IETF Logo Mail Archive

Re: [dhcwg] [v6ops] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt

"Bernie Volz (volz)" <volz@cisco.com> Thu, 12 December 2019 21:02 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08BA912013B for <dhcwg@ietfa.amsl.com>; Thu, 12 Dec 2019 13:02:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=mP2rB2pT; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=agZTE4Fi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BA7X4ZLNcX4P for <dhcwg@ietfa.amsl.com>; Thu, 12 Dec 2019 13:02:53 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7D47120024 for <dhcwg@ietf.org>; Thu, 12 Dec 2019 13:02:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6402; q=dns/txt; s=iport; t=1576184572; x=1577394172; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=v2x4xTHGjxGmdEIzVMqgpLFbbapGcbsz4w/0NnRw6B4=; b=mP2rB2pT/xcsX0r40DyjAKnyVPmyOk3htKg9ONsPk8pgnxTvuU0PF91p MG5cz0c9D5eCXX4AoqmAbI7Hi52BNktC/6DdT186sid+Inw3MTYRxABMF pOBVO9gLacf+U5epTQ890ZLACXqpV5XpQi0eRpLUSGSctHCh2xBQsk1G4 o=;
IronPort-PHdr: 9a23:D9hrQxGCQ+iA0dy+g2mMS51GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4w0Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0ETBoZkYMTlg0kDtSCDBjlK/r4Ryc7B89FElRi+iLzPA==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AqAABqqfJd/5hdJa1lDgwBAQEBAQEBAQEDAQEBAREBAQECAgEBAQGBbQIBAQEBCwGBSiQsBWxYIAQLKgqDeYNGA4sLgl+YBoJSA1QJAQEBDAEBGAsKAgEBgUyCdAIXgXMkNwYOAgMNAQEEAQEBAgEFBG2FNwyFXgEBAQECAQEBEBERDAEBLAkCAQQHBAIBCBEEAQEBAgImAgICJQsVCAgCBAENBQgagwGCRgMOIAECDKNdAoE4iGF1gTKCfgEBBYULGIIXAwaBDigBjBcaggCBEUeCTD6CZAEBgU0YFYJ5MoIsjXCCPp5FCoIwlhSCQpd/jkuBRph3AgQCBAUCDgEBBYFoI4FYcBU7gmxQERSNEgwXFYM7hRSFBDt0gSiNYwGBDwEB
X-IronPort-AV: E=Sophos;i="5.69,307,1571702400"; d="scan'208";a="685967350"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 12 Dec 2019 21:02:51 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by rcdn-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id xBCL2pvY027742 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 12 Dec 2019 21:02:51 GMT
Received: from xhs-aln-001.cisco.com (173.37.135.118) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Dec 2019 15:02:50 -0600
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 12 Dec 2019 15:02:50 -0600
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 12 Dec 2019 15:02:50 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vf4rKEAkF2GnHRQDcoyc6EDY21b/tGk6jSN88GoNE7Rz5fGVKcEcfqEOxvCDUNcQqRKvp33f+HwkOxqV/J2iKZNZXsLtHUPootkFDHZ9shP9Z6DBn1evgiLf/MoNEl6314R88H3QsLyyTv1+cFzKy54YsBIqGgo0gj1sDhck9RoYgqikU/0uFqeD2g9wilNfiDLmgPr5BT3udsUC3gWCr6O7km5sLpoHInQvT+22CD1ZxnVBHYUEDes21hHWgmWQMVBvGKHAmMCLW+ySusnD7HM1szVjx2nY7Cmw9zLbtc4bd0BCwiYbdOqMMtneAvtaKX1IPhjBF+oL1XFaOJuMTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=v2x4xTHGjxGmdEIzVMqgpLFbbapGcbsz4w/0NnRw6B4=; b=Aru7RbL5AaXi0JoIrOy8c+KkZeGygwejbWB0wGsbNLPJYfXuxmrM4zXuzAXzCFDy0poakYx1iVqN+di3cUJshxBUc60XmyuM4U83X6BEOSRLb+h91R9R7WxHQfpSOpgseOqXizUDQDUPjYFo7gESWw4e5DHKsgcTDC3l2w3kWoqPaZfp1P7Z4XTUWu8CEC3PqxzvPT3GtU8m0PjNf/U+fnEegpfYjaBopnTjsFvZWzBzZu3JGBjlmQ8GYjZhfoS24GZiiqt4DMpPN0tGNQAgk+nTlupalp/HzbTDxUKU/1rKC3UWAvV7JY2PgSvmZrXH4SK215CX4MlOSSrooyRM5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=v2x4xTHGjxGmdEIzVMqgpLFbbapGcbsz4w/0NnRw6B4=; b=agZTE4FiFTUgQH0Hv4JxsYo7JwWJdcbckh8O4fiLPmpw+UqW8qKNtV0LBKQAa3tnCgYyvnci1PI4/YnT79wjuf6wjZ1CaQePujYUemZGNtIsmqs/2HXtf0wkBm9DnR9Lt7CnFEltWumLskbniePighFKV1BJjxlmZ8mLaoBgLB8=
Received: from DM6PR11MB4137.namprd11.prod.outlook.com (20.176.126.158) by DM6PR11MB3977.namprd11.prod.outlook.com (10.255.61.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.14; Thu, 12 Dec 2019 21:02:49 +0000
