IETF Logo Mail Archive

Re: [dhcwg] recommendation on DHCP6 source port numbers

Bernie Volz <bevolz@gmail.com> Thu, 29 February 2024 15:27 UTC

Return-Path: <bevolz@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EFA5C1654F2 for <dhcwg@ietfa.amsl.com>; Thu, 29 Feb 2024 07:27:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bbeWe-Kqcsgl for <dhcwg@ietfa.amsl.com>; Thu, 29 Feb 2024 07:26:59 -0800 (PST)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD07EC151983 for <dhcwg@ietf.org>; Thu, 29 Feb 2024 07:26:59 -0800 (PST)
Received: by mail-qt1-x82d.google.com with SMTP id d75a77b69052e-42e5e16559cso6338221cf.0 for <dhcwg@ietf.org>; Thu, 29 Feb 2024 07:26:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709220419; x=1709825219; darn=ietf.org; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:from:to:cc:subject:date:message-id :reply-to; bh=Nu2MvbSRcDI1jOaGSVihtVPh0ITJneP2SwvCMalwajk=; b=dVLJI5J5YJxUTZdGtAmvVQOt5koUHgv/kMtqzSYWr9v63YFQqz+Vz57QWWJXEkmo3O 4qJTaBbbjswMvOyzcK3hF9sHMvHQ5XdbZnQfDQ8OOXeObamg9J7P+2OV0vyJpdaiPWbJ ECxLDROAgq1H0XcbDBzNSW29m1p5tjaTk3lxsIF0wFeWhoXi0HSPzYuGVj7OqOQPS5JU muFQGSmNaWXhR2OnXl/W6jVlAyYrlAmNbdbRxfe7pRGEzHs1wdg/AeZ6M1/njrtHFuoL 1lNRGwiWwkQLQoMsjY7C+YjkcPEHeSKpPZdxNo2d7OWfBUI9WG8cJ9VzfNehdYZbhsHj +gvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709220419; x=1709825219; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Nu2MvbSRcDI1jOaGSVihtVPh0ITJneP2SwvCMalwajk=; b=Ee+bYjY6Y5efE8cGW5If0SoAPgsLhqZrYaji3MCFnkhpQpgvruXmedY862Axt0Fn/d 46+1NlXtuRjaBnDnjxkES4RRyU4h4dp0WxSpBAGTxqq1kaBOuGQAkoV7wQRXQsVobtag WqNXTEHKw2QTGemuu8LqZbi5bVbq1xM6b/uhTFYJCYwEQiEgEoZVKFtOB3Kh4HR9b02n 48q3bZaZwzCodPAec4CH2mY5+2slW6xh1L+CE8dIAOAJtOF036Qj72hLpsNBk8gK13kW xSgmMmP6f2CQjOQe96goOSQlb8mPXfRQmYcIXfLwYYzb4U9xsWu7BykUoTZRDsc605Gb VlYA==
X-Forwarded-Encrypted: i=1; AJvYcCUR59cRmJnv0vK+7wBBq/g0+IhBovunazsa/ukaliep53TeLfhsApyymkMx5dyMqQWwok/gkonmXt2LvIQS0g==
X-Gm-Message-State: AOJu0YxFanhKUedZAXPeJp8u+hDYoQ1GMOiTYLJpWf+1D9XOLN6Ty3XB lGX3Fw2cQ7YIF0EgisehNKwJh1H7rKT+OP2/XoHZyUK7iMgdy+g=
X-Google-Smtp-Source: AGHT+IFywgwl1hyZVwPPNpl+9VQjR5Rrx8wCwoWbyaXrRCflWsjXn7KtQ9/zjGxsAZLp9B2dXmw4LQ==
X-Received: by 2002:ac8:594f:0:b0:42e:87da:2496 with SMTP id 15-20020ac8594f000000b0042e87da2496mr2773910qtz.38.1709220418755; Thu, 29 Feb 2024 07:26:58 -0800 (PST)
Received: from smtpclient.apple (d-69-161-122-95.nh.cpe.atlanticbb.net. [69.161.122.95]) by smtp.gmail.com with ESMTPSA id i9-20020ac85c09000000b0042c7b9abef7sm500683qti.96.2024.02.29.07.26.58 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 29 Feb 2024 07:26:58 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Bernie Volz <bevolz@gmail.com>
Mime-Version: 1.0 (1.0)
Date: Thu, 29 Feb 2024 10:26:47 -0500
Message-Id: <FD96A34A-7D9C-433C-AA76-FFAB5908D163@gmail.com>
References: <15F34F0B-6439-4387-8C8B-44229A822DC7@employees.org>
Cc: Lorenzo Colitti <lorenzo@google.com>, Tomoyuki Sahara <tsahara@iij.ad.jp>, dhcwg@ietf.org
In-Reply-To: <15F34F0B-6439-4387-8C8B-44229A822DC7@employees.org>
To: Ole Troan <otroan@employees.org>
X-Mailer: iPad Mail (21D61)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/XhC9nYfyG3612Pq8uYCyVbr2JnA>
Subject: Re: [dhcwg] recommendation on DHCP6 source port numbers
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 15:27:00 -0000

