IETF Logo Mail Archive

Re: [mif] Route option for DHCPv6 - next steps?

Arifumi Matsumoto <arifumi@nttv6.net> Fri, 13 April 2012 09:08 UTC

Return-Path: <arifumi@nttv6.net>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75EE521F8731 for <mif@ietfa.amsl.com>; Fri, 13 Apr 2012 02:08:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hHKIuGb8jUDH for <mif@ietfa.amsl.com>; Fri, 13 Apr 2012 02:08:01 -0700 (PDT)
Received: from leo.nttv6.net (leo.nttv6.net [192.47.162.93]) by ietfa.amsl.com (Postfix) with ESMTP id 5549121F847D for <mif@ietf.org>; Fri, 13 Apr 2012 02:08:01 -0700 (PDT)
Received: from [IPv6:::1] (localhost.nttv6.net [127.0.0.1]) by leo.nttv6.net (8.14.5/8.14.4) with ESMTP id q3D98bh5080880; Fri, 13 Apr 2012 18:08:37 +0900 (JST) (envelope-from arifumi@nttv6.net)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset="iso-8859-1"
From: Arifumi Matsumoto <arifumi@nttv6.net>
In-Reply-To: <CA+H2C9Zu3AS6aTxg1gebe0ZS2LXWmJjOPpbhaUHGZtXvF0UipQ@mail.gmail.com>
Date: Fri, 13 Apr 2012 18:06:40 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <17F90720-AA1F-4F74-9598-2E5A5AC813CE@nttv6.net>
References: <75459BC2-E733-45C0-BC1C-25A19BBA1137@gmail.com> <CAE97176.17DF4%wdec@cisco.com> <CANF0JMD_zfXGcfMy+rCOFXS1aCZ3RPHoRtkBeS8kDgOFcfQ8Fg@mail.gmail.com> <75D251D1-9828-4AFE-9BEF-B376E97133C7@nominum.com> <CANF0JMBbhrF0G=hSvcvyZAddAMW7oSO5KpzUmcJXCtwcnmyWOw@mail.gmail.com> <4A221CE5-ECF0-4E07-9329-E6BAA3F06A96@nominum.com> <4EC4AADB.8030803@piuha.net> <DD1241D5-B794-49C3-A3A2-4294248DDD10@gmail.com> <4F719186.3060507@gmail.com> <CAKD1Yr3tSoDPcheriWdZEeKyhqpDANCP7Co0wVVqK5+mXc7e5A@mail.gmail.com> <4F72CD22.3080604@gmail.com> <CAKD1Yr3RUUthiawKrmxjSNqzEbJcOLpHvDGb9XLtdiU-tfEYyw@mail.gmail.com> <4F744831.3070406@gmail.com> <8D23D4052ABE7A4490E77B1A012B6307472D4175@mbx-01.win.nominum.com> <4F7453FC.3010502@gmail.com> <4F74546D.4060808@gmail.com> <72C42575-6BE2-4F27-B7F4-AA4539DA7EF9@lilacglade.org> <8D23D4052ABE7A4490E77B1A012B6307472D43A1@mbx-01.win.nominum.com> <069301cd0dd2$5954df00$0bfe9d00$@tndh.net> <550B9F79-1642-469F-9ED3-96DA26AA40AB@lilacglade.org> <CAAedzxpMtu! _7jWuES5=EKK4oqsFsvt4tPpu0J4fy3Uz4-TEt6Q@mail.gmail.com> <97D4F82A-6321-403F-9097-F7B48601DCD5@gmail.com> <CAFFjW4hkGMm+mLSzpdWPcFLUcY3Hkyb+BDxh+5910YtfZxGD-A@mail.gmail.com> <CA+H2C9Zu3AS6aTxg1gebe0ZS2LXWmJjOPpbhaUHGZtXvF0UipQ@mail.gmail.com>
To: MIF List Mailing <mif@ietf.org>
X-Mailer: Apple Mail (2.1257)
Subject: Re: [mif] Route option for DHCPv6 - next steps?
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2012 09:08:02 -0000

Hi,

Besides multi-interface cases, DHCP relay functionality is widely deployed and really helpful function to implement a new way of information distribution.

Replacing or upgrading all the provider edge routers should be real headaches to access network providers, because the amount of edge routers tend to be large, and they are more and more overloaded with various features, and so not cheap. The provider edge routers are the place where control plane and data plane reside together. And DHCP servers and RADIUS servers are those entities separated from the data plane, so they are relatively cheaper and easier to get upgraded.

