IETF Logo Mail Archive

Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by September 13, 2023

Lorenzo Colitti <lorenzo@google.com> Tue, 12 September 2023 07:05 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55C0BC151522 for <dhcwg@ietfa.amsl.com>; Tue, 12 Sep 2023 00:05:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.609
X-Spam-Level:
X-Spam-Status: No, score=-17.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l1ACLpZv4EQo for <dhcwg@ietfa.amsl.com>; Tue, 12 Sep 2023 00:04:59 -0700 (PDT)
Received: from mail-qv1-xf35.google.com (mail-qv1-xf35.google.com [IPv6:2607:f8b0:4864:20::f35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BDB7C14CF1C for <dhcwg@ietf.org>; Tue, 12 Sep 2023 00:04:59 -0700 (PDT)
Received: by mail-qv1-xf35.google.com with SMTP id 6a1803df08f44-655d1cf74faso22622336d6.1 for <dhcwg@ietf.org>; Tue, 12 Sep 2023 00:04:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1694502298; x=1695107098; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=05LFAAbUFrdtCWmaqrAHLoeHSzXNmHemAcx4+4iEl6U=; b=AEomzyLuFikJs8Cwjd/JhuVxhlGpDEAyR6t7XhLq0Phqd71/rmTrvQH5b/cVLDfxpV 0dzTXD5pi4zfv4tq1KP3/WWFVjUmzM2S1XYvXrF12oSdvfHuk3YnRmJNVgruSLzYtFLO GET79lcrZuD4Jxw+3O2awsbOYI2oi2iWAeP3N7GZXGSDtLjaF7XPlX32K1kz3btZR/MM bk9GEzCG/dcJHC9YdM4GVixfoRKqSHeyHTo9EzbEu5QZgXOqsPOwovy6dDQykNbrkiTe 3k4yYZP3OB137pIIgcTpREBuDWET9fJDbFvEWsIMwLqzUe1WxloU51mZaDKlU3c1IBCB V1Tg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694502298; x=1695107098; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=05LFAAbUFrdtCWmaqrAHLoeHSzXNmHemAcx4+4iEl6U=; b=ekIouGYUD+dsxgMzwxDc8g+c4ft/Hu7ccIObFWypQkf39brhfrOpD4OY4bFf4hrA84 w3/T2P6X/4Qv247oaxNWjPa239l8l8DcX52C+xFmknOgYzeCdoyakZ4ZkkIuJ3/4z6QK 3DCQlWPpQEEZwNBfMt0dO54RLnggb7B+gdxBimksGSlgqALj2hHHdFhfBarSuRhtaFyt aN1MyO34wtguieukdUfLARCgThAJm42CDGMwEgBcxMCKLrH+e/5FMnuBKdloKocgbiQ5 iWQj2vNdz9qQSWohSARl/3KbWg7eEmg5wNFEPL/Q+FScmdf9YVTlFtumPz+gDMz8JHtz s7Yw==
X-Gm-Message-State: AOJu0Yw35bhNbXYkuMPNKIX62qsKK+9lwjo3ChOe9fPQMXuFxA0Z7+g1 DbozRDAqtdRPkmJNuobQzDJN2aAO4cZ+8V2AUpNPK1kbyY2/kOsyRNlkUde/
X-Google-Smtp-Source: AGHT+IEtQQPIOzoMXRx/K0cyGyFtsaK3e7aasmz0Nnxo1jGZIuDHSKgtCXrrcV1WssXTIbKLzJmUxtTIZHXZ35J4Z9E=
X-Received: by 2002:a05:6214:1550:b0:64a:959f:22fb with SMTP id t16-20020a056214155000b0064a959f22fbmr12061770qvw.58.1694502298420; Tue, 12 Sep 2023 00:04:58 -0700 (PDT)
MIME-Version: 1.0
References: <CAKD1Yr3vswX-+aPeNxFGjDLNh6tUxE507wC380UdMe4RdZzbEQ@mail.gmail.com> <9B1FB9BF-6371-481E-865C-E0E39B2F8E65@employees.org>
In-Reply-To: <9B1FB9BF-6371-481E-865C-E0E39B2F8E65@employees.org>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Tue, 12 Sep 2023 16:04:41 +0900
Message-ID: <CAKD1Yr2g-PmavjS=4s0gwZpOCG0Q3U06f-9ATd8UXGBPr_7Kzw@mail.gmail.com>
To: Ole Trøan <otroan=40employees.org@dmarc.ietf.org>
Cc: Ole Trøan <otroan@employees.org>, dhcwg <dhcwg@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000091d4b90605240f82"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/qiSjvNQFmz4VsQQxTRCW862AhaI>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-addr-notification - Respond by September 13, 2023
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Sep 2023 07:05:00 -0000

On Tue, Sep 12, 2023 at 3:09 PM Ole Trøan <otroan=
40employees.org@dmarc.ietf.org> wrote:

> I must be missing something here regarding expected host behavior. If the
> M-flag is set the host will do normal dhcp surely?
> What if there is no A-flag in PIO or no PIO, then the client should
> certainly not run the new address notification protocol.
>

>
 It’s unclear from the document what expected client behavior is and how it
> interacts with the normal dhcp.
>

Right. The host might or might not support and run stateful DHCPv6. If it
does, and it gets an address, then it MUST NOT (see section 4) register it
using this protocol. Obviously, M=1 doesn't control whether the host runs
SLAAC as well. If A=1 and the client obtains addresses using SLAAC it will
register them using this protocol, even if it also got addresses from
DHCPv6. If A=0 then the host won't run SLAAC and it won't use this
protocol, except maybe in the unlikely case that someone manually
configures an address.

What should the draft say to clarify? It already says "The client MUST NOT
send the ADDR-REG-INFORM message for addresses configured by DHCPv6." That
seems to cover all the cases above, no? The rest is already specified by
RFC 4861 / 4862 / 8415.


> Finally- we need a way to provide forensic abilities for SLAAC addresses.
> The IETF does not recommend running DHCPv6-only networks for general
> purpose devices (RFC 7934 section 8.2), so SLAAC will be in use even on
> networks that support stateful DHCPv6 (e.g., because implementations will
> use privacy addresses in preference to DHCPv6 addresses). Network operators
> that want to track usage of SLAAC addresses don't have a tool to do so, and
> that is a gap in the IPv6 deployment story that we are trying to fill.
>
>
> What the IETF does or doesn’t recommend I would be a little careful in
> asserting. Especially referencing a document you have yourself authored. :-)
>

Why does it matter who the authors were? The text at the top of RFC 7934
says that it documents an Internet Best Current Practice and that
it represents the consensus of the IETF community, so I think it's
appropriate to cite it. And I am not the only author, either...

If a network needs address tracking:
> 1) use DHCPv6 address assignment
> 2) if not use savi/fhs with tracking from the network
>
> It’s not obvious to me that providing yet another way to do the same thing
> is good for IPv6.
>

As for #1 - if you mean "use DHCPv6 address assignment and SLAAC", then
this protocol is still necessary because otherwise SLAAC addresses will not
be tracked - and implementations might well prefer SLAAC addresses over
DHCPv6, e.g., because they prefer privacy addresses. If by "use DHCPv6
address assignment" you mean "use DHCPv6 only and disable SLAAC", then that
is not recommended by the IETF for general purpose devices (RFC 7934) so it
should not be something that we suggest.

As for #2, we've heard from operators that it is not easy or feasible.
Providing this information via DHCPv6 makes it much easier because that is
where today they have information about clients that use DHCPv6 address
assignment.

v2.23.0 | Report a Bug | By Email