IETF Logo Mail Archive

Re: [dhcwg] Stephen Farrell's Discuss on draft-ietf-dhc-dynamic-shared-v4allocation-07: (with DISCUSS and COMMENT)

Ted Lemon <Ted.Lemon@nominum.com> Wed, 27 May 2015 19:16 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 621E41A905C; Wed, 27 May 2015 12:16:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w2FJU76EkpoD; Wed, 27 May 2015 12:16:50 -0700 (PDT)
Received: from sjc1-mx02-inside.nominum.com (sjc1-mx02-inside.nominum.com [64.89.234.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB2381A904F; Wed, 27 May 2015 12:16:50 -0700 (PDT)
Received: from webmail.nominum.com (cas-04.win.nominum.com [64.89.235.67]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by sjc1-mx02-inside.nominum.com (Postfix) with ESMTPS id 38325DA0085; Wed, 27 May 2015 19:16:50 +0000 (UTC)
Received: from [10.0.20.121] (71.233.43.215) by CAS-04.WIN.NOMINUM.COM (192.168.1.101) with Microsoft SMTP Server (TLS) id 14.3.224.2; Wed, 27 May 2015 12:16:50 -0700
References: <20150526122630.11294.73575.idtracker@ietfa.amsl.com> <273F8D1F-1674-425D-B455-AD0980D13552@gmail.com> <5565D571.7000607@cs.tcd.ie>
MIME-Version: 1.0 (1.0)
In-Reply-To: <5565D571.7000607@cs.tcd.ie>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-ID: <B678DDFC-AB66-4B05-BE77-7FCE08CB6748@nominum.com>
X-Mailer: iPad Mail (12F69)
From: Ted Lemon <Ted.Lemon@nominum.com>
Date: Wed, 27 May 2015 15:16:48 -0400
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Originating-IP: [71.233.43.215]
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/nysY_iZwVifdkwY2cafObTNHrZk>
Cc: "<draft-ietf-dhc-dynamic-shared-v4allocation.ad@ietf.org>" <draft-ietf-dhc-dynamic-shared-v4allocation.ad@ietf.org>, "<volz@cisco.com>" <volz@cisco.com>, "<dhc-chairs@ietf.org>" <dhc-chairs@ietf.org>, "<draft-ietf-dhc-dynamic-shared-v4allocation@ietf.org>" <draft-ietf-dhc-dynamic-shared-v4allocation@ietf.org>, The IESG <iesg@ietf.org>, "<dhcwg@ietf.org>" <dhcwg@ietf.org>, "<draft-ietf-dhc-dynamic-shared-v4allocation.shepherd@ietf.org>" <draft-ietf-dhc-dynamic-shared-v4allocation.shepherd@ietf.org>
Subject: Re: [dhcwg] Stephen Farrell's Discuss on draft-ietf-dhc-dynamic-shared-v4allocation-07: (with DISCUSS and COMMENT)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 19:16:52 -0000

On May 27, 2015, at 10:32 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> I don't believe I saw an answer to the question above. What
> is the answer? (I think that is the key thing in figuring out
> how to handle the discuss btw.)

The base protocol specification uses either the client identifier option or the client MAC address as an identifier.   This document is requiring the use of the client identifier option, and excludes the use of the MAC address, which potentially increases user privacy in the event that the DHCP privacy profile is used.   If the specification allowed the client to use its MAC address alone as an identifier, this would not be possible.

However, I think the actual reason that the client identifier is being required here is that the specific interface that is being configured on the client is not a hardware interface--it's a virtual point-to-point link, which has no hardware address, and thus the client identifier is the only possible identifier to use.

The client identifier or MAC address is used as a database key by the DHCP server to track resources allocated to the client: in this case the A+P port set.   Without such a key, there would be no way to renew the client's lease on that particular A+P port set, and so TCP connections would be broken each time the client's lease expired.

v2.23.0 | Report a Bug | By Email