Re: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue

"Bernie Volz (volz)" <volz@cisco.com> Fri, 21 August 2015 20:00 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E45271ACD46 for <dhcwg@ietfa.amsl.com>; Fri, 21 Aug 2015 13:00:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RD16XWO6hHZj for <dhcwg@ietfa.amsl.com>; Fri, 21 Aug 2015 13:00:18 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D151A9245 for <dhcwg@ietf.org>; Fri, 21 Aug 2015 13:00:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=64826; q=dns/txt; s=iport; t=1440187218; x=1441396818; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=VCJuWFxDGXmR4Z3hRvL5Eimynu9WxjxlVlofB2Kp0Mk=; b=aa08JMh2Gka2NmaMWwY5T6QPIjoikJV4r1gvWf8/6mq0Uc2b7onAeIp3 ObJyAQvtMMU4xkEsEb7bFAdYQxsSXGj3OsfwpyKHEUCZr/yFaIJnonlvw WyxNWtLaI9jyi+99RCYMVXbVxeKyD811eMVkQWTYEHrkPMrKyLM3nlA1M o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ASBQDSgtdV/4oNJK1dgk5NVGkGgx+6GCoBCYFtAQmFewIcgRc4FAEBAQEBAQGBCoQjAQEBAwEBAQEgCkEQCwIBCA4DBAEBCxYBBgMCAgIfBgsUCQgCBAESCIgRAwoIDbh9kC4NhVcBAQEBAQEBAQEBAQEBAQEBAQEBAQEXilGBA4JPgXAaFhAHCgEGgmMvgRQFhySGbYQJgxMBhQSFfYM3RoNogxyJdwWHNREVgg4cgVNxgUiBBAEBAQ
X-IronPort-AV: E=Sophos; i="5.15,723,1432598400"; d="scan'208,217"; a="20656533"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-7.cisco.com with ESMTP; 21 Aug 2015 20:00:17 +0000
Received: from XCH-ALN-012.cisco.com (xch-aln-012.cisco.com [173.36.7.22]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id t7LK0Ht4018938 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 21 Aug 2015 20:00:17 GMT
Received: from xch-aln-012.cisco.com (173.36.7.22) by XCH-ALN-012.cisco.com (173.36.7.22) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Fri, 21 Aug 2015 15:00:14 -0500
Received: from xhc-rcd-x01.cisco.com (173.37.183.75) by xch-aln-012.cisco.com (173.36.7.22) with Microsoft SMTP Server (TLS) id 15.0.1104.5 via Frontend Transport; Fri, 21 Aug 2015 15:00:14 -0500
Received: from xmb-rcd-x04.cisco.com ([169.254.8.103]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.03.0248.002; Fri, 21 Aug 2015 15:00:08 -0500
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Sunil Gandhewar <sgandhewar@juniper.net>, "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue
Thread-Index: AQHQyG3D57vh4oLBlkqnsHurQzNNTp3vZe1wgCB+LYCABu+U0A==
Date: Fri, 21 Aug 2015 20:00:08 +0000
Message-ID: <489D13FBFA9B3E41812EA89F188F018E1CC4B442@xmb-rcd-x04.cisco.com>
References: <CAFx+hENzkutk+0i7aXZhyJsheZkejzwqyjndu3XQS2dviRn-5w@mail.gmail.com> <489D13FBFA9B3E41812EA89F188F018E1CB8BFDA@xmb-rcd-x04.cisco.com> <BLUPR0501MB10432F65107608B8CE8EB620C2790@BLUPR0501MB1043.namprd05.prod.outlook.com>
In-Reply-To: <BLUPR0501MB10432F65107608B8CE8EB620C2790@BLUPR0501MB1043.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.98.1.199]
Content-Type: multipart/alternative; boundary="_000_489D13FBFA9B3E41812EA89F188F018E1CC4B442xmbrcdx04ciscoc_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/jrNxi4XRLsPWiG6kHMIn5ssuyzQ>
X-Mailman-Approved-At: Fri, 21 Aug 2015 13:05:08 -0700
Subject: Re: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2015 20:00:23 -0000

Hi … some comments inline below (BV>).


