Re: [dhcwg] RFC3315 DECLINE definition

"Mudric, Dusan (Dusan)" <dmudric@avaya.com> Thu, 09 February 2017 14:34 UTC

Return-Path: <dmudric@avaya.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C36A0129A76 for <dhcwg@ietfa.amsl.com>; Thu, 9 Feb 2017 06:34:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.92
X-Spam-Level:
X-Spam-Status: No, score=-6.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sdv5RU3ZRVcv for <dhcwg@ietfa.amsl.com>; Thu, 9 Feb 2017 06:34:29 -0800 (PST)
Received: from de307622-de-outbound.net.avaya.com (de307622-de-outbound.net.avaya.com [198.152.71.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FA6C129A66 for <dhcwg@ietf.org>; Thu, 9 Feb 2017 06:34:24 -0800 (PST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2GfAADyfJxY/xUHmMZdGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgxBBYYEJB4NSigiSCYgMixuCD4FJQyqFeAIaglA/GAECAQEBAQE?= =?us-ascii?q?BAQNfKIJbPQYHLwEBAQEBAQEBAQEBAQEcAg8vEgEBGAEBAQEDEhEROgsMBAIBB?= =?us-ascii?q?gINBAQBAQMCBh0DAgICHxEUAQgIAgQOBQgaiToDFQENkhmSbIpigiUmAocHDYQ?= =?us-ascii?q?KAQEBAQEBAQEBAQEBAQEBAQEBAQEBHYELhUKEboE8gRWBbRiDBC6CMQWbODgBh?= =?us-ascii?q?myHCwGGZ4gIhi+FbYRHiF8fOX5PFTyGQnUBAYZAB4EpAYELAQEB?=
X-IPAS-Result: =?us-ascii?q?A2GfAADyfJxY/xUHmMZdGQEBAQEBAQEBAQEBBwEBAQEBgxB?= =?us-ascii?q?BYYEJB4NSigiSCYgMixuCD4FJQyqFeAIaglA/GAECAQEBAQEBAQNfKIJbPQYHL?= =?us-ascii?q?wEBAQEBAQEBAQEBAQEcAg8vEgEBGAEBAQEDEhEROgsMBAIBBgINBAQBAQMCBh0?= =?us-ascii?q?DAgICHxEUAQgIAgQOBQgaiToDFQENkhmSbIpigiUmAocHDYQKAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBHYELhUKEboE8gRWBbRiDBC6CMQWbODgBhmyHCwGGZ4gIhi+?= =?us-ascii?q?FbYRHiF8fOX5PFTyGQnUBAYZAB4EpAYELAQEB?=
X-IronPort-AV: E=Sophos;i="5.35,349,1484024400"; d="scan'208";a="190077551"
Received: from unknown (HELO co300216-co-erhwest-exch.avaya.com) ([198.152.7.21]) by de307622-de-outbound.net.avaya.com with ESMTP; 09 Feb 2017 09:31:54 -0500
X-OutboundMail_SMTP: 1
Received: from unknown (HELO AZ-US1EXHC03.global.avaya.com) ([135.11.85.14]) by co300216-co-erhwest-out.avaya.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 09 Feb 2017 09:31:53 -0500
Received: from AZ-US1EXMB03.global.avaya.com ([fe80::a5d3:ad50:5be9:1922]) by AZ-US1EXHC03.global.avaya.com ([::1]) with mapi id 14.03.0319.002; Thu, 9 Feb 2017 09:31:52 -0500
From: "Mudric, Dusan (Dusan)" <dmudric@avaya.com>
To: "Bernie Volz (volz)" <volz@cisco.com>
Thread-Topic: RFC3315 DECLINE definition
Thread-Index: AdKCVGJ7VzCckicuS8ujStD5DUW3kQAAXlQAAADH2iAAAEJQgAAATJqQAAClqeAAH3aUcAAClxKAAAGY9gA=
Date: Thu, 9 Feb 2017 14:31:51 +0000
Message-ID: <9142206A0C5BF24CB22755C8EC422E457AA1890A@AZ-US1EXMB03.global.avaya.com>
References: <9142206A0C5BF24CB22755C8EC422E457AA186B9@AZ-US1EXMB03.global.avaya.com> <531b6fa753a441c19f1d47958f20b659@XCH-ALN-003.cisco.com> <9142206A0C5BF24CB22755C8EC422E457AA18717@AZ-US1EXMB03.global.avaya.com> <240e4b5573614422a42abec328872c0b@XCH-ALN-003.cisco.com> <9142206A0C5BF24CB22755C8EC422E457AA18746@AZ-US1EXMB03.global.avaya.com> <fd3365190bd445b1ad00a7d8043530dd@XCH-ALN-003.cisco.com> <9142206A0C5BF24CB22755C8EC422E457AA188B2@AZ-US1EXMB03.global.avaya.com> <6792EF5E-8C1F-4D3B-BC6D-8D2EA011BF31@cisco.com>
In-Reply-To: <6792EF5E-8C1F-4D3B-BC6D-8D2EA011BF31@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.11.85.50]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/norI9IgLNxPIcZ8nwERl-OaPikY>
Cc: dhcwg <dhcwg@ietf.org>
Subject: Re: [dhcwg] RFC3315 DECLINE definition
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2017 14:34:40 -0000

