IETF Logo Mail Archive

Re: [v6ops] [dhcwg] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt

"STARK, BARBARA H" <bs7652@att.com> Tue, 10 December 2019 19:41 UTC

Return-Path: <bs7652@att.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 634A8120A19; Tue, 10 Dec 2019 11:41:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMKHSway3BUy; Tue, 10 Dec 2019 11:41:36 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DBA51208BF; Tue, 10 Dec 2019 11:41:36 -0800 (PST)
Received: from pps.filterd (m0049287.ppops.net [127.0.0.1]) by m0049287.ppops.net-00191d01. (8.16.0.42/8.16.0.42) with SMTP id xBAJaAr1010562; Tue, 10 Dec 2019 14:41:32 -0500
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0049287.ppops.net-00191d01. with ESMTP id 2wthn789ae-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Dec 2019 14:41:28 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id xBAJfNC0001120; Tue, 10 Dec 2019 14:41:24 -0500
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [135.47.91.178]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id xBAJfI3u000908 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 10 Dec 2019 14:41:18 -0500
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [127.0.0.1]) by zlp30485.vci.att.com (Service) with ESMTP id 3AC80400AF94; Tue, 10 Dec 2019 19:41:18 +0000 (GMT)
Received: from GAALPA1MSGHUBAD.ITServices.sbc.com (unknown [130.8.218.153]) by zlp30485.vci.att.com (Service) with ESMTPS id 248B5400AE35; Tue, 10 Dec 2019 19:41:18 +0000 (GMT)
Received: from GAALPA1MSGUSRBF.ITServices.sbc.com ([169.254.5.43]) by GAALPA1MSGHUBAD.ITServices.sbc.com ([130.8.218.153]) with mapi id 14.03.0468.000; Tue, 10 Dec 2019 14:41:11 -0500
From: "STARK, BARBARA H" <bs7652@att.com>
To: 'Ted Lemon' <mellon@fugue.com>
CC: "'Bernie Volz (volz)'" <volz@cisco.com>, "'dhcwg@ietf.org'" <dhcwg@ietf.org>, 'V6 Ops List' <v6ops@ietf.org>
Thread-Topic: [dhcwg] [v6ops] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt
Thread-Index: AQHVr3hrvkTFCkrF9EyvHpagg10RDKezlNZQgABtPYD//7x3oA==
Date: Tue, 10 Dec 2019 19:41:11 +0000
Message-ID: <2D09D61DDFA73D4C884805CC7865E61153708DD1@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <157593507544.2098.9687007201578884820.idtracker@ietfa.amsl.com> <CABKWDgx5SSBP_K7BWxe4aPn9DKm-VPo62OXjsVZP8PRjfu0C2w@mail.gmail.com> <CAFU7BAQHkYh-EDLopUbWvw-gq8i5jttacVogKXUaJvJcBTdCOA@mail.gmail.com> <787AE7BB302AE849A7480A190F8B9330313E7F6E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <DM6PR11MB41379502CE18C7AF513181F0CF5B0@DM6PR11MB4137.namprd11.prod.outlook.com> <FB5B5DDE-9DB4-4E18-BF7E-7D9ECFCB016E@fugue.com> <2D09D61DDFA73D4C884805CC7865E61153707127@GAALPA1MSGUSRBF.ITServices.sbc.com> <FA8B4374-2226-4715-A228-2AD9A0EC7E10@fugue.com>
In-Reply-To: <FA8B4374-2226-4715-A228-2AD9A0EC7E10@fugue.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.10.215.132]
Content-Type: multipart/alternative; boundary="_000_2D09D61DDFA73D4C884805CC7865E61153708DD1GAALPA1MSGUSRBF_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-10_06:2019-12-10,2019-12-10 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 malwarescore=0 mlxscore=0 lowpriorityscore=0 adultscore=0 spamscore=0 clxscore=1015 impostorscore=0 mlxlogscore=999 phishscore=0 suspectscore=0 priorityscore=1501 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912100161
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/R0z-pSyYeIjOHQ60DdYmvzDn_5M>
Subject: Re: [v6ops] [dhcwg] Fwd: New Version Notification for draft-link-dhc-v6only-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 19:41:38 -0000

From: Ted Lemon <mellon@fugue.com>

On Dec 10, 2019, at 9:16 AM, STARK, BARBARA H <bs7652@att.com<mailto:bs7652@att.com>> wrote:
Some CE routers are coded to have special handling for 0.0.0.0. Multiple ISPs use that address for IPTV multicast traffic (on a VLAN dedicated to that traffic). I could envision such routers having issues with getting 0.0.0.0 from DHCPv4. CE router vendors and their chipset vendors do the darnedest things sometimes (as Cloudflare discovered wrt 1.1.1.1).  I think widespread testing of CE routers is needed if the returned address is going to be required to 0.0.0.0.

The idea here is that the returned address is bogus and won’t work.   So if the CE router tries to use it for anything, it’s going to break, whether it’s 0.0.0.0 or 192.0.0.0.

Consider the possibility of a CE router that says: “Proper DHCP servers don’t send bogus addresses. I’m receiving a bogus address from this DHCP server. That means this DHCP server must be compromised, which means the network is compromised, which means I can trust nothing on this network. I shall now (choice A) cease all communication with this network; (or choice B) continue to send DHCPv4 messages frequently until I get one that has a non-bogus address.” We just don’t know. We had no idea that there were chipsets in routers with chipset firmware that considered messages to/from 1.1.1.1 a threat and a security violation. It’s important not to assume that routers are tolerant of 0.0.0.0 in DHCP responses. I think whoever wants 0.0.0.0 mandated or preferred needs to be the one to prove that it would not cause harm, because I’m not seeing evidence of real benefit of such normative language. If the IP address(es) to return are left up to the deployer, then the deployer can make sure whatever they do works in their network, with their server and middleboxes and whatever clients are attaching. [BTW, Ted, I’m having to change my email client settings every time to have different rules for responses to text vs. html/rich text – this is IETF, darn it, so we should all be using plain text; personal experiment over; rules favoring plain text are staying and no more switching options to satisfy people who don’t reply to text with text.]

Here is language from BBF TR-124 (requirement LAN.IGMP.ROUTED): "It MUST be possible to configure a WAN-facing IPv4 interface with an IPoE encapsulation and no IPv4 address visible by the access network. It MUST be possible to receive multicast traffic on such an interface, independent of whether upstream IGMP is sent on this interface or not. The RG's IGMP proxy-routing function MUST be able to send upstream IGMP traffic on such an interface, using an unspecified (0.0.0.0/::) IPv4 source address.”

I don’t think this would be violated.   Is DHCPv4 currently configuring an address of 0.0.0.0 for IGMP to use?  :)

v2.23.0 | Report a Bug | By Email