Re: [dhcwg] Benjamin Kaduk's No Objection on draft-ietf-dhc-slap-quadrant-09: (with COMMENT)
CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es> Fri, 31 July 2020 18:57 UTC
Return-Path: <cjbc@it.uc3m.es>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B940A3A02F9 for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2020 11:57:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=it.uc3m.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yQ8pToqKhC-5 for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2020 11:57:36 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FD923A0303 for <dhcwg@ietf.org>; Fri, 31 Jul 2020 11:57:36 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id l1so32636591ioh.5 for <dhcwg@ietf.org>; Fri, 31 Jul 2020 11:57:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=it.uc3m.es; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=f2UdX5PhZhvmeCc6uKdyVUtIf58dwadmWYBYpXCoVHA=; b=FLDxvmJHXlYqyWc7lz7nH/O6rzGGKFsck0MyIWpWfTulDqmN3WSLzZXmwRz4lAXsEc zt1VWOKm5HkylqRDMB3Tnm3+jcDg0A5llkRXiTPz4ntQY6f4DciBHctxremVk9XHZzeB H9zmVBaWJgFAzfRrPd3SlG3Dp56wUgL26bZpiPoU6Joxh38ENadiCatf3i4X6Jck+CgN PO4GceHQHqcD/m4ZEzme7nCTO4zStm3/x2kNfw5OWdwCSoK77lma6GnxhEiRwsYFn8XR 1WL6oZYNgRd6dheKUfXEEWHmbDxJSFLtWccfHB97fT8yK79q69w6LvQvNakp0mq6KkpF bp0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=f2UdX5PhZhvmeCc6uKdyVUtIf58dwadmWYBYpXCoVHA=; b=RodtLnvXl0xANcam15/AIFzyRIpzXR2pJ2+6WeC0WTMAeY7PuehJIYdgO3AEfr8aAE tZl7GlLK0iP2NSJzsQMppdzRt/YPEJmGfK0Ln6/LdqnrvTK8HlJz0gVZRpKl/Y5Wqmq7 de8EFXDVtmrfPH7RT8RI46kTXZhd6jAc9e7icNFiBH3MIT0K0+A45sbfkWx55b5+PfKm FwfDjixIS+NApz9sa45gobhUYfRKcjtNaSBGQ3k2o8XnL6zryNdoVFqtJj9xi3TRwkIk 3UTzWaKwjVdfPCikOCCg5l18byyMgF7mza08XyNp3tLPObiIIbswIvELM36MKOsmvaDK J9+g==
X-Gm-Message-State: AOAM532ADc8iNL4jZaQLc4gMKQjIi+7fh0XV69LWibRFPoE2VKgkHwnd 5UkbrX3nbVGD7YF0UNR0ocsu1vhTPT72csc906m/Wg==
X-Google-Smtp-Source: ABdhPJxpVkfaU9KdbrYhXoA67gXjW/6OpIpqT5lv8JT83IPpi5WtLw583+WhmHS8QPnN6QhhuSQe2rhnJVmaa7+o9Ps=
X-Received: by 2002:a02:840e:: with SMTP id k14mr6407498jah.133.1596221855096; Fri, 31 Jul 2020 11:57:35 -0700 (PDT)
MIME-Version: 1.0
References: <159165604132.26829.1388964748461575487@ietfa.amsl.com> <CALypLp8RruBgJ35sudHf6xzUk3J+917Z=8_86cDt-jB2wXaNxw@mail.gmail.com> <20200731180757.GR92412@kduck.mit.edu>
In-Reply-To: <20200731180757.GR92412@kduck.mit.edu>
From: CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es>
Date: Fri, 31 Jul 2020 20:57:18 +0200
Message-ID: <CALypLp-V9Kqi84KyB3eBTtrcSz_A7Wi_HjZpJZPuGmEC0wyEyg@mail.gmail.com>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: The IESG <iesg@ietf.org>, draft-ietf-dhc-slap-quadrant@ietf.org, dhc-chairs@ietf.org, dhcwg <dhcwg@ietf.org>, Tomek Mrugalski <tomasz.mrugalski@gmail.com>, Ian Farrer <ianfarrer@gmx.com>
Content-Type: multipart/alternative; boundary="000000000000a8008b05abc15cba"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/YUiVZiU8ohIaanSRGLQSl4SRz3E>
Subject: Re: [dhcwg] Benjamin Kaduk's No Objection on draft-ietf-dhc-slap-quadrant-09: (with COMMENT)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 18:57:42 -0000
Thanks Ben! See inline below. On Fri, Jul 31, 2020 at 8:08 PM Benjamin Kaduk <kaduk@mit.edu> wrote: > Hi Carlos, > > Thanks for the follow-up and updates. Just a couple things inline... > > On Fri, Jul 31, 2020 at 02:44:03PM +0200, CARLOS JESUS BERNARDOS CANO > wrote: > > Hi Benjamin, > > > > Thanks a lot for your review, and apologies for the belated reply. > > > > Please see below inline some comments. All changes are applied to -10, to > > be posted soon. > > > > On Tue, Jun 9, 2020 at 12:40 AM Benjamin Kaduk via Datatracker < > > noreply@ietf.org> wrote: > > > > > Benjamin Kaduk has entered the following ballot position for > > > draft-ietf-dhc-slap-quadrant-09: No Objection > > > > > > When responding, please keep the subject line intact and reply to all > > > email addresses included in the To and CC lines. (Feel free to cut this > > > introductory paragraph, however.) > > > > > > > > > Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > > > > The document, along with other ballot positions, can be found here: > > > https://datatracker.ietf.org/doc/draft-ietf-dhc-slap-quadrant/ > > > > > > > > > > > > ---------------------------------------------------------------------- > > > COMMENT: > > > ---------------------------------------------------------------------- > > > > > > I had a little bit of a hard time understanding how all the given > > > examples benefit from using a specific quadrant for their allocations, > > > but that may just be my lack of background, and in any case is not a > > > reason to hold up the document. > > > > > > Section 1.1.1 > > > > > > o IoT (Internet of Things): where there are a lot of cheap, > > > sometimes short lived and disposable devices. Examples of this > > > include: sensors and actuators for health or home automation > > > applications. In this scenario, it is common that upon a first > > > boot, the device uses a temporary MAC address, to send initial > > > DHCP packets to available DHCP servers. IoT devices typically > > > request a single MAC address for each available network > interface. > > > > > > I'm a bit confused by the use of present tense here ("it is common"), > > > given that AFAIK the companion document draft-ietf-dhc-mac-assign is > the > > > first mechanism for DHCP-based MAC address assignment. > > > > > > > [Carlos] You are right. We have rewritten it using "In this scenario, a > > reasonable > > behavior would be that, upon a first boot, [...]" > > > > > > > temporary MAC address. This type of device is typically not > > > moving. In general, any type of SLAP quadrant would be good for > > > assigning addresses from, but ELI/SAI quadrants might be more > > > suitable in some scenarios, such as if the addresses need to > > > belong to the CID assigned to the IoT communication device > vendor. > > > > > > side note: I'm curious what kind of case would require that the address > > > belong to the CID of the device's vendor. > > > > > > > [Carlos] This also comes from IEEE feedback. It seems realistic that some > > devices cannot come with a burned-in address, but still want to use a > local > > address using the CID of the device's vendor. > > Makes sense; thanks. > > > > > > > > > Section 2 > > > > > > Interesting that we say that client+server support IA_LL and LLADDR but > > > nothing about QUAD :) > > > > > > [Carlos] Good point. We've fixed it. Thanks. > > > > > > > Section 3 > > > > > > change address several times). This information includes, but it is > > > not limited to: > > > > > > o Type of network the device is connected: public, work, home. > > > > > > o Trusted network? Y/N. > > > [...] > > > > > > nit: it might be nice to use a parallel structure for all of the bullet > > > points ('?' vs ':', prose discussion vs short answer, etc.) > > > > > > > [Carlos] OK, done. Though some of the prose discussion has been kept as I > > believe it was needed (the points were not straightforward to follow). > > > > > > > > > > o Mobility? Y/N. > > > > > > A few more words about what sense "mobility" is used in might be in > > > order. > > > > > > > [Carlos] Done. > > > > > > > > > > quadrants. If the device is not moving and attached to a trusted > > > network (e.g. at work), then it is probably best to select the ELI > > > > > > side note: it's not entirely clear that "at work" implies "not moving" > > > -- in some environments it's common to move between desk and conference > > > room, potentially on a different floor or in a different building. > > > > > > > [Carlos] Thanks, good points. I've massaged a bit the text in that part. > > > > > > > Last, if we consider the data center scenario, a hypervisor might > > > request local MAC addresses to be assigned to virtual machines. As > > > in the previous scenarios, the hypervisor might