Hi Bernie,

That is the current use of DECLINE (only for DAD). https://tools.ietf.org/html/rfc3315#section-17.1.3 only focuses on the server selection after ADVERTISE is received. It does not mention that DHCPv6 client might not be happy with the advertised addresses. IPv6 defines different kinds of addresses and allows multiple addresses, making it more complex to handle. If a server offers IPv6 address that client cannot use (e.g. a multicast address, a second address), the client should be able to decline it.

Again, if the server sends REPLY or REBIND with an address the client cannot use, the client should be able to DECLINE it.

DECLINE should be defined as a response for the addresses that cannot be assigned. 

These are the issues I identified during DHCPv6 testing and analysis and they need to be addressed with the new definition for DECLINE.

Regards,
Dusan.

-----Original Message-----
From: Bernie Volz (volz) [mailto:volz@cisco.com] 
Sent: Thursday, February 09, 2017 9:06 AM
To: Mudric, Dusan (Dusan)
Cc: dhcwg
Subject: Re: RFC3315 DECLINE definition

Again, DECLINE Is only after REPLY received. Not Advertise.

- Bernie

On 2/9/17, 8:57 AM, "Mudric, Dusan (Dusan)" <dmudric@avaya.com> wrote:

    Hi Bernie,
    
    I agree with the definition: " DECLINE means address is bad". What I am saying is that "bad" does not only mean "duplicated". Applications and devices can have other reasons to thing about the offered address to be "bad". If they find the address  is "bad" for any reason, they can send DECLINE. Even the current DHCPv6 protocol does not prevent the DHCPv6 client to send DECLINE for ADVERTISE and REPLY. It is the server that should use it efficiently.
    
    Regards,
    Dusan.
    
    -----Original Message-----
    From: Bernie Volz (volz) [mailto:volz@cisco.com] 
    Sent: Wednesday, February 08, 2017 5:52 PM
    To: Mudric, Dusan (Dusan)
    Cc: dhcwg
    Subject: RE: RFC3315 DECLINE definition
    
    No.
    
    DECLINE means address is bad (duplicated). DECLINE is only valid after Reply, not after Advertise. 
    
    RELEASE means client does not want to use the address provided.
    
    I don't see any benefit to change this.
    
    - Bernie
    
    -----Original Message-----
    From: Mudric, Dusan (Dusan) [mailto:dmudric@avaya.com] 
    Sent: Wednesday, February 08, 2017 5:38 PM
    To: Bernie Volz (volz) <volz@cisco.com>
    Cc: dhcwg <dhcwg@ietf.org>
    Subject: RE: RFC3315 DECLINE definition
    
    Understand the concern. The client should be able to DECLINE addresses in both ADVERTISE and REPLY. Receiving the REPLY does not mean that a unique address must be assigned to the interface. If a client DECLINEs the ADVERTISEd or REPLIEd address, DHCPV6 server should be able to advertise another address.
    
