IETF Logo Mail Archive

Re: [dhcwg] draft-ietf-dhc-dhcpv6-yang-04 - DUID representation in the model

"Bernie Volz (volz)" <volz@cisco.com> Thu, 14 December 2017 13:23 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2237D128DE5; Thu, 14 Dec 2017 05:23:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CzTIeWZ_Yx4f; Thu, 14 Dec 2017 05:23:06 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C8D9128D69; Thu, 14 Dec 2017 05:23:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=23499; q=dns/txt; s=iport; t=1513257786; x=1514467386; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=+lvZfLc2iwfJ2juZwm4dnEwA2dGUdU+Bt6sK+UohccY=; b=YQ5umdEwBayL/PotXnzyMzjpouu2HkPfw6urtOocuHKHluSJi5OF5kIm q2UamDQbbqm8avnTy+XG9aeCSspXMTkyTVnCbSmLbNFWbdCZWBIJ7CQgD V1IL44wAb+LbClr4Dmm7orIjANt1wj88LBnHibZuwOXXAkugpDpa6V02m A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DcAACZejJa/4gNJK1dGQEBAQEBAQEBAQEBAQcBAQEBAYJKdGZ0J4QCiiGPBoFXlzyCFQoYAQqFGAIahFw/GAEBAQEBAQEBAWsohSQCAQMBASFLCxACAQg/AwICAiULFBEBAQQOBYlGTAMVEKkQgieKYAEBAQEBAQEBAQEBAQEBAQEBAQEBARgFg2CCDoM/KQuCd4JqRAGFAzGCMgWjJQKHe4dchVGCN5E1jRWJKwIRGQGBOgEfOYFObxU6KgGBfoJTHIFneIpLAQEB
X-IronPort-AV: E=Sophos;i="5.45,400,1508803200"; d="scan'208,217";a="335946652"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 14 Dec 2017 13:23:05 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by alln-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id vBEDN5ck026057 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 14 Dec 2017 13:23:05 GMT
Received: from xch-aln-003.cisco.com (173.36.7.13) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Thu, 14 Dec 2017 07:23:05 -0600
Received: from xch-aln-003.cisco.com ([173.36.7.13]) by XCH-ALN-003.cisco.com ([173.36.7.13]) with mapi id 15.00.1320.000; Thu, 14 Dec 2017 07:23:04 -0600
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Ian Farrer <ianfarrer@gmx.com>
CC: BOUCADAIR Mohamed IMT/OLN <mohamed.boucadair@orange.com>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "draft-ietf-dhc-dhcpv6-yang@ietf.org" <draft-ietf-dhc-dhcpv6-yang@ietf.org>
Thread-Topic: [dhcwg] draft-ietf-dhc-dhcpv6-yang-04 - DUID representation in the model
Thread-Index: AdNylPRYYNiWUyemQc6F5qfpDSooBACYXfaA///QgOk=
Date: Thu, 14 Dec 2017 13:23:04 +0000
Message-ID: <A670F3DD-DEBC-40D5-8890-A5D43233362F@cisco.com>
References: <0cab196d775e45668ef2fec69f317ce1@XCH-ALN-003.cisco.com>, <7E297315-1B5B-437D-A447-221E8DAA5388@gmx.com>
In-Reply-To: <7E297315-1B5B-437D-A447-221E8DAA5388@gmx.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
Content-Type: multipart/alternative; boundary="_000_A670F3DDDEBC40D58890A5D43233362Fciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/ymlP8UaGAqwAA1b3m71rUUOZSnI>
Subject: Re: [dhcwg] draft-ietf-dhc-dhcpv6-yang-04 - DUID representation in the model
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2017 13:23:09 -0000

Ian:

There is no type for this malformed (string) duid. It is just a string, such as:

Option 1, length 6, data: “S12345”.

So you cannot use enumeration of type.

Yes, this clearly violates duid rules but it exists and needs to be represented?

- Bernie (from iPad)

On Dec 14, 2017, at 5:13 AM, Ian Farrer <ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>> wrote:

Hi Bernie/Med,

Here’s a re-worked DUID section including UUID and a free, string based format that hopefully addresses the comments that have been raised:

+--rw duid
|  |  +--rw (duid-type)?
|  |     +--:(duid-llt)
|  |     |  +--rw duid-llt-hardware-type?      uint16
|  |     |  +--rw duid-llt-time?               yang:timeticks
|  |     |  +--rw duid-llt-link-layer-addr?    yang:mac-address
|  |     +--:(duid-en)
|  |     |  +--rw duid-en-enterprise-number?   uint32
|  |     |  +--rw duid-en-identifier?          string
|  |     +--:(duid-ll)
|  |     |  +--rw duid-ll-hardware-type?       uint16
|  |     |  +--rw duid-ll-time?                yang:timeticks
|  |     +--:(duid-uuid)
|  |     |  +--rw uuid?                        yang:uuid
|  |     +--:(duid-string)
|  |        +--rw string?                      string


Cheers,
Ian


On 11. Dec 2017, at 16:33, Bernie Volz (volz) <volz@cisco.com<mailto:volz@cisco.com>> wrote:

Hi:

One comment regarding the 04 version is that for the DUID, you need to:
1.       Include the DUID-UUID (see RFC 6355)
2.       Handle DUIDs that do NOT follow these conventions (I know of at least one model device that does not). So, you need a way to represent that (the vendor sadly has no type even before the text serial number of the device). This would also accommodate new DUID types that are not yet defined for a new model.

Frankly, I’d prefer that we NOT explode these fields at all and just treat the data as binary data. Exploding out values here just causes issues for the above cases and makes the model harder to implement. If you see https://tools.ietf.org/html/draft-ietf-dhc-rfc3315bis-10#section-11, you will notice the following text:


   Clients and servers MUST treat DUIDs as opaque values and MUST only

   compare DUIDs for equality.  Clients and servers SHOULD NOT in any

   other way interpret DUIDs.  Clients and servers MUST NOT restrict

   DUIDs to the types defined in this document, as additional DUID types

   may be defined in the future.  It should be noted that an attempt to

   parse a DUID to obtain a client's link-layer address is unreliable as

   there is no guarantee that the client is still using the same link-

   layer address as when it generated its DUID.  And, such an attempt

   will be more and more unreliable as more clients adopt privacy

   measures, such as those defined in [RFC7844<https://tools.ietf.org/html/rfc7844>].  It is recommended to

   rely on the mechanism defined in [RFC6939<https://tools.ietf.org/html/rfc6939>].


By exploding out the values you are just encouraging people to violate these MUSTs.

- Bernie

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org<mailto:dhcwg@ietf.org>
https://www.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email