IETF Logo Mail Archive

[dhcwg] Re: Renumbering DNS with stateless DHCPv6 - bug?

Thomas Narten <narten@us.ibm.com> Tue, 18 November 2003 18:02 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA04237 for <dhcwg-archive@odin.ietf.org>; Tue, 18 Nov 2003 13:02:26 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AMAAx-0004gU-1b for dhcwg-archive@odin.ietf.org; Tue, 18 Nov 2003 13:02:09 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hAII27BE018003 for dhcwg-archive@odin.ietf.org; Tue, 18 Nov 2003 13:02:07 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AMAAw-0004gI-Tv for dhcwg-web-archive@optimus.ietf.org; Tue, 18 Nov 2003 13:02:06 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA04205 for <dhcwg-web-archive@ietf.org>; Tue, 18 Nov 2003 13:01:53 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AMAAv-0002DB-00 for dhcwg-web-archive@ietf.org; Tue, 18 Nov 2003 13:02:05 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AMAAu-0002D8-00 for dhcwg-web-archive@ietf.org; Tue, 18 Nov 2003 13:02:04 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AMAAr-0004f5-6X; Tue, 18 Nov 2003 13:02:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AMAAh-0004eu-Eb for dhcwg@optimus.ietf.org; Tue, 18 Nov 2003 13:01:51 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA04197 for <dhcwg@ietf.org>; Tue, 18 Nov 2003 13:01:38 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AMAAf-0002Cz-00 for dhcwg@ietf.org; Tue, 18 Nov 2003 13:01:49 -0500
Received: from e2.ny.us.ibm.com ([32.97.182.102]) by ietf-mx with esmtp (Exim 4.12) id 1AMAAf-0002Cu-00 for dhcwg@ietf.org; Tue, 18 Nov 2003 13:01:49 -0500
Received: from northrelay04.pok.ibm.com (northrelay04.pok.ibm.com [9.56.224.206]) by e2.ny.us.ibm.com (8.12.10/8.12.2) with ESMTP id hAII1Gho293444; Tue, 18 Nov 2003 13:01:16 -0500
Received: from rotala.raleigh.ibm.com (d01av02.pok.ibm.com [9.56.224.216]) by northrelay04.pok.ibm.com (8.12.9/NCO/VER6.6) with ESMTP id hAII1EWJ109036; Tue, 18 Nov 2003 13:01:15 -0500
Received: from rotala.raleigh.ibm.com (localhost.localdomain [127.0.0.1]) by rotala.raleigh.ibm.com (8.12.8/8.12.5) with ESMTP id hAIHtCoA020484; Tue, 18 Nov 2003 12:55:12 -0500
Received: from rotala.raleigh.ibm.com (narten@localhost) by rotala.raleigh.ibm.com (8.12.8/8.12.8/Submit) with ESMTP id hAIHtCRE020479; Tue, 18 Nov 2003 12:55:12 -0500
Message-Id: <200311181755.hAIHtCRE020479@rotala.raleigh.ibm.com>
To: dnsop@cafax.se, dhcwg@ietf.org
In-Reply-To: Message from tjc@ecs.soton.ac.uk of "Thu, 13 Nov 2003 19:11:45 GMT." <20031113191145.GS3473@login.ecs.soton.ac.uk>
Date: Tue, 18 Nov 2003 12:55:12 -0500
From: Thomas Narten <narten@us.ibm.com>
Subject: [dhcwg] Re: Renumbering DNS with stateless DHCPv6 - bug?
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>

Tim Chown <tjc@ecs.soton.ac.uk> writes:

> With DHCPv6 Light for DNS option configuration, how is the client told
> that DNS options have changed?  The reconfigure message seems to be
> unicast to the clients, but if the DHCPv6 server is stateless, it won't
> have a list of clients (with leased IPs) to send that Reconfigure
> message to?

note that there are issues with unicast reconfigure. During the IESG
review of the DHCv6 spec, concerns were raised about the
appropriateness of _requiring_ that all nodes have an open port on
which DHC messages could be sent. This is viewed as a security
issue. E.g., for security reasons, some sites require that clients
have no open ports on which they are listening for arbitrary packets
from anyone. Consequently, the DHCPv6 spec was revised to make the use
of this feature more of a negotiation between the client and
server. See the RFC for details.