From the access network provider perspective,
RADIUS based approach needs standardization, implementation at the routing equipments, and upgrade of RADIUS servers.
DHCP based approach needs upgrade of just the DHCP servers.

How can we say this is not the show stopper ?

Best regards,

On 2012/04/11, at 21:10, Tao Sun wrote:

> People argued quite a lot that RS/RA can be used for the problem. It can be seen that only rely on the RA based solution, the RA, Radius or even protocols such as PMIP need to do enhancement or extension.
>  
> DHCPv6 option provides more easy way to implement in practice. This makes the route configuration for multiple interface more easily adopted. Only put all the hope to the RA related enhancement may prevent operators adopt this functionality. In the end, neither RA nor DHCPv6 option may be used, which may delay or even prevent the feature that a host can simultaneous access through multiple interfaces.
>  
> Tao Sun
> 
> On Tue, Apr 10, 2012 at 11:09 PM, Wojciech Dec <wdec.ietf@gmail.com> wrote:
> Folks,
> 
> before we get carried away on the "let's use Radius to provision the edge router" solution, allow me to say that:
> a) this is already standardized if not actually practised today 
> b) it does not solve the problem of the operators who do not directly control the access edge router (eg think wholesale)
> c) it requires not only a specific type of Radius infrastructure, that some operators choose not to have, but also a specific type of stateful NAS router (eg a BRAS) that others still also do not want to have.
> 
> Beyond the above, and in much the same way as has been argued previously, a Radius client on the end device solution variant could also be used to provision the route on the client (or SNMP, or a script, etc). 
> 
> In theory thus, all of the Radius variants, are all perfectly good solutions, and standards based too. The practicality of them is a different matter, and this problem is all about per host configuration and operational practicality. At least personally, I humbly think that there is no one size fits all solution in this domain, and "perfectly good theoretical solutions" are not necessarily practical ones; operators would much rather have a choice of tools and an understanding of their tradeoffs, rather than an SDO diktat in terms of how to operate their networks.
> 
> My 2c,
> -Woj.
> 
> 
> 
> On 5 April 2012 22:27, jouni korhonen <jouni.nospam@gmail.com> wrote:
> 
> RADEXT is working on http://tools.ietf.org/html/draft-ietf-radext-ipv6-access-06
> which adds attributes for RFC4191 use, for example. That is then also implicitly
> available for Diameter.
> 
> Assuming unicast RA would be doable using just RFC6085, then there should not
> be much, if anything, to do protocol wise. The router that gets provisioned per
> host via AAA knows the l2-l3 mapping already.. and the AAA server also learns
> it. For dynamic changes of routes, AAA server can use e.g. l2 or l3 addresses
> for a session identification when it sends a change of authorization..
> 
> The assumption here is that each host gets separately authorized when they attach
> the network, which might be an issue on some links & deployments. However, some
> network architectures with multiple routers/gateways (can) already use AAA for
> centralized address management at per host granularity.
> 
> - Jouni
> 
> 
> On Apr 4, 2012, at 4:53 AM, Erik Kline wrote:
> 
> >> It's true, as Jari said, that this can be accomplished in other ways, and maybe it would be better if it would.   If there were some better central management solution for populating unicast RA mappings on the router, then unicast RA would indeed address the exact use case that I think we care about.   But without the mechanism for populating routers, we still have a poorly-addressed use case.   And then the question is, do we want to develop a whole new protocol just to solve this one small problem?
> >>
> >> It might be worth developing the protocol just to put this issue to bed.
> >
> > Is RADIUS suitable for this?  At one point it was the general
> > non-client provisioning protocol of choice, I thought.  I have not
> > been following any of the evolving diameter work, but would a RADIUS
> > option suffice?
> > _______________________________________________
> > mif mailing list
> > mif@ietf.org
> > https://www.ietf.org/mailman/listinfo/mif
> 
> _______________________________________________
> mif mailing list
> mif@ietf.org
> https://www.ietf.org/mailman/listinfo/mif
> 
> 
> _______________________________________________
> mif mailing list
> mif@ietf.org
> https://www.ietf.org/mailman/listinfo/mif
> 
> 
> _______________________________________________
> mif mailing list
> mif@ietf.org
> https://www.ietf.org/mailman/listinfo/mif


--
Arifumi Matsumoto
  NGN System Architecture Project
  NTT Service Integration Laboratories
  E-mail: arifumi@nttv6.net
  TEL +81-422-59-3334 FAX +81-422-59-6364

v2.23.0 | Report a Bug | By Email