IETF Logo Mail Archive

Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by December 11, 2023

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 05 December 2023 18:08 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0391AC14CE5E for <dhcwg@ietfa.amsl.com>; Tue, 5 Dec 2023 10:08:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LxClpxi_ZLqW for <dhcwg@ietfa.amsl.com>; Tue, 5 Dec 2023 10:08:45 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F40CC14F61B for <dhcwg@ietf.org>; Tue, 5 Dec 2023 10:08:45 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 799BE1800E; Tue, 5 Dec 2023 13:08:44 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id eavROveKImGS; Tue, 5 Dec 2023 13:08:43 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id CA2161800C; Tue, 5 Dec 2023 13:08:43 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1701799723; bh=Rgxy0P6wQ/N0X+EHzM6853BKmY2sPBzWorK3+1OkWaQ=; h=From:To:Subject:In-Reply-To:References:Date:From; b=lyPwcEe8BLCvVVlnFy0iF6jvpWHg/q3ggh64pGJFyn4i/hYsKLwo0LtmKHSf7fUyj fc9eNlo0kiANYvjhsKv6ZATUXdIxWC0ZKCmR4kSMTfj6t3IL1Ykv5qrPqQYcP5Ls8u u6faSxHCXi3uSWm8Ayl7KCsVgIUTVSvQpW05mHj0DmtOhQWpIRIEnKha6RdWPVeCje 2wgrhX5Boi/ddNofEPzSkn3GMn4FaxUYktIvA9Ga4nCkrqjDvh2oNykgOTAbZehc7p Oj6K1x0usmE/Ar9Ojyrl+ptmuLkcbjfdoklsz2o7TLNGf27lJ8x05G4pwzrueI0Zf3 UxK6+ioXPliIw==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id C2A6057C; Tue, 5 Dec 2023 13:08:43 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Jen Linkova <furry13@gmail.com>, dhcwg <dhcwg@ietf.org>
In-Reply-To: <CAFU7BAQzwW4yFXH6vF2stZT5G7OmyZj248zGxeZbJ06JDJ_ieg@mail.gmail.com>
References: <CAJgLMKuUkm1bxhT379QxrdOLzbA0zuGPQY4UbvzOYJD-ykWBwg@mail.gmail.com> <CAFU7BAQzwW4yFXH6vF2stZT5G7OmyZj248zGxeZbJ06JDJ_ieg@mail.gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Tue, 05 Dec 2023 13:08:43 -0500
Message-ID: <7598.1701799723@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/6FquH03Og6SAqkksTLhvSXO_ots>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by December 11, 2023
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Dec 2023 18:08:51 -0000

Jen Linkova <furry13@gmail.com> wrote:
    > to address an oscillation problem: if some servers support the
    > registration and some don't, the client might turn the registration on
    > and off, depending on the order of arriving Replies.

We can all agree that it's a mis-configuration, but I hope we can also agree
that it shouldn't keep the client from doing it's thing.  The broken servers
are... broken, and perhaps an automatic configuration process will update
them in a few minutes or hours. (Why break all your servers at the same
time!)

    > While it's not the end of the world, I think it's rather undesirable.
    > The new text says that the client always register if at least one
    > server returns the OPTION_ADDR_REG_ENABLE option, and say the client
    > MUST stop
    > registering if that server stops returning the option.

I wanted this text, and I continue to want it.

Ted Lemon <mellon@fugue.com> wrote:
    > My only worry about this is that the draft (correctly) acknowledges that
    > there may be more than one DHCP server and that such servers may have
    > different answers to the registration question, but doesn't talk about the
    > specifics of when the client decides that things have or have not
    > changed.

If the administrator turns it all off, then at some point, the DHCPv6
Advertise messages that the client observes no longer contain that option, so
it stops, right?

    > The only message for which RFC8415 acknowledges that there can be multiple
    > replies is a Solicit, but in fact an Information-Request could just as
    > easily return multiple replies. I don't know if the WG is thinking about
    > this, but this seems like a fairly serious gap.

I guess I don't have enough experience with Information-Request messages to
understand this situation.  I thought they were all unicast.

    > So I think that in fact what you're proposing here isn't quite right.
    > Rather, the client in this case should wait as it does for Advertises. When
    > it gets a reply that allows for registration, it registers with that
    > server. If it gets no reply that allows for registration, then it stops

Right, but since it's a wire-or situation, as soon as one message is seen
that has the right flag enabled, the client can start registration.  The
client does not really have to wait for "all" of them to arrive, the way it
ought to do for Advertise.

    > registering. This behavior should be specified in 8415-bis, not in this
    > document.  Additionally, the client should pick a server, and include the
    > server's DUID in a server identifier option as specified in section 14 of
    > 8415. So this is the opposite of what's currently specified. The reason for
    > this is that if you have some servers that support address registration,
    > and some that do not, and you send an address registration message without
    > specifying a server identifier, it's going to be processed by all servers,
    > so you'll get errors back from servers that don't support it and possibly
    > multiple acknowledgments from multiple servers (maybe that's okay though?).

I accept that maybe we need some text for 8514bis then.

Bernie Volz <bevolz@gmail.com> wrote:
    > Personally, I=E2=80=99m not sure 07 was worth it. I don=E2=80=99t think having the
    > clients track the servers is worth doing. And if the network conflicts
    > in the setting, live with it - fix the settings on all servers (there
    > shouldn=E2=80=99t be that many).

okay, I generally agree.
While it might be rare for an enterprise to deploy DHCP servers from
different vendors (and therefore different feature sets), I'll bet it's not
rare for them to incrementally upgrade the servers, with significant gaps
between the upgrades... because critical infrastructure.  Particularly if
it's integrated into some AD server.

    > It is a link, not a per server, setting.

I don't think that I agree, but I could live with this.

--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email