Re: [dhcwg] Genart last call review of draft-ietf-dhc-dhcp4o6-saddr-opt-04
ianfarrer@gmx.com Tue, 11 September 2018 11:42 UTC
Return-Path: <ianfarrer@gmx.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C3A0130DF5; Tue, 11 Sep 2018 04:42:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9vl-EE5ZYeo; Tue, 11 Sep 2018 04:41:55 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18AF6130E69; Tue, 11 Sep 2018 04:41:51 -0700 (PDT)
Received: from ians-mbp.lan ([80.159.240.8]) by mail.gmx.com (mrgmx103 [212.227.17.174]) with ESMTPSA (Nemesis) id 0MV6PJ-1gMYwT1car-00YQmP; Tue, 11 Sep 2018 13:41:48 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: ianfarrer@gmx.com
In-Reply-To: <153624844917.11686.4272080791788503923@ietfa.amsl.com>
Date: Tue, 11 Sep 2018 13:41:46 +0200
Cc: gen-art@ietf.org, draft-ietf-dhc-dhcp4o6-saddr-opt.all@ietf.org, dhcwg@ietf.org, ietf@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <BA799353-174B-4C32-82A4-3C0F1CA2576A@gmx.com>
References: <153624844917.11686.4272080791788503923@ietfa.amsl.com>
To: Elwyn Davies <elwynd@dial.pipex.com>
X-Mailer: Apple Mail (2.3445.9.1)
X-Provags-ID: V03:K1:ztOxaDf8xK+HsFgwHe7JijKCME2qf5g2bmTZ7Z57xwhzjx8z5Fy 0SI0gxR7V38EUWnxmk/U038PxfyuHbHVG4viE75ihaH1PJfNd0GcLZXrVWqjJUm7my/dpgY OtQvSWsHZa9Yey3s6aG1o8SXb8/iMivCUCwhP1iysX79z4kATL57t0lDcf9N6pjE1E/nxzh iOsg9DgIy1/IvpX9//A7A==
X-UI-Out-Filterresults: notjunk:1;V01:K0:g/yeojrbvxU=:Qeq01XRSInEwV3xTptqy3B RvQ1ojrR4HTHQfIAy0vr6nXvjwWZTeWTk+hufsAaoLtsMbWa2ac2RtsIq5nO72Z9a/mG86s57 Z3hflg4xl29ZHAO8HXNkDY1O8Gnpu2GxVohH8BMPWx9sgAU3j1xBd5VxqH1Jp/RFovmBslig0 pV/Ql/Nuuxglf5mgUxgxUecekRYbI28Jc7v6cGCNipjQjzQ6niKnVb2Nc69WfKwLKkbIQM8S5 pxlvAFp1DaPAxytVuXhAN29Hub3ZMZGMhmcIYhKJqXa6PfCiDYYxUorSJuzBgjrSnpYRu8/Lb Jp2ywkFHWOXF4CsiBsarmCWxPwhjye8bq8F6Jd3GEGslc4d9zCH14oPsJBF2uHKXKOaO7UjWv 9WvzXd83LlSC5+QR60BIWL8a0IOJziiLHWEyIAPJQXz+Wl6KMAYQowxQ5vs4SyaQf4uDkPP8S A5QAqG2ODQ1UF98GCe9pGuVIvyVOPy3UJvseGPSos5+2tIZ+iQfdkTsFXslyFdxTQQ6x9BV5U ytYAlI8bSzcQlesxZCIcfRrxwJDA/EBGZcKhAebkdUSietsXC44Jrnm12ThM20tWAydKNZ8Gn cbbesw2p0KvYsSZ5CCWtT7Bvji9fXJUsPXwAtLRYz6wOBWJ/F7sxMhjqvuocIFYfwbjrJ6JEI fRiNm1lKTmuvuluPMa/+ENSfR28E7buUMrhHT3dzO+DG+rYSYDYAAzUpzKAqhrQq6mxUxAmJ5 dvhMkEul3S62+OPf1A2DS9HA4nqwdffZ4o80uAZK7llwC3aiCSDLZqrzt6WhvVXUapTfIYvsf 4i32T7r
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/V5Wiw5JModn3Lp78cLcQndIjeos>
Subject: Re: [dhcwg] Genart last call review of draft-ietf-dhc-dhcp4o6-saddr-opt-04
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2018 11:42:01 -0000
Hi Many thanks for your review. Most of your comments are straightforward and I’ve prepared a version which incorporates them. I’ve got a couple of suggestions/proposals in line below. Cheers, Ian > > Minor issues: > s7.4: >> o The received bindprefix6-len value is not larger than the number >> of bytes, divided by 8, received in the bind-ipv6-prefix field. >> (e.g. the bindprefix6-len is 128 but the bind-ipv6-prefix field is >> only 8 bytes long). > Given that s6.1 gives a deterministic algorithm for calculating the length of > the bind-ipv6-prefix field, I don't understand why the validation does not > check that the length of the field is exactly as specified by this algorithm > rather than using it as a lower limit. [if - Suggested re-word for the s7.4 bullet point: o The number of bytes received in the bind-ipv6-prefix field is consistent with the received bindprefix6-len value (calculated as described in Section 6.1). ] > s7.5 and s8 (last para): Given that the time constraints and number of retries > will interact and are implemented in different devices, I think these two > values need some sensible defaults defined so that devices from different > sources should interoperate successfully out of the box. [if - I think this is a reasonable suggestion, the question is what’s a sensible default? As I see it, the following things need to be considered: 1, If the client is trying to update the server because it’s IPV6 address has changed, therefore, the client’s 4 over 6 tunnel cannot function (new address is in use at the client, old address in the server and tunnel concentrators). A default on the lower side make sense here to try and get service restored as quickly as possible. 2, If the client is trying to update its IPv6 address and is not getting back a DHCPACK from the server, this is for one of two reasons - either the server is not available, or this is the 2nd attempt to update the address in less than the server’s update interval policy. In the first instance, going back to DHCPDISCOVER gives the client the best chance of finding a working server. In the second instance, it may be safe to a 3, The update interval on the server side is to deal with the second case - to stop clients from constantly sending updates (which may need to trigger other back-end provisioning functions) enabling a DOS attack, so needs to be long enough to reasonably protect against this. Trying to balance the above, I propose the following defaults for client and server: The client does 6 retries using the RFC2131 backoff interval timers. This means a minimum time of 182 seconds ((4-1)+(8-1)+(16-1)+(32-1)+(64-1)+(64-1)), and 180 seconds at the server side. If the 6th retry is not successful, the client resets to DHCPDISCOVER. I’d appreciate any thoughts on the above proposal. > > Abstract: Add mention of RFC 6346 and RFC 7598 for explanation of softwire > scheme. [if - I’m not sure why you suggest RFC6346 here as that describes A+P based routing. This draft is compatible with A+P routing provisioning using DHCP 4o6 (RFC7618, referenced in Sec. 7.6 of the draft), but it’s not essential to how it works and can be used without A+P. RFC4925 was the original softwire problem statement but that doesn’t really describe enough detail as to how the different mechanisms evolved. What about the following update to the first sentence to reference the specific mechanisms that this works with: DHCPv4 over DHCPv6 (RFC7341) is a mechanism for dynamically configuring IPv4 over an IPv6-only network. For DHCPv4 over DHCPv6 (DHCP 4o6) to function with some IPv4-over-IPv6 softwire mechanisms and deployment scenarios (e.g. RFC7596 or RFC7597), the operator... - Regarding RFC7598, what about the following updated paragraph in the Abstract to be more clear ab out the relevance of RFC7598?: "DHCPv6 Options for Configuration of Softwire Address and Port-Mapped Clients” (RFC7598), describes a deterministic DHCPv6 based mechanism for provisioning softwires. This document updates (RFC7598) allowing OPTION_S46_BR (90) to be enumerated in the DHCPv6 client's Option Request Option (ORO) request and appear directly within subsequent messages sent by the DHCPv6 server. ]
- [dhcwg] Genart last call review of draft-ietf-dhc… Elwyn Davies
- Re: [dhcwg] Genart last call review of draft-ietf… ianfarrer
- Re: [dhcwg] Genart last call review of draft-ietf… Bernie Volz (volz)