IETF Logo Mail Archive

Re: [dhcwg] draft-ietf-dhc-dhcpv6-yang-04 - DUID representation in the model

Ian Farrer <ianfarrer@gmx.com> Thu, 14 December 2017 14:22 UTC

Return-Path: <ianfarrer@gmx.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6D761201F2; Thu, 14 Dec 2017 06:22:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AG3dbvf1fL8B; Thu, 14 Dec 2017 06:22:29 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 629871200CF; Thu, 14 Dec 2017 06:22:28 -0800 (PST)
Received: from hargashouseofribs.lan ([80.159.240.8]) by mail.gmx.com (mrgmx003 [212.227.17.184]) with ESMTPSA (Nemesis) id 0MA91t-1eJBoa1Cvp-00BJw6; Thu, 14 Dec 2017 15:22:21 +0100
From: Ian Farrer <ianfarrer@gmx.com>
Message-Id: <0D8F77A1-3B91-4D6E-A7F2-5720EF0AFA51@gmx.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A50F5C19-3ACD-4D2A-8651-E00A9C683393"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 14 Dec 2017 15:22:20 +0100
In-Reply-To: <A670F3DD-DEBC-40D5-8890-A5D43233362F@cisco.com>
Cc: BOUCADAIR Mohamed IMT/OLN <mohamed.boucadair@orange.com>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "draft-ietf-dhc-dhcpv6-yang@ietf.org" <draft-ietf-dhc-dhcpv6-yang@ietf.org>
To: "Bernie Volz (volz)" <volz@cisco.com>
References: <0cab196d775e45668ef2fec69f317ce1@XCH-ALN-003.cisco.com> <7E297315-1B5B-437D-A447-221E8DAA5388@gmx.com> <A670F3DD-DEBC-40D5-8890-A5D43233362F@cisco.com>
X-Mailer: Apple Mail (2.3273)
X-Provags-ID: V03:K0:XLl2w7bpMpiEFkqvcl3f/tmYdszKNhojxrQ/QWu34luJEuZwPqw uBPOiYJcz4TDsG7dcOVmkArAMkcj9gH/6B4fzaE7Chrm/ZJ3fBQ717H6O+ZZ3aSf0FcjYiX 0S+/+Iw9pxWaSSu9gLJdfxLzctxFqw/KrGrEkhTsUw9oTinRYfYzMo2No3xJDy6sZWlx4MV 5i6EzhdvuCenvHA2ja+MQ==
X-UI-Out-Filterresults: notjunk:1;V01:K0:TIVytVJ6GrU=:S9O5EBSjDqF3BKe2lE7vGJ /mBKKpMYUUX+IK1zFo9G6bE5poWfmqKLfw+dQ3QMB03HAG6sLO8ddZdVbX8523QlLFz6O+pkb pcJc4MFJoJFPivPbdUkQejkGIVPEKS7xacwilwAjwKP8Weg4Ahsx5Pm5apjPSTPTQZFINVJzJ tgWx1ISwcL4Y4OrW/H2J598/qnONFNb0Rfu2UbyoCdvMCvv8TxQ2svG+G7BfHRIm84gfVOXOU eQg5iljybq7inMSUvEXvWrxW2tn6DPczyMG43JUszkxdfO65bib1P6n4EzzWdqEefFZhnhVs3 NbGm2htJMVENuToEpa1qgGrDyroTbiCxVBWV54Ib/DfDeYTdue+Sh2WlrqN2b+eRlvzuhn72y siXMmfsfx7Fx+zGo/+vcjg+HZtBZH9OlLDCjixcKoZRICcewPrQAYfqrjRPuOI2dEBMOdZFRh g/mpkZPeSE0T9RGqtYz8kqHB61A8XHpIgKNXgOQyWTrFGKha+DnKwQ0eKgjQaJpRP2kgMy6Ce ORVt8krhQ8aeXhjRq02DfNLJxjV+AOwVKJ9fMwnOPF8ie9nV7AqLy/5JC4Z1fQpagxpu1tXgI riduIZOKCw8QQVtEQyvjS+0r5qLVT+rw2eSPs/PoTVC+pBrvl5U5K3uzoFt8QztT/tMX4m42l XGIRGkpqh5OKVqEf6RVoi+xVadiTSns4h12uki//jGVQqlHYMJM7OB5EGcmd6Bwb1Q4i5t2Nq 2Q8T9bq6m1H9brORmHXUcymZ0EM4iuf2R1P7ubnbQubXROfxzk2vMb9zqZlSY/X/9xbUJDsvS On3Odtb7uh+ApeIpupC1ZSSC8OUgYalVxMShJ9L+NY35BqOuWQ=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/6GpKBncoKTEr9fyQqw98XjZ9cMg>
Subject: Re: [dhcwg] draft-ietf-dhc-dhcpv6-yang-04 - DUID representation in the model
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2017 14:22:31 -0000

Hi Bernie,

I think enumeration is correct - a DUID can only follow one of the formats and the enumeration is based on the name of the case, not it’s position in the list. The DUID type number is not currently being modelled so its value would be implicit from the duid name.

