IETF Logo Mail Archive

Re: [Softwires] Adoption call for draft-fsc-softwire-dhcp4o6-saddr-opt-07 - Respond by Mar 8th, 2017

Jonas Gorski <jonas.gorski@gmail.com> Fri, 19 May 2017 12:23 UTC

Return-Path: <jonas.gorski@gmail.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B0FC12E058; Fri, 19 May 2017 05:23:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EBleezcatA5r; Fri, 19 May 2017 05:23:51 -0700 (PDT)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4445F12ECA7; Fri, 19 May 2017 05:18:13 -0700 (PDT)
Received: by mail-wm0-x22f.google.com with SMTP id b84so234350307wmh.0; Fri, 19 May 2017 05:18:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:references:cc:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=aoTTounu+WP7E4ubj8LjgPr1isFc4teFVUgD+XcOk1M=; b=Ijb3qc0i+mp0iDN6QamFHLfLPwbce/50/0fteCPpsRcIe2k1QK7mdP6FRCsaTtFAz+ EmyB9Q4LoBn/9Z4mbgouNn7urr+ltRAL4ddQltXNxg2NtxbK6rGshvVl2RNHw3AWbxkV zguFQKId6T/VfrgUTlvZNuY4v8TFsyN0E7bqIMnmPfhUvSNpLs/R/b1zaDhfOL5I5OGq 54/wC5oX5dpLiMFEpoYt7YeIHsc37KEBVDmYqzjnQVimd3Va3K5uLkotsmH/QsJEvz6n XldXlRq1ksg3yD0YQIwP1NaTZrajOzBNWaQWuxggyDr1RqfOd5IvXI5GKU5jn0fgDyIl GKiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:cc:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=aoTTounu+WP7E4ubj8LjgPr1isFc4teFVUgD+XcOk1M=; b=FRMUpguTwLOwzX9S3KAOhp95F/8qkNMs8dqv0Jf0cHIFeObu1iPu4WOZwhlDntLqb1 WY35ziGgFGoSm1a6B43QlzxrHiEOBh3SuYUKSZtctQPZdXGqEoV7pqfVZcux4NwcuI+9 T8U3HS/fLlglSbYGLAGmYzmmUuLEUFgA8/DnNottIG+HgqAvfOw6LfCIY8VJ9pyq/s63 uv9rvG7OReUwd2UH2HAmcqAaOw/lOod498WXmxfnzCmi5l/h7ond6+gxuIvlpGg3z6eX rD8x4tqg+2NvWi0/ZGuNfZG6ubBdU0BDVXbK2TsvvcO8qCmj+lSMzu/QT0t36Os3seGi 7/fg==
X-Gm-Message-State: AODbwcDjpjiO0Ea9RBnkjsX3W2NSOL8pYtHtxdHeowX3WhyYeK0AE/Fh z+ZeFt695xn1xA==
X-Received: by 10.80.143.5 with SMTP id 5mr6967898edy.68.1495196291725; Fri, 19 May 2017 05:18:11 -0700 (PDT)
Received: from ?IPv6:2001:470:9e39:0:65d4:783b:16a2:aed1? ([2001:470:9e39:0:65d4:783b:16a2:aed1]) by smtp.gmail.com with ESMTPSA id h33sm2775818edh.50.2017.05.19.05.18.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 May 2017 05:18:11 -0700 (PDT)
From: Jonas Gorski <jonas.gorski@gmail.com>
To: tomasz.mrugalski@gmail.com, dhcwg@ietf.org
References: <eb9edb80-f977-c67c-57b9-bcf989374ab9@gmail.com>
Cc: softwires@ietf.org, draft-fsc-softwire-dhcp4o6-saddr-opt@ietf.org
Message-ID: <65646669-e32f-958c-684c-a36d4272b046@gmail.com>
Date: Fri, 19 May 2017 14:18:21 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <eb9edb80-f977-c67c-57b9-bcf989374ab9@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/WYwS2TmDD08vZ-PlQc-qNs-D1cE>
X-Mailman-Approved-At: Sun, 21 May 2017 08:23:48 -0700
Subject: Re: [Softwires] Adoption call for draft-fsc-softwire-dhcp4o6-saddr-opt-07 - Respond by Mar 8th, 2017
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2017 13:54:45 -0000

Hi,

On 22.02.2017 18:37, tomasz.mrugalski@gmail.com wrote:
> Hi,
>
> This message initiates a two weeks long DHC WG adoption call on:
>
> Title: DHCPv4 over DHCPv6 Source Address Option
> Pages: 9
> Date: 2017-02-01
> Document: draft-fsc-softwire-dhcp4o6-saddr-opt-07
> Link: tools.ietf.org/html/draft-fsc-softwire-dhcp4o6-saddr-opt-07
>
> This document initially started as work intended to be adopted in
> Softwires, but after a discussion with chairs, responsible AD (Suresh)
> and presenting this work in DHC, the conclusion is to aim for DHC
> adoption, not Softwires. Therefore this is a DHC adoption call.
>
> This message is cross-posted to Softwires to let Softwire experts weigh
> in their opinion. Please be sure to post your comments to DHC list,
> though. Comments sent by end of March 8th, 2017 are much appreciated.