Server reply is sent to destination port 546. How would that confuse any other host?

And, IPv6 doesn’t have broadcast. Server always sends to client’s link-local address (or whatever source address it used).

- Bernie (from iPad)

> On Feb 29, 2024, at 10:22 AM, Ole Troan <otroan@employees.org> wrote:
> 
> Bernie,
> 
> Why isn’t this text relevant also for DHCPv6:
> 
>> We could not simply allow the client to pick a 'random' port
>> number for the UDP source port field; since the server reply may be
>> broadcast, a randomly chosen port number could confuse other hosts
>> that happened to be listening on that port.
> 
> 
> Cheers,
> Ole
> 
>> On 29 Feb 2024, at 15:56, Bernie Volz <bevolz@gmail.com> wrote:
>> 
>> This text seems a bit off. If the server always sends to the client port, its source port doesn’t matter.
>> 
>> I think this original text was because normal UDP communication could then happen and may have been because of limits in the APIs available at the time?
>> 
>> This is unnecessary today.
>> 
>> If you follow the rules, all is ok with whatever source ports are used:
>> 
>>     Clients listen for DHCP messages on UDP port 546.  Servers and
>>     relay agents listen for DHCP messages on UDP port 547.
>> 
>> I don’t know if the word “listen” in this is what causes confusion? Maybe it should just be:
>> 
>>     Clients receive DHCP messages on UDP (destination) port 546.  Servers and
>>     relay agents receive DHCP messages on UDP (destination) port 547.
>> 
>> But maybe even that is still confusing to some.
>> 
>> - Bernie
>> 
>>>> On Feb 29, 2024, at 9:16 AM, Ole Trøan <otroan@employees.org> wrote:
>>> 
>>> Guess we haven’t departed too far from bootp.
>>> Which seems to make a case for the client using the reserved port number also as the source port.
>>> 
>>> Rfc951:
>>> The UDP header contains source and destination port numbers. The
>>> BOOTP protocol uses two reserved port numbers, 'BOOTP client' (68)
>>> and 'BOOTP server' (67). The client sends requests using 'BOOTP
>>> server' as the destination port; this is usually a broadcast. The
>>> server sends replies using 'BOOTP client' as the destination port;
>>> depending on the kernel or driver facilities in the server, this may
>>> or may not be a broadcast (this is explained further in the section
>>> titled 'Chicken/Egg issues' below). The reason TWO reserved ports
>>> are used, is to avoid 'waking up' and scheduling the BOOTP server
>>> daemons, when a bootreply must be broadcast to a client. Since the
>>> server and other hosts won't be listening on the 'BOOTP client' port,
>>> any such incoming broadcasts will be filtered out at the kernel
>>> level. We could not simply allow the client to pick a 'random' port
>>> number for the UDP source port field; since the server reply may be
>>> broadcast, a randomly chosen port number could confuse other hosts
>>> that happened to be listening on that port.
>>> 
>>> 
>>> O.
>>> 
> 
>

v2.29.0 | Report a Bug | By Email | System Status