Re: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem

"Ole Troan (otroan)" <otroan@cisco.com> Wed, 23 October 2013 09:21 UTC

Return-Path: <otroan@cisco.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FF5311E834E for <v6ops@ietfa.amsl.com>; Wed, 23 Oct 2013 02:21:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.999
X-Spam-Level:
X-Spam-Status: No, score=-9.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JksejiBPPIgL for <v6ops@ietfa.amsl.com>; Wed, 23 Oct 2013 02:21:23 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 6ACCC21F968B for <v6ops@ietf.org>; Wed, 23 Oct 2013 02:21:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3559; q=dns/txt; s=iport; t=1382520083; x=1383729683; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=GxP5hLWeBB8QXbzLMtjRchRnqkXhA9/PtlWpu+EWrZ4=; b=aDEbm0bRrzjNnFaLT51H8ub9YIqClhnqb2iIJS/9T0YJ9G4RZtGBD8BS fIybgiynOLEnae5J0PRe5yIfXah73WpOgzQBUhZOyeOxph9e6qGAw0YKs 4qsh3vHORE7+i/ma6OgcVXeJP28vz8IzUundJHyblCtuPX372bEc0rkLi A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgQFAJ2UZ1KtJXG8/2dsb2JhbABZgmYhOL8ggScWdIIlAQEBAwEBAQE3NAsFBwQCAQgRBAEBAR4FCycLHQgBAQQOBYd0AwkGAQy6TwSMYIElgRYoCwcGgxmBCwOWJIFljFCFN4FmgT6BcQ
X-IronPort-AV: E=Sophos;i="4.93,553,1378857600"; d="scan'208";a="275498182"
Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-2.cisco.com with ESMTP; 23 Oct 2013 09:21:22 +0000
Received: from xhc-aln-x08.cisco.com (xhc-aln-x08.cisco.com [173.36.12.82]) by rcdn-core2-1.cisco.com (8.14.5/8.14.5) with ESMTP id r9N9LMJp002569 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 23 Oct 2013 09:21:22 GMT
Received: from xmb-aln-x13.cisco.com ([fe80::5404:b599:9f57:834b]) by xhc-aln-x08.cisco.com ([173.36.12.82]) with mapi id 14.02.0318.004; Wed, 23 Oct 2013 04:21:22 -0500
From: "Ole Troan (otroan)" <otroan@cisco.com>
To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
Thread-Topic: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem
Thread-Index: Ac7P0TyVueJWVMLhSL2iAHeIFInvMA==
Date: Wed, 23 Oct 2013 09:21:21 +0000
Message-ID: <55F2A998-0417-4C19-B248-AA2A80EBF29C@cisco.com>
References: <201310211245.r9LCj0B29668@ftpeng-update.cisco.com> <alpine.DEB.2.02.1310211454090.26825@uplift.swm.pp.se> <8AE0F17B87264D4CAC7DE0AA6C406F453D7CC14B@nkgeml506-mbx.china.huawei.com> <alpine.DEB.2.02.1310221511520.8663@uplift.swm.pp.se> <1382469405.56346.YahooMailNeo@web142504.mail.bf1.yahoo.com> <alpine.DEB.2.02.1310230533340.1838@uplift.swm.pp.se> <1382519509.39565.YahooMailNeo@web142502.mail.bf1.yahoo.com>
In-Reply-To: <1382519509.39565.YahooMailNeo@web142502.mail.bf1.yahoo.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-ID: <17F3D1AA1D1A2543B9B24C67BB839E8E@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, "draft-liu-bonica-v6ops-dhcpv6-slaac-problem@tools.ietf.org" <draft-liu-bonica-v6ops-dhcpv6-slaac-problem@tools.ietf.org>
Subject: Re: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Oct 2013 09:21:28 -0000

A single address does not have a mask. 
DHCP gives out addresses, not prefixes that can be used for onlink determination. 

Cheers,
Ole

> On 23 Oct 2013, at 11:11, Mark ZZZ Smith <markzzzsmith@yahoo.com.au> wrote:
> 
> Hi,
> 
> 
> ----- Original Message -----
>> From: Mikael Abrahamsson <swmike@swm.pp.se>
>> To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
>> Cc: Liubing (Leo) <leo.liubing@huawei.com>om>; "v6ops@ietf.org" <v6ops@ietf.org>rg>; "draft-liu-bonica-v6ops-dhcpv6-slaac-problem@tools.ietf.org" <draft-liu-bonica-v6ops-dhcpv6-slaac-problem@tools.ietf.org>
>> Sent: Wednesday, 23 October 2013 2:40 PM
>> Subject: Re: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem
>> 
>>> On Tue, 22 Oct 2013, Mark ZZZ Smith wrote:
>>> 
>>>   Is this saying that the prefix length of the address on host is /128?
>> 
>> A single address is always a /128. This /128 can be part of an on-link 
>> other network, or it isn't.
> 
> My question was more specificaly about you using "/128", rather than "an address" or "a single address", because I wondered if the DHCPv6 server supplies a /128 prefix length and the host configures a /128 prefix length on the address.
> 
> As you say below, address prefix length doesn't indicate on-link or off-link presence. So I'd expect a DHCPv6 server to hand out single IPv6 addresses with a /64 prefix length, as I think that would be more consistent and more expected when the subnet's prefix length is /64.
> 
> For somebody with a IPv4 experience, who wasn't aware an IPv6 prefix length doesn't indicate on-link presence, I think the use of a /128 prefix length in this scenario would imply that prefix length does indicate on-link presence. Somewhat pedantic perhaps, however I think anything that may give false indications of IPv6's behaviour, when it is different to IPv4's, is better to avoid.
> 
> 
> Regards,
> Mark.
> 
>>>   If that is the case, as the prefix length in doesn't indicate on-link
>> or 
>>>   off-link status (as RA PIOs do), is there any specific reason for the 
>>>   prefix length the DHCPv6 server hands out to be /128 instead of the 
>>>   subnet's prefix length of /64? 
>> 
>> The DHCPv6 server always hands out /128. This /128 can be within a subnet 
>> advertised in RA, or it can be outside of it. The host doesn't care. When 
>> a subnet is being advertised in RA you get a network route pointing to the 
>> interface without an IPv6 address as next-hop.
>> 
>> So it's perfectly achievable today (and it works) to have the following:
>> 
>> Host gets 2001:db8:fff::1/128 from dhcp
>> host gets on-link 2001:db8:1::/64 from RA and creates a route towards the 
>> interface for this, but doesn't do SLAAC because A=0.
>> Host gets default route from router and installs it.
>> 
>> Now, the *router* needs to understand that 2001:db8:fff::1/128 is on-link, 
>> but no other hosts on the network does not.
>> 
>> So what networks are being announced in RA is completely decoupled from 
>> addresses handed out by DHCPv6 IA_NA. It's perfectly valid to hand out a 
>> /128 and then have no on-link prefixes at all, or have some with A=0.
>> 
>> 
>> -- 
>> Mikael Abrahamsson    email: swmike@swm.pp.se
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops