[dhcwg] More on failed WGLC for draft-ietf-dhc-addr-registration-07.txt
"Bernie Volz (volz)" <volz@cisco.com> Thu, 16 October 2014 03:52 UTC
Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 480D91A014E for <dhcwg@ietfa.amsl.com>; Wed, 15 Oct 2014 20:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hdDO0C064Idh for <dhcwg@ietfa.amsl.com>; Wed, 15 Oct 2014 20:52:42 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E96721A0144 for <dhcwg@ietf.org>; Wed, 15 Oct 2014 20:52:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13584; q=dns/txt; s=iport; t=1413431562; x=1414641162; h=from:to:cc:subject:date:message-id:mime-version; bh=4PT1XFA5n1AP2+28uOPoW2gucscNpqjod+fH6SzDzjg=; b=eUd8mBdLgcqBPTz0E+j1ytUiZylv0i/IkRBZAbCkxJYG4ymnLWRJJffs GxvoIw1bLWerK6tWGR9A7ErJ5f1gtYAIWJmJgrsO1dCN7zaaODw2pqrvp kwQxY/DTV61oB508xdBdNI6xrzQaNvfffnc2ivDt/52UOGk+Tj1G0ZRIP Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AkYFAHxAP1StJA2I/2dsb2JhbABagkhGU1gEu1+OPYFuh00CgQ8WAXILhAQBBC1MEgEqViYBBA4NARKIIw3JJQEBAQEBAQEBAgEBAQEBAQEBARmPfQEBHjGDNIEeBZF/hESBd4ZLPI0XhxiBfIF7bAGBDjmBAgEBAQ
X-IronPort-AV: E=Sophos; i="5.04,729,1406592000"; d="scan'208,217"; a="87394713"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by alln-iport-8.cisco.com with ESMTP; 16 Oct 2014 03:52:40 +0000
Received: from xhc-rcd-x02.cisco.com (xhc-rcd-x02.cisco.com [173.37.183.76]) by alln-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id s9G3qeDB008721 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 16 Oct 2014 03:52:40 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.78]) by xhc-rcd-x02.cisco.com ([173.37.183.76]) with mapi id 14.03.0195.001; Wed, 15 Oct 2014 22:52:40 -0500
From: "Bernie Volz (volz)" <volz@cisco.com>
To: "draft-ietf-dhc-addr-registration@tools.ietf.org" <draft-ietf-dhc-addr-registration@tools.ietf.org>
Thread-Topic: More on failed WGLC for draft-ietf-dhc-addr-registration-07.txt
Thread-Index: Ac/ou1+kmd4O3Y7uSbyCYmEe83Thbg==
Date: Thu, 16 Oct 2014 03:52:39 +0000
Message-ID: <489D13FBFA9B3E41812EA89F188F018E1B6CFA7A@xmb-rcd-x04.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.98.1.201]
Content-Type: multipart/alternative; boundary="_000_489D13FBFA9B3E41812EA89F188F018E1B6CFA7Axmbrcdx04ciscoc_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/do0yqYzcotZ0tiV8REB96LxtDBY
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>
Subject: [dhcwg] More on failed WGLC for draft-ietf-dhc-addr-registration-07.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Oct 2014 03:52:46 -0000
Here are my particular reasons for believing that this work is not yet ready. This is primarily to help the authors focus on updating the draft and to provide motivation for those in the WG that feel this is important but did not 'speak up'. First, I believe this draft has a higher bar than usual because it is standard track work, defines a "new" protocol, and one that is a grey area for the DHC WG - it being done here mostly because it uses the DHCPv6 protocol message and option format (and relay support). It was adopted by the DHC WG as there was support for doing this work, so it is important that we make sure it concludes. Jinmei raised some very good points about this work and whether it was needed (see http://www.ietf.org/mail-archive/web/dhcwg/current/msg15849.html and this thread as this not the first message). I did chime in during this discussion to help explain why having clients update DNS directly was an issue. I also think the draft needs to answer why networks that won't or can't use DHCPv6 to resolve the DNS issue would actually make use of this solution. The abstract states "One of the most important issues in this regard is the inability to register such addresses in DNS." Why is this such an important issue; if it isn't happening today, why is this needed now (or in the future)? In the introduction there is "One such limitation is related to the inability of nodes with self-generated addresses to register their IPv6-address-to-FQDN bindings in DNS." It goes on to explain the limitation, but not say WHY this is a problem that needs to be solved. Sure, the "problem" being solved is adding these mappings to DNS; but why is that needed in the first place? What will this DNS information be used for (i.e., to allow incoming connections, to help administrators, for 'primitive' security - if the host is in DNS it must be OK, or)? The Introduction does say "In several tightly controlled networks ..." - so is this a solution for just a few networks? I had also raised a concern about the lack of addressing the multi-server solution. Sure, RFC 3315 wasn't complete on this (i.e. the failover work). And, certainly one option is to say it is out of scope, but that has its own issues. There is an individual submission draft which I had missed (it is in the "Related Internet-Drafts" section at the bottom of http://datatracker.ietf.org/wg/dhc/documents/) - the draft-que-dhc-dns-multi-dhcp-servers-00 document. This is an individual submission (not adopted by the WG); it attempts to address the multiple servers issue. It is very preliminary. But it does open the question of whether more could be done in the addr-registration draft for this or whether the addr-registration, by declaring it out of scope, might restrict possible solutions? I'm not saying that this work needs to be folded into the addr-registration draft, but it may be worth a few cycles to consider how this may be solved? An additional nit found in re-reading parts of the draft: Also, there is no way to propagate the address of authoritative name server by any protocols. DNS can be used for this so I think this statement is incorrect - query for the SOA? (Yes, there may be cases where this isn't the 'real' server that will accept DNS updates - i.e., hidden primary/master.) - Bernie
- [dhcwg] More on failed WGLC for draft-ietf-dhc-ad… Bernie Volz (volz)