IETF Logo Mail Archive

Re: [dhcwg] [radext] draft-ietf-dhc-dhcpv6-radius-opt-10

Jouni Korhonen <jouni.nospam@gmail.com> Mon, 08 April 2013 07:31 UTC

Return-Path: <jouni.nospam@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2D4321F854F; Mon, 8 Apr 2013 00:31:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[AWL=-0.798, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D+nKkf4aa9hk; Mon, 8 Apr 2013 00:31:54 -0700 (PDT)
Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) by ietfa.amsl.com (Postfix) with ESMTP id 63FEC21F854E; Mon, 8 Apr 2013 00:31:53 -0700 (PDT)
Received: by mail-la0-f51.google.com with SMTP id fo12so193396lab.24 for <multiple recipients>; Mon, 08 Apr 2013 00:31:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:from:content-type:message-id:mime-version:subject:date :references:cc:to:x-mailer; bh=REYLf+RVW0n4IVeE5Y10fQF/jLokEVSbRIR02KY5D/8=; b=y52loBgEfe88ygg3xp8JamVlOvBGKCXmsyXyqubMMC5RtzsjQOIDHSRDFa/JBo8zO8 p7QleBbj86XOyjPctjkmIElGYfYC0zQmnHf+g6KSw7sSoIiENyjwkqkaBLoC9uDDyo0C rjyz4UtNvmx0jG9oLOIxaaEUd9op9g38Gw+s1qntiyotiB2Dy8prQQ+jr/9dVtuz9Fas KiTG4Qrk9AcyP+7njedIoGLPlNsutf89yYRCihUJXpBA45gpCczXQf+vojKqJ5nSQiCc 7XeAQV0nd655Bi94GIK8eyRD8Orriy2TooaEG4zwjnphCwvgKv37BC+rw5Zf1DIahwrL JqCA==
X-Received: by 10.152.109.112 with SMTP id hr16mr11171361lab.38.1365406312282; Mon, 08 Apr 2013 00:31:52 -0700 (PDT)
Received: from [192.168.250.228] ([194.100.71.98]) by mx.google.com with ESMTPS id c7sm10136147lbe.6.2013.04.08.00.31.49 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 08 Apr 2013 00:31:50 -0700 (PDT)
From: Jouni Korhonen <jouni.nospam@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_81739F0B-8294-4C23-9DF4-B0A1970E30EA"
Message-Id: <FB413294-CF61-4AD9-AF26-41EC8A30DF37@gmail.com>
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
Date: Mon, 08 Apr 2013 10:31:49 +0300
References: <CAC8SSWtBMyDgShEDofyUjgcBiQ_ttY_DUbDNHnhhnf531+9XXA@mail.gmail.com>
To: "<radext@ietf.org>" <radext@ietf.org>
X-Mailer: Apple Mail (2.1503)
Cc: dhcwg <dhcwg@ietf.org>
Subject: Re: [dhcwg] [radext] draft-ietf-dhc-dhcpv6-radius-opt-10
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2013 07:31:54 -0000

Seems that I forgot to CC mailing lists.

- Jouni

Begin forwarded message:

> From: jouni korhonen <jouni.nospam@gmail.com>
> Subject: Re: [dhcwg] [radext] draft-ietf-dhc-dhcpv6-radius-opt-10
> Date: April 5, 2013 7:37:47 PM GMT+03:00
> To: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
> 
> 
> 5.4.2013 17.16 "Tomek Mrugalski" <tomasz.mrugalski@gmail.com> kirjoitti:
> >
> > On 05.04.2013 15:12, Ted Lemon wrote:
> > > On Apr 5, 2013, at 8:50 AM, Jouni Korhonen <jouni.nospam@gmail.com>
> > > wrote:
> > >> Blindly dropping an attribute might not work in all cases. For
> > >> example, in some cases the server might not then be able to provide
> > >> all information the relay needs..
> > >
> > > Well, I did say "silently ignored," not "dropped," but yeah.   If the
> > > server doesn't support that attribute, it's not going to have any
> > > effect anyway.   It seems like silently ignoring it is better than
> > > dropping the whole message, although I suppose you could argue the
> > > opposite, since a misconfiguration of this sort is probably something
> > > the administrator wants to fix immediately, not discover by accident
> > > years later.
> > Anyway, dropping the whole message is definitely too radical here. We
> 
> I was not suggesting dropping the message. I said "blindly dropping an attribute".. which is somewhat different. I am fine with a) but my point was that it is possible in future when new attributes get added to registry server silently discarding attributes may lead to a situation where the server fails to provide enough information back to relay. This needs to be taken into account when defining DHCP extensions relying on this I-D and the established registry.
> 
> Jouni
> 
> > have 3 options when server receives an unknown attribute:
> > a) ignore just the unknown attribute
> > b) ignore the whole radius option
> > c) ignore the whole message
> >
> > I think we have an agreement that a) is the way to go. At least that's
> > what I strongly recommend.
> >
> > Also, depending on server implementation, it is quite likely that the
> > server will parse unknown attributes and handle them in some generic
> > way, e.g. hex string. This is what some implementations do with unknown
> > DHCPv6 options and I imagine similar approach can be taken with RADIUS
> > attributes. Of course, such a behaviour is strictly implementation
> > specific, so there's no need to put anything about it in the spec.
> > So whether the attribute is "unknown" or not may be a bit blurry
> > definition sometimes.
> >
> > "Server MAY ignore received RADIUS attributes that it does not support."
> > seems like a reasonable text here. Some implementors will ignore unknown
> > attribute, some may produce a warning and some my try to handle it in a
> > generic way.
> >
> > Tomek
> > _______________________________________________
> > dhcwg mailing list
> > dhcwg@ietf.org
> > https://www.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email