Received: from DM6PR11MB4137.namprd11.prod.outlook.com ([fe80::4194:dade:1d47:2678]) by DM6PR11MB4137.namprd11.prod.outlook.com ([fe80::4194:dade:1d47:2678%6]) with mapi id 15.20.2538.016; Thu, 12 Dec 2019 21:02:49 +0000
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Roy Marples <roy=40marples.name@dmarc.ietf.org>, David Farmer <farmer@umn.edu>, Ted Lemon <mellon@fugue.com>
CC: "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: [dhcwg] [v6ops] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt
Thread-Index: AQHVsQXJ7tuMvA+yuEKKUFqhHfJF+Ke29d8AgAACTzA=
Date: Thu, 12 Dec 2019 21:02:49 +0000
Message-ID: <DM6PR11MB41376D48C8D68DE0040E4B7DCF550@DM6PR11MB4137.namprd11.prod.outlook.com>
References: <157593507544.2098.9687007201578884820.idtracker@ietfa.amsl.com> <CABKWDgx5SSBP_K7BWxe4aPn9DKm-VPo62OXjsVZP8PRjfu0C2w@mail.gmail.com> <CAFU7BAQHkYh-EDLopUbWvw-gq8i5jttacVogKXUaJvJcBTdCOA@mail.gmail.com> <787AE7BB302AE849A7480A190F8B9330313E7F6E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <DM6PR11MB41379502CE18C7AF513181F0CF5B0@DM6PR11MB4137.namprd11.prod.outlook.com> <FB5B5DDE-9DB4-4E18-BF7E-7D9ECFCB016E@fugue.com> <DM6PR11MB4137651404FE6807DF29FC8DCF5B0@DM6PR11MB4137.namprd11.prod.outlook.com> <CAN-Dau1F794J3GzDKNmSX+hGBauQbJ954-7ViOGZN9XHs1cRWQ@mail.gmail.com> <F6B54CA9-BCF9-4E2C-B431-AC73954C99AE@cisco.com> <DM6PR11MB413778A43012050E9CB0502BCF550@DM6PR11MB4137.namprd11.prod.outlook.com> <ce5dfc2f-d8a1-35b1-9678-d7b0b5303788@marples.name>
In-Reply-To: <ce5dfc2f-d8a1-35b1-9678-d7b0b5303788@marples.name>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=volz@cisco.com;
x-originating-ip: [173.38.117.66]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5970a326-2d1f-4fd3-911e-08d77f46a55c
x-ms-traffictypediagnostic: DM6PR11MB3977:
x-microsoft-antispam-prvs: <DM6PR11MB397764143D688E724A901923CF550@DM6PR11MB3977.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0249EFCB0B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(376002)(39860400002)(396003)(366004)(346002)(199004)(189003)(13464003)(5660300002)(26005)(81166006)(66446008)(4326008)(81156014)(71200400001)(186003)(66476007)(66946007)(53546011)(6506007)(64756008)(76116006)(52536014)(66556008)(316002)(110136005)(966005)(7696005)(15650500001)(9686003)(33656002)(478600001)(55016002)(86362001)(8936002)(8676002)(2906002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB3977; H:DM6PR11MB4137.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5YUCAo2FmiSTlC0CPFG1AgBltUrSO3kZP0s29hc0TlwFTZT18uwZmWYzoTF0PhY3+dhaUlc9KJgKYKqOwSeD4EWlkMmYT4Mo/xP8aUR1x4EIYQX4imTxkNGv42wSuReBzAzbpL+uJs3KzwpYyiVKEoZG1pdTFT06L3Y/qT+s++aNzjhcU0rIdnT94tUbEQ3Ro5wGrjvA6/lc8KHQGmu4hvs9wLZ7JjVPBb0pGvyzy7bl78vKgAe1tumM7w3fp/knYujMSTQFYd1zFcY5bUSpfgujRhaFiJHsXYqn/xp6TUm9SkcefP2NkywD5SBe74+9dnYwpx1e/pW/iImW7pKV+PNAf0HqGYW8Pvz98YdIj7n2FoP4uexoGCVp/uaF/8w1gL+6EPoiPIR1w/5qKSVS3McZ3bE5z+/qIXhPFB84Eyc8DokQfa/7IXiBW55rjeidChLfHr0S4C3VVaBcQYKjVZyqg5z0+KKCTkXm27bscxegBkjVm0wGAxy7wgDH1/v4
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5970a326-2d1f-4fd3-911e-08d77f46a55c
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Dec 2019 21:02:49.3750 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: JQo1pV16h437IQPWlFTYFNsT1QgJMR9VjRHGgeBJh25n9HUZ4veOihbNQ+D5+oTV
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3977
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: rcdn-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/6m_wa67RKo4vnnXqqmGWNb5whpQ>
Subject: Re: [dhcwg] [v6ops] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Dec 2019 21:02:57 -0000