Point is, requiring that a node always be ready to receive an
asynchronous message from an arbitrary DHC server is potentially
problematical in practice.

Personally, I think something along the lines of Bernie's suggestion
seems the simplest. E.g., just define a lifetime that applies to all
options that don't themselves have a lifetime.  Client can then
recheck at appropriate intervals.

"Bernie Volz" <volz@metrocast.net> writes:

> There was some discussion about adding a "configuration lifetime" option for
> Information-Request/Reply messages. This would be similar to the address
> lifetimes and the idea would be that this would give the client an
> indication of when to obtain updated configuration information. While this
> does not solve the problem completely, it would help solve the problem when
> scheduled changes in the network are planned.

> We may also want to have clients that initiate an Information-Request after
> detecting a configuration change that may invalidate existing information
> (such as prefixes in configuration information that are no longer valid) use
> a random delay before sending the Information-Request (just as they would
> for the 'first' Information-Request). Perhaps this just means clarifying
> what is meant in section 18.1.5 (RFC 3115) by first:

>    The first Information-request message from the client on the
>    interface MUST be delayed by a random amount of time between 0 and
>    INF_MAX_DELAY.

> There are also larger issues here when renumbering happens as the client may
> need to its DNS information (dynamic DNS), etc. So, when renumbering happens
> (new addresses are added or old ones are deprecated), the client needs to do
> some thinking and one of the outcomes is to obtain updated configuration
> information.

> - Bernie

> -----Original Message-----
> From: dhcwg-admin@ietf.org [mailto:dhcwg-admin@ietf.org] On Behalf Of Tim
> Chown
> Sent: Thursday, November 13, 2003 4:00 PM
> To: SHIRASAKI Yasuhiro
> Cc: dnsop@cafax.se; dhcwg@ietf.org
> Subject: Re: [dhcwg] Renumbering DNS with stateless DHCPv6 - bug?

> > Both setting the trigger of re-request on renumbering of prefix in RA,
> > and a multicast Reconfigure message might cause all nodes to rush on
> > the single DHCPv6-lite server for information-request reply exchange.
> > It could work with small number of clients though.

> I guess you could add some random delays, but you should also scale your
> DHCPv6 server provision to have multiple servers?

> I guess we can say that:

> (1) Automatic renumbering is broken if people hard-code data in clients

> (2) If a secure environment for reconfigure is needed, a multicast message
>     adds some complexity

> (3) The Reconfigure message is really designed for a fully stateful DHCPv6
>     environment, not a purely stateless one providing options info (?)

> (4) Periodic polling of the DHCPv6 server by clients allows renumbering
>     but is not a full solution for more rapid (unplanned) renumbering.

> (5) There isn't really a ethod now for a client to be informed of a
>     renumbering event of a stateless DHCPv6 option (DNS, NTP)

> (6) We don't want to use RA method because that would also mean an NTP
>     extension for RA (?)

> (7) If the network renumbers, statelessly configuring hosts should/could
>     use the new prefix seen on an RA as a hint to re-request DHCPv6
>     options if the O bit is set.

> So is something overlooked, or do we not feel we need a solution to (5),
> given we could use (7)?   Not sure how explicit (7) is...

> Tim

> _______________________________________________
> dhcwg mailing list
> dhcwg@ietf.org
> https://www1.ietf.org/mailman/listinfo/dhcwg




> _______________________________________________
> dhcwg mailing list
> dhcwg@ietf.org
> https://www1.ietf.org/mailman/listinfo/dhcwg

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email