IETF Logo Mail Archive

Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by December 11, 2023

Michael Richardson <mcr+ietf@sandelman.ca> Fri, 22 December 2023 14:36 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2304C14F5F8 for <dhcwg@ietfa.amsl.com>; Fri, 22 Dec 2023 06:36:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5DJjbxgqa4vA for <dhcwg@ietfa.amsl.com>; Fri, 22 Dec 2023 06:36:18 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFC4DC14F5F7 for <dhcwg@ietf.org>; Fri, 22 Dec 2023 06:36:18 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id EB4E41800F; Fri, 22 Dec 2023 09:36:17 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id slc6-s0x9SML; Fri, 22 Dec 2023 09:36:16 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 02F321800C; Fri, 22 Dec 2023 09:36:16 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1703255776; bh=T8cG6KKJZ5lppjMhMzRSyFuZ0Q/HFVcnYXierneDgcM=; h=From:To:Subject:In-Reply-To:References:Date:From; b=etWFCae2jwEJyv81ZWC47AsJkqCpuraguVjR2E6Va/ZQ5VW1p+ISD8IS+dEkZ4Tt4 0irVlJ+G+YbdxWbtiPwkayMZP8IzkCepAv97f+OidA0orLP72Asv1hSbLOsmmZ17JX K2SL00JdFZo0El3UFnodtIs1FkNtpIS7mJ9xPzdxzcFgnysYnX3yz5nAXGrgJztux+ Cf2DYo3dGSA8qa0x+xyvC9EydfC5+L9HOp6ciIS5u7SB/m8F5fmVjVYGm+lmWTTngT 1/5hNrHGxuu4FToI34uZe4r36oF8os16pPEurhyelqaGxtJJY1Vhetrcw+HwuNT2UK 0s1Nr4Z/iYrAg==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id ECA1916E; Fri, 22 Dec 2023 09:36:15 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Jen Linkova <furry13@gmail.com>, dhcwg <dhcwg@ietf.org>
In-Reply-To: <CAFU7BAQ1Ge3yKjdSXEX80ukbw-OYMReC8+Tvh6UNAB2UKEOz5w@mail.gmail.com>
References: <CAJgLMKuUkm1bxhT379QxrdOLzbA0zuGPQY4UbvzOYJD-ykWBwg@mail.gmail.com> <CAFU7BAQzwW4yFXH6vF2stZT5G7OmyZj248zGxeZbJ06JDJ_ieg@mail.gmail.com> <7598.1701799723@localhost> <CAFU7BAQ1Ge3yKjdSXEX80ukbw-OYMReC8+Tvh6UNAB2UKEOz5w@mail.gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 28.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 22 Dec 2023 09:36:15 -0500
Message-ID: <9253.1703255775@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/BiEhHMFI9OsBvUM4HIC-GYXRbf8>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by December 11, 2023
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Dec 2023 14:36:23 -0000

EXEC SUM: I think it's really complex for a client to know when "all" of the
     servers have turned on this option. While clients are supposed to listen
     for all the servers, I think in practice, they listen for the first
     server that is "Good Enough" for them.  I suspect that there are
     probably bugs here when the servers are not equally capable.

Jen Linkova <furry13@gmail.com> wrote:
    >> The broken servers are... broken, and perhaps an automatic
    >> configuration process will update them in a few minutes or hours. (Why
    >> break all your servers at the same time!)

    > Yes, so maybe we shall not introduce additional complexity to the
    > client implementations to save some multicast traffic during the
    > transition period or if the server is misconfigured.

Yes.

I am primarily concerned with desired behaviour in the absence of
RAguard/DHCPguard.   While many enterprise APs have those kinds of filters
since a long time, they are less common on commodity wired switches, and it's
less common to see them enabled.

While I think that the incidence of DHCPv6 being turned on randomly by
desktop operating systems is far lower than for DHCPv4, the occurance of
people plugging in "home routers" at their desk thinking they are ethernet
switches is just going to rise.  (using the "LAN" ports exclusively)
If this feature is was the missing thing for an Enterprise to turn on IPv6,
then I think it should work reasonably.

    > So the problematic part is about stopping those messages.  I see the
    > following options: 1. The client does not stop at all as long as it's
    > connected to the given link (Lorenzo's suggestion).  2. The client
    > sends an Information-request periodically, wait for....how long?...(the
    > shorter of RT and MAX_WAIT_TIME as per section 7.6 of RFC8415?) and
    > continue retransmission as long as at least one reply allows that. my
    > understanding that this is a grey area in RFC8415 anyway, so might not
    > be the best option.  3. (introduced in -07 and it looks like the group
    > doesn't like it): described above Any other suggestions?

So this is only relevant if the client gets no answer, right?
If it gets an answer then it stops.

I think that (1) is simplest, but it seems that all of the server option
announcements can timeout, and then there would be no announcements and maybe
the client should stop.

    > Maybe the client shall stop transmitting if it doesn't receive an
    > explicit signal of registration support for 3 X
    > information-refresh-time?

I don't object to this, but I'm not routing for it.

    >> > The only message for which RFC8415 acknowledges that there can be
    >> multiple > replies is a Solicit, but in fact an Information-Request
    >> could just as > easily return multiple replies. I don't know if the WG
    >> is thinking about > this, but this seems like a fairly serious gap.
    >>
    >> I guess I don't have enough experience with Information-Request
    >> messages to understand this situation.  I thought they were all
    >> unicast.

    > I believe all traffic sent by the client is multicast (RFC8415 allowed
    > the unicast option but it's being deprecated in the -bis;
    > https://www.ietf.org/archive/id/draft-ietf-dhc-rfc8415bis-03.html#name-reception-of-unicast-messag

Oh, maybe I did not understand this debate correctly.
(I admit that I was mostly, "meh", because my implementation lives on a PPP link)
{I thought it was about the server multicasting message 4.}

Are we introducing a privacy concern by using multicast?
If any server can effective turn on this reporting, and get all the hosts to
multicast this info, have we just created a new passive discovery attack?

    >> okay, I generally agree.  While it might be rare for an enterprise to
    >> deploy DHCP servers from different vendors (and therefore different
    >> feature sets), I'll bet it's not rare for them to incrementally
    >> upgrade the servers, with significant gaps between the
    >> upgrades... because critical infrastructure.  Particularly if it's
    >> integrated into some AD server.

    > The question is how much complexity we'd like to introduce to cover
    > that case (especially as it's not really harmful, just some servers
    > receive messages they do not support).

I am not concerned about servers logging things they don't understand.
They either should do this, or shouldn't, but it should never be a DoS on
that server.   If it is, then that server should get fixed.


--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email