RE: [dhcwg] RFC3315 DECLINE definition

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

RE: [dhcwg] RFC3315 DECLINE definition

Mudric, Dusan (Dusan)
I would like to get more feedback from DHCPv6 users. Preferably, to prioritize the list below. What would be the number one priority item from this list that DHCPv6 users would like to address?

Thanks,
Dusan

-----Original Message-----
From: dhcwg [mailto:[hidden email]] On Behalf Of Simon Hobson
Sent: Monday, February 13, 2017 9:57 AM
To: dhcwg
Subject: Re: [dhcwg] RFC3315 DECLINE definition

"Mudric, Dusan (Dusan)" <[hidden email]> wrote:

> PROBLEM STATEMENTS:
> - A network operator can set client IPv6 addresses on DHCPv6 server.

That is the primary function of the DHCP server ! I don't see that as a problem.

> An address can be invalid or make a client unreachable.

There are a lot of other ways to bo**ox up a network !
Such configurations may be deliberate. Until recently I did in fact run a network with unroutable (as in valid IP, but no router for that subnet) addresses because there was a policy decision that this particular network would be isolated - it was a backend network to carry traffic independently of the traffic on the public facing front end network.

> - A network operator can change an address prefix on a router. A client address can become unreachable

Ditto.
This is simply failing to co-ordinate network changes. Before removing/changing the prefix, the DHCP admin should have removed the pool IFF it is desired that the addresses be usable for external connectivity. As previously mentioned, this may be deliberate on the part of the Admin.

> - A default router offering a prefix to a client can become unreachable.

"Sh*t happens". Not only that, but what happens if the server hands out a load of IPv6 addresses which are all valid AT THE TIME OF ALLOCATION ? Even if your proposal were implemented, these addresses would be accepted and configured because they would be valid AT THE TIME OF ALLOCATION. The DHCP server and client cannot do anything about it if, say, 5 seconds into a 60 day lease, a router stops advertising a prefix appropriate to that address.

It would be for the OS to detect that situation, and simply stop using that address for outbound connections. IMO it would be inappropriate for all the clients to somehow tell the server that all these addresses are bad - only to have 20,000 clients all contact the server again a few minutes later when the router comes back up and the prefix becomes valid again. That would be designing in network instability.

> A client address can become unreachable on a local link

?

> - A client does not release unused addresses

So ? There's 2^64 addresses in a minimal IPv6 prefix. How many billion addresses do you intend using for each client ? Even if your 20,000 clients all took and held onto 1000 addresses each, that's still a tiny tiny fraction of the available addresses.



> - A client validates the addresses and the address prefixes and notifies DHCPv6 server about the problems

HOW ?
You will need to define the algorithm for validating addresses. So far you've only come up with "isn't on any prefix advertised by a router" (as above, not a valid test) and "in a deprecated prefix" (as mentioned in an earlier message, not a valid test).

You will also need to define a mechanism whereby all clients can have the algorithm updated as policies change - eg prefixes get deprecated (as previously discussed), new prefixes come into use (eg I assume you would expect currently unused prefixes to be rejected, but they could come into use at any time when it's considered that they are needed).
You will also need to define a mechanism for the local admins to over-ride the stock algorithm - eg where the admins have made a policy decision to run isolated networks. This introduces a catch-22 situation where new devices might not be configurable (they won't attach to the network) until they have been configured (policy edited to allow them to connect).

This is critical to your proposal - until you can come up with an easily defined, and robust, algorithm then your proposal CANNOT work. Worse, it may cause far more problems than it is supposed to solve.


> - A client returns unused addresses
> - DHCPv6 server:
>  -- logs error messages (invalid & unreachable addresses with device IDs)
>  -- does not assign the invalid addresses
>  -- periodically checks for the reachability of unreachable addresses and, when they become reachable, assigns them again

Define "valid" and "reachable" here ?
The implication from this and your earlier emails is that you define "reachable" as "has an IP which is routable to/from 'the internet'". See my comment above about running isolated networks, that backend isolated network runs a DHCP service - so the addresses on it are "reachable" in terms of "the DHCP server can reach them", but they aren't globally routable (they are actually RFC1918 IPv4 addresses, but the argument stands).
With a previous hat on, I had 2 Class C public IPv4 allocations which weren't globally routable.

There is also the issue that the server (in the general case) CANNOT determine the reachability/routability of any prefix. There are plenty of network topologies where the server may lose connectivity to "something" while clients don't, or vice-versa, while connectivity between server and client network is still working. Similarly, there are topologies while server-client comms could be lost, while both still have connectivity to "something". This is the reason that, out of the box, DHCP4 servers in failover do NOT automatically go into partner-down state when they lose connectivity between them.

> - An operator
> -- checks if there are unreachable devices and the reason codes

An alternative: The site/organisation admins take care to co-ordinate changes, and test changes in configuration. They should employ monitoring to detect issues, and respond appropriately to helpdesk tickets.
Configuration management (and especially automation) will detect many of the issues you've raised.

_______________________________________________
dhcwg mailing list
[hidden email]
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_dhcwg&d=DQICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=-9s7e0Ks0EQLldj5oI4E9zLJKH-0ehGNzPg6r665zKo&s=yZV16lh2Yih0GhvVieDz2J5SHShPy-iKWBYCkGKJkSo&e= 


-----Original Message-----
From: dhcwg [mailto:[hidden email]] On Behalf Of Mudric, Dusan (Dusan)
Sent: Monday, February 13, 2017 9:02 AM
To: dhcp-users; dhcwg
Subject: Re: [dhcwg] RFC3315 DECLINE definition

Thanks to DHCWG group for their comments. I believe the proposals would benefit DHCv6 users.

For the record:

PROBLEM STATEMENTS:
- A network operator can set client IPv6 addresses on DHCPv6 server. An address can be invalid or make a client unreachable.
- A network operator can change an address prefix on a router. A client address can become unreachable
- A default router offering a prefix to a client can become unreachable. A client address can become unreachable on a local link
- A client does not release unused addresses

PROPOSED FAILURE INDICATIONS
- A client validates the addresses and the address prefixes and notifies DHCPv6 server about the problems
- A client returns unused addresses
- DHCPv6 server:
  -- logs error messages (invalid & unreachable addresses with device IDs)
  -- does not assign the invalid addresses
  -- periodically checks for the reachability of unreachable addresses and, when they become reachable, assigns them again
- An operator
 -- checks if there are unreachable devices and the reason codes _______________________________________________
dhcwg mailing list
[hidden email]
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_dhcwg&d=DQICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=Qxk02ZIjaVguViwH6GFfRlZ1P5VOsYQOjA3jNkynsoA&s=2J3Xq9IQVsoMl7JTQP52olq6E_tc1b6kLGRuJ0RnkWE&e=
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

Simon Hobson
"Mudric, Dusan (Dusan)" <[hidden email]> wrote:

> I would like to get more feedback from DHCPv6 users. Preferably, to prioritize the list below. What would be the number one priority item from this list that DHCPv6 users would like to address?

For context, the thread (in DHC WG list) leading up to this can be found at https://mailarchive.ietf.org/arch/msg/dhcwg/iY9PuCOcM8i8Yqp-ruYMw_OQ_Uc

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

Ted Lemon-2
In reply to this post by Mudric, Dusan (Dusan)
On Feb 13, 2017, at 11:00 AM, Mudric, Dusan (Dusan) <[hidden email]> wrote:
I would like to get more feedback from DHCPv6 users. Preferably, to prioritize the list below. What would be the number one priority item from this list that DHCPv6 users would like to address?

You have gotten as much feedback as you're likely to get on the working group mailing list.   As far as I can tell, the feedback is that none of the things you've listed are priorities, and for good reason.


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: [dhcwg] RFC3315 DECLINE definition

Mudric, Dusan (Dusan)

Anyone else that would benefit from a list of devices (their MAC addresses) with assigned IPv6 addresses that are not valid or are unreachable?

