[dhcwg] Some high-priority errata for RFC3315/3396...

[Ted Lemon <Ted.Lemon@nominum.com>]

There's been a bit of a discussion going on in the v6ops working group about a problem in the DHCP protocol that has to do with the coexistence of stateful address allocation and prefix delegation.

The problem is that it's entirely possible that a PD requesting router might also want an IP address to number its upstream interface, so it might send a DHCP Solicit message containing both an IA_NA and an IA_PD.    Suppose the DHCP server is willing to do prefix delegation, but expects the RR to do SLAAC for the upstream address.   In this case, it's going to send an IA_PD containing one or more prefixes, but an IA_NA containing no addresses.

RFC3315 wasn't written with RFC3361 in mind, so it doesn't really talk about what to do in this case.   It also doesn't address the problem of what to do if an IA_TA appears in the solicit, but the server isn't configured to offer temporary addresses.   This hasn't been much of an issue since I don't know of any clients that actually request temporary addresses, but of course it is an issue for IA_PD.

There exist two errata that address this issue: erratum 2471 and erratum 2472.   These errata propose to have the status code appear inside the IA_NA option rather than in the outer layer of the Advertise message.   A similar erratum exists for RFC3361, proposing to put the status code option in the IA_PD option instead of, similarly, in the outer layer of the packet.

In addition, the following observation has been made:

  The other unclear problem area is around how to deal with IA_PD and IA_NA:
    * Client requests both IA_NA and IA_PD in the same session, gets only IA_PD.
      - Does it fork off a separate session for IA_NA and continues sending SOLICITs for only the IA_NA?
      - Reset the DHCP client, and tries again?
      - Keeps single session, and continues to ask for IA_NA on next RENEW?
 
      all 3 behaviors have been seen in the wild plus some additional pathological cases.
      in general dealing with multiple stateful options in DHCP is underspecified.

So the topic for discussion in the working group here is as follows:

1. Is what is proposed in the errata the right thing?   Should we in fact have status codes inside of IA_* options instead of in the main packet?

2. If so, what is the full set of edits to RFC3315 and RFC3361 that are required to do this?
2a. What do we do for clients that don't implement the errata?

3. If not, what should we do instead?

4. If the client gets an IA_NA and no IA_PD, or vice versa, which of the three behaviors listed above should it follow?   Is it bad that different clients do this differently?

5. What have I missed?

Comments?   Criticisms?   Rotten tomatoes?