IETF Logo Mail Archive

RE: [dhcwg] 3315 clarifications

"Bernie Volz \(volz\)" <volz@cisco.com> Mon, 19 March 2007 08:25 UTC

Return-path: <dhcwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HTDAv-0007Qe-G3; Mon, 19 Mar 2007 04:25:05 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HTDAu-0007QT-JD for dhcwg@ietf.org; Mon, 19 Mar 2007 04:25:04 -0400
Received: from rtp-iport-1.cisco.com ([64.102.122.148]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HTDAt-00083O-5o for dhcwg@ietf.org; Mon, 19 Mar 2007 04:25:04 -0400
Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by rtp-iport-1.cisco.com with ESMTP; 19 Mar 2007 04:25:05 -0400
Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l2J8P3ev021211; Mon, 19 Mar 2007 04:25:03 -0400
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l2J8P2lG005863; Mon, 19 Mar 2007 08:25:02 GMT
Received: from xmb-rtp-20a.amer.cisco.com ([64.102.31.15]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 19 Mar 2007 04:25:00 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [dhcwg] 3315 clarifications
Date: Mon, 19 Mar 2007 04:24:59 -0400
Message-ID: <8E296595B6471A4689555D5D725EBB21038C8C2D@xmb-rtp-20a.amer.cisco.com>
In-Reply-To: <C222E101.3DD79%rdroms@cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [dhcwg] 3315 clarifications
Thread-Index: AcdpeoHrwF2SmtVtEdu0YgARJOT6egAhCYFA
From: "Bernie Volz (volz)" <volz@cisco.com>
To: "Ralph Droms (rdroms)" <rdroms@cisco.com>, shane_kerr@isc.org, Bud Millwood <budm@weird-solutions.com>
X-OriginalArrivalTime: 19 Mar 2007 08:25:00.0999 (UTC) FILETIME=[164C4570:01C76A00]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=5032; t=1174292703; x=1175156703; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=volz@cisco.com; z=From:=20=22Bernie=20Volz=20\(volz\)=22=20<volz@cisco.com> |Subject:=20RE=3A=20[dhcwg]=203315=20clarifications |Sender:=20 |To:=20=22Ralph=20Droms=20\(rdroms\)=22=20<rdroms@cisco.com>, =20<shane_ke rr@isc.org>, =0A=20=20=20=20=20=20=20=20=22Bud=20Millwood=22=20<budm@weird- solutions.com>; bh=wIvecaTr/w6CxtXcH3xfsFqjP9nJ8PWq04yPxZTqbUQ=; b=0NkRTW2KoUdvhsOjWIfFaHwdx8zsHwbsk/650kEHODirxC6MsfrV7NB/3X3pCGcpguJpxtWm Lx2mOjORWs8QTTgPhnIxOER76gHnZSE4Aw4ha53qpbRG9PF96sJKVNrJ;
Authentication-Results: rtp-dkim-2; header.From=volz@cisco.com; dkim=pass (s ig from cisco.com/rtpdkim2001 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 200d029292fbb60d25b263122ced50fc
Cc: dhcwg@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Errors-To: dhcwg-bounces@ietf.org

>If I'm understanding Bernie and Shane correctly, a Solicit/Request with
no
>IAs might not be particularly useful - or perhaps redundant with
>Information-Request - but there's no critical reason to include an
outright
>ban on Solicit/Request with no IAs. 

That's at least my opinion on this issue. There may also be benefits to
allowing it - such as the ability to do delayed authentication (since
the 4-way handshake is available).

If I recall correctly, it originally came up during the M&O bit
discussion. If M had been defined as always do a
Solicit/Advertise/Request/Reply sequence, then a stateless client would
need to send a Solicit but would not include an IA (since it has no
support for this).

I also see no strong reason to disallow this.