-          Bernie

From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Sunil Gandhewar
Sent: Sunday, August 16, 2015 10:01 PM
To: dhcwg@ietf.org
Cc: Sunil Gandhewar
Subject: Re: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue

I am glad that someone came up with this draft. When we implemented such a feature, we also came across number of concerns. This document provides guidelines nicely. I have few comments.


1.       I think it should be clarified that when both the prefix and prefix-length is included in the hint, then server should give priority to what, prefix or the prefix-length. It is possible that server has different address pools and it can allocate different lengths from different address pools. In my opinion it should be prefix and not prefix-length.
BV> A non-zero ipv6-prefix field in the IAPREFIX (with of course a non-zero prefix-length) should be treated as a request for THAT prefix. Nothing else.
BV> A hint is when the ipv6-prefix field in the IAPREFIX is all 0s and the prefix-length field is non-zero.
BV> A 0 in the prefix-length field (and a non-zero ipv6-prefix) is kind of an invalid request. Not clear how this should be handled – send IAPREFIX with 0 lifetimes or ignore? Might be an issue to consider for 3315bis.


2.       Section 4.2 does not mention about the combination of same or different IAID. If IAID is same then server should treat it as the client is releasing the old one and asking for new one.
BV> Can you clarify this. I believe you mean if a client sends IA_PD with IAPREFIX with current delegated prefix and another IAPREFIX with just a hint, it is up to the server as how this is handled. I think this should mean that the client is interested in a prefix of the delegated length and is using the prefix provided; the server has the following choices:

a)      Renew the existing prefix. (Ignore prefix hint.)

b)      Assign a new prefix of the requested length (or as close as possible to the request length; though obviously not of the same length as the existing delegated prefix) and either deprecate (0 lifetimes) the existing or provide 0 preferred time with a non-zero (but ‘short’) valid lifetime.

c)       Do both (a) and (b). Though this one is probably less than optimal.


3.       Server should include different combination of prefixes and prefix-lengths in Advertise (multiple choices client can have) and let client choose which matches it’s needs and request only that one. Instead of relying on Advertise from multiple servers, one server can send possible combinations. It saves a lot.
BV> I do not think that is a good idea. What would be the benefit of this?


4.       Section 4.4 – here client should use new IA_ID to indicate that it is looking for new IA_PD with different hint
BV> I think we want to be careful about causing an IAID change. While this seems simple and is indeed a proper way to ‘change’ PDs, it has some issues. In particular:

-          It requires that the client have state to remember that it is now using a different IAID then it started with. For some devices, this may be difficult.

-          In cases where the desired prefix length isn’t available, the client may end up with two delegated prefix with the same prefix length (i.e., the one it got for the first IAID and the one for the 2nd). Likely the client would release one (2nd), but that increases the load on the client and server.
I much prefer a single IAID with two IAPREFIX options – one for the existing prefix and the end for a hint as to what the client wants (see #2 above).


5.       Include reference to RFC 7550 as the new IAs are being requested during Renew and Rebind

BV> Note also that we really want the hint to be just that – it is not a hard and fast requirement that servers honor the hint. So, you also want to be careful with how we handle this for servers that will ignore this (hence why #4 above is a bit more complex).


I am thinking may be it would be better to use the word Release instead of deprecate e.g.
the client could use the
two prefixes at the same time and deprecate the old prefix after some
time interval.


Regards,
Sunil Gandhewar
Juniper Networks, Inc.
sgandhewar@juniper.net<mailto:sgandhewar@juniper.net>


From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Bernie Volz (volz)
Sent: Monday, July 27, 2015 8:26 PM
To: tianxiang li; alexandru.petrescu@gmail.com<mailto:alexandru.petrescu@gmail.com>; Dan.Seibel@TELUS.COM<mailto:Dan.Seibel@TELUS.COM>
Cc: dhcwg@ietf.org<mailto:dhcwg@ietf.org>
Subject: Re: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue

Please let’s keep this document focused on the prefix length hint issue. It already is clear that this is only applicable when implementing RFC 3633.

   DHCPv6 Prefix Delegation [RFC3633<https://tools.ietf.org/html/rfc3633>] allows a client to set a hint
   value in the prefix-length field of the IA_PD option to indicate a
   preference for the size of the prefix to be delegated, but is unclear
   about how the client and server should act in different situations
   involving the prefix length hint.  This document provides a summary
   of the existing problems with the prefix length hint and guidance on
   what the client and server could do in the different situation
   involving the the prefix length hint.

I’d also like to stay away from other issues (such as sending RAs). That should already be pretty clear – it would be dumb to send RAs about a prefix which has been released or is no longer valid (valid lifetime has expired) and is not a new problem related to the hints but normal operation when prefixes change (through some configuration mechanism) and is not really related to DHCPv6 at all. If you want to work on those issues, I would recommend you consider 6man.

And again, just for correctness, NoPrefixAvail is the Status Code related to PD.


-          Bernie

From: tianxiang li [mailto:peter416733@gmail.com]
Sent: Monday, July 27, 2015 9:11 AM
To: Bernie Volz (volz); alexandru.petrescu@gmail.com<mailto:alexandru.petrescu@gmail.com>; Dan.Seibel@TELUS.COM<mailto:Dan.Seibel@TELUS.COM>
Cc: dhcwg@ietf.org<mailto:dhcwg@ietf.org>
Subject: Re: [dhcwg] two comments on draft-cui-dhc-dhcpv6-prefix-length-hint-issue


Thank you for providing the comments.

For #1 I agree with Bernie and Alexandru. There are two cases when a server cannot provide a prefix:

1.  Servers which support prefix delegation, will not include an IA_PD option in the Advertise   message.
2. Servers which support prefix delegation but cannot provide a prefix and the time being, will return a status code of Noaddrsavail in the IA_PD option.

The current document does assume all the servers could support prefix delegation. I think we could add some text in “Receipt of Advertise message by the Client” (section 3.3&4.3) describing these cases.

For #2 Yes, the client should stop sending RAs on its other interfaces. I think we could add this text to section 4.1 “Creation of Solicit Message by the Client”


> On Jul 23, 2015, at 6:38 AM, Alexandru Petrescu <alexandru.petrescu at gmail.com<http://gmail.com>> wrote:

>

> Hello,

>

> I just read draft-cui-dhc-dhcpv6-prefix-length-hint-issue-00.

>

> I am happy this draft exists and I have two comments.  One is more

> general question in this context, and the other a potential improvement,

> but not a request.

>

> The draft assumes the Client is a Host which may request a prefix len at

> some point, and another one maybe later.  It seems the prefix is to be

> used on the interface which has issued that Solicit.  And it seems to

> face a Server sure to be willing to deliver a prefix.

>

> 1. What is the best way to query a DHCPv6 Server to ask it whether or

> not it supports Prefix Delegation at all?

>

> 2. when this Router changes mind and requests a different prefix, maybe

> with a different length, a specification like

> draft-cui-dhc-dhcpv6-prefix-length-hint-issue could recommend to

> deprecate that prefix with specific consideration to below it, not just

> to the Server.

>

> I mean this something like this:

>

> Current text:

>> 1.Deprecate the old prefix right away by sending a Release message to

>> the server, and switch over to the new prefix.

>

> New text:

>> 1.Deprecate the old prefix right away by sending a Release message to

>> the server, and switch over to the new prefix.  And by stopping

>> sending RAs on its other interfaces with the old prefix, stop

>> propagating it in the routing protocol.

>

> Alex

>

> _______________________________________________

> dhcwg mailing list

> dhcwg at ietf.org<http://ietf.org>

> https://www.ietf.org/mailman/listinfo/dhcwg