IETF Logo Mail Archive

Re: [dhcwg] Reg RFC6704 (Forcerenew Nonce Authentication)

Curtis Villamizar <curtis@ipv6.occnc.com> Tue, 11 September 2012 21:32 UTC

Return-Path: <curtis@ipv6.occnc.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7C3721F86F3 for <dhcwg@ietfa.amsl.com>; Tue, 11 Sep 2012 14:32:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zIyYvGTCAeJ3 for <dhcwg@ietfa.amsl.com>; Tue, 11 Sep 2012 14:32:12 -0700 (PDT)
Received: from gateway1.orleans.occnc.com (gateway1.orleans.occnc.com [IPv6:2001:470:1f07:1545::1:132]) by ietfa.amsl.com (Postfix) with ESMTP id 1059621F86B3 for <dhcwg@ietf.org>; Tue, 11 Sep 2012 14:32:11 -0700 (PDT)
Received: from harbor1.ipv6.occnc.com (harbor1.ipv6.occnc.com [IPv6:2001:470:1f07:1545::2:819]) (authenticated bits=0) by gateway1.orleans.occnc.com (8.14.5/8.14.5) with ESMTP id q8BLW5Yf025526; Tue, 11 Sep 2012 17:32:05 -0400 (EDT) (envelope-from curtis@ipv6.occnc.com)
Message-Id: <201209112132.q8BLW5Yf025526@gateway1.orleans.occnc.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
From: Curtis Villamizar <curtis@ipv6.occnc.com>
In-reply-to: Your message of "Tue, 11 Sep 2012 20:39:25 -0000." <5F1BEB17-0FC5-4C84-A189-90BFBE868D7B@nominum.com>
Date: Tue, 11 Sep 2012 17:32:05 -0400
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, "<curtis@occnc.com>" <curtis@occnc.com>
Subject: Re: [dhcwg] Reg RFC6704 (Forcerenew Nonce Authentication)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: curtis@occnc.com
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2012 21:32:12 -0000

In message <5F1BEB17-0FC5-4C84-A189-90BFBE868D7B@nominum.com>
Ted Lemon writes:
 
> I didn't say that FORCERENEW for DHCPINFORM clients was hard.  I said
> it would impact performance.  We would go from DHCPINFORM being a
> lightweight read-only operation to a heavyweight read/write operation.
> I guess we could forgo the sync-before-ack logic of stateful DHCP, but
> this would add a lot of complexity to a performance-critical code
> section.
>  
> So yeah, from an implementation point of view, I don't really like
> this idea.  It seems trivial until you think about the impact it has
> either on performance or on implementation complexity.  If there's
> strong demand for it with a clear use case, then I think that's fine.
> I wasn't able to tease one out of your rather dense message—could you
> try to state your use case in a short paragraph or two?


Use cases include: list of default routers changes, list of static
routes changes, list of nameservers changes.  etc.  That was in the
email as examples.

There is no need to make INFORM r/w.  For example, the client change
the list of default routers.

All that is needed is to maintain a list of host for which an inform
was sent and the nonce used.  Then send a FORCERENEW is any config
changes.  Optioanlly also keep a list of parameters sent to avoid
sending a FORCERENEW is none of the requested and provided parameters
had changed.

The minimal change is add the DHCPINFORM client and nonce to the
leases database (if you can call appending to a flat file a database)
and also keep that mapping in RAM.

A certain DHCP server performance would be vastly improved if a flat
file was not used as the database for the leases.

Curtis

btw- I sent the prior message as curtis@occnc.com and I'm subscribed
  to this list as curtis@ipv6.occnc.com so its in the moderator queue.
  My bad.  I'll cancel and resend shortly.

v2.37.1 | Report a Bug | By Email | System Status