Re: [dhcwg] [EXTERNAL] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements

Jen Linkova <furry13@gmail.com> Fri, 09 October 2020 09:01 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 678F33A0DAD; Fri, 9 Oct 2020 02:01:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bRrf6b-PyS4e; Fri, 9 Oct 2020 02:01:21 -0700 (PDT)
Received: from mail-qk1-x72d.google.com (mail-qk1-x72d.google.com [IPv6:2607:f8b0:4864:20::72d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3061D3A0DAA; Fri, 9 Oct 2020 02:01:21 -0700 (PDT)
Received: by mail-qk1-x72d.google.com with SMTP id s4so9835297qkf.7; Fri, 09 Oct 2020 02:01:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Mlv+UozuaxkAeEWE3LzRgc1uEK2+N7WSoPfluCbzm3k=; b=WeHkZZZaHehXNAA7jkQ3G2GRXa6+nRtCKLogp1kD2YIhvWBUOFVY52mu7Mlhl7TOBm 2vDcC8i+xY9KrLCz0Lc09VGQ98RTnklDNTy7NZ7wRj6KMAOuntf2Ubr8oPKRRGV+pWLa EXlUdxQrdQ9JtKrif9VbMOeaHwRVX5PAwv/J8is9M7dtt3ntFi3XiTXuP2Rit+GHnTCg algvUNvfEFGa5kpJCyAN9xV6IbGlnJVq2m5ZHyC6pVf7qNmdPcJRM7H6xuQsLsAJ6jIM /DTnZmtyn41YwVwYEE9mIHZsrsygJQxx5oHKJQ0rgCp3L+tQCteW3TTIaXTWZRxGYZCG p/9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Mlv+UozuaxkAeEWE3LzRgc1uEK2+N7WSoPfluCbzm3k=; b=r+tgarhZuwjZSkTuj/9rgrb4fR3Gge24W6hxIvb4WSRdAUaehLtBbBZZnQ7tRLNpJr impQEpCtN26Ww253atXrU+FwDrZ5/itdTRc+slgb0UrnbTYRYxtS70cgqPg5kVWDx1JB VhJ12ArjJQud7l4T3YL268xhOZo90tbtowHreuftfit4vOSLeMKPaiAcNnJb8zG+4R5p L2UyW+pHSCYcbj05dyeiFC9v7i6ij9EgLv6kHFwZf4NdlUPURtimzMkvIwLzHx+/y1tZ KAwVj875N29FKWWLn/Et8NtLQQm7gYrkjzuiwLXiXdVHBJSsfXlxKVHd6fqtuzlglgRo qTJw==
X-Gm-Message-State: AOAM5339NadKql76/vHRAACxVN+LZ/4VVcrifgCEEvpYNjOS8C0RtDEk I3AN02t9MyFXLOBMjUHt1/A/xqhr3/AnbJuh1JlOyG/c
X-Google-Smtp-Source: ABdhPJyG2sa3jXF0IIZkpxFNcaHYNgpsuKcrkZ6YOeXzPEiyeY4/5vN+cF2PhDDZ2Wc2pEHNVEIladu3i4bGIiZ0gxA=
X-Received: by 2002:a37:a74e:: with SMTP id q75mr5034809qke.277.1602234080013; Fri, 09 Oct 2020 02:01:20 -0700 (PDT)
MIME-Version: 1.0
References: <5F6947F2-F7DF-4907-8DD5-28C2B20A91DE@gmx.com> <CAFU7BAT87uhUKZM-G9MjCgtmGbdCwXorP3SfMJm7_Ax7pvwDjg@mail.gmail.com> <f2a9e0188cd84f52adce279cfb04cbcc@boeing.com> <D259F559-8528-428A-A9DF-0D9FB07E6BE4@gmx.com>
In-Reply-To: <D259F559-8528-428A-A9DF-0D9FB07E6BE4@gmx.com>
From: Jen Linkova <furry13@gmail.com>
Date: Fri, 9 Oct 2020 20:01:08 +1100
Message-ID: <CAFU7BAR1r8uOWo9vVRuiPs8ymsxHTvGwysOasXvZ+MemVq8diw@mail.gmail.com>
To: ianfarrer@gmx.com
Cc: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>, dhcwg <dhcwg@ietf.org>, v6ops list <v6ops@ietf.org>, 6man <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/Zofcl9NQ2lYuk_nab4WCLZwn_Ps>
Subject: Re: [dhcwg] [EXTERNAL] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2020 09:01:23 -0000

