IETF Logo Mail Archive

Re: [dhcwg] I-D Action: draft-ietf-dhc-dhcpv6-pd-relay-requirements-00.txt

ianfarrer@gmx.com Wed, 08 April 2020 15:33 UTC

Return-Path: <ianfarrer@gmx.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96CD63A0BFF; Wed, 8 Apr 2020 08:33:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2JA1qzTbKBCp; Wed, 8 Apr 2020 08:33:29 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7215A3A0BFD; Wed, 8 Apr 2020 08:33:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1586359998; bh=YfPVrGC83kak+LeLosridzhbfss9C+DMUDnoMxKSbL0=; h=X-UI-Sender-Class:From:Subject:Date:In-Reply-To:Cc:To:References; b=btEpzaCzIPw06hz5eUcg2CDAnD6ub3CkF5QgrVecJwQdze2b4n6krDMYtbkFS7n1e pgPp/Yv92VvFeNuo0SlrwZ8rfO69j1q1CNyOcL7f+jtsmZyJzjKMUcA3X9ParlvGaz 7YjguJgaRexLuc2HJ+s51bBIOIkpZH65V/g4Y6Xo=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.128.73] ([89.0.58.49]) by mail.gmx.com (mrgmx004 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MNswE-1jfwVK2fRw-00OClE; Wed, 08 Apr 2020 17:33:18 +0200
From: ianfarrer@gmx.com
Message-Id: <C986677E-8F48-4284-94DD-24F9B2E0CCDB@gmx.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C2C5574E-D2D7-4C36-B9F4-2BC6EDC96A4B"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\))
Date: Wed, 08 Apr 2020 17:33:15 +0200
In-Reply-To: <CAJgLMKvB7eNLArPhsL-XkFjR3qVLBEQKQRu9fCFaM6siSWn13w@mail.gmail.com>
Cc: Ole Troan <otroan@employees.org>, "Bernie Volz (volz)" <volz=40cisco.com@dmarc.ietf.org>, "draft-ietf-dhc-dhcpv6-pd-relay-requirements@ietf.org" <draft-ietf-dhc-dhcpv6-pd-relay-requirements@ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>
To: Timothy Winters <tim@qacafe.com>
References: <158346050095.14620.2547383825421375669@ietfa.amsl.com> <CANFmOt=21NNyYom9KtVQ7x5mTE6rR2GAAg8DwAdaptuOWAJLrQ@mail.gmail.com> <BN7PR11MB2547E17639F673343B5210BBCFFC0@BN7PR11MB2547.namprd11.prod.outlook.com> <CANFmOtnWHJzNtw8-aj+Dqgbqh0aeDMVtXcnib0RC4Bpi+OW0eg@mail.gmail.com> <43727BCE-732F-4629-8BCD-EBCDE2507B82@cisco.com> <BN7PR11MB2547273DA5E1D5F39F26629ACFF00@BN7PR11MB2547.namprd11.prod.outlook.com> <BN7PR11MB254754D841622448F49B021ACFCE0@BN7PR11MB2547.namprd11.prod.outlook.com> <98E34F29-CAB3-4FC3-9B53-AB17AF811683@gmx.com> <75369E25-F0D9-47A5-A94C-EF40736656FC@cisco.com> <D847C596-F3D0-4165-BA5B-32E0D4E7BA35@gmx.com> <BN7PR11MB254768A96E2FCD8A56C92138CFC90@BN7PR11MB2547.namprd11.prod.outlook.com> <CAJgLMKs+v-NF4n7Jg+2LxA965e=FtYt-i9OA7XuWMFkum9VC+w@mail.gmail.com> <BN7PR11MB254798D6651138C6A1614072CFC00@BN7PR11MB2547.namprd11.prod.outlook.com> <DD7C9190-F204-42BE-A210-BEFD3B6AE534@employees.org> <CAJgLMKvv2ao2zLzVFyOoD8suhS_4FJ-jN5fZNCSYt69cNq=ijg@mail.gmail.com> <CAJgLMKvB7eNLArPhsL-XkFjR3qVLBEQKQRu9fCFaM6siSWn13w@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.14)
X-Provags-ID: V03:K1:Y78kdO+Ut3xyl7kPd8UkYXhlh416/NFHxyCfkt+KalHu1Q0QAq0 mFKkJd43DcoApcn8I+g1m5U2nHFpjEQhvWVgG0rvFSQSnzL2HF/K8trOSdyelo8ZUVWvmCx tCOyZdgF2IYSQEbhrcav+/vIbxj1Iy6Sby3Ewnpq6p0y/ya4hHcY9pRQRRBcpzvjUeqiPJ+ 1/WKgzUKIm7znZVRzhSjg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:6GQLsw/4rpM=:gomY4lKEsTFYKv6zx876/D +3O9evkI9a9ADmuhJFpLGeYFswcsaPSOPDm5h2hR+EArlJDCmdsFItOVYhf1M+3+sLtejAheO S0anpDbKBPUUuTMNQFWbKtca441efnazes6rMZFOBZHgha5evMhY9jEYW/4Eugs9gO7nGBZmY 7N2FJ/OQUh8vPm1G2EgSo3loSDQmkFVj2+0LXoOti2VbnY4bsP8DNf+pd64eEMaSdfSlWZ6tE lAQOhT0jYMzqiviQOwcexbbNzmLJ/hxNZLQH27NajmyOgb+aI+CO3K9IQ84ZNRGGxpiGkevJi K6zIkuwF++H/qviTSTz/ux1NuzK2hXA9kYv/WFwdg5aT1IUW2EpNKiyMbBU9wmOM+uKbuXwEL jD3goeYAPCK9p3PFh2DriaUHMdPfRYT2TjCfiIrEPzK95eMG4TsHzA3cn1naIhdZQKct2syHj fcYrBZxyCLdiB/8Dsmw7TbvK5hosod9uYyESl8UGwGLW0fOX5e2a4GSWw8RETggolwiZAcu7j xm7IlE1ESVUBUpHR6iLze1LjZ0uDg9tRBYR7MvlmdgEfbTnuLf/tOT7CR/3jfNgYdCaguIYwY Otd8xw3UPTwwNopFRSC5voRGou//x1rl36Ia5qop8p1WWx0HrC0UD3jIE0X6QVejcNduO/jhd wvgKq54wNijfigrROdkUREEegNirCwtI1LBz+Sb+UxNI+wJHz7S23PfxO+zfsbt/USMjd7RLw FpnhWD/IHPhAHTmu9BQX3riP7Uoa7SCEddFtCh+3yQYO3jICVcyJns/iISbD0NTAdXR4voNrs sczHjnvm2xlomQE+ZOYXpi/x4nOfVoARflJtBbDHR4Eu93iEX70xyUZhN3+mAgQxZRNMnPtnp ZK9ZfMBnajo0A0oWeqAfQGHWqqcVjjsLsc8MnBmRtHFr7DzKtBlpA6P6ldmODDSSgmfzWr1mg 22GB4Tr1UTf4LLO/EJr8PPr0ePXP6Vp2KxGB3qFPt5++o7gmsy4tW6Xkk4vJuLGAM0V6En9a4 We7DUc7pyOB+PxNe9823594NUE3vF0d9CQ7cgx3MdIwteiJ+qts6iw5eS53h8xROvQ0QB9FF/ ZWZXoCV1rNNNBcDJ4vtL4azCkEwtx8C98f8ZQDb29/Lv+KrCdeDawqq0DFU7Q5jvtyvvBpsgJ R5aFtPr1XkZfHxvlERDwW99VWqcoxWh1e1CLbEA7CNpc2qq9IrroFaeM7SaKE+XG7HrDDkcCu nyvRZXgyVg2cEYnBm
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/AVhBf5URbQUlOef_inp6CuBzlXo>
Subject: Re: [dhcwg] I-D Action: draft-ietf-dhc-dhcpv6-pd-relay-requirements-00.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2020 15:33:32 -0000

