IETF Logo Mail Archive

[Dhcpv6bis] Changing default DUID to DUID-LL?

Tomek Mrugalski <tomasz.mrugalski@gmail.com> Sat, 21 May 2016 16:58 UTC

Return-Path: <tomasz.mrugalski@gmail.com>
X-Original-To: dhcpv6bis@ietfa.amsl.com
Delivered-To: dhcpv6bis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7192112D183 for <dhcpv6bis@ietfa.amsl.com>; Sat, 21 May 2016 09:58:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xXz30Y1-zUSZ for <dhcpv6bis@ietfa.amsl.com>; Sat, 21 May 2016 09:58:20 -0700 (PDT)
Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 580B412D1D8 for <dhcpv6bis@ietf.org>; Sat, 21 May 2016 09:58:20 -0700 (PDT)
Received: by mail-lf0-x234.google.com with SMTP id e126so34258550lfg.2 for <dhcpv6bis@ietf.org>; Sat, 21 May 2016 09:58:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=NYhGu66HlWF4zvD6W8HNFhxq7btAK3iF9yKZAZuDrrU=; b=PRwy0IPFcTbdd5xh71odDy77aAoDWwOERjq1ae+AykURMTQz7EtuSKYaPTziSUVdnn Ujczix3RdnxJG4utWnNIy65DOaDtTaZaOwPBcyWM805HNBe4uvTHJF4eviqplA/PhoMT b0HDAmQcWbPNSK0+TEpcapn+QEudGm+dlqsAfNjy5dNoce1/8pxq6RsXbK4zlJKSIrq1 +3TpbIU411d4E1uPN2NsX9QSK1AW/gazGrvuZlc5vzQgVSXcJ8K3jXoI9kO2GAwHboFl QcnarSMXcqvbfhDrFxHCFEMEnyvlyqK8CiVTiuUJ/3uGBrPnZWzdztZ75tM4p05tELdO qCxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=NYhGu66HlWF4zvD6W8HNFhxq7btAK3iF9yKZAZuDrrU=; b=SrTYL1F5ZcfPrNr51nFhGjmCsMzEAfC3qQlpje79NUTWiL7ExMxY1PfD2pweH7I4ws 21/ygPCYqRYIoNXw3miP1dveeCh+fKqA6gaGvXTdDiMH3FBdIrNo1jpxSwe9oeYqN8go T8TJ/wCLLZ7EU6rWjCW0MpZS2IdZaFO0N99PV6r6ae7ynxrNJVyDVokF0WUaPX3S2+YG wvqfwYmMAzRyhdRZ9EVQV7JRGfXaAQaXEsBpOhpwLNiMpfUNo1G0/K7Wzau382e0OC2o Voxxvn2exP9cuEtbT+de/uuvqB6CDYgypA65PucqwZZXf3pjAwYId8TSQW1Zw4MlreQv GH1Q==
X-Gm-Message-State: AOPr4FW4aUETcsen/6OW3mHjbKCixGRlfAQAlhwAPwLJk2Yw2d4LcQoma7TVh7+BebAvbQ==
X-Received: by 10.25.212.21 with SMTP id l21mr3128160lfg.144.1463849898391; Sat, 21 May 2016 09:58:18 -0700 (PDT)
Received: from [10.0.0.100] (088156132194.dynamic-ww-4.vectranet.pl. [88.156.132.194]) by smtp.googlemail.com with ESMTPSA id e78sm4350108lfb.6.2016.05.21.09.58.17 for <dhcpv6bis@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Sat, 21 May 2016 09:58:17 -0700 (PDT)
To: "dhcpv6bis@ietf.org" <dhcpv6bis@ietf.org>
From: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <574093A8.5040300@gmail.com>
Date: Sat, 21 May 2016 18:58:16 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcpv6bis/0r50PZd_oGBtkzP3L3wRkBEqNUg>
Subject: [Dhcpv6bis] Changing default DUID to DUID-LL?
X-BeenThere: dhcpv6bis@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "DHCPv6 \(RFC3315\) bis discussion list" <dhcpv6bis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcpv6bis>, <mailto:dhcpv6bis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcpv6bis/>
List-Post: <mailto:dhcpv6bis@ietf.org>
List-Help: <mailto:dhcpv6bis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcpv6bis>, <mailto:dhcpv6bis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 May 2016 16:58:22 -0000

I recall we did talk about this briefly, but I can't find anything
specific posted to dhcpv6bis.

Once in a while sysadmins keep asking why DHCPv6 is using DUID-LLT as
default, rather than just LL. Here's an example of such question asked
last week:
https://www.facebook.com/groups/2234775539/permalink/10154080188010540/
(if you don't have facebook account, you can still see the discussion by
clicking X comments link).

The details vary, but the general objection is still the same. There's a
large enterprise or similar organization and the sysadmin would like to
know DUIDs of the devices he's about to plug into his network to do host
reservation, access control or provide some options on a per host basis.
He can't do that without powering up every device and letting it
generate its LLT duid.

There are several twists to this. First, some people claim it's
difficult to extract generated DUIDs from many operating systems, so
cases where users themselves are expected to provide their DUID, even if
the device was booted up already, are problematic for users to handle.

Another objection is that most hardware these days have MAC address
printed on it. Vendors can't really print DUIDs as they are not known
during manufacturing phase.

As I understand it, the original rationale for using LLT rather than LL
as default was to avoid cases when switching faulty NIC would make the
client to change its DUID. This is very 1990s. If you disagree with
this, when was the last time you replaced faulty interface card? Also,
the mechanism we have right now - generate the DUID and store it -
effectively solves the concern.

So, what's your opinion on making the DUID-LL the default for regular
devices (i.e. those with clocks and stable storage for generated DUIDs)?

Tomek

v2.23.0 | Report a Bug | By Email