Re: [dhcwg] status of draft-ietf-dhc-agent-subnet-selection

Thomas Narten <narten@us.ibm.com> Wed, 09 October 2002 18:39 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA29009 for <dhcwg-archive@odin.ietf.org>; Wed, 9 Oct 2002 14:39:10 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g99Ieon09482 for dhcwg-archive@odin.ietf.org; Wed, 9 Oct 2002 14:40:50 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g99Ieov09479 for <dhcwg-web-archive@optimus.ietf.org>; Wed, 9 Oct 2002 14:40:50 -0400
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA28992 for <dhcwg-web-archive@ietf.org>; Wed, 9 Oct 2002 14:38:39 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g99IcHv09333; Wed, 9 Oct 2002 14:38:17 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g99Ibfv09306 for <dhcwg@optimus.ietf.org>; Wed, 9 Oct 2002 14:37:41 -0400
Received: from e32.co.us.ibm.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA28843 for <dhcwg@ietf.org>; Wed, 9 Oct 2002 14:35:29 -0400 (EDT)
Received: from westrelay03.boulder.ibm.com (westrelay03.boulder.ibm.com [9.17.194.24]) by e32.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id g99IbOpw061772; Wed, 9 Oct 2002 14:37:24 -0400
Received: from rotala.raleigh.ibm.com (rotala.raleigh.ibm.com [9.27.12.14]) by westrelay03.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id g99IbNHY204912; Wed, 9 Oct 2002 12:37:23 -0600
Received: from rotala.raleigh.ibm.com (narten@localhost) by rotala.raleigh.ibm.com (8.11.6/8.11.6) with ESMTP id g99IZa632120; Wed, 9 Oct 2002 14:35:36 -0400
Message-Id: <200210091835.g99IZa632120@rotala.raleigh.ibm.com>
To: Ralph Droms <rdroms@cisco.com>
cc: Ted Lemon <Ted.Lemon@nominum.com>, "Bernie Volz (EUD)" <Bernie.Volz@am1.ericsson.se>, Kim Kinnear <kkinnear@cisco.com>, dhcwg@ietf.org
Subject: Re: [dhcwg] status of draft-ietf-dhc-agent-subnet-selection
In-Reply-To: Message from Ralph Droms <rdroms@cisco.com> of "Tue, 08 Oct 2002 15:22:11 EDT." <4.3.2.7.2.20021008151605.00b72388@funnel.cisco.com>
Date: Wed, 09 Oct 2002 14:35:36 -0400
From: Thomas Narten <narten@us.ibm.com>
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>

> If I squint my eyes and stand back far enough, I don't see that the DHCPv4 
> case is different.

Conceptually similar, details are different.

> While the relay agent is relaying a message on behalf 
> of the client, it really is relaying that message in an independent UDP 
> message, in which the source address belongs to the relay agent.

Isn't the source address of the packet that of the client (and not the
relay agent)? This makes a huge differences with regards to IPsec.

Even worse, the client has no IP address yet, so the relayed packet
has no source address...

This can't be made to work trivially with stock IPsec. You'd need
extensions I'd suspect, defeating much of the purpose of trying to use
IPsec.

Note that the above also factored into why DHC needed something
specific to DHC rather than trying to somehow use IPsec.

Thomas
_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg