IETF Logo Mail Archive

Re: [dhcwg] New Version Notification - draft-ietf-pcp-dhcp-10.txt

Ted Lemon <ted.lemon@nominum.com> Tue, 01 April 2014 14:22 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C3091A079F for <dhcwg@ietfa.amsl.com>; Tue, 1 Apr 2014 07:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qZDZgR4oH7o3 for <dhcwg@ietfa.amsl.com>; Tue, 1 Apr 2014 07:22:56 -0700 (PDT)
Received: from shell-too.nominum.com (shell-too.nominum.com [64.89.228.229]) by ietfa.amsl.com (Postfix) with ESMTP id A77111A06DB for <dhcwg@ietf.org>; Tue, 1 Apr 2014 07:22:56 -0700 (PDT)
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id 61B7E1B83F3 for <dhcwg@ietf.org>; Tue, 1 Apr 2014 07:22:53 -0700 (PDT)
Received: from webmail.nominum.com (cas-01.win.nominum.com [64.89.228.131]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTP id 48C1E190043; Tue, 1 Apr 2014 07:22:53 -0700 (PDT)
Received: from [10.0.10.40] (192.168.1.10) by CAS-01.WIN.NOMINUM.COM (192.168.1.100) with Microsoft SMTP Server (TLS) id 14.3.158.1; Tue, 1 Apr 2014 07:22:46 -0700
Content-Type: text/plain; charset="windows-1252"
MIME-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Ted Lemon <ted.lemon@nominum.com>
In-Reply-To: <94C682931C08B048B7A8645303FDC9F36F544848AE@PUEXCB1B.nanterre.francetelecom.fr>
Date: Tue, 01 Apr 2014 10:22:43 -0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <657EBF08-AD6C-4E76-AF8B-DADF707B6720@nominum.com>
References: <20140401074050.4622.92489.idtracker@ietfa.amsl.com> <94C682931C08B048B7A8645303FDC9F36F544848AE@PUEXCB1B.nanterre.francetelecom.fr>
To: mohamed.boucadair@orange.com
X-Mailer: Apple Mail (2.1874)
X-Originating-IP: [192.168.1.10]
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/Vawlspr6EAQ_7_8vKU611Metyzk
Cc: DHC WG <dhcwg@ietf.org>, "draft-ietf-pcp-dhcp@tools.ietf.org" <draft-ietf-pcp-dhcp@tools.ietf.org>, "pcp-chairs@tools.ietf.org" <pcp-chairs@tools.ietf.org>
Subject: Re: [dhcwg] New Version Notification - draft-ietf-pcp-dhcp-10.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Apr 2014 14:22:59 -0000

On Apr 1, 2014, at 3:47 AM, <mohamed.boucadair@orange.com> <mohamed.boucadair@orange.com> wrote:
> * the recommendations from the dhc wg to change the format of the dhcov4 option and to use distinct names for each option. Bernie reviewed the updated text before publication. 
> * the genarea review.
> * the suggestion from IANA to include some missing information in the IANA section.

You seem to have missed the gen-art review request to add a reference for IPv6-encoded IPv4 addresses.

Unfortunately there is one other problem which was present in the previous draft but which I did not notice until I was reviewing your changes just now: you specify new behavior for the DHCP server.   The relevant paragraph is this one from section 5:

   The DHCP server MAY be configurable with one or multiple Fully
   Qualified Domain Names (FQDNs) of the PCP server(s).  In such case,
   the DHCP server MUST resolve these FQDNs into one or a list of IP
   addresses.  If multiple FQDNs are configured to the DHCP server, the
   DHCP server MUST include multiple lists of PCP server IP addresses in
   the PCP server option (encoded as multiple OPTION_V6_PCP_SERVER or in
   the same OPTION_V4_PCP_SERVER); each of them carries one or a list of
   IP addresses that resulted from the FQDN resolution.  DHCPv4 servers
   supporting PCP server option MUST resolve any configured FQDNs into
   IPv4 addresses while DHCPv6 servers may resolve any configured FQDNs
   into IPv6 and/or IPv4 addresses.  If an IPv4 address is retrieved by
   the DHCPv6 server, the corresponding IPv4-mapped IPv6 address is
   included in OPTION_V6_PCP_SERVER.  If both IPv4 and IPv6 addresses
   are retrieved by the DHCPv6 server, these addresses are included in
   the same OPTION_V6_PCP_SERVER (IPv4 addresses are represented as
   IPv4-mapped IPv6 addresses).

The problem is that you have specified that the way the DHCP server differentiates between two PCP servers is through the FQDN, but the DHCP protocol specifications do not specify how DHCP servers are configured; by doing so here you are making a very significant change.

An additional problem is that current DHCPv6 servers can be expected to query only AAAA records when resolving FQDNs.   This isn't going to work for you, but the specification needs to be done carefully to avoid creating trouble in the future.

What you should say is probably something like this:

    Precisely how DHCP servers are configured to separate lists of
    IP addresses according to which PCP server they address is out
    of scope for this document.   However, DHCP servers MUST NOT
    treat IP addresses returned from a single FQDN lookup as belonging
    to more than one PCP server.

    DHCPv6 servers that implement this option and that can populate
    the option by resolving FQDNs will need a mechanism for indicating
    whether to query for A records or only AAAA records.   When a query
    returns A records, the IP addresses in those records are returned
    in the DHCP response as IPv4-mapped IPv6 addresses.

    Since this option requires support for IPv4-mapped IPv6 addresses,
    a DHCP server implementation will not be complete if it does not
    query for A records and represent any that are returned as
    IPv4-mapped IPv6 addresses in DHCP responses.   This behavior is
    neither required nor suggested for DHCPv6 options in general: it is
    specific to OPTION_V6_PCP_SERVER.  The mechanism whereby
    DHCPv6 implementations provide this functionality is beyond the scope
    of this document.

This still adds two requirements that weren't present in the base spec, but I think it's necessary to accomplish what you want.   The non-splitting requirement should already be the way DHCP servers operate.   The v4-mapped requirement is new functionality, but you can't specify in detail how it works without needlessly constraining implementations.   By stating what is required rather than specifically how to do it, I think you can sidestep that problem.

I'm sorry for adding yet another complication—the reason this is hard is because you are using a feature of the DHCP server that nobody has ever used before, and adding a new feature as well.   Arguably these are DHCP protocol extensions, and should have been done in DHC working group and then presented to you as a tool upon which you could base your option definition specification.  But at this point it's too late to go that route, so I am not going to suggest that we do so.   Hopefully the text you've added here can be folded into 3315bis, so that future specifications that want to do the same thing have better tools at their disposal for accomplishing it.

Of course, I am curious whether the DHC working group agrees with my proposal.   Comments?

v2.23.0 | Report a Bug | By Email