IETF Logo Mail Archive

Re: [dhcwg] recommendation on DHCP6 source port numbers

Ole Troan <otroan@employees.org> Thu, 29 February 2024 15:22 UTC

Return-Path: <otroan@employees.org>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8FF8C180B74 for <dhcwg@ietfa.amsl.com>; Thu, 29 Feb 2024 07:22:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=employees.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5g6HQdpm8kD3 for <dhcwg@ietfa.amsl.com>; Thu, 29 Feb 2024 07:22:07 -0800 (PST)
Received: from proxmox01.kjsl.com (proxmox01.kjsl.com [204.87.183.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07AB5C180B67 for <dhcwg@ietf.org>; Thu, 29 Feb 2024 07:22:06 -0800 (PST)
Received: from proxmox01.kjsl.com (localhost.localdomain [127.0.0.1]) by proxmox01.kjsl.com (Proxmox) with ESMTP id 9A7DFE5B46; Thu, 29 Feb 2024 15:22:06 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=employees.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:from:from:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=prox2023; bh=uLVF9JygopwSNpvu xu7wCtu93eIqD6ClrEASlJK4wZk=; b=c+1JCXW27Y94kMpVh8AaCMDr1ZEjjvjI Uy9vnC6c1uQnxha5ch3hutwTiDVfkHQsJHNmVZYobwY6uFPZ91TB2oYy3RDZpdzJ 3H2WxwZVr9effyOQTx7hSxz/4HbXQeIHlntcB6SGdTtsV9DtEVmlDvdWb33w/j4/ p0pbb2YgEN/HyM2yPqhKeroG3smwYd65lbbu+8lFEjK+69qGR46Q6NJA0uFiaXVH XRbQN8mCNgjBW22+TOjZ9tL8d8RoHBwXqHypyYWsy8ohqfjSi88G8fneAEY9vGUB EPNnDQj6KDbSMmUV6g7cNiel6GRG24+j/EAtZXIB0GyK9+zOrieOKw==
Received: from clarinet.employees.org (clarinet.employees.org [198.137.202.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by proxmox01.kjsl.com (Proxmox) with ESMTPS id 79ABEE5A16; Thu, 29 Feb 2024 15:22:06 +0000 (UTC)
Received: from smtpclient.apple (ti0389q160-5480.bb.online.no [95.34.1.168]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 9F02B4E11AD4; Thu, 29 Feb 2024 15:22:05 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <3B626E8E-A4CE-43C5-ABA7-C483434DD88E@gmail.com>
Date: Thu, 29 Feb 2024 16:21:52 +0100
Cc: Lorenzo Colitti <lorenzo@google.com>, Tomoyuki Sahara <tsahara@iij.ad.jp>, dhcwg@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <15F34F0B-6439-4387-8C8B-44229A822DC7@employees.org>
References: <57E318FA-0DC5-4C57-9470-EA75435DF57F@employees.org> <3B626E8E-A4CE-43C5-ABA7-C483434DD88E@gmail.com>
To: Bernie Volz <bevolz@gmail.com>
X-Mailer: Apple Mail (2.3774.400.31)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/HHndRC2aTPmb_5giv20qq7cI1Ug>
Subject: Re: [dhcwg] recommendation on DHCP6 source port numbers
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 15:22:11 -0000

Bernie,

Why isn’t this text relevant also for DHCPv6:

>  We could not simply allow the client to pick a 'random' port
> number for the UDP source port field; since the server reply may be
> broadcast, a randomly chosen port number could confuse other hosts
> that happened to be listening on that port.


Cheers,
Ole

> On 29 Feb 2024, at 15:56, Bernie Volz <bevolz@gmail.com> wrote:
> 
> This text seems a bit off. If the server always sends to the client port, its source port doesn’t matter.
> 
> I think this original text was because normal UDP communication could then happen and may have been because of limits in the APIs available at the time?
> 
> This is unnecessary today.
> 
> If you follow the rules, all is ok with whatever source ports are used:
> 
>      Clients listen for DHCP messages on UDP port 546.  Servers and
>      relay agents listen for DHCP messages on UDP port 547.
> 
> I don’t know if the word “listen” in this is what causes confusion? Maybe it should just be:
> 
>      Clients receive DHCP messages on UDP (destination) port 546.  Servers and
>      relay agents receive DHCP messages on UDP (destination) port 547.
> 
> But maybe even that is still confusing to some.
> 
> - Bernie
> 
>> On Feb 29, 2024, at 9:16 AM, Ole Trøan <otroan@employees.org> wrote:
>> 
>> Guess we haven’t departed too far from bootp. 
>> Which seems to make a case for the client using the reserved port number also as the source port. 
>> 
>> Rfc951:
>> The UDP header contains source and destination port numbers. The
>> BOOTP protocol uses two reserved port numbers, 'BOOTP client' (68)
>> and 'BOOTP server' (67). The client sends requests using 'BOOTP
>> server' as the destination port; this is usually a broadcast. The
>> server sends replies using 'BOOTP client' as the destination port;
>> depending on the kernel or driver facilities in the server, this may
>> or may not be a broadcast (this is explained further in the section
>> titled 'Chicken/Egg issues' below). The reason TWO reserved ports
>> are used, is to avoid 'waking up' and scheduling the BOOTP server
>> daemons, when a bootreply must be broadcast to a client. Since the
>> server and other hosts won't be listening on the 'BOOTP client' port,
>> any such incoming broadcasts will be filtered out at the kernel
>> level. We could not simply allow the client to pick a 'random' port
>> number for the UDP source port field; since the server reply may be
>> broadcast, a randomly chosen port number could confuse other hosts
>> that happened to be listening on that port.
>> 
>> 
>> O. 
>>

v2.30.2 | Report a Bug | By Email | System Status