- Bernie

-----Original Message-----
From: Ralph Droms (rdroms) 
Sent: Sunday, March 18, 2007 12:29 PM
To: shane_kerr@isc.org; Bud Millwood
Cc: dhcwg@ietf.org
Subject: Re: [dhcwg] 3315 clarifications

On 3/12/07 1:15 PM, "Shane Kerr" <Shane_Kerr@isc.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Bud Millwood wrote:
>> On Sunday 11 March 2007 16:57, Bernie Volz (volz) wrote:
>>> Bud:
>>> 
>>> 1. In our server chose to allow no IAs for SOLICIT/REQUEST -- there
was
>>> some discussion a while back about this topic (RFC 3315 vs RFC 3736
and
>>> the meaning of the RA M & O bits).
> 
> As a data point, the ISC DHCPv6 server (not yet release) happily
replies to
> Solicit/Request messages without addresses.
> 
>> Hmm. If you allow no IAs for solicit/request, then it's kinda like
stateless,
>> right?
> 
> Kinda, but not necessarily. The server might provide no information at
all in
> the case of Solicit/Request without IAs, and this is perfectly okay.
Not so
> good
> for Information-Request...

What do you mean by "no information"?  No response at all or an
Advertise/Reply (resp.) with no options?

> Sending Solicit/Request without IAs is probably something clients
should not
> do,
> and something server should probably handle gracefully. :)

If I'm understanding Bernie and Shane correctly, a Solicit/Request with
no
IAs might not be particularly useful - or perhaps redundant with
Information-Request - but there's no critical reason to include an
outright
ban on Solicit/Request with no IAs.

>>> 2. I would say NO to IAs in Replys for Information-Request.
>>> We presently
>>> have no address specific options (when working on early drafts of
what
>>> is now RFC 4704, I had proposed allowing the FQDN option in IAs and
>>> IAADDR options to restrict the applicability but that was deemed
more
>>> complicated than it was worth).
>> 
>> Wow... My reading of 3315 gave me the impression that most any DHCPv6
option
>> could appear anywhere in the options heirarchy, and the client should
>> understand that a delivered option was only valid in the context in
which it
>> was delivered. In fact, my server presently allows you to set options
in
>> IAADDRS, and I was seriously wondering if DHCPv6 clients would really
>> understand that a DNS server option (for example), delivered in an
IAADDR,
>> was really only to be used for that address. It seemed to be asking
*a lot*
>> from a DHCP client.

What does it mean for a DNS server option only with a given address?

> Well, there is the handy Appendix A: Appearance of Options in Message
Types,
> which says which are allowed or not. (Although others on this list
have
> mentioned that this appendix is not 100% correct...)
> 
>>> And, the general rule is that IA_*
>>> options in server replies are restricted to those that were in the
>>> client's message (except for the Reconfigure message -- which isn't
a
>>> server reply anyway).
>> 
>> It seems that I should view my server from a much more client-driven
>> approach. 
>> An administrative policy defining a set of options should first give
those
>> options that are asked for in IAs, then those asked for in the
top-level
>> options, then, anything remaining in the policy goes in the top-level
>> options. Does this seem like a coherent strategy?
> 
> I'm not 100% sure what you mean. But we work basically how I think you
are
> suggesting. :)
> 
> There are options not associated with any specific IA, which are added
to the
> Reply (or Advertise) packets from the server. Each IA added as an
option to
> the
> Reply/Advertise has its own options. (We don't currently put options
in
> IAADDR,
> but I suppose that could happen eventually.)
> 
> These are all determined by both the ORO from the client as well as
any
> configuration on the server side and some requirements from the RFCs.
> 
> - --
> Shane
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFF9YqtMsfZxBO4kbQRAs99AKCdAPqqet4gGZrXhns5USz59i1fUwCfXJFq
> VAXoLSqxchuFzQPpa0OeBDI=
> =SJAZ
> -----END PGP SIGNATURE-----

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.30.2 | Report a Bug | By Email | System Status