select the preferred > > > SLAP quadrant using information provided by the cloud management > > > system (CMS) or virtualization infrastructure manager (VIM) running > > > on top of the hypervisor. This information might include, but is > not > > > limited to: > > > > > > As was (IIRC) noted by a directorate reviewer, we don't use "CMS" or > > > "VIM" again, and since at least "CMS" collides with another well-known > > > IETF acronym, there seems to be little or negative value in including > > > the acronyms here. > > > > > > > [Carlos] Fixed. I've removed the acronym and now use the expanded term. > > > > > > > > > > Section 4.1 > > > > > > I suggest using "IA_LL(LLADDR,QUAD)" in step 1 of Figure 3, as is done > > > for the other lines, to match the prose text's MUST-level requirement > to > > > include LLADDR. > > > > > > > [Carlos] Done. > > > > > > > > > > option. In order to indicate the preferred SLAP quadrant(s), > the > > > IA_LL option includes the new OPTION_SLAP_QUAD option in the > > > IA_LL-option field (with the LLAADR option). > > > > > > Even though QUAD does not give provision for nested options, it would > > > perhaps be better to use "alongside" or "as a sibling of" or similar, > > > rather than "with", to describe the relationship between QUAD and > > > LLADDR. > > > > > > > [Carlos] OK, thanks. I've picked "alongside". > > > > > > > Also, nit: s/LLAADR/LLADDR/. > > > > > > > [Carlos] Thanks, fixed. > > > > > > > > > > an LLADDR option that specifies the addresses being offered. If > > > the server supports the new QUAD IA_LL-option, and manages a > > > block of addresses belonging to the requested quadrant(s), the > > > addresses being offered MUST belong to the requested > quadrant(s). > > > > > > nit: I don't expect a single block of addresses to span quadrant > > > boundaries, so perhaps "belonging to a requested quadrant" and "MUST > > > belong to a requested quadrant" would be more appropriate. > > > > > > > [Carlos] OK, thanks. > > > > > > > > > > 3. The client waits for available servers to send Advertise > > > responses and picks one server as defined in Section 18.2.9 of > > > [RFC8415]. The client SHOULD NOT pick a server that does not > > > advertise an address in the requested quadrant. The client then > > > > > > Perhaps "quadrant(s)" or "a requested quadrant", to match the previous > > > discussion? > > > > > > > [Carlos] OK, thanks, picked "quadrant(s)". > > > > > > > > > > sends a Request message that includes the IA_LL container option > > > with the LLADDR option copied from the Advertise message sent by > > > the chosen server. It includes the preferred SLAP quadrant(s) > in > > > the new QUAD IA_LL-option. > > > > > > nit: I think s/the new/a new/ is better, since we have not discussed a > > > new QUAD option in the Request yet. > > > > > > > [Carlos] OK, thanks. > > > > > > > > > > The client SHOULD check if the received MAC address comes from one > of > > > the requested quadrants. Otherwise, the client SHOULD NOT configure > > > the obtained address. It MAY repeat the process selecting a > > > different DHCP server. > > > > > > "repeat the process" sounds like sending the same Renew to a different > > > server, that is, different from the server that assigned the address > > > whose renewal is being requested. Is that expected to be effective > > > (either in renewing the current assignment or in getting a new > > > allocation in a Reply, as opposed to an "I don't know about that" error > > > response)? > > > > > > [Carlos] We have changed this, based on feedback received at both IETF > and > > IEEE, and now reads as follows: > > > > The client SHOULD check if the received MAC address comes from one of > > the requested quadrants. It MAY repeat the process selecting a > > different DHCP server. > > > > The idea is that the client might pick a different server from those that > > sent and Advertise and try. > > > > > > > Section 