Re: [dna] [DNA] RE: DNA and DHCPv6

"Bernard Aboba" <bernard_aboba@hotmail.com> Fri, 20 November 2009 18:36 UTC

Return-Path: <bernard_aboba@hotmail.com>
X-Original-To: dna@core3.amsl.com
Delivered-To: dna@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 90B573A694A; Fri, 20 Nov 2009 10:36:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.592
X-Spam-Level:
X-Spam-Status: No, score=-1.592 tagged_above=-999 required=5 tests=[AWL=1.007, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id leLFlvhv8Gu9; Fri, 20 Nov 2009 10:36:00 -0800 (PST)
Received: from blu0-omc3-s20.blu0.hotmail.com (blu0-omc3-s20.blu0.hotmail.com [65.55.116.95]) by core3.amsl.com (Postfix) with ESMTP id AF42E3A6927; Fri, 20 Nov 2009 10:36:00 -0800 (PST)
Received: from BLU137-DS4 ([65.55.116.72]) by blu0-omc3-s20.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 20 Nov 2009 10:35:58 -0800
X-Originating-IP: [131.107.0.104]
X-Originating-Email: [bernard_aboba@hotmail.com]
Message-ID: <BLU137-DS4C7DE5A88C342B71FFF7193A10@phx.gbl>
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
To: "'Bernard Aboba'" <bernard_aboba@hotmail.com>, "'Ralph Droms'" <rdroms@cisco.com>
References: <4B0655CB.2040309@piuha.net> <BLU137-DS32F4D6442FA52382BD73893A10@phx.gbl> <A75B573B-CABA-4E5E-AFFC-A26DD7F1168C@cisco.com> <BLU137-DS1D82CF3CD90846438826393A10@phx.gbl> <CC929A72-A7A9-4046-B2C2-5E26D47191C6@cisco.com> <25152_1258740954_4B06DCDA_25152_2200991_1_BLU137-DS54781303180257DD0D9B193A10@phx.gbl>
In-Reply-To: <25152_1258740954_4B06DCDA_25152_2200991_1_BLU137-DS54781303180257DD0D9B193A10@phx.gbl>
Date: Fri, 20 Nov 2009 10:35:57 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcpqBNnNVd3CGmG9QOq/2sdEBHweEQACBh2AAAC75EA=
Content-Language: en-us
X-OriginalArrivalTime: 20 Nov 2009 18:35:58.0132 (UTC) FILETIME=[4D3C9F40:01CA6A10]
Cc: 'DNA' <dna@eng.monash.edu.au>, dna@ietf.org, draft-ietf-dna-simple@tools.ietf.org, 'IESG IESG' <iesg@ietf.org>, 'dhc WG' <dhcwg@ietf.org>
Subject: Re: [dna] [DNA] RE: DNA and DHCPv6
X-BeenThere: dna@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNA working group mailing list <dna.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dna>
List-Post: <mailto:dna@ietf.org>
List-Help: <mailto:dna-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Nov 2009 18:36:01 -0000

One potential wrinkle occurs in the case where the NS/NA, RS/RA and DHCPv6
exchanges have unequal levels of security.  For example, Section 4.7.1
states that if the NS/NA is secured with SEND and the DHCPv6 exchange is
not, then DNA takes priority.  However, where there are equal levels of
security (or insecurity), then I believe DNA should work as per below. 

-----Original Message-----
From: owner-dna@ecselists.eng.monash.edu.au
[mailto:owner-dna@ecselists.eng.monash.edu.au] On Behalf Of Bernard Aboba
Sent: Friday, November 20, 2009 10:15 AM
To: 'Ralph Droms'
Cc: 'DNA'; dna@ietf.org; 'Suresh Krishnan (QB/EMC)';
draft-ietf-dna-simple@tools.ietf.org; 'Jari Arkko'; 'IESG IESG'; 'dhc WG'
Subject: [DNA] RE: DNA and DHCPv6

"So, would this be an accurate description of Simple DNA:

* Send NS for each candidate link to the default router for that link
* Initiate RS/RA exchange as specified in RFC 4861
* Initiate DHCPv6 exchange as specified in RFC 3315

* If an NA is received, used cached info for corresponding link from  
SDAT
* Process any received RAs as specified in RFC 4861
* Use info from DHCPv6 exchange as specified in RFC 3315
* Info from RA and/or DHCPv6 overrides any reused cached info based on NA"


[BA] I believe so, yes.  Aside from the DHCPv6 issues, there were a few
deviations with respect to RS/RA that were raised in the IESG review. 
I think we need to look at those carefully as well.