    The client should also be able to tell that is does not want another address. For example, if RENEW/REBIND returns a new address, the client should be able to DECLINE it.
    
    Regards,
    Dusan.
    
    -----Original Message-----
    From: Bernie Volz (volz) [mailto:volz@cisco.com] 
    Sent: Wednesday, February 08, 2017 5:28 PM
    To: Mudric, Dusan (Dusan)
    Cc: dhcwg
    Subject: RE: RFC3315 DECLINE definition
    
    I'm confused ... advertised vs assigned addresses. Once a Reply is received, the address is assigned -- no longer advertised.
    
    DECLINE means that the address is in use. If the client DECLINEs it and just makes it available immediately, the next client to get that address assigned and does DAD will also find a conflict ... so what’s the value of that.
    
    Generally, declined addresses should not be used for a while (that is policy dependent) since it means some other device is using the address.
    
    
    I thought you were trying to say a Decline sent in response to an Advertise would tell the server "I don't want those addresses". But that is not meaningful and why would a client even try to do that. Also, an Advertise is just that -- and advertisement; it is not a commitment to assigned those addresses -- the client can only use the addresses in the Reply. (DHCPv4 is a bit different in this respect -- the address in the Offer must be same as in the Ack. DHCPv6 has no such hard requirement -- it usually is, but that's not required.)
    
    - Bernie
    
    -----Original Message-----
    From: Mudric, Dusan (Dusan) [mailto:dmudric@avaya.com] 
    Sent: Wednesday, February 08, 2017 5:19 PM
    To: Bernie Volz (volz) <volz@cisco.com>
    Cc: dhcwg <dhcwg@ietf.org>
    Subject: RE: RFC3315 DECLINE definition
    
    
    Hi Bernie,
    
    I am talking about DECLINE after REPLY. What I am  proposing is to use DECLINE for "I don't want your Advertised address(es)". I think this will be much cleaner then to let the server timeout the advertised addresses, which can take long.
    
    Thanks,
    
    Dusan
    
    -----Original Message-----
    From: Bernie Volz (volz) [mailto:volz@cisco.com] 
    Sent: Wednesday, February 08, 2017 4:57 PM
    To: Mudric, Dusan (Dusan); 神明達哉; Lishan Li
    Cc: dhcwg
    Subject: RE: RFC3315 DECLINE definition
    
    Dusan:
    
    DECLINE is used after a REPLY, not after an ADVERTISE.
    
    A client has not been assigned an address until it receives the REPLY (at which point it does DAD and may send a DECLINE).
    
    There is no mechanism for a client to indicate to a server "I don't want your Advertised address(es)", except by not proceeding to send a REQUEST.
    
    The server may have held the address "reserved" for a short period of time, but does that really matter? IPv6 addresses are not in short supply.
    
    - Bernie
    
    -----Original Message-----
    From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Mudric, Dusan (Dusan)
    Sent: Wednesday, February 08, 2017 4:47 PM
    To: 神明達哉 <jinmei@wide.ad.jp>jp>; Lishan Li <lilishan48@gmail.com>
    Cc: dhcwg <dhcwg@ietf.org>
    Subject: [dhcwg] RFC3315 DECLINE definition
    
    Hi,
    
    Can DECLINE definition be extended beyond the DAD usage? I think DECLINE should be used every time DHCPV6 client decides not to assign the offered address, for any reason, not just the address is duplicate. When receiving DECLINE, DHCPV6 server should be able to immediately make the same address available in the address pool for the other clients.
    
    Regards,
    Dusan.
    
    _______________________________________________
    dhcwg mailing list
    dhcwg@ietf.org
    https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_dhcwg&d=DQIFJg&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=dSOZR4dOvOIFlrJUO0ra9EaHoccrAjAiWycX_Y4vnRQ&s=e5wK-WS09BIx0RKDTBE_iEdUlrK_bP6gv4TfQaMTPiU&e=