DHCPv6 PD route injection (was: Re: [v6ops] Stateful SLAAC (draft-ietf-v6ops-unique-ipv6-prefix-per-host))

Ole Troan <otroan@employees.org> Tue, 14 November 2017 00:58 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D5FB0124F57; Mon, 13 Nov 2017 16:58:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id CbHu7YKsgURX; Mon, 13 Nov 2017 16:57:59 -0800 (PST)
Received: from accordion.employees.org (accordion.employees.org [IPv6:2607:7c80:54:3::74]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C2E41200CF; Mon, 13 Nov 2017 16:57:59 -0800 (PST)
Received: from h.hanazo.no (dhcp-9240.meeting.ietf.org []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by accordion.employees.org (Postfix) with ESMTPSA id 94E852D5124; Tue, 14 Nov 2017 00:57:58 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by h.hanazo.no (Postfix) with ESMTP id E1B27200C0969C; Tue, 14 Nov 2017 08:57:34 +0800 (+08)
From: Ole Troan <otroan@employees.org>
Message-Id: <FC485644-826F-469A-92B5-45A8F9048F35@employees.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_7AB1DA3E-4D11-4C9C-BB81-5BCD9E1B8C11"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 11.1 \(3445.4.7\))
Subject: DHCPv6 PD route injection (was: Re: [v6ops] Stateful SLAAC (draft-ietf-v6ops-unique-ipv6-prefix-per-host))
Date: Tue, 14 Nov 2017 08:57:33 +0800
In-Reply-To: <CAO42Z2xqwRH94dw=XJf5mt3STdDcTYmB_i1NbXP46shdJQeaPA@mail.gmail.com>
Cc: Lorenzo Colitti <lorenzo@google.com>, Fernando Gont <fgont@si6networks.com>, "v6ops@ietf.org WG" <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>
To: Mark Smith <markzzzsmith@gmail.com>
References: <be9724f5-2ff5-d90c-2749-ecae2c628b78@si6networks.com> <CAKD1Yr0_a2Qm8U4oK+BQU57DeDUD9i-o_+G+YhnH4pVXRxmxxQ@mail.gmail.com> <9d154133-a1de-7774-1589-c7069bf279ee@si6networks.com> <0b45890d-ea4a-47b8-a650-ceb72b066df8@gmail.com> <ea772bfd-4004-7f94-8469-b50e3aff0f29@si6networks.com> <F2330138-6842-4C38-B5A0-FB40BFACD038@employees.org> <e40697ca-8017-c9d2-c25d-89087046c9cf@gmail.com> <207f040a-7fe2-9434-e7a5-f546b26fdf63@strayalpha.com> <CAKD1Yr26NK2osApYZBm8Yd=0X7xcetrxojp6=JHOEAu9BB0q8A@mail.gmail.com> <8ca59610-2d25-2be4-9d2c-9b1a75fd3ace@si6networks.com> <E67105A3-396B-403C-B741-E9E01CFB5CE7@employees.org> <862687c9-c107-53a8-288a-29049097b0e1@acm.org> <AM5PR0701MB2836C00EA1AAC73E7E63F583E02B0@AM5PR0701MB2836.eurprd07.prod.outlook.com> <CAO42Z2xacRco7ne7biQ93so0k-x4xSnM2jzoB13-sdVRLshQDQ@mail.gmail.com> <CAKD1Yr0Zz6Jxg_ZuEbBkMhBdEaZKOrtx-eUns7KWi9v-5PDBzg@mail.gmail.com> <CAO42Z2xqwRH94dw=XJf5mt3STdDcTYmB_i1NbXP46shdJQeaPA@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.4.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/1d5rmhijGPT-yl4qO3XPxBWf6kU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Nov 2017 00:58:01 -0000

> On 14 Nov 2017, at 03:43, Mark Smith <markzzzsmith@gmail.com> wrote:
> DHCPv6 has been designed to avoid having state in intermediary devices
> by incorporating a relay agent into the architecture, specified in
> RFC3315.
> Clients use DUIDs to identify themselves, and the DHCPv6 server
> associates client attributes with the client's DUID. That is what
> allows DHCPv6-PD to survive a router/DHCPv6 relay reboot.
> This draft hasn't been published as an RFC, however it is also
> considering this issue.
> "DHCPv6 Relay Agent Assignment Notification (RAAN) Option"
> https://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-agentopt-delegate-03
> A number of vendors seem to have implemented the functional equivalent
> by looking directly at the ID_PD option when the DHCPv6 reply is sent
> to the client - search for "DHCPv6 Relay Agent Notification for Prefix
> Delegation"
> The alternative is to have a RADIUS server provide the delegated
> prefix information to a DHCPv6 server running on the router. "RADIUS
> Delegated-IPv6-Prefix Attribute", RFC4818.
> Possibly the RADIUS method could be used in this draft's scenario if a
> layer 2 attribute such as the MAC address or per-client VLAN tags, or
> 802.1X authentication information, is used to identify the client.
> If this draft can't document that method because it doesn't exist,
> then, assuming Comcast is the only deployment of this, it seems
> Comcast aren't trying to have a prefix assignment survive a router
> reboot. That's a "flash renumbering" approach, which I don't think is
> right for IPv6.
>> This has not stopped the deployment of tens or hundreds of millions of
>> networks that use DHCPv6 PD.
> What was the alternative that didn't have this limitation?
> There is a big difference between something working and something working well.

Yes, it's quite unfortunate that we haven't solved the problem of robust route injection in PD yet.

Ralph and I when writing 3633, concluded while there were many options, few of them were attractive, and instead resorted to specify that PD must operate without relays.

Markus enumerated the options here:

Let me know if you are interested in working on the problem.

Best regards,