We could make the type code explicit for defined DUIDs, omitting it for duid-string (in the model I have put default values for the defined type codes, they don’t show in the tree):

+--rw duid
|  +--rw (duid-type)?
|     +--:(duid-llt)
|     |  +--rw type-code?                   uint16
|     |  +--rw duid-llt-hardware-type?      uint16
|     |  +--rw duid-llt-time?               yang:timeticks
|     |  +--rw duid-llt-link-layer-addr?    yang:mac-address
|     +--:(duid-en)
|     |  +--rw type-code?                   uint16
|     |  +--rw duid-en-enterprise-number?   uint32
|     |  +--rw duid-en-identifier?          string
|     +--:(duid-ll)
|     |  +--rw type-code?                   uint16
|     |  +--rw duid-ll-hardware-type?       uint16
|     |  +--rw duid-ll-link-layer-addr?     yang:mac-address
|     +--:(duid-uuid)
|     |  +--rw type-code?                   uint16
|     |  +--rw uuid?                        yang:uuid
|     +--:(duid-string)
|        +--rw string?                      string

(Includes the correct fields for duid-ll as pointed out by Ted)

Cheers,
Ian

> On 14. Dec 2017, at 14:23, Bernie Volz (volz) <volz@cisco.com> wrote:
> 
> Ian:
> 
> There is no type for this malformed (string) duid. It is just a string, such as:
> 
> Option 1, length 6, data: “S12345”.
> 
> So you cannot use enumeration of type.
> 
> Yes, this clearly violates duid rules but it exists and needs to be represented?
> 
> - Bernie (from iPad)
> 
> On Dec 14, 2017, at 5:13 AM, Ian Farrer <ianfarrer@gmx.com <mailto:ianfarrer@gmx.com>> wrote:
> 
>> Hi Bernie/Med,
>> 
>> Here’s a re-worked DUID section including UUID and a free, string based format that hopefully addresses the comments that have been raised:
>> 
>> +--rw duid
>> |  |  +--rw (duid-type)?
>> |  |     +--:(duid-llt)
>> |  |     |  +--rw duid-llt-hardware-type?      uint16
>> |  |     |  +--rw duid-llt-time?               yang:timeticks
>> |  |     |  +--rw duid-llt-link-layer-addr?    yang:mac-address
>> |  |     +--:(duid-en)
>> |  |     |  +--rw duid-en-enterprise-number?   uint32
>> |  |     |  +--rw duid-en-identifier?          string
>> |  |     +--:(duid-ll)
>> |  |     |  +--rw duid-ll-hardware-type?       uint16
>> |  |     |  +--rw duid-ll-time?                yang:timeticks
>> |  |     +--:(duid-uuid)
>> |  |     |  +--rw uuid?                        yang:uuid
>> |  |     +--:(duid-string)
>> |  |        +--rw string?                      string
>> 
>> 
>> Cheers,
>> Ian
>> 
>> 
>>> On 11. Dec 2017, at 16:33, Bernie Volz (volz) <volz@cisco.com <mailto:volz@cisco.com>> wrote:
>>> 
>>> Hi:
>>>  
>>> One comment regarding the 04 version is that for the DUID, you need to:
>>> 1.       Include the DUID-UUID (see RFC 6355)
>>> 2.       Handle DUIDs that do NOT follow these conventions (I know of at least one model device that does not). So, you need a way to represent that (the vendor sadly has no type even before the text serial number of the device). This would also accommodate new DUID types that are not yet defined for a new model.
>>>  
>>> Frankly, I’d prefer that we NOT explode these fields at all and just treat the data as binary data. Exploding out values here just causes issues for the above cases and makes the model harder to implement. If you see https://tools.ietf.org/html/draft-ietf-dhc-rfc3315bis-10#section-11 <https://tools.ietf.org/html/draft-ietf-dhc-rfc3315bis-10#section-11>, you will notice the following text:
>>>  
>>>    Clients and servers MUST treat DUIDs as opaque values and MUST only
>>>    compare DUIDs for equality.  Clients and servers SHOULD NOT in any
>>>    other way interpret DUIDs.  Clients and servers MUST NOT restrict
>>>    DUIDs to the types defined in this document, as additional DUID types
>>>    may be defined in the future.  It should be noted that an attempt to
>>>    parse a DUID to obtain a client's link-layer address is unreliable as
>>>    there is no guarantee that the client is still using the same link-
>>>    layer address as when it generated its DUID.  And, such an attempt
>>>    will be more and more unreliable as more clients adopt privacy
>>>    measures, such as those defined in [RFC7844 <https://tools.ietf.org/html/rfc7844>].  It is recommended to
>>>    rely on the mechanism defined in [RFC6939 <https://tools.ietf.org/html/rfc6939>].
>>>  
>>> By exploding out the values you are just encouraging people to violate these MUSTs.
>>>  
>>> - Bernie
>>>  
>>> _______________________________________________
>>> dhcwg mailing list
>>> dhcwg@ietf.org <mailto:dhcwg@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/dhcwg <https://www.ietf.org/mailman/listinfo/dhcwg>

v2.23.0 | Report a Bug | By Email