Re: [Gen-art] Gen-ART review of draft-ietf-dhc-dynamic-shared-v4allocation-06

[<ian.farrer@telekom.de>]

Hi Christer,

Many thanks for your review. Please find suggested updates inline below.

Best regards,
Ian

From: Christer Holmberg [mailto:christer.holmberg@ericsson.com]
Sent: Montag, 27. April 2015 14:36
To: gen-art@ietf.org
Cc: draft-ietf-dhc-dynamic-shared-v4allocation.all@tools.ietf.org
Subject: Gen-ART review of draft-ietf-dhc-dynamic-shared-v4allocation-06

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>
Document:                                   draft-ietf-dhc-dynamic-shared-v4allocation-06
Reviewer:                                     Christer Holmberg
Review Date:                               27 April 2015
IETF LC End Date:                       6 May 2015
IETF Telechat Date:                   N/A
Summary:                                     The document is well written, and almost ready for publication. However, I have spotted a few places where I think some additional text is needed.
Major Issues: None
Minor Issues: None
Editorial Issues:

Section 2:
Q_2_1:
The text says that the solution is not applicable for network access over shared mediums.
I think it would be useful to add some words describing why that is the case.

[if] Proposed text to be added:
The solution allows multiple hosts to be simultaneously allocated the same IP address. As the IP address is no longer a unique identifier for a host, this extension is only suitable for specific architectures based on the Address plus Port model (A+P) [RFC6346]> such as [I-D.ietf-softwire-lw4over6] and certain configurations of [I-D.ietf-softwire-map].
Section 10:
                             Q_10_1:
                             The text says: "The security considerations in [RFC2131] and [RFC7341] are to be considered."
                             I think a little more text is needed, talking about what type of security considerations are referenced.
[if] Proposed text to be added:
The security considerations described in [RFC2131] and [RFC7341] are also potentially applicable to this solution. Unauthorised DHCP 4o6 servers in the network could be used to stage an amplification attack or to supply invalid configuration leading to service disruption. The risks of these types of attacks can be reduced through the use of unicast DHCP 4o6 message flows (enabled by supplying DHCP 4o6 server unicast addresses within the OPTION_DHCP4_O_DHCP6_SERVER option).

A malicious user could attempt a DoS attack by a large number of IPv4 address (or fractional address) and port sets allocations, exhausting the available addresses and port sets for other clients. This can be mitigated through DHCP 4o6 address allocation policy, limiting the number of simultaneously active IPv4 leases for clients whose request originate from each customer site.

Additional considerations are elaborated in the following sub-sections.


                             Q_10_2:
In section 10.1, I don't think you need to refer to section 2 for the target use-case. Similar to my comment Q_2_1, you should give a little more information about the DoS attack vulnerability in a shared medium.
[if] Looking at this text again (and discussing this with the authors), it's there because it was present in one of the former drafts that was combined into this document. It's actually not accurate: There isn't a denial of service attack risk from multiple clients using a single IP address on a shared medium. It doesn't work by design.
So, given that, and that a real DoS attack risk is described in the proposed text above, I suggest that section 10.1 is removed.