Re: [dhcwg] AD review of draft-ietf-dhc-addr-notification-10
Warren Kumari <warren@kumari.net> Fri, 12 April 2024 18:47 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9ADF2C14F71D for <dhcwg@ietfa.amsl.com>; Fri, 12 Apr 2024 11:47:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XlhFDYksMmCj for <dhcwg@ietfa.amsl.com>; Fri, 12 Apr 2024 11:47:33 -0700 (PDT)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDCFCC14F5F4 for <dhcwg@ietf.org>; Fri, 12 Apr 2024 11:47:33 -0700 (PDT)
Received: by mail-lj1-x232.google.com with SMTP id 38308e7fff4ca-2d8b2389e73so12076661fa.3 for <dhcwg@ietf.org>; Fri, 12 Apr 2024 11:47:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari.net; s=google; t=1712947651; x=1713552451; darn=ietf.org; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eCQPoQeb5LrmElttuibHGVfjdz2VelEJU+dzdNi2mJ8=; b=hBTgVZE2d7b7gEAr8capxm83jvF/gqmaKN8bJMVkt9NRdabgCkltbKjzrRQr/Y/z1a 5TDHU8SneSPYHLlkU/6q3a3pKd4tAbZFZUAJo2pXtIXdPnN4GalDHiF0SmNyD5viCvJo slZiXtB7a94KUHuCPA+vftBBiGSYXVQz7gvkNac3Ae5zooDtSMrUoZXkrzU+pdufDLBi OVZF6hNefoLYNCojZ3J9K/4a2ccLS3Q6f+H1yfwE9Kd2LBNrwBbTAIPw+d9/FXX93XAD POBpwdq6nhm+cn7RMVslbXBz1r0yDG/90aNGPk8Pkw1CnedSAWkBVbgCmjAiUKdqJrZ2 95tQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712947651; x=1713552451; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eCQPoQeb5LrmElttuibHGVfjdz2VelEJU+dzdNi2mJ8=; b=UfsWOzzv2Sx8A9YgcX09tqQUu2nvy1X66B6suSoz6F8xaja13c6kkVsIklEkEdmwkw VGO+uk+0XjzvyVqHyv8pzB05OX2qaqtm7cSF6wnOwYhlXIe89s2NUBQRSwHp1zI9Mq49 6j50t2ns90wE1AQP1YP2zf5y4qZlLHp4ADvFr7NKn47CIddWDw/eZCOzGh+v0NimtYlZ ejQLwIqtakhI36Yt0dugBhAnGzkSOORMRbN1lyCPDAgRS7Q6GU30KkONhFw4V51L+7aP dTErqceXragZsH4R6t87+cFzmxnMTw5b5O1T3BIBiegPbgWCsWlGQaJ0Sdz53aVKDvLY n32Q==
X-Forwarded-Encrypted: i=1; AJvYcCXy80JzeEM1HOiWZkUij9mmOIK8QltDC+/gq14KQc8uHmz0548OVip6WYX8uRvBV5CYh1vX1NCfg9fIl6nv2g==
X-Gm-Message-State: AOJu0YzaXPMd97GAKV+aIOeG9jJMlsCijKg1TsE0xM/V7xpevbG6QvVU bIgCpN4rLJQprStPuoidtDohKSogIs7S4icaV6qex+Z9qsBlQkrbgqsJ/ikDL2UC7DIXub0Vxgt LI7SMdIwZ/nCHBwO2kPyl6A9jS+WZl/NWwqgqKQ==
X-Google-Smtp-Source: AGHT+IHxSQ0PmadIyaSJzmuPXZRBz2y2PQyCw/0YEN+3XevQctoULQPPfQAGNSpdz8Bmc1nSCLO27xjaroEGbz5QlFg=
X-Received: by 2002:a2e:a7d4:0:b0:2da:1f07:ae13 with SMTP id x20-20020a2ea7d4000000b002da1f07ae13mr1429496ljp.9.1712947651080; Fri, 12 Apr 2024 11:47:31 -0700 (PDT)
Received: from 649336022844 named unknown by gmailapi.google.com with HTTPREST; Fri, 12 Apr 2024 14:47:29 -0400
Mime-Version: 1.0
X-Superhuman-Draft-ID: draft00c335b8dc86b4b5
X-Mailer: Superhuman Desktop (2024-04-11T23:22:15Z)
X-Superhuman-ID: lux0s7ph.529574ca-21d7-431c-a7a7-206e0cb4448c
In-Reply-To: <PH0PR11MB49666DBAE552F214F1AC69F2A9042@PH0PR11MB4966.namprd11.prod.outlook.com>
References: <PH0PR11MB49661E586240C0F620E04783A9032@PH0PR11MB4966.namprd11.prod.outlook.com> <CAFU7BAS2bhayYmyNya0pDDGDd4XwaqRF579H4WoGhGv6y_bXgw@mail.gmail.com> <PH0PR11MB49666DBAE552F214F1AC69F2A9042@PH0PR11MB4966.namprd11.prod.outlook.com>
From: Warren Kumari <warren@kumari.net>
Date: Fri, 12 Apr 2024 14:47:29 -0400
Message-ID: <CAHw9_iKivcAKSC5-w16SyZnMESYp4Fyf+=qAd+ad-LjDSkKOJg@mail.gmail.com>
To: Eric Vyncke <evyncke@cisco.com>
Cc: Jen Linkova <furry13@gmail.com>, dhcwg@ietf.org, rajiv.asati@gmail.com, suresh.krishnan@gmail.com, Lorenzo Colitti <lorenzo@google.com>, shengjiang@bupt.edu.cn
Content-Type: multipart/alternative; boundary="0000000000004314b90615eab4f3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/DVI1PpEQkFmJ7Klz-JKxYr4suUg>
Subject: Re: [dhcwg] AD review of draft-ietf-dhc-addr-notification-10
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2024 18:47:37 -0000
