Re: [v6ops] out-of-focus: why DHCPv6 breaks Android computers?

Alexandre Petrescu <alexandre.petrescu@gmail.com> Wed, 30 October 2019 16:02 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A43FE120964 for <v6ops@ietfa.amsl.com>; Wed, 30 Oct 2019 09:02:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.631
X-Spam-Level:
X-Spam-Status: No, score=-2.631 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dt_CR4BG88_k for <v6ops@ietfa.amsl.com>; Wed, 30 Oct 2019 09:02:50 -0700 (PDT)
Received: from oxalide-smtp-out.extra.cea.fr (oxalide-smtp-out.extra.cea.fr [132.168.224.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2498912089B for <v6ops@ietf.org>; Wed, 30 Oct 2019 09:02:49 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x9UG2iWH007504; Wed, 30 Oct 2019 17:02:44 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 6EAB62065B0; Wed, 30 Oct 2019 17:02:44 +0100 (CET)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 5BF9020373F; Wed, 30 Oct 2019 17:02:44 +0100 (CET)
Received: from [10.8.35.150] (is154594.intra.cea.fr [10.8.35.150]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x9UG2iwV003317; Wed, 30 Oct 2019 17:02:44 +0100
To: Jen Linkova <furry13@gmail.com>
Cc: "Rajiv Asati (rajiva)" <rajiva@cisco.com>, Ted Lemon <mellon@fugue.com>, "v6ops@ietf.org" <v6ops@ietf.org>
References: <8DA54CF0-B7D7-4E4B-BA85-EA024401DEAC@fugue.com> <EA825926-BD88-4B10-84F8-91E25C1BBA6D@cisco.com> <dd6a2619-d8b0-0b9e-b3f9-77919b1ca9ba@gmail.com> <CAFU7BAS5r1XXADCmsuUicy16R7tL_B1AUDuqQfgv0uoVNOwveg@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <abe1ce24-8247-417c-d131-a63deefb2d64@gmail.com>
Date: Wed, 30 Oct 2019 17:02:44 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.2.0
MIME-Version: 1.0
In-Reply-To: <CAFU7BAS5r1XXADCmsuUicy16R7tL_B1AUDuqQfgv0uoVNOwveg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/yN7wfnZqpoBRWOSBBksm-1RG-Qw>
Subject: Re: [v6ops] out-of-focus: why DHCPv6 breaks Android computers?
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2019 16:02:53 -0000


Le 30/10/2019 à 03:56, Jen Linkova a écrit :
> On Wed, Oct 30, 2019 at 5:32 AM Alexandre Petrescu 
> <alexandre.petrescu@gmail.com>; wrote:
>> At high level, it makes sense to require to allow simultaneous DHCP
>> and SLAAC usage on a same subnet; a private email suggests the
>> same. With that, Android and Windows would live ok side-by-side on
>> same subnet.
> 
> I'm still not sure I understand why you need DHCP for
> Windows...Unless you got that Windows in an antique shop...;) I have
> plenty of Windows machines in the network (in an IPv6-only one as
> well).

Well, my Windows is very new from Dell, not from antique.

My Windows is on DHCPv4-only at work.  At home it works ok on DHCPv6 as 
well.  At home it is a mixed IPv4-IPv6.

My Windows could stop doing DHCPv6 if I request it to, but by default it 
does DHCPv6 in addition to SLAAC.

My Windows could run only SLAAC if I asked it to.

My CPE does IPv6 and SLAAC by default, and DHCPv6 is an option off by 
default.

So - do not worry.

>> Further, thinking about how to implement the req, one would wonder 
>> whether the prefix in PIO with A flag set in an RA with M set,
>> would be the same as the prefix used by the DHCP Server to form and
>> deliver addresses?
> 
>> (if yes, I think that is difficult to achieve: (1) difficult to put
>> same prefix in the software implementing RA sending, and in the
>> DHCP server connfig files
> 
> Could you elaborate on this one? How is "putting the prefix in the 
> software implementing RA sending" different from "configuring a
> prefix on a router interface"? It's like saying 'difficult to
> configure the same IPv4 or IPv6 prefix on the router interface and on
> DHCP server'

I meant to say : 'to maintain'.  If I change something in the DHCP conf 
files then I have to change the same in the RA conf files, to make sure 
the same prefix is present on both.

But, probably some software packages do that ok.

>> and (2) difficult to make sure the Server does not form an address
>> for a Client, address that a Host has already formed in the same 
>> prefix).
> 
> That's could be done to the some degree of confidence - if the pool
> is using the first addresses in the prefix (let's say, the highest
> 50 bits if the interface ID set to 0) then it's rather unlikely that
> such interface ID would be generated by SLAAC. However that's a good
> point, thanks for another item in my collection of 'why I don't need
> DHCPv6' reasons ;))

:-) that starts to sound like being against x in the a vs b discussion.

>> (because of that reason, I think that trying to implement that 
>> requirement would lead to designating a prefix for SLAAC and
>> another prefix for DHCP; that may sound a little bit as a waste).
> 
> I'm sure operating such a network will be...eh...entertaining...

Sure, however, one might need this behaviour.

I think that I might need the DHCPv6 server on the CPE.  The reason I 
might need it is because I might need a Prefix Delegated from that CPE.

Do you think that would not be a valid need?

(I guess you will invite me to check whether my CPE's DHCPv6 option 
responds to an IA_PD request, thing that I will maybe try one day).

(think that currently a /56 is assigned by ISP to my home network, and 
that last time I checked I had to manually decide on a GUI which /64 out 
of that /56 goes to which IP of which in-home router).

Alex

> 
>>>> On Oct 29, 2019, at 7:22 AM, Ted Lemon <mellon@fugue.com>;
>>>> wrote:
>>>> 
>>>>  On Oct 29, 2019, at 6:37 AM, Alexandre Petrescu 
>>>> <alexandre.petrescu@gmail.com 
>>>> <mailto:alexandre.petrescu@gmail.com>> wrote:
>>>>> Well no.  After  activating DHCPv6 on CPE the CPE sent three
>>>>> RAs changing the Lifetime and flipping the M(anaged) and 
>>>>> A(utonomous) flags.
>>>>> 
>>>>> Packet dumps available upon request.
>>>> 
>>>> That’s the problem.   It should turn on the managed bit but
>>>> not turn off the autonomous bit.  The two can validly be on at
>>>> the same time.
>>>> 
>>>> Of course, since their meanings are deprecated, it’s not too 
>>>> surprising that implementations get this wrong.
>>>> 
>>>> _______________________________________________ v6ops mailing
>>>> list v6ops@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/v6ops
>> 
>> _______________________________________________ v6ops mailing list 
>> v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
> 
> 
>