IETF Logo Mail Archive

Re: [dhcwg] Re: Renumbering DNS with stateless DHCPv6 - bug?

Stig Venaas <Stig.Venaas@uninett.no> Sun, 16 November 2003 22:19 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA09035 for <dhcwg-archive@odin.ietf.org>; Sun, 16 Nov 2003 17:19:33 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALVEf-0008BO-9V for dhcwg-archive@odin.ietf.org; Sun, 16 Nov 2003 17:19:16 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hAGMJDeJ031450 for dhcwg-archive@odin.ietf.org; Sun, 16 Nov 2003 17:19:13 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALVEe-0008BB-2k for dhcwg-web-archive@optimus.ietf.org; Sun, 16 Nov 2003 17:19:12 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA08983 for <dhcwg-web-archive@ietf.org>; Sun, 16 Nov 2003 17:18:57 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ALVEa-0003su-00 for dhcwg-web-archive@ietf.org; Sun, 16 Nov 2003 17:19:08 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1ALVEa-0003sk-00 for dhcwg-web-archive@ietf.org; Sun, 16 Nov 2003 17:19:08 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALVET-00089g-Le; Sun, 16 Nov 2003 17:19:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALLCJ-0005NS-P1 for dhcwg@optimus.ietf.org; Sun, 16 Nov 2003 06:36:08 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA25826 for <dhcwg@ietf.org>; Sun, 16 Nov 2003 06:35:53 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ALLCF-0002B5-00 for dhcwg@ietf.org; Sun, 16 Nov 2003 06:36:03 -0500
Received: from tyholt.uninett.no ([158.38.60.10]) by ietf-mx with esmtp (Exim 4.12) id 1ALLCE-0002AO-00 for dhcwg@ietf.org; Sun, 16 Nov 2003 06:36:03 -0500
Received: from sverresborg.uninett.no (sverresborg.uninett.no [IPv6:2001:700:e000:0:204:75ff:fee4:423b]) by tyholt.uninett.no (8.12.10/8.12.10) with ESMTP id hAGBZQpI027789; Sun, 16 Nov 2003 12:35:27 +0100
Received: from sverresborg.uninett.no (localhost.localdomain [127.0.0.1]) by sverresborg.uninett.no (8.12.8/8.12.9) with ESMTP id hAGBZQR7002318; Sun, 16 Nov 2003 12:35:26 +0100
Received: (from venaas@localhost) by sverresborg.uninett.no (8.12.8/8.12.8/Submit) id hAGBZOgA002317; Sun, 16 Nov 2003 12:35:24 +0100
X-Authentication-Warning: sverresborg.uninett.no: venaas set sender to Stig.Venaas@uninett.no using -f
Date: Sun, 16 Nov 2003 12:35:24 +0100
From: Stig Venaas <Stig.Venaas@uninett.no>
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Cc: Tim Chown <tjc@ecs.soton.ac.uk>, dnsop@cafax.se, dhcwg@ietf.org
Subject: Re: [dhcwg] Re: Renumbering DNS with stateless DHCPv6 - bug?
Message-ID: <20031116113524.GB2256@sverresborg.uninett.no>
References: <20031113191145.GS3473@login.ecs.soton.ac.uk> <3FB40486.8020608@necom830.hpcl.titech.ac.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <3FB40486.8020608@necom830.hpcl.titech.ac.jp>
User-Agent: Mutt/1.4.1i
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>

On Fri, Nov 14, 2003 at 07:24:06AM +0900, Masataka Ohta wrote:
> >One option for passing the new DNS options from the DHCPv6 Light server
> >to the client is a multicast Reconfigure message.    That would work 
> >if the DHCPv6 Light server is on link, but if relays are used and there
> >is no multicast routing on site, this seems to be a gap (and a case for 
> >the RA method - though of course with RA method you still need to 
> >reconfigure the router for the new RA...)

I'll comment on your mail, but let me first present how I suggest
it be done.

I suggest for server to send reconfigure to clients via relays.

>From server to relay:

    If multicast routing available in the site:

	site scoped multicast from server to relays

    If multicast routing not available in the site:

	unicast to each relay, server has a list of relays

Then from relay to client you can always use multicast on link.

Reconfigure messages should be protected due to possible DoS
attacks. I didn't consider that at first. I think that can be
done using public key crypto. Server has a single key pair.
Clients get public key together with the config info, and the
reconfigure message is signed with the private key.

Now to your comments.

> W.r.t. inter-link multicast, what multicast protocols is intended
> to be used by people in DHC WG?

I'm not sure that should be specified. At least as long as it
isn't SSM, the DHCP infrastructure is completely independent
of which multicast protocols are used, just like other
multicast applications.

> If it is CBT, PIM-SM or SSM, what happens if CORE, RP or SS crashes
> or is renumbered?

Interesting question. It's relatively easy with standard
PIM-SM. You only need to reconfigure the RP address on the
routers, and if you use say BSR, you only need to change on
the c-BSRs and c-RPs. And only within the site. There are
also ways to secure multicast against RP crashes etc.
Discussion on multicast reliability and renumbering could be
a good topic for mboned wg. It doesn't belong here.

For SSM, relays would need to know unicast addresses of DHCP
servers, and if you do reconfigure with multicast, you also
need servers to know unicast addresses of relays. Then you
might as well use unicast.

> Is a well known unicast address is assigned to a primary and
> a back-up CORE/RP/SS, which means ANYCAST.

Anycast might be used

> Is DVMRP assumed, instead?

Nothing is assumed I think.

> Or, will we wait until yet another multicast protocol is
> standardized, hoping that it will solve all the problems?
> 
> Assuming that some multicast protocol solves all the
> problems, another question is on multicast address.

I think multicast works pretty well, but this should rather
be discussed in mboned.

> Is it a well known multicast address? If so, is there any

Yes

> configuration necessary at a site (or something like that)
> border router? If so, what happens if a customer want to relay
> DHCP request to ISP's DHCP server? What happens the border
> router is wrongly configured?

Of course things can be wrongly configured, but most things
can break then. If you want to relay DHCP requests out of the
site, the best is to use unicast between relay and server I
think, using site multicast is only an option.

Stig

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email