On Fri, Apr 12, 2024 at 11:16 AM, Eric Vyncke <evyncke@cisco.com> wrote: > Hello Jen, > > > > Also replying implicitly to Warren’s reply dated 5th of April in the same > thread. > > > > So, thank you, for the answers and suggested changes. We still disagree on > one point (see below for EVY>) but, at this stage, I will it go as you have > answered to my point (even if I do not like the answer). > > > > I.e., please upload a revised I-D and I will request an IETF Last Call > I have just uploaded a new version. Link (for easy clickin'): https://datatracker.ietf.org/doc/draft-ietf-dhc-addr-notification/ Diff: https://author-tools.ietf.org/iddiff?url1=draft-ietf-dhc-addr-notification-10&url2=draft-ietf-dhc-addr-notification-11&difftype=--html Thank you Eric (and authors!) W > > Regards > > > > -éric > > > > > > > > *From: *Jen Linkova <furry13@gmail.com> > *Date: *Wednesday, 10 April 2024 at 01:15 > *To: *Eric Vyncke (evyncke) <evyncke@cisco.com> > *Cc: *dhcwg@ietf.org <dhcwg@ietf.org>, rajiv.asati@gmail.com <rajiv.asati@ > gmail.com>, Warren Kumari <warren@kumari.net>, suresh.krishnan@gmail.com < > suresh.krishnan@gmail.com>, Lorenzo Colitti <lorenzo@google.com>, > shengjiang@bupt.edu.cn <shengjiang@bupt.edu.cn> > *Subject: *Re: AD review of draft-ietf-dhc-addr-notification-10 > > Hi Eric, > > Thank you very much for your review and comments. > Sorry for the delayed response, the authors have been discussing the > remaining open items, our comments are below. > > On Sat, Apr 6, 2024 at 1:38 AM Eric Vyncke (evyncke) <evyncke@cisco.com> > wrote: > > Figure 1, suggest to also add the dst address. > > We'd prefer not to. The diagram focuses on elements which are either > new (different from existing mechanisms) or important for > understanding the proposed concept. That’s why Fig1 shows the source > address: unlike all other DHCPv6 communications, ADDR-REG-INFORM > MESSAGE is sent from the global address, not the link-local one. That > difference is important to emphasize. The dst address is the standard > multicast, so nothing new here. Adding it overloads the diagram with > information and makes it harder to understand IMHO. > > EVY> fair enough > > > > ` The client MUST NOT send the ADDR-REG-INFORM message for addresses > configured by DHCPv6.` what about the very special and rare case where not > all multiple DHCPv6 servers have received the confirmation of address lease > ? > > Well...This sounds like a problem DHCPv6 protocol should address with > or without this proposal. Improving DHCPv6 reliability is out of scope > for this draft (and sending ADDR-REG-INFORM for addresses received via > IA_NA is a very high price to pay: it would be *very* noisy if we > allow the client to register DHCPv6 addresses - and this group has > spent a lot of time discussing how to optimize the registration > algorithm to minimize the amount of multicast noise... > So while nothing would be broken if we replace 'MUST NOT' with 'SHOULD > NOT', it looks very much undesirable. > > > > EVY> fair enough > > > > > # Section 4.2.1 > > In the case of multiple DHCPv6 servers, how can ` within a prefix > delegated to the client`be checked ? > > There is not much difference between knowing which prefix is > “appropriate for the link” and knowing which pool is used on the given > link: both require some knowledge of the topology. If the > administrator runs multiple DHCPv6 servers which share the same pool - > some mechanism to keep the data in sync would be required anyway, even > w.o this proposal - and defining such a mechanism sounds like out of > scope of this draft. In case of a multi-homing scenario (or multiple > administrative domains, each operating its own DHCPv6 infrastructure), > then each DHCPv6 server would only register addresses belonging to its > address space. > > > Would adding the following text to the end of Section 4.2.1 address > your concern?: > > “If a client is multihomed (connected to multiple administrative > domains, each operating its own DHCPv6 infrastructure), the > requirement to verify that the registered address is appropriate for > the link or belongs to a delegated