IETF Logo Mail Archive

Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by September 13, 2023

Ole Trøan <otroan@employees.org> Tue, 12 September 2023 06:09 UTC

Return-Path: <otroan@employees.org>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0928DC151983 for <dhcwg@ietfa.amsl.com>; Mon, 11 Sep 2023 23:09:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.214
X-Spam-Level:
X-Spam-Status: No, score=-1.214 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, MIME_HTML_ONLY_MULTI=0.001, MIME_QP_LONG_LINE=0.001, MPART_ALT_DIFF=0.79, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=employees.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60O-dXGURy6a for <dhcwg@ietfa.amsl.com>; Mon, 11 Sep 2023 23:09:45 -0700 (PDT)
Received: from proxmox01.kjsl.com (proxmox01.kjsl.com [204.87.183.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FDBFC151995 for <dhcwg@ietf.org>; Mon, 11 Sep 2023 23:09:45 -0700 (PDT)
Received: from proxmox01.kjsl.com (localhost.localdomain [127.0.0.1]) by proxmox01.kjsl.com (Proxmox) with ESMTP id 88980E1CC9; Tue, 12 Sep 2023 06:09:44 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=employees.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:from:from:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=prox2023; bh=iUptTt9DSpG/Cgk+ Igk6uFywVuFM/9k5ScEgokaSKU0=; b=J7qJfaLjfv561PxxUPRY03SANSJXdmCA I2j6YBYGg6JgKE2XSkB+80NdrxmpUAnxbYpOs2bsNV9G53laDxxjWUxZiPm3qm8B tKwC+CuUt1Gs7g4fTPpZP+8G5RYZF3/ZBTaWRDvIzYoXSQqU++gXMiZ34QfkpdLj /V6urKdXznnaQLGf0hK3QY5eGF72JpifKeUgBuyCmm45vlDTM4HtqyHXdhsPbOUq MsTvaIyXNa9cwtC1TPczzFxBaJsJQljGVWxxNXZVY7z9Sb9zVJyE9DcI/IYA2X1x kCJzHHLy76BrqgwoovH/I0kDWqYxMmIGor+Fev29NlpGLXB32vDdkw==
Received: from clarinet.employees.org (clarinet.employees.org [IPv6:2607:7c80:54:3::74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by proxmox01.kjsl.com (Proxmox) with ESMTPS id 678E9E1AF3; Tue, 12 Sep 2023 06:09:44 +0000 (UTC)
Received: from smtpclient.apple (ti0389q160-4360.bb.online.no [82.164.52.60]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 1A35F4E11A51; Tue, 12 Sep 2023 06:09:44 +0000 (UTC)
Content-Type: multipart/alternative; boundary="Apple-Mail-92F2E8DA-F47D-4DD2-8709-1DA28046A75B"
Content-Transfer-Encoding: 7bit
From: Ole Trøan <otroan@employees.org>
Mime-Version: 1.0 (1.0)
Date: Tue, 12 Sep 2023 08:09:30 +0200
Message-Id: <9B1FB9BF-6371-481E-865C-E0E39B2F8E65@employees.org>
References: <CAKD1Yr3vswX-+aPeNxFGjDLNh6tUxE507wC380UdMe4RdZzbEQ@mail.gmail.com>
Cc: Ole Trøan <otroan=40employees.org@dmarc.ietf.org>, dhcwg <dhcwg@ietf.org>
In-Reply-To: <CAKD1Yr3vswX-+aPeNxFGjDLNh6tUxE507wC380UdMe4RdZzbEQ@mail.gmail.com>
To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
X-Mailer: iPhone Mail (20G81)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/W0zPf0D4MCNlc1jpjrMD_spR-xU>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by September 13, 2023
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Sep 2023 06:09:49 -0000



On 12 Sep 2023, at 02:57, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org> wrote:


On Tue, Sep 12, 2023 at 2:09 AM Ole Trøan <otroan=40employees.org@dmarc.ietf.org> wrote:
IPv6 host configuration behavior is already complicated. This proposal adds yet another dimension. With any new mechanism, there’s the issue of how to deal with legacy hosts. The document appears silent on this. 