I am working on implementing this draft (started in version 4), and like 
to add a few comments. It is based on an existing RFC 7341 client 
(DHCPv4 over DHCPv6) which wasn't written by me, which was done by 
modifying an existing DHCPv4 client to transparently wrap all messages in
DHCPv6 messages, so the DHCPv4 part doesn't really know about it.

My comments are split into three parts, first about the place of the 
options, then about handling them, and finally some nitpicks.

1. The placement of the new options

I'll start with the placement of the (new) options. Pre-draft, the 
DHCPv6 encapsulation was a strict transport and stateless. This draft 
now adds both new options to the outer DHCPv6 messages as well the inner 
DHCPv4 one. This seems quite awkward, as the client now needs to be able 
to access both the outer envelope as well the inner message at the same 
time for a full picture. IMHO especially awkward is the change from a 
DHCPv6 OPTION_DHCP4O6_SADDR_HINT to a DHCPv4 OPTION_DHCP4O6_SADDR. This 
caused a bit of spaghetti-code when trying to somehow pass information 
between the (separated) code responsible for the DHCPv6 
en-/decapsulation, and the actual DHCPv4 code. The DHCPv4 code needed to 
get the contents of the DHCPv6 envelope at the appropriate place.

Having all three as DHCPv4 options would make it much more consistent, 
as everything is now kept in one channel. This would also then preserve 
RFC 7341's statement that "The DHCPv6-relay encapsulation is used solely 
to deliver DHCPv4 packets to a DHCPv4-capable server, and does not 
allocate any IPv6 addresses nor does it provide IPv6-configuration 
information to the client."

The alternative that I could think of would be to move the _SADDR_HINT 
and _BR options to the original DHCPv6 message that contains the 
OPTION_DHCP4_O_DHCP6_SERVER option. Maybe create an container for them, 
similar to how RFC 7598 defines containers for software46. The RFC 7341 
client would then be able to already send the _SADDR in its discovers.

2. Handling the new options

The OPTION_S46_BR poses no large issues. The new 
OPTION_DHCP4O6_SADDR_HINT caused and still causes a lot of headaches for 
me. As far as my understanding with modern distributions (be they 
desktop or embedded) is that the DHCP clients usually do no 
configuration by their own, and just pass on the Lease's contents to a 
networking management deamon after they received the ACK. This works 
fine with DHCPv6, with DHCPv4, and with RFC 7341 DHCPv4overDHCPv6.

The new OPTION_DHCP4O6_SADDR_HINT now requires the network management 
daemon to (potentially) allocate/assign a new IP address during the 
offer/request phase (including the DAD), which makes the interaction 
quite a bit more complex, as there are a few new potential error 
transitions. There is now the awkward state where you might need to 
revert network configuration after a NACK or error from the server, or a 
timeout despite never having a valid lease. Of course if one wants to 
avoid complexity one can just hope that we have a global address on the 
wan interface already and always return that. This would be alleviated 
by already having this option in the original DHCPv6 lease, as then the 
network management daemon could allocate the IP address already during 
the DHCPv6 lease acquisition handling phase.

And finally when adding support for it to a client that does 
"transparent" DHCPv6 en-/decapsulation this means that the DHCPv6 code 
now needs access to the DHCPv4 state machine to know when to include the 
_SADDR option, and when to (not) expect it, as it has no DHCPv6 message 
types to rely on.

3. Nitpicks

The flow diagram in "5. IPv6/IPv4 Binding Message Flow" makes it look 
like the OPTION_DHCP4O6_SADDR is part of the DHCPv6 message, not part of 
the embedded DHCPv4 message.

The option OPTION_DHCP4O6_SADDR is described in a subsection of  "6. 
DHCPv6 Options", despite it being a DHCPv4 option (and there being only
one DHCPv6 option, so the plural doesn't help either).

Both make it easy to mistake OPTION_DHCP4O6_SADDR as a DHCPv6 option, 
and not a DHCPv4 one (as I did until I read the newest draft, and will 
need to fix).

Also it feels a bit like the draft doesn't handle potential error cases 
enough, although I can't really put my finger on it. One thing I am
wondering about is how the client should behave when it doesn't have any
assigned prefixes or global addresses? Is sending the link local address
fine? Should it abort in that case? How about ULA addresses? In case of
using  DHCPv6 broadcast address as DHCP4ov6 server this could happen
AFAICT.

I hope these comments help improving the proposed standard.


Regards
Jonas Gorski

v2.23.0 | Report a Bug | By Email