Re: [savi] WGLC: draft-ietf-savi-dhcp-22
"Leaf Yeh" <leaf.yeh.sdo@gmail.com> Thu, 24 April 2014 06:13 UTC
Return-Path: <leaf.yeh.sdo@gmail.com>
X-Original-To: savi@ietfa.amsl.com
Delivered-To: savi@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com
(Postfix) with ESMTP id 16E021A079C for <savi@ietfa.amsl.com>;
Wed, 23 Apr 2014 23:13:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jCefP-fl7pCO for
<savi@ietfa.amsl.com>; Wed, 23 Apr 2014 23:12:38 -0700 (PDT)
Received: from mail-pa0-x22a.google.com (mail-pa0-x22a.google.com
[IPv6:2607:f8b0:400e:c03::22a]) by ietfa.amsl.com (Postfix) with ESMTP id
80A7D1A0062 for <savi@ietf.org>; Wed, 23 Apr 2014 23:12:38 -0700 (PDT)
Received: by mail-pa0-f42.google.com with SMTP id fa1so1075151pad.15 for
<savi@ietf.org>; Wed, 23 Apr 2014 23:12:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=from:to:cc:references:in-reply-to:subject:date:message-id
:mime-version:content-type:content-transfer-encoding:thread-index
:content-language; bh=pNpD+PMjz7M0XLBc4WV5ufqFL/AyKH5rIgyqRNVtmJ4=;
b=q+TrWYxytIq23U95cvF/7bnGbAq9yY6ITMJLdNmByJcgTouxQhenxqTZNJOHRY52PL
FNPi2+gbliEp6Db7AoZ2vlJCk0xD4n/EVC5ZfhNkRxyiwRSzKkt/lIPoaDtV848psjMD
Mi2NY/aUXza2oMzCyVVsUGXR1XFE4q8WB8jmkGhH5vfekWHvL1u2srMwX2kv8p2LwbYA
8OpiwJtRebymKQYU8ZkWu8XH+aFyMscVOw6Xz3R84Uq80M9mSDDsuSMoknqY+uk8aSuN
1faWpu8IZq6wm7Cnb7mKh+8PkMs+ONwLfyQPqodacRyNb2mXf5LBRymrFd2PNnxL1eSe 8Mkg==
X-Received: by 10.68.159.228 with SMTP id xf4mr61944812pbb.74.1398319952650;
Wed, 23 Apr 2014 23:12:32 -0700 (PDT)
Received: from PC ([218.241.103.172]) by mx.google.com with ESMTPSA id
gu11sm6713796pbd.38.2014.04.23.23.12.28 for <multiple recipients>
(version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Wed, 23 Apr 2014 23:12:30 -0700 (PDT)
X-Google-Original-Message-ID: <006301cf5f84$2c806ed0$85814c70$@yeh.sdo@gmail.com>
From: "Leaf Yeh" <leaf.yeh.sdo@gmail.com>
To: "'Eric Levy- Abegnoli \(elevyabe\)'" <elevyabe@cisco.com>,
"'Guang Yao'" <yaoguang@cernet.edu.cn>, "'Ted Lemon'" <mellon@fugue.com>
References: <000001cf5dde$e493d450$adbb7cf0$@cernet.edu.cn>
<CF7DA550.390DB%elevyabe@cisco.com>
In-Reply-To: <CF7DA550.390DB%elevyabe@cisco.com>
Date: Thu, 24 Apr 2014 14:12:26 +0800
Message-ID: <5358ab4e.8b13450a.682c.0dd4@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AQHPXw6d8FdOhs9nvUWZJnpcp77q9JsgHGIw
Content-Language: zh-cn
Archived-At: http://mailarchive.ietf.org/arch/msg/savi/irTDiKsWh7RNdMjdEw0gwTH9YLs
Cc: draft-ietf-savi-dhcp@tools.ietf.org, 'SAVI Mailing List' <savi@ietf.org>,
'Jean-Michel Combes' <jeanmichel.combes@gmail.com>
Subject: Re: [savi] WGLC: draft-ietf-savi-dhcp-22
X-BeenThere: savi@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the SAVI working group at IETF <savi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/savi>,
<mailto:savi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/savi/>
List-Post: <mailto:savi@ietf.org>
List-Help: <mailto:savi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/savi>,
<mailto:savi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Apr 2014 06:13:26 -0000
Eric - 3) The SAVI device send and ARP/DAD to look for a conflict (I guess
to the entire vlan but the receive interface).
Eric - DETECTION in general is problematic. The state in the SAVI device and
on the end-node which has the conflicting address are independent. When he
SAVI switch sends a DAD, while the end-node is right in TENTATIVE (bad
luck), this DAD would shutdown the end-node interface. Maybe that is a
problem we have to deal with, but these probe packets are causing exactly
this type of issues, seen in real life. I thought I should mention it.
This sounds also the same argue to the FSM (including the states of 'No
Bind') described in Fig.2 of RFC6620, which needs the SAVI device (or
switch) to send out DAD_NS.