Hi Tim,

Have you seen this in the wild?

What about the following:

   R-4:    If the relay has an existing route for a delegated prefix via an interface, and receives ingress traffic on this interface with a destination address from the delegated prefix (not configured on the relay), then it MUST be dropped. 

Thanks,
Ian


> On 8. Apr 2020, at 16:38, Timothy Winters <tim@qacafe.com> wrote:
> 
> Hi Ole,
> 
> I think the issue in all of these cases is the CPE doesn't know it had the prefix previously.  So 3633 won't cover this case, as to the CPE it just seems like IPv6 packets.  It routes them out it's default route, which happens to be the same interface it got them.   
> 
> ~Tim
> 
> On Wed, Apr 8, 2020 at 10:29 AM Timothy Winters <tim@qacafe.com <mailto:tim@qacafe.com>> wrote:
> Hi Ole,
> 
> We have a rule for this when it's delegated to the CPE, WPD-5 to blackhole PDs not assigned.  In this case the CPE had no idea it had it.   G-3 disallows LAN to WAN forwarding before getting an address.  I think this case is WAN to WAN forwarding.   It's not in 7084 to my knowledge, as for 3633 I'm not so sure about.  Let me have a look.
> 
> ~Tim
> 
> On Wed, Apr 8, 2020 at 10:12 AM <otroan@employees.org <mailto:otroan@employees.org>> wrote:
> > Sounds like a useful issue to try to address – the DHC connection is because of the DHCP issues.
> >  
> > And, I assume looping occurs because packets cycle between SP router and CPE until TTL/HOP expires?
> >  
> > Do you have a suggestion as to what the CPE should do in this case? For example, are you suggesting that the CPE drop received traffic (except for DHCP and perhaps some other limited traffic addressed to it)?
> 
> A CPE should never provide transit.
> I.e it should never forward a packet received on it's WAN interface back out the WAN interface.
> 
> A more specific rule for that is in 7084 and possibly in 3633, requiring a blockhole route on the requesting router for the delegated prefix.
> 
> Ole
>

v2.23.0 | Report a Bug | By Email