IETF Logo Mail Archive

Re: [v6ops] draft-ietf-v6ops-ipv6rtr-reqs-04: Enabling DHCPv6 in the enterprise networks by default, if DHCPv6 is supported on the router

"STARK, BARBARA H" <bs7652@att.com> Wed, 05 September 2018 14:53 UTC

Return-Path: <bs7652@att.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D17B1130EA6 for <v6ops@ietfa.amsl.com>; Wed, 5 Sep 2018 07:53:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60oKulpTPczZ for <v6ops@ietfa.amsl.com>; Wed, 5 Sep 2018 07:53:23 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D6D5130EA2 for <v6ops@ietf.org>; Wed, 5 Sep 2018 07:53:22 -0700 (PDT)
Received: from pps.filterd (m0049295.ppops.net [127.0.0.1]) by m0049295.ppops.net-00191d01. (8.16.0.22/8.16.0.22) with SMTP id w85Ek0mA029125; Wed, 5 Sep 2018 10:53:19 -0400
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0049295.ppops.net-00191d01. with ESMTP id 2maf0fcyfr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Sep 2018 10:53:18 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w85ErHPo022207; Wed, 5 Sep 2018 10:53:17 -0400
Received: from zlp30484.vci.att.com (zlp30484.vci.att.com [135.47.91.179]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w85ErCdu022052; Wed, 5 Sep 2018 10:53:12 -0400
Received: from zlp30484.vci.att.com (zlp30484.vci.att.com [127.0.0.1]) by zlp30484.vci.att.com (Service) with ESMTP id E7DF2404C951; Wed, 5 Sep 2018 14:53:12 +0000 (GMT)
Received: from GAALPA1MSGHUBAE.ITServices.sbc.com (unknown [130.8.218.154]) by zlp30484.vci.att.com (Service) with ESMTPS id D042E4000378; Wed, 5 Sep 2018 14:53:12 +0000 (GMT)
Received: from GAALPA1MSGUSRBF.ITServices.sbc.com ([169.254.5.179]) by GAALPA1MSGHUBAE.ITServices.sbc.com ([130.8.218.154]) with mapi id 14.03.0415.000; Wed, 5 Sep 2018 10:53:12 -0400
From: "STARK, BARBARA H" <bs7652@att.com>
To: "'Mudric, Dusan (Dusan)'" <dmudric@avaya.com>, Simon Hobson <linux@thehobsons.co.uk>, "v6ops@ietf.org" <v6ops@ietf.org>
Thread-Topic: [v6ops] draft-ietf-v6ops-ipv6rtr-reqs-04: Enabling DHCPv6 in the enterprise networks by default, if DHCPv6 is supported on the router
Thread-Index: AdRFHWOZHHYbWX1OT62jFlEWmsFm5wABFKIQ
Date: Wed, 05 Sep 2018 14:53:11 +0000
Message-ID: <2D09D61DDFA73D4C884805CC7865E6114DE94EE3@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <9142206A0C5BF24CB22755C8EC422E459CB4C5DB@AZ-US1EXMB03.global.avaya.com>
In-Reply-To: <9142206A0C5BF24CB22755C8EC422E459CB4C5DB@AZ-US1EXMB03.global.avaya.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.61.166.227]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-09-05_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1809050155
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/dqZpzHc301GMTzmY3JcIfE2aO98>
Subject: Re: [v6ops] draft-ietf-v6ops-ipv6rtr-reqs-04: Enabling DHCPv6 in the enterprise networks by default, if DHCPv6 is supported on the router
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Sep 2018 14:53:32 -0000

Hi Dusan,
Thanks for changing the subject line so draft-ietf-v6ops-ipv6rtr-reqs-04 authors are alerted to comments on their draft.
More comments in-line.
Barbara

> Hi Barbara,
>
> > As for the millions of IPv4 phones -- these millions of phones are not
> > connecting directly to DSL/DOCSIS/PON/3GPP access networks. They are
> not
> > connecting to (unmanaged) home networks and getting configuration by
> > DHCPv4. They are not connecting directly to data center networks. They're
> > definitely not connecting directly to core network routers. They *are*
> > connecting to enterprise networks. Suggesting that all routers, in every use
> > case and every scenario, must always support DHCPv6 server and provide
> > stateless configuration, just because there exist some devices in specific
> use
> > cases that require configuration info from DHCP, isn't reasonable.
> >
> > If you want this specifically for enterprise routers, then perhaps you should
> > be commenting on draft-ietf-v6ops-ipv6rtr-reqs. Note that this draft does
> > require DHCPv6 support (Section 3.3, first bullet) for the routers it
> describes
> > (see Section 1.3 on Use and Applicability).
> 
> Good point. I am talking about the phones in enterprise environments.
> 
> It is not clear what the current consensus is:
> https://tools.ietf.org/html/draft-ietf-v6ops-ipv6rtr-reqs-04#section-3.3  
> DHCPv6 is mandatory:
>    o  [I-D.ietf-dhc-rfc3315bis]: Dynamic Configuration Protocol for IPv6
>       must be supported.
> 
> or DHCPv6 is optional:
>   o  [RFC3646]: DNS Configuration options for Dynamic Host
>       Configuration Protocol for IPv6 (DHCPv6) if DHCPv6 is supported.
> 
> Should the last sentence be 'if DHCPv6 is enabled'?

The first requirement clearly makes DHCPv6 support mandatory. So I agree the "if" clause in the DNS requirement is confusing. My recommendation to the draft authors would be to delete "if DHCPv6 is supported" from the DNS Configuration requirement. This language disparity may have come about because earlier drafts made DHCPv6 support optional. I do not believe the last sentence should be "if DHCPv6 is enabled", and don't think that was the intent.
 
> May be 'M' and 'O' can be TRUE by default in the enterprise networks, if
> DHCPv6 is enabled. That way the scope of enabled 'M' and 'O' is limited to
> the enterprises that configure their phones using DHCPv6. Since SLAAC must
> be enabled and the phones can create global SLAAC addresses, the phone
> applications can be autoconfigured by enabling 'O' bit only (default for 'M'
> stays FALSE). If enterprises don't use DHCPv6 for autoconfiguration (DHCPv6
> is disabled), 'O' bit should be set to FALSE.

Since enabling DHCPv6 and providing DHCPv6 DNS options (and SIP configuration options) requires active configuration in many enterprise environments (especially of the strings to include in those options), I think it would be highly inappropriate to recommend routers set either M or O to 1 by default. Enterprise network administrators need to be expected to do their jobs and properly administer (and configure) their networks. We need to make sure the equipment they get provides them with the tools (i.e., includes the needed functionality). 

If you wanted to suggest that "a router with RA enabled MAY automatically set O=1 when DHCPv6 is enabled (on the same router) with at least one non-address-assignment option", that might work. But where the router doing RA has no knowledge of the existence of any enabled DHCPv6 server, it would be highly inappropriate for M or O to be defaulted to any value other than zero. The enterprise network administrator needs to be expected to have some understanding of RA M and O bits if they are deploying IPv6 in their network. It would also be good if they knew whether their "IPv4 phones" also supported IPv6 before expecting these phones to get any configuration information, whatsoever, from RA or DHCPv6.

> Thanks,
> 
> Dusan.
> 
> 
> 
> > -----Original Message-----
> 
> > From: STARK, BARBARA H <bs7652@att.com>
> 
> > Sent: Tuesday, September 04, 2018 4:35 PM
> 
> > To: Mudric, Dusan (Dusan) <dmudric@avaya.com>; Simon Hobson
> 
> > <linux@thehobsons.co.uk>; v6ops@ietf.org
> 
> > Subject: RE: [v6ops] Thinking about problems in IPv6-only networks
> 
> >
> 
> > > > It's arguable that a host using DHCP when the RAs say not to is in the
> 
> > > wrong.
> 
> > >
> 
> > > Agree. But if 'O' bit is not supported on hosts, hosts should have DHCPv6
> 
> > > enabled by default. There are millions of IPv4 phones that use DHCPv4
> for
> 
> > > autoconfiguration (for phone applications), for example. When they
> 
> > migrate
> 
> > > to IPv6, they should get the configuration from DHCPv6 server. DHCPv6
> 
> > > should not be disabled by default when migrating those phone to IPv6.
> 
> > That
> 
> > > is why I think 'O' should be TRUE by default, so the phone applications can
> 
> > be
> 
> > > automatically configured by DHCPv6 server. By default, phones can use
> 
> > > SLAAC to get the addresses.
> 
> >
> 
> > Hi Dusan,
> 
> >
> 
> > There are millions of hosts with no DHCPv6 support. This is the case and will
> 
> > continue to be the case. Hosts that do not support DHCPv6 client will
> 
> > *never* have DHCPv6 enabled by default, or otherwise. Networks that are
> 
> > primarily intended for these sorts of devices will rarely (if ever) have
> DHCPv6
> 
> > enabled.
> 
> >
> 
> > As for the millions of IPv4 phones -- these millions of phones are not
> 
> > connecting directly to DSL/DOCSIS/PON/3GPP access networks. They are
> not
> 
> > connecting to (unmanaged) home networks and getting configuration by
> 
> > DHCPv4. They are not connecting directly to data center networks. They're
> 
> > definitely not connecting directly to core network routers. They *are*
> 
> > connecting to enterprise networks. Suggesting that all routers, in every use
> 
> > case and every scenario, must always support DHCPv6 server and provide
> 
> > stateless configuration, just because there exist some devices in specific
> use
> 
> > cases that require configuration info from DHCP, isn't reasonable.
> 
> >
> 
> > If you want this specifically for enterprise routers, then perhaps you should
> 
> > be commenting on draft-ietf-v6ops-ipv6rtr-reqs. Note that this draft does
> 
> > require DHCPv6 support (Section 3.3, first bullet) for the routers it
> describes
> 
> > (see Section 1.3 on Use and Applicability).
> 
> > Barbara
> 
> >
> 
> > I

v2.23.0 | Report a Bug | By Email