<quote>
Upon the reception through a Validating Port (VP) of a DATA packet
containing IPAddr as the source address, the SAVI device SHOULD
execute the process of sending Neighbor Solicitation messages of
the Duplicate Address Detection process ... The DAD_NS messages are
not
sent through any of the ports configured as Validating Ports. The
DAD_NSOL messages are sent through Trusted Ports...
</quote> @ Page 15 of RFC6620.
Right?
Best Regards,
Leaf
-----Original Message-----
From: savi [mailto:savi-bounces@ietf.org] On Behalf Of Eric Levy- Abegnoli
(elevyabe)
Sent: Thursday, April 24, 2014 12:11 AM
To: Guang Yao; 'Ted Lemon'
Cc: draft-ietf-savi-dhcp@tools.ietf.org; 'SAVI Mailing List'; 'Jean-Michel
Combes'
Subject: Re: [savi] WGLC: draft-ietf-savi-dhcp-22
Hi Guang,
On 22/04/14 05:56, "Guang Yao" <yaoguang@cernet.edu.cn> wrote:
>Hi, Ted
>
>Thank you very much for your comments! I agree with you. It's safe to
>assume all the SAVI devices have layer-3 stack. But it seems Eric also
>concerns the implementation of DHCP leasequery and NDP snooping.
>
>On the MLD problem mentioned by Eric, I wonder should SAVI-DHCP be
>consistent with RFC6620, or be different?
>
>Hi, Eric
>
>On the DAD problem:
>
>I read the doc again and find DAD NS will not be sent to the tentative
>node.
>Whenever probe should be sent to the tentative node, we use plain NS
>instead of DAD NS. Thus would it be OK?
I am a little bit confused on the scenario we are talking about (apologies
if this is my reading of the text).
The scenario I have in mind is
1) SAVI device gets a data packet sourced with an address not found in its
table
2) the SAVI device creates the binding (in DETECTION)
3) The SAVI device send and ARP/DAD to look for a conflict (I guess to the
entire vlan but the receive interface).
4) If no conflict was detected, it does the LQ I'll tend to argue that if
LQ is required, the DETECTION state is not necessary and should be removed.
If LQ is optional, and DETECTION failed to detect a conflict, then the entry
should not move back right away to NO_BIND?
DETECTION in general is problematic. The state in the SAVI device and on the
end-node which has the conflicting address are independent. When he SAVI
switch sends a DAD, while the end-node is right in TENTATIVE (bad luck),
this DAD would shutdown the end-node interface. Maybe that is a problem we
have to deal with, but these probe packets are causing exactly this type of
issues, seen in real life. I thought I should mention it.
In your response, you said it could also send a regular NS, which I assume
is an NS lookup. I could not find a reference in the text about sending NS
lookup instead of DAD. This is certainly a good practice (we have
implemented it that way) provided that you have an address to source it
from. However (my usual objection) the access switches often don't have a
l3 address per link/vlan, not even a link-local address. So NS-lookup should
be an option. Which leaves only DAD or LQ.
Thank you.
Eric
>
>We are looking forward to your further comments, thanks!
>
>Best regards,
>Guang
>
>-----Original Message-----
>From: Ted Lemon [mailto:mellon@fugue.com]
>Sent: Tuesday, April 22, 2014 12:31 AM
>To: Guang Yao
>Cc: Eric Levy- Abegnoli (elevyabe); Jean-Michel Combes; SAVI Mailing
>List; draft-ietf-savi-dhcp@tools.ietf.org
>Subject: Re: [savi] WGLC: draft-ietf-savi-dhcp-22
>
>Do we really think there are modern layer 2 devices that will implement
>SAVI-DHCP that will not have IPv6 addresses? This seems highly doubtful
>to
>me-the devices that would only have layer two addresses would be unmanaged
>switches. I have a cheap managed switch, and it has an IPv4 address and
>a
>web server in it. I think this is a non-problem.
>
>
>
_______________________________________________
savi mailing list
savi@ietf.org
https://www.ietf.org/mailman/listinfo/savi
- [savi] WGLC: draft-ietf-savi-dhcp-22 Jean-Michel Combes
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Jean-Michel Combes
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Eric Levy- Abegnoli (elevyabe)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Leaf Yeh
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Leaf Yeh
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Eric Levy- Abegnoli (elevyabe)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Ted Lemon
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Ted Lemon
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Pascal Thubert (pthubert)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Eric Levy- Abegnoli (elevyabe)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Eric Levy- Abegnoli (elevyabe)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Ted Lemon
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Eric Levy- Abegnoli (elevyabe)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Leaf Yeh
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Leaf Yeh
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Ted Lemon
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Pascal Thubert (pthubert)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Jun Bi
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Guang Yao
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Ted Lemon
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Jun Bi
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Fred Baker (fred)
- Re: [savi] WGLC: draft-ietf-savi-dhcp-22 Fred Baker (fred)