On Fri, Oct 9, 2020 at 3:16 AM <ianfarrer@gmx.com> wrote:
> [if - If I understand Jen’s question correctly, it’s related to the ‘working’ case.
> i.e. the client has completed PD, installed the routes and the relay has
> the relevant lease info/routes.

Yes, that's exactly what I meant.

> When the second device sends via the default route with a destination address
> in the delegated prefix, R-4 in it’s current form would cause the traffic to be dropped.
> As the relay doesn’t forward the packet, it can’t send a redirect (per RFC4681), so
> the second device can’t forward.
>
> Looking at this, I think there are deployment scenarios where R-4 isn’t going to
> work.
>
> My suggestion would be to make R-4 disable-able.]

Maybe 'on by default' for p2p links and 'off by default & enable-able'
for multiaccess segments?

> >> -----Original Message-----
> >> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Jen Linkova
> >> Sent: Wednesday, October 07, 2020 6:25 PM
> >> To: ianfarrer@gmx.com
> >> Cc: dhcwg <dhcwg@ietf.org>rg>; v6ops list <v6ops@ietf.org>rg>; 6man <ipv6@ietf.org>
> >> Subject: [EXTERNAL] Re: [dhcwg] Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
> >>
> >> This message was sent from outside of Boeing. Please do not click links or open attachments unless you recognize the sender and
> >> know that the content is safe.
> >>
> >>
> >> On Wed, Oct 7, 2020 at 9:25 PM <ianfarrer@gmx.com> wrote:
> >>> We are currently finishing WGLC for this draft. It describes requirements for a 'DHCPv6 Delegating Relay' - this is a router functioning
> >> as the L3 edge and DHCPv6 relay (only) with prefix delegation. This is a common deployment scenario, but RFC3633/8415 only really
> >> describes PD using a Delegating Router - i.e the L3 edge also functions as a DHCPv6 server with no relay. When the relay and server
> >> functions are performed by separate devices a number of problems with how relays behave have
> >>> been observed, so this document addresses them.
> >>>
> >>> During WGLC for this, Ole raised a comment related to one of the routing requirements:
> >>>
> >>> R-4:    If the relay has learned a route for a delegated prefix via a
> >>>           given interface, and receives traffic on this interface with
> >>>           a destination address within the delegated prefix (that is
> >>>           not an on-link prefix for the relay), then it MUST be
> >>>           dropped.  This is to prevent routing loops.  An ICMPv6 Type
> >>>           1, Code 6 (Destination Unreachable, reject route to
> >>>           destination) error message MAY be sent back to the client.
> >>>           The ICMP policy SHOULD be configurable.
> >>>
> >>> The problem that this is trying to solve is:
> >>>
> >>> 3.5.  Forwarding Loops between Client and Relay
> >>
> >> I might be missing smth but...
> >> Let's say I have a relay and it's 'south' (client-facing) interface is
> >> connected to a switch. The client AND second device (another router or
> >> a host) are connected to the same segment.
> >> The client gets a prefix, the relay 'learned' (or shall we call it
> >> 'install'?) the route for the delegated prefix pointing to its 'south'
> >> interface with the client address as a next-hop.
> >> What would happen if the *second* device sends traffic towards the
> >> delegated prefix? As that device is usig the relay as its default
> >> gateway, the traffic would be sent there.
> >> If I read the draft correctly, instead of forwarding the traffic and
> >> maybe sending the redirect, the relay is expected to drop it?
> >>
> >> --
> >> SY, Jen Linkova aka Furry
> >>
> >> --------------------------------------------------------------------
> >> IETF IPv6 working group mailing list
> >> ipv6@ietf.org
> >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> >> --------------------------------------------------------------------
> >
>


-- 
SY, Jen Linkova aka Furry