2004-08-31 
  22. ^ "Bonjour for MS Windows 1.0.4", Support, Apple 
  23. ^ Lennart, nss-mdns 0.10, DE: 0 pointer 
  24. ^ zcip, Source forge 
  25. ^ "Stable box", Code, Google 
  26. ^ Zeroconf, AU: UTS 
  27. ^ AVH IPv4LL (C source code), Zero conf 
  28. ^ "Zeroconf in udhcpc", udhcpc (electronic mail message), Busy box, May 2005 
  29. ^ Marples, Roy, dhcpcd (wiki) (project) 
  30. ^ "Link-Local ARP Measurements", AIR (wiki), NE: UVA 
  31. ^ "Mac OS X v10.6: About Wake on Demand (Apple Article HT3774)" (in several languages). Apple. 2009-08-27. Retrieved 2009-09-15. "Setting up Wake on Demand", "Setting up a Bonjour Sleep Proxy" 

External links[edit]