> You can argue that said boxes are not RFC compliant, but that is the same as the argument here - nothing in the standard says that 0.0.0.0 cannot be offered.

Yes, there is no text that directly says 0.0.0.0 MUST NOT be offered. But it is pretty clear:

Field      DHCPOFFER            DHCPACK             DHCPNAK
-----      ---------            -------             -------
...
'yiaddr'   IP address offered   IP address          0
           to client            assigned to client

Offering 0.0.0.0 is not given the client an address it can use. There's plenty of documents that document 0.0.0.0 is not a destination address on the network. I can't see how in the absence of this use case, 0.0.0.0 would ever be a valid yiaddr in a DHCPOFFER.

And, when given two choices - one that clearly works (offer an address that the client could use) vs offering 0.0.0.0 which could have issues, why would you chose to do something that you know has a chance of breaking things. It just makes no sense to do so. And, this option is for the case where IPv4 service IS available to clients that need it, but if the client doesn't need it and can use IPv6 transition mechanism for IPv4 service.

Nothing we "change" or "enhance" is 100% certain to work everywhere - there are just too many (often broken) assumptions people make. But that's exactly my argument for assigning a real address - one less risk you need to take that something somewhere will break because it wasn't expected. Thank you for your cases where this demonstrates why being conservative in what we do is best.

And, in terms of being conservative, if someone (a vendor, a site) has used whatever option value IANA eventually assigns to the IPv6-only option and a client sends it in the PRL, this will cause problems as the client is not using it as "IPv6-only" and so it will fail because it will either think the server's reply with a yiaddr of 0 is bad or it will try a DHCPREQUEST and fail to get any address (likely will get a DHCPNAK). This process will repeat and the client will not come online. If instead the server sends a usable address, the client will likely be happy and come online (though it may not understand the returned option data).

Finally, if you're hinting that if something is going to break (ignoring the offered address issue) if the IPv6-only option is present, there's not much we can do about that except hope that it is fixed. Or, perhaps we should stop issuing new option assignments?

- Bernie

-----Original Message-----
From: dhcwg <dhcwg-bounces@ietf.org> On Behalf Of Roy Marples
Sent: Thursday, December 12, 2019 3:37 PM
To: Bernie Volz (volz) <volz@cisco.com>; David Farmer <farmer@umn.edu>; Ted Lemon <mellon@fugue.com>
Cc: dhcwg@ietf.org
Subject: Re: [dhcwg] [v6ops] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt

On 12/12/2019 16:04, Bernie Volz (volz) wrote:
> Hi:
> 
> Just to add one additional point regarding middleboxes … I did confirm 
> (not by actual testing but checking with developers) that at least one 
> middlebox will not pass the DHCPOFFER if the address in the yiaddr 
> field is not appropriate to the network segment the client is on. So, 
> it would not let the DHCPOFFER with yiaddr of 0.0.0.0 go to the 
> client. This is exactly the reason I think this is a bad idea and we 
> MUST NOT do it; the address in the yiaddr must be a “normal” address 
> that the client COULD use. (And asking the middlebox to change to 
> allow an “invalid” address if the IPv6-only option is present in the 
> DHCPOFFER would require a software/firmware update which is not 
> desirable.)
MUST is such a strong word .....

Taking your view should we scrap these RFC's as there are boxes in the wild that refuse DHCP leases if the option is present:

RFC4039 - Rapid Commit
RFC4361 - Node specific client id
RFC4702 - DHCP FQDN (when DNS encoding is used)

I could spend time trawling the dhcpcd list archives for more (these are just off the top of my head) but I don't have the time right now.

I've always taken the view that dhcpcd should support all RFC's and enable modern defaults. I don't see this changing here...
I can quite easily see the same boxes refusing leases if the client supplies this new option - so again, taking your view - it should not be enabled by default.

You can argue that said boxes are not RFC compliant, but that is the same as the argument here - nothing in the standard says that 0.0.0.0 cannot be offered.

Roy

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email