IETF Logo Mail Archive

Re: [dhcwg] dhc WG last callon draft-ietf-dhc-relay-id-suboption-00.txt

Mark Stapp <mjs@cisco.com> Wed, 10 September 2008 15:51 UTC

Return-Path: <dhcwg-bounces@ietf.org>
X-Original-To: dhcwg-archive@megatron.ietf.org
Delivered-To: ietfarch-dhcwg-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A6CD028C228; Wed, 10 Sep 2008 08:51:40 -0700 (PDT)
X-Original-To: dhcwg@core3.amsl.com
Delivered-To: dhcwg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E365228C211 for <dhcwg@core3.amsl.com>; Wed, 10 Sep 2008 08:51:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.495
X-Spam-Level:
X-Spam-Status: No, score=-5.495 tagged_above=-999 required=5 tests=[AWL=-0.954, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_43=0.6, MIME_HTML_ONLY=1.457, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id prp+c0WPWsnF for <dhcwg@core3.amsl.com>; Wed, 10 Sep 2008 08:51:33 -0700 (PDT)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 0B4D628C25F for <dhcwg@ietf.org>; Wed, 10 Sep 2008 08:51:32 -0700 (PDT)
X-IronPort-AV: E=Sophos; i="4.32,373,1217808000"; d="scan'208,217"; a="20350800"
Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-1.cisco.com with ESMTP; 10 Sep 2008 15:51:38 +0000
Received: from rtp-core-1.cisco.com (rtp-core-1.cisco.com [64.102.124.12]) by rtp-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m8AFpc1N030224; Wed, 10 Sep 2008 11:51:38 -0400
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by rtp-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id m8AFpcRD002621; Wed, 10 Sep 2008 15:51:38 GMT
Received: from xfe-rtp-201.amer.cisco.com ([64.102.31.38]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 10 Sep 2008 11:51:37 -0400
Received: from [161.44.70.103] ([161.44.70.103]) by xfe-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 10 Sep 2008 11:51:37 -0400
Message-ID: <48C7ED09.8020801@cisco.com>
Date: Wed, 10 Sep 2008 11:51:37 -0400
From: Mark Stapp <mjs@cisco.com>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: "David W. Hankins" <David_Hankins@isc.org>
References: <2CB8863C-65FA-4C7E-A764-82C951AF8137@cisco.com> <8E296595B6471A4689555D5D725EBB2108B1CEB4@xmb-rtp-20a.amer.cisco.com> <31D55C4D55BEED48A4459EB64567589A0C8852BBB5@BLRKECMBX02.ad.infosys.com> <48C7CE51.9070708@cisco.com> <20080910152531.GA5360@isc.org>
In-Reply-To: <20080910152531.GA5360@isc.org>
X-OriginalArrivalTime: 10 Sep 2008 15:51:37.0705 (UTC) FILETIME=[1BDBDD90:01C9135D]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=3855; t=1221061898; x=1221925898; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mjs@cisco.com; z=From:=20Mark=20Stapp=20<mjs@cisco.com> |Subject:=20Re=3A=20[dhcwg]=20dhc=20WG=20last=09callon=09dr aft-ietf-dhc-relay-id-suboption-00.txt |Sender:=20 |To:=20=22David=20W.=20Hankins=22=20<David_Hankins@isc.org>; bh=EiLNSJZUy+/fE4gwAaSXLsIS25YchVn8hgFk0fYJuM8=; b=gwaso2QYhCOEFVd10nKzijWDnnzp52tA5I0hGCdFGF2kRJ99p/1Vfnvbwr hEEBdeMXK8kFAYiDyfR8tCtcc3RJPNyzA2Zd02QsrKOPg/xEQfZf792bITGx H+Kyfr9SmL;
Authentication-Results: rtp-dkim-1; header.From=mjs@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
Cc: DHC WG <dhcwg@ietf.org>
Subject: Re: [dhcwg] dhc WG last callon draft-ietf-dhc-relay-id-suboption-00.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/dhcwg>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1294551362=="
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org

I'm hearing these concrete issues based on your emails:

1. make it explicit that the id used, whether configured or auto-generated, is expected to remain 'stable', which means committed to some kind of non-volatile storage.

2. make it explicit that if the administrator depends on the relay-id as part of client provisioning or identification, it must be available in all the dhcp messages where the server depends on it. I think there are several ways to deal with that: ignore RENEWs without opt-82; permit RENEWs without checking opt-82; use server-id-override; use L2 relay.

wrt the question of the admin-configured relay-id value, I think (personally) that it's overkill to prohibit use of a string until we've invented and standardized a new DUID type that carries ... a string. the id value is _meant_ to be opaque, so unless there's a real technical reason why an admin-configured value could cause an operational problem, I'd prefer to just leave it be.

Thanks,
Mark

David W. Hankins wrote: 
On Wed, Sep 10, 2008 at 09:40:33AM -0400, Mark Stapp wrote:
  
David: this isn't about cons'ing up new ids for clients. don't let an 
example from the text mislead you about what the data in the suboption is: 
it's just another relay suboption. I'll reorganize the examples to try to 
make the distinction between what the info is and how it might be used 
clerrer.
    
OK, that makes more sense.

My concern there right now is that the draft only says a relay agent
might format this new option as equal to a DUID, but gives no
directions for stable storage of that DUID or what context should be
driven to manufacture it (from packet contents or from the relay's
internal context such as its own interface addresses).

We've had problems with clients manufacturing a new DUID-LLT every
time they restart, and 3315 was pretty clear on this issue I thought.
I'm fairly concerned what we'll see if we're not clear. :)

It might make some sense, from Bernie's comments, to stick to DUID
types entirely and make "vendor or administratively supplied" id's
live under the vendor-identified DUID type, explicitly describing
the field contents as being the relay's DUID and subject to the same
rules that clients and servers use to generate their own.  If we need
a "manually configured NVT-ASCII string" DUID type, we could assign
one I think.


I got the idea somehow from the introduction and the later sections
that an admin might expect to see "sw5.etc:5/19" as the field
contents, being a switch identity concatenated with a port number,
and using that to form an identity with a lease.  I gather I'm
mistaken, and concat(relay-DUID, relay-interface-id) seems much more
reliable and extensible.

But this is a commonly requested and very useful feature, so if this
field is intended to be used in concert with other fields (relay agent
interface-id) to form an identity relationsihp with a lease, I think
we still have a RENEWING problem (maybe solved by referring to
RFC5107)?

  

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg" rel="nofollow">https://www.ietf.org/mailman/listinfo/dhcwg
  
_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email