4.2 > > > > > > side note: It's interesting to me that QUAD is not included in a > > > Relay-reply(Advertise()) but is included in a regular Advertise() when > > > no proxy is involved. (Likewise for wrapped Reply().) > > > > > > payload. Depending on the server's policy, the instance(s) of > > > the option to process is selected. For each of the entries in > > > > > > Just to check: this is intended to allow both "use only one, and if > both > > > are present which to use is up to local policy" and "apply the > > > intersection of both requests [with some local policy for which > priority > > > to respect]"? I note that later on we have some text that makes it > > > RECOMMENDED to prefer the client's, in a discussion that does not cover > > > the "intersection" option at all. So perhaps the "intersection" option > > > is not intended to be available? > > > > > > > [Carlos] The intended idea is "use only one, and if both are present > which > > to use is up to local policy". > > In that case, I'd suggest to just say "instance" and not "instance(s)", > since only one instance is actually processed by the server (if I > understand correctly). > > [Carlos] OK, changed. > > > > > > > > in a Relay-reply message. If the server supports the semantics > > > of the preferred quadrant included in the QUAD option, and > > > manages a block of addresses belonging to the requested > > > quadrant(s), then the addresses being offered MUST belong to > the > > > requested quadrant(s). The server SHOULD apply the contents of > > > > > > [same nit as for §4.1] > > > > > > > [Carlos] OK, fixed. > > > > > > > > > > 10. This message is forwarded by the Relay in a Relay-forward > > > message, including a QUAD IA_LL-option with the preferred > > > quadrant. > > > > > > I would consider repeating the mention from above about how the QUAD is > > > included here in case the server has to make a new assignment, to make > > > sure that the client (well, proxy's) preference is available in such > > > cases. > > > > > > > [Carlos] Not sure I got your point here. Do you mean using the text in > #2? > > Sorry, I see now that this comment was too vague. > What I meant was that up in Section 4.1, when we talk about what seems to > be a similar situation, we say: > > It includes the preferred SLAP quadrant(s) in the new > QUAD IA_LL-option, so in case the server is unable to extend the > lifetime on the existing address(es), the preferred quadrants are > known for the allocation of any "new" (i.e., different) > addresses. > > I was wondering if there was value in including a similar statement in this > location. ("No value" is a perfectly valid answer!) > [Carlos] OK, I see now. I think I'll keep the original text here. > > > > > > > > > Section 5.1 > > > > > > quadrant-n Identifier of the quadrant (0: AAI, 1: ELI, 2: > > > Reserved, 3: SAI). Each quadrant MUST only appear > > > once at most in the option. A 1-byte field. > > > > > > Perhaps note that this is Reserved in the sense of the IEEE quadrant, > > > not the usual IETF/IANA "reserved" usage? > > > > > > > [Carlos] Good point, thanks. I've used "Reserved by IEEE" and a ref > > to [IEEEStd802c]) > > > > > > > assigned preference). Note that a quadrant - preference tuple is > > > > > > nit: earlier we spell this a "(quadrant, preference) pair". Using > > > consistent notation/terminology seems advisable. > > > > > > > [Carlos] Thanks. This specific paragraph has been revised as a result of > > another comment we received. Now only "pair" is used in the document. > > > > > > > used in this option (instead of using a list of quadrants ordered by > > > preference) to support the case whereby a client really has no > > > preference between two or three quadrants, leaving the decision to > > > the server. > > > > > > side note: it's not 100% clear to me that we need to exclude the "no > > > preference among all four quadrants" case, though I