There is nothing we can do about legacy hosts obviously. The security considerations section says this message is optional and that networks cannot rely on it because the device might not send it or the message might be lost. But it will work well in an environment where the operator controls the devices. How about tweaking the existing text in section 6 to clarify?

====
On its own, it is not intended to be a strong security access mechanism and networks cannot rely on its use unless they control the devices that connect to the network.
====
 
The proposal seems to suggest that hosts should always try to register their addresses. With hand wavy text suggesting it should be possible to disable. Are we now going to see yet another flag in RA’s asking hosts to be quiet? Should it really be enabled by default?

There is already a control mechanism: hosts will not send these packets if the M and O bits are set to 0. So if there is no DHCPv6 server on link, the hosts will be quiet.

I must be missing something here regarding expected host behavior. If the M-flag is set the host will do normal dhcp surely?
What if there is no A-flag in PIO or no PIO, then the client should certainly not run the new address notification protocol. 

It’s unclear from the document what expected client behavior is and how it interacts with the normal dhcp. 



If the server supports the new packet type, then the additional traffic caused by hosts implementing this proposal is similar to the additional traffic that hosts would cause if they implemented stateful DHCPv6. If hosts only register one address this proposal causes less traffic, because refreshes are recommended at 80% lifetime instead of the 50% lifetime recommended by RFC 8415. (If the DHCPv6 server doesn't support rapid commit, then this proposal is much cheaper because stateful DHCPv6 is a four-packet exchange but this is just two.) If the client registers two addresses (one stable and one privacy), and the server does support rapid commit, it's a bit more.

There will be more traffic if there are clients that implement this proposal but servers have not been updated to send the required reply message. Once this specification is published, we expect servers to implement this message because it is extremely simple for a server to do so (basically, just look at the packet, and log the contents). It's possible to 
 
The draft seems to be silent about the elephant in the room. The problem the draft seems to solve is already perfectly solved by normal DHCPv6 address assignment. Which is already widely implemented and deployed. 

It's true that DHCPv6 is widely implemented, but on the other hand, this proposal is more suited to many networks than stateful DHCPv6. Many networks (pretty much all networks serving clients, actually) don't really need stateful address allocation, they just need the ability to do forensics and know which devices were using which addresses. This proposal is much simpler than stateful DHCPv6 - RFC 8415 is 154 pages long and this is just a handful. Also, DHCPv6 is very hard to use correctly in networks that can be renumbered such as home networks or mobile hotspots, because updates require the client to ask again and reconfigure is very difficult to deploy.

Finally- we need a way to provide forensic abilities for SLAAC addresses. The IETF does not recommend running DHCPv6-only networks for general purpose devices (RFC 7934 section 8.2), so SLAAC will be in use even on networks that support stateful DHCPv6 (e.g., because implementations will use privacy addresses in preference to DHCPv6 addresses). Network operators that want to track usage of SLAAC addresses don't have a tool to do so, and that is a gap in the IPv6 deployment story that we are trying to fill.

What the IETF does or doesn’t recommend I would be a little careful in asserting. Especially referencing a document you have yourself authored. :-)

Regarding dhcpv6. I implemented a functional dhcpv6 server last week in a couple of hundred lines of code. It’s a stateless server, using algorithmic mapping to assign addresses. Meaning that in this example your proposal would require much more state than normal dhcp. 

Both SLAAC and DHCPv6 can work well with controlled renumbering. Neither one of them handle flash renumbering well. 

If a network needs address tracking:
1) use DHCPv6 address assignment 
2) if not use savi/fhs with tracking from the network 

It’s not obvious to me that providing yet another way to do the same thing is good for IPv6. 

O. 

v2.23.0 | Report a Bug | By Email