RE: DHCPv6-PD is fine

Vasilenko Eduard <vasilenko.eduard@huawei.com> Tue, 10 November 2020 12:16 UTC

Return-Path: <vasilenko.eduard@huawei.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A7543A0A2C for <ipv6@ietfa.amsl.com>; Tue, 10 Nov 2020 04:16:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PqESUqChsbxz for <ipv6@ietfa.amsl.com>; Tue, 10 Nov 2020 04:16:44 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DD453A0A26 for <ipv6@ietf.org>; Tue, 10 Nov 2020 04:16:44 -0800 (PST)
Received: from fraeml713-chm.china.huawei.com (unknown [172.18.147.207]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4CVmyt2r35z67JP7; Tue, 10 Nov 2020 20:15:18 +0800 (CST)
Received: from msceml704-chm.china.huawei.com (10.219.141.143) by fraeml713-chm.china.huawei.com (10.206.15.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Tue, 10 Nov 2020 13:16:40 +0100
Received: from msceml703-chm.china.huawei.com (10.219.141.161) by msceml704-chm.china.huawei.com (10.219.141.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Tue, 10 Nov 2020 15:16:40 +0300
Received: from msceml703-chm.china.huawei.com ([10.219.141.161]) by msceml703-chm.china.huawei.com ([10.219.141.161]) with mapi id 15.01.1913.007; Tue, 10 Nov 2020 15:16:40 +0300
From: Vasilenko Eduard <vasilenko.eduard@huawei.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>, "ipv6@ietf.org" <ipv6@ietf.org>
Subject: RE: DHCPv6-PD is fine
Thread-Topic: DHCPv6-PD is fine
Thread-Index: Ada2tKxSlCA25DTCRH2QjN3TcGyuS///0pIAgAAJoQCAAAaOgIAAOFiAgAAGSACAANltAP//rzuA
Date: Tue, 10 Nov 2020 12:16:40 +0000
Message-ID: <672a97ad31c443f9964f5a8a5a497226@huawei.com>
References: <350919b2-fe50-a3b8-3f15-4ce32124d495@gmail.com> <3377F3AE-BDFE-4AAC-ACA3-0F3D1A4D8854@thehobsons.co.uk> <SN6PR02MB4512DE7BF31D8758BE15D899C3EA0@SN6PR02MB4512.namprd02.prod.outlook.com> <20201109.220035.1460667476695106090.he@uninett.no> <06002E16-10CF-4C39-80A7-4EF2B1DFF4CA@fugue.com> <92f3c592-ac15-1e9a-640b-86f5e090e57a@gmail.com>
In-Reply-To: <92f3c592-ac15-1e9a-640b-86f5e090e57a@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.47.202.252]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/zbeG9NEHVUxEdnOYf1uppomcm8w>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2020 12:16:46 -0000

The less tethering - the more additional SIMs and Modems to sell.
Blocking DHCP PD is the revenue generating technology.
Is it by coincidence?

If you would split /64 on /66 - would it resolve the root cause?
Are you trying to undermine additional revenue stream?
Ed/
> -----Original Message-----
> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Alexandre Petrescu
> Sent: 10 ноября 2020 г. 13:21
> To: ipv6@ietf.org
> Subject: Re: DHCPv6-PD is fine
> 
> This is a personal point of view, I am not employed at manufacturer or operator.
> 
> Le 09/11/2020 à 22:23, Ted Lemon a écrit :
> > On Nov 9, 2020, at 4:00 PM, Havard Eidnes
> > <he=40uninett.no@dmarc.ietf.org
> > <mailto:he=40uninett.no@dmarc.ietf.org>> wrote:
> >>>> From what I've been reading in this thread, in the mobile world the
> >>>> problem isn't DHCPv6-PD, but the cellular world having not adopted
> >>>> it, or even blocked it (ref discussion of mobile modems blocking
> >>>> DHCP packets).
> >>
> >> Is this lack of flexibility for all intents and purposes imprinted
> >> into silicon?  That would ... be an extremely effective road-block
> >> for practical deployment if one wanted to make a change where DHCP
> >> should additionally be used.
> >
> > I’m having trouble envisioning how this would even be possible. Is
> > there an IP stack on the chip that has a firewall in it that blocks
> > DHCP?
> 
> Yes.
> 
> > This woud be surprising.
> 
> YEs to me too it was surprising to see how many things these modems do.
> 
> I was surprised first when my laptop sent a DHCP request, received an answer,
> but the operator told me they did not receive such a request and they did not
> generate an answer either.  It's because there was a DHCP proxy in between
> that I could not see.  It's on the modem.
> 
> There is a whole operating system running in modern modems of smartphones.
> They have their own IP addresses inside.  Some times they even run DHCP
> servers inside.
> 
> Looking at the open source efforts to make an OS for these modems it is
> possible to get a hint of how advanced they are.  IIRC one is called Hexagon
> MiniVM.
> 
> > Why would they go to that effort?
> 
> In order to protect (some humans at some computers at some) operator.
> 
> The legislation requests that the owner of a smartphone has access to that
> smartphone, i.e. to log in and install whatever s/he wishes; as a side note this is
> different than CPEs where the legislation only requests the GPLed source codes
> of CPE to be made available upon request.
> 
> On these smartphones, a malicious user might install malicious software that
> could attack the (~) operator.  Other than outright vicious attacks some
> programmers might want to play with a home made DHCP client on the ARM
> part of the smartphone (not the modem).  That client would disrupt functioning
> of the already exisitng DHCP server running in the modem.  I suspect that is why
> smartphone manufacturer, under guidance of modem manufacturer and in
> agreement with (~) operator, effectively block UDP port numbers of DHCPv6.
> They block other people's DHCP and let only their own non-documented variant
> of DHCP proxy through.
> 
> That is my supposition, or rather a speculation.  It means that I might be wrong.
> But that does not improve the situation of absence of DHCPv6-PD in
> smartphones.
> 
> Alex
> 
> >
> > --------------------------------------------------------------------
> >  IETF IPv6 working group mailing list ipv6@ietf.org Administrative
> > Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
> >
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------