Re: [dhcwg] RFC3315 DECLINE definition

"Mudric, Dusan (Dusan)" <> Thu, 09 February 2017 16:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 85D9B129C06 for <>; Thu, 9 Feb 2017 08:59:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mLm2LCC0JVtT for <>; Thu, 9 Feb 2017 08:59:44 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E93EF129BF6 for <>; Thu, 9 Feb 2017 08:53:20 -0800 (PST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.35,137,1484024400"; d="scan'208";a="227441326"
Received: from unknown (HELO ([]) by with ESMTP; 09 Feb 2017 11:53:19 -0500
X-OutboundMail_SMTP: 1
Received: from unknown (HELO ([]) by with ESMTP/TLS/DHE-RSA-AES256-SHA; 09 Feb 2017 11:53:19 -0500
Received: from ([fe80::a5d3:ad50:5be9:1922]) by ([::1]) with mapi id 14.03.0319.002; Thu, 9 Feb 2017 11:53:19 -0500
From: "Mudric, Dusan (Dusan)" <>
To: Simon Hobson <>, dhcwg <>
Thread-Topic: [dhcwg] RFC3315 DECLINE definition
Date: Thu, 9 Feb 2017 16:53:18 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <0540D77C-E307-4B96-A53B-81599408C8> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [dhcwg] RFC3315 DECLINE definition
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 09 Feb 2017 16:59:45 -0000

" By your own admission, the device **DOES** have a valid working address, but for some reason the **APPLICATION** cannot use it."

I was just saying the validation is done in the application because DHCPv6 client cannot do it. It is about the network reachability and not about the application. Site-Local (FEC0::/10), for example, cannot be used by any device (RFC 3879: Deprecating Site Local Addresses. The prefix MUST NOT be reassigned for other use except by a future IETF standards action.)


-----Original Message-----
From: dhcwg [] On Behalf Of Simon Hobson
Sent: Thursday, February 09, 2017 11:46 AM
To: dhcwg
Subject: Re: [dhcwg] RFC3315 DECLINE definition

"Mudric, Dusan (Dusan)" <> wrote:

> One server is configured to statically assign IPv6 addresses (based on the client MAC) or with a pool of IPv6 addresses for the local link. If a client on that location assigns the misconfigured address it becomes unreachable. A user does not even know how to spell DHCPv6 and all he/she experiences is that the device is unusable. The network operator does not get any indication that the device is out of service.

And just how does the client differentiate between that being a deliberate policy choice by the admin (perhaps that location is not supposed to have outside IPv6 connectivity) and a server misconfiguration ?
Besides, just how is that different from other (eg DHCP4) setups ? If I configure the HCP server to give the wrong router address then clients get broken network configs.

At the end of the day, unless you are going to build an all-knowing, globe spanning, AI service that auto-configures everything - then you have to allow for admins to have some intelligence and some competency in their work. So far I've seen nothing in your suggestions that goes beyond "the admin may make a mistake and then things are broken". yes we can make mistakes - but finding and dealing them is part of the job.

So, other than "the admin may make a mistake", what use cases do you have ?

"Mudric, Dusan (Dusan)" <> wrote:

> The application does the semantic check for the address and, if the address is semantically correct, checks if the device using the offered address can be reached within the domain the in which device has to communicate. If, for example, the device has to be globally reachable, the address has to be an unreserved, or not deprecated, global address.

You have **NOT** described anything related to whether the address issued is usable at the network level, basically at the level DHCP is working at. By your own admission, the device **DOES** have a valid working address, but for some reason the **APPLICATION** cannot use it. The **APPLICATION** should report that there is a communications problem - this is how it works normally. The address may well be perfectly usable for other traffic.

Part of troubleshooting such an issue is to look at the network connectivity and the requirements of the application. This sounds very much like the refrain you hear from users who declare "the internet is down" because the web page they are trying to reach isn't working.

dhcwg mailing list