prefix ensures that each DHCPv6 > server only registers bindings for addresses from the given > administrative domain.” > > EVY> this would indeed improve the specification > > > > > ` SHOULD log the address registration information` should probably be > more explicit about which information... I.e., DUID not always have MAC > addresses. > > We’d like the behavior to be consistent with what the server does for > assigned addresses and delegated prefixes, hence the text is saying > “as is done normally for clients to which it has assigned an address” > - we shall probably update it with “...or delegated a prefix” though. > > The proposed text: “the server SHOULD log the client DUID and the > link-layer address, if available. The server MAY log any other > information” > > EVY> LGTM > > > > ` SHOULD mark the address as unavailable for use and not include it in > future ADVERTISE messages` when can this SHOULD be bypassed ? I would > assume that a MUST would be safer. > > If the DHCPV6 pool configuration permits a collision between > DHCPv6-assigned and SLAAC addresses, then that problem exists even w/o > this proposal. This draft provides an additional signal to prevent the > collision but it should be up to the server administrator to use it. > Making this SHOULD a MUST would be safer but wouldn't guarantee that > there is no collision. > MUST would prevent a server from assigning an address that another > host has registered. But it wouldn't prevent a host forming an address > with SLAAC that the server has assigned to another host. That has to > rely on DAD or on the laws of probability. > > Given that MUST can't guarantee that collisions don't occur, SHOULD > seems appropriate. > > > > EVY> we do not agree here. Up to the authors & WG to decide of course, but > a MUST wont’ prevent other conflicts but would at least prevent some. > > > > Additionally, a very simple implementation of this draft could simply > just log and do nothing else. Unless the hosts are malicious or the > network is extremely large, this will work very well in practice, > because a collision is extremely unlikely (even with 100k clients it's > less than one in a billion). If we said MUST, such an implementation > would be non-compliant. > > > ` SHOULD include the client's link-layer address in the relayed message` > when can this SHOULD be bypassed ? I.e., without the client MAC, there is > little use of this I-D. > > Good point, thank you! > > The proposed text: > “DHCPv6 relay agents and switches that relay address registration > messages directly from clients MUST include the client's link-layer > address in the relayed message using the Client Link-Layer Address > option ([RFC6939]) if they would do so for other DHCPv6 client > messages such as SOLICIT, REQUEST, and REBIND” > > EVY> ACK > > > > Should the client periodically try to register ? I fear that some > statically addressed nodes will never register as they could stay for years > without reboot or move. > > Warren's comment summarizes the WG decision. > Anyway, statically assigned addresses are not the primary use case for > this proposal... > > EVY> WG decision is paramount at this stage. So, let’s keep the text > > > > > > > -- > Cheers, Jen Linkova >
- [dhcwg] AD review of draft-ietf-dhc-addr-notifica… Eric Vyncke (evyncke)
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Warren Kumari
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Jen Linkova
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Eric Vyncke (evyncke)
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Warren Kumari
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Lorenzo Colitti
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Eric Vyncke (evyncke)
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Warren Kumari
- Re: [dhcwg] AD review of draft-ietf-dhc-addr-noti… Rajiv Asati