certainly am not > > > insisting that we include it. > > > > > > > [Carlos] Well, since at the time of writing this there are only 3 > possible > > quadrants, we are de-facto considering the case of "no preference among > all > > possible quadrants". I guess this was your point, no? > > Probably. (To be honest, I don't remember exactly what my point was...) > > > > > > > > > specified quadrants, it SHOULD proceed with the assignment. If the > > > server cannot provide an assignment from one of the specified > > > quadrant-n fields, it MUST NOT assign any addresses and return a > > > status of NoQuadAvail (IANA-2) in the IA_LL Option. > > > > > > This text seems to lose some of the subtlety around NoQuadAvail vs. > > > NoAddrsAvail that is prsent in Section 4.1. It would be good to be > > > consistent about how we discuss these cases. > > > > > > > [Carlos] OK, fixed. > > > > > > > > > > Section 7 > > > > > > Do I understand correctly that there is no technical mechanism to > > > prevent a relay from inserting a QUAD option inside what is nominally > > > the client's IA_LL, as opposed to as a top-level option in > Relay-forward > > > (which is what it's "supposed to" do)? We should probably say > something > > > about how the proxy has to be trusted to do the right thing and a > > > malicious proxy could change/override the client's preference. > > > > > > > [Carlos] I assume here the considerations described in RFC 8415 would > > apply. > > That seems pretty plausible, good point. > > > > > > > I'm surprised that RFC 7227 is not referenced here. > > > > > > > [Carlos] It is now. We got the same comment from another reviewer ;) > > > > > > > Though it is not referenced (yet?), RFC 7227 says that authors of > > > documents defining new DHCP options are "strongly advised to explicitly > > > define validation measures" for recipients of such options. I do not > > > see much discussion of validation measures in this document (despite > > > there being MUST-level requirements on the quadrant-n fields with > > > respect to each other), just a mention that "first occurrance wins", > > > which is not exactly a validation step but more of a processing one; > why > > > is there no need to provide more detailed validation measures? > > > > > > > [Carlos] RFC 7227 also states that "However, validation measures already > > defined by RFC 3315 or other specifications referenced by the new option > > document are redundant and can introduce errors, so authors are equally > > strongly advised to refer to the base specification for any such > validation > > language rather than copying it into the new specification." We refer to > > RFC 8415 (which obsoletes 3315), assuming that this is sufficient. > > Okay, thanks for the extra explanation (and reading 7227 more carefully > than me!). > > > > > > > > > Section 8 > > > > > > The work in this draft will be further developed and explored under > > > the framework of the H2020 5Growth (Grant 856709) and 5G-DIVE > > > projects (Grant 859881). > > > > > > I'm not 100% sure that we need to speculate about the future here > > > (especially given that it would become stale as time passes); would it > > > suffice to say that "this work is supported by" the grants in question? > > > > > > > [Carlos] OK, revised. > > > > > > > > > > Section 9.1 > > > > > > It's not entirely clear to me that we reference RFC 8200 in a normative > > > fashion. > > > > > > [Carlos] I agree. I've moved it to informative (also being consistent > with > > draft-ietf-dhc-mac-assign). > > > > Thanks a lot! > > Thank you as well, > > Thanks again! Carlos > Ben >
- [dhcwg] Benjamin Kaduk's No Objection on draft-ie… Benjamin Kaduk via Datatracker
- Re: [dhcwg] Benjamin Kaduk's No Objection on draf… CARLOS JESUS BERNARDOS CANO
- Re: [dhcwg] Benjamin Kaduk's No Objection on draf… Benjamin Kaduk
- Re: [dhcwg] Benjamin Kaduk's No Objection on draf… CARLOS JESUS BERNARDOS CANO