Re: [dhcwg] [EXTERNAL] Re: [v6ops] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements

"Templin (US), Fred L" <Fred.L.Templin@boeing.com> Wed, 14 October 2020 19:19 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FC4D3A0FD8; Wed, 14 Oct 2020 12:19:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cvfr-lMcCP5A; Wed, 14 Oct 2020 12:19:30 -0700 (PDT)
Received: from clt-mbsout-02.mbs.boeing.net (clt-mbsout-02.mbs.boeing.net [130.76.144.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0596B3A03F5; Wed, 14 Oct 2020 12:19:29 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 09EJJOmS021448; Wed, 14 Oct 2020 15:19:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1602703167; bh=7QlWFBD8EEur4egDttqJIp5L3Yg+o+ZxFtwkq2+1/qw=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=et8vjBzoXDyoq8h7oaCglegD4PbiIWR5KHnvQwYbk2GAR/BVPP6RjeWuFrTqndwAc wSwiTs7jWum5uTY6NWiWiiYoY+n4arGGEi4ymLCf0s2Re61SQ2RnsVDGlZYXlkLN22 IKA/w2P0ctxnSi78B2d9pn0YBhn0lKU66XmIn2Ibw000SXduLnkYIu5sdUxSQkUZfF kUmVfas0Ich0dVWF1fToLHTHV5KFn36ogtk4T2huBl/eQXrFwZBTYCxhLsoiykRyiB E0dx3TMjDN4HGWqeoWvaPl91PwlVL+kSW+w7TpXd7btSxSvS/WkZbof3mM0ZW1oKAB l2SVQXdhnPBvg==
Received: from XCH16-07-12.nos.boeing.com (xch16-07-12.nos.boeing.com [144.115.66.114]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 09EJJDx2020102 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=OK); Wed, 14 Oct 2020 15:19:13 -0400
Received: from XCH16-07-10.nos.boeing.com (144.115.66.112) by XCH16-07-12.nos.boeing.com (144.115.66.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.2044.4; Wed, 14 Oct 2020 12:19:11 -0700
Received: from XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5]) by XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5%2]) with mapi id 15.01.2044.004; Wed, 14 Oct 2020 12:19:11 -0700
From: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "ianfarrer@gmx.com" <ianfarrer@gmx.com>, Jen Linkova <furry13@gmail.com>, dhcwg <dhcwg@ietf.org>, v6ops list <v6ops@ietf.org>, 6man <ipv6@ietf.org>
Thread-Topic: [EXTERNAL] Re: [dhcwg] [v6ops] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
Thread-Index: AdahZz7s2M1crQrvQoqZsITGBawESAAViWEAAA15P3AAKNIcgAAOSRqA
Date: Wed, 14 Oct 2020 19:19:11 +0000
Message-ID: <1b34b9bec59e4a00af8b9d8f182d23ff@boeing.com>
References: <5f119ffbb67245a9b9d34a0d8f7398f4@boeing.com> <10487.1602608586@localhost> <378d3420690246bbae253fb15be8c9a7@boeing.com> <19627.1602701863@localhost>
In-Reply-To: <19627.1602701863@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [137.137.12.6]
x-tm-snts-smtp: D0A878958E8A85BD8D7668B1EBEFBD21C7D5354378FADE6292CB63E6474E2E922000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/1AXuCx3MJqiqSTGhal42JgPu-v4>
Subject: Re: [dhcwg] [EXTERNAL] Re: [v6ops] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Oct 2020 19:19:33 -0000

Hi Michael,

> -----Original Message-----
> From: Michael Richardson [mailto:mcr+ietf@sandelman.ca]
> Sent: Wednesday, October 14, 2020 11:58 AM
> To: Templin (US), Fred L <Fred.L.Templin@boeing.com>
> Cc: ianfarrer@gmx.com; Jen Linkova <furry13@gmail.com>om>; dhcwg <dhcwg@ietf.org>rg>; v6ops list <v6ops@ietf.org>rg>; 6man
> <ipv6@ietf.org>
> Subject: Re: [EXTERNAL] Re: [dhcwg] [v6ops] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-
> requirements
> 
> 
> Templin (US), Fred L <Fred.L.Templin@boeing.com> wrote:
>     > Michael, what I was referring to below as "failure" is the proxy case when
>     > there is an L2 proxy P between the client and relay (e.g.,
>     > RFC489). There
> 
> RFC4389 describes an ND Proxy.
> Is that really an L2 proxy?

Yes, I believe it is an L2 proxy.

> It seems like it also must be contain either an L2-bridge, or must have the
> L3-routing table entries if it would really be capable of passing DHCPv6-PD
> prefixes through it.

The only thing it has that includes L3 information is neighbor cache entries that
keep track of the client's actual L2 address on the downstream link segment,
but rewrites the client's L2 address to its own L2 address when forwarding
onto an upstream link segment. (In the reverse direction, it receives packets
destined to its own L2 address but the client's L3 address on the upstream
link segment, then rewrites the L2 address to the client's L2 address when
forwarding onto the downstream link segment.)

> Can you explain how such a device would normally work for a client device
> A,B,C,D doing DHCPv6-PD through it?

Sure. A sends a DHCPv6 Solicit using its IPv6 link-local address as the source,
and its L2 address as the link-layer source. The proxy converts the link-layer
source to its own L2 address when forwarding the DHCPv6 solicit onto the
upstream link. When the DHCPv6 Reply comes back, the IPv6 destination is
that of client A, but the link-layer destination is the L2 address of the proxy.
The proxy then converts the L2 destination to the address of client A and
forwards it on to the client.

> And is the failure one where the router "R" fails to drop traffic it should,
> one where the router "R" drops traffic that it shouldn't?

I was thinking more along the lines of the latter; if the only way that A has
for talking to B, C, D, etc. is by going through R, it wouldn't work if R was
unconditionally dropping everything.

Thanks - Fred
 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide
> 
> 
>