Re: [dna] DNA and DHCPv6

Ralph Droms <> Fri, 20 November 2009 14:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 527AD28C12B; Fri, 20 Nov 2009 06:23:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 78ReAqhIUcZI; Fri, 20 Nov 2009 06:23:18 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 0050E3A6AD3; Fri, 20 Nov 2009 06:23:17 -0800 (PST)
Authentication-Results:; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEAJo0BktAZnwN/2dsb2JhbAC8fIkeCI5HgksIgWkEgW8
X-IronPort-AV: E=Sophos;i="4.44,777,1249257600"; d="scan'208";a="69187838"
Received: from ([]) by with ESMTP; 20 Nov 2009 14:23:11 +0000
Received: from ( []) by (8.13.8/8.14.3) with ESMTP id nAKENAts029851; Fri, 20 Nov 2009 14:23:10 GMT
Message-Id: <>
From: Ralph Droms <>
To: Bernard Aboba <>
In-Reply-To: <BLU137-DS32F4D6442FA52382BD73893A10@phx.gbl>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Fri, 20 Nov 2009 09:23:10 -0500
References: <> <BLU137-DS32F4D6442FA52382BD73893A10@phx.gbl>
X-Mailer: Apple Mail (2.936)
Cc: DNA <>,,, IESG <>, Lars Eggert <>, dhc WG <>
Subject: Re: [dna] DNA and DHCPv6
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNA working group mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 20 Nov 2009 14:23:19 -0000

Bernard - thanks for the clarifications; I've included some comments  

Also adding dhc WG for comments.

On Nov 20, 2009, at 8:37 AM 11/20/09, Bernard Aboba wrote:

> I believe that many of Ralph's issues below are the result of poor  
> wording
> in the document.
> The draft specifically says that it does not change the DHCPv6
> protocol, state machine or timers, so that any situation in which
> there is an implied DHCPv6 change represents an error.

It makes sense to me that DHCPv6 would not be changed by this  
document.  DHCPv6 already has a mechanism through which a host can  
determine, in one DHCPv6 message exchange, if it has reattached to its  
most recently attached link.  If the host has moved to a new link, an  
additional 4 message exchange (possibly optimized to 2 messages) is  
necessary to get configuration information for the new link.

In addition to the text that may imply skipping an initial delay when  
sending an initial DHCPv6 message, the third paragraph of section 4.6  
of this document changes the DHCPv6 protocol by specifying that a host  
always send a Solicit message first, possibly including addresses from  
previously visited links as hints.  I think the text about this step  
is a little fuzzy about which addresses should be sent and how they  
should be sent.

I could imagine an argument for a change to DHCPv6 that requires the  
host to send a Confirm message for each of its currently valid  
addresses and a Solicit message, all in a burst, to probe all possible  
links in parallel, rather than just checking for reattachment to the  
most recently attached link.  However, it would be a significant  
change to DHCPv6 that has the potential for significant load on the  
DHCPv6 service.

Another link between Simple DNA and DHCPv6 comes to mind at this  
point.  Here is the second paragraph of section 4.7:

    On reception of a Router Advertisement or advertising DHCPv6 message
    (a REPLY or ADVERTISE) which contains prefixes that intersect with
    those previously advertised by a known router, the host utilizes the
    configuration associated with the detected network.

What, exactly, does "utilize the configuration" mean, in relation to  
DHCPv6?  Does the host use any DHCPv6-assigned addresses without  
sending a Confirm message to the DHCPv6 service?  If the host has not  
reattached to its most recently attached link, presumably the host  
will have received a NAK from the DHCPv6 service from its initial  
Confirm (which checked just the most recently attached link).   
Depending on the timing, the host may have already initiated a DHCPv6  
message exchange for the current link.

Also, this paragraph specifies "prefixes that intersect with those  
previously advertised by a known router".  Suppose the set of prefixes  
intersects but is not identical to those previously advertised?  I  
assume the host uses the newly received configuration.  But, by now  
the host has all the current configuration information from its local  
router, so what's the point?

> So if a host delays transmission of an initial DHCPv6 message that
> should still be the case with DNA.   Also, the draft should not
> change the retransmission rules for DHCPv6.  The paragraph in  
> question,
> (which is not well worded) was intended to refer only to NS  
> retransmission.


> With respect to the M/O bits, the draft should not change the behavior
> of an implementation.  So if an implementation ignores the M/O bits
> (as some do), then that behavior should continue.  If it
> doesn't ignore them, then it will continue to take them into account  
> as
> it did before.


> Also, DNA does not change the assumptions which DHCPv6 uses to obtain
> an address. If DHCPv6 would normally attempt to confirm a previously
> held address, it should continue to do so;  if it would normally
> attempt to obtain a new address, it will do that instead.

As I mentioned above, I don't think the behavior you describe here is  
currently described in the document.

> Given the above, DHCPv6 and DNA largely operate as "ships in the
> night";  the only interaction comes when the two procedures come
> to different conclusions, in which case the text in Section 4.7.1
> comes into play.


- Ralph