 

Dusan

 

From: Ted Lemon [mailto:[hidden email]]
Sent: Monday, February 13, 2017 2:20 PM
To: Mudric, Dusan (Dusan)
Cc: Simon Hobson; dhcwg; [hidden email]
Subject: Re: [dhcwg] RFC3315 DECLINE definition

 

On Feb 13, 2017, at 11:00 AM, Mudric, Dusan (Dusan) <[hidden email]> wrote:

I would like to get more feedback from DHCPv6 users. Preferably, to prioritize the list below. What would be the number one priority item from this list that DHCPv6 users would like to address?

 

You have gotten as much feedback as you're likely to get on the working group mailing list.   As far as I can tell, the feedback is that none of the things you've listed are priorities, and for good reason.

 


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

Simon Hobson

On 13 Feb 2017, at 21:26, "Mudric, Dusan (Dusan)" <[hidden email]> wrote:

> Anyone else that would benefit from a list of devices (their MAC addresses) with assigned IPv6 addresses that are not valid or are unreachable?

Dropping the DHCWG list ...

As before, define "not valid" and "unreachable".
As do you want a list of devices with those addresses, or a list of devices with those address which don't also have a "working"* address ?

* For whatever definition of working you come up with.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

Simon Hobson
In reply to this post by Mudric, Dusan (Dusan)
김우태(Network Innovation Projec) <[hidden email]> wrote:

> I think IPv6 is co-existed with IPv4 for a while.
> Devices have dual stack with IPv4 and IPv6 address.
> And there are cases that traces the problem with IPv4 & IPv6 address information.
> But, now there have no common key between them.
> So, I think IPv6 information is included with device mac address for tracing IPv4.

If I understand you correctly, you are describing a completely separate issue - that of identifying the MAC-IP pairing for IPv6 because your IPv4 workflow is based on that.
That too has been done to death in the DHC WG list - to the extent that (IIRC) there is now a MAC address option defined that clients may send, or was it that relay agents could add ? I think it might have been the latter since it's easier to upgrade a few relay agents rather than every client.
For devices not using a relay agent, the MAC address is in the packet.
Also, there's been quite firm statements that the wording of the RFCs that prohibits "looking inside" the client identifier does not in fact prohibit that, although since on a multi-homed device that may not be based on the same interface, it's not necessarily all that useful anyway.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

Anderson, Charles R
In reply to this post by Mudric, Dusan (Dusan)
I do not think any of those statements are problems, or are problems
that should be solved with any changes to the DHCPv6 protocol.

On Mon, Feb 13, 2017 at 04:00:23PM +0000, Mudric, Dusan (Dusan) wrote:

> I would like to get more feedback from DHCPv6 users. Preferably, to prioritize the list below. What would be the number one priority item from this list that DHCPv6 users would like to address?
>
> Thanks,
> Dusan
>
> -----Original Message-----
> From: dhcwg [mailto:[hidden email]] On Behalf Of Simon Hobson
> Sent: Monday, February 13, 2017 9:57 AM
> To: dhcwg
> Subject: Re: [dhcwg] RFC3315 DECLINE definition
>
> "Mudric, Dusan (Dusan)" <[hidden email]> wrote:
>
> > PROBLEM STATEMENTS:
> > - A network operator can set client IPv6 addresses on DHCPv6 server.
>
> That is the primary function of the DHCP server ! I don't see that as a problem.
>
> > An address can be invalid or make a client unreachable.
>
> There are a lot of other ways to bo**ox up a network !
> Such configurations may be deliberate. Until recently I did in fact run a network with unroutable (as in valid IP, but no router for that subnet) addresses because there was a policy decision that this particular network would be isolated - it was a backend network to carry traffic independently of the traffic on the public facing front end network.
>
> > - A network operator can change an address prefix on a router. A client address can become unreachable
>
> Ditto.
> This is simply failing to co-ordinate network changes. Before removing/changing the prefix, the DHCP admin should have removed the pool IFF it is desired that the addresses be usable for external connectivity. As previously mentioned, this may be deliberate on the part of the Admin.
>
> > - A default router offering a prefix to a client can become unreachable.
>
> "Sh*t happens". Not only that, but what happens if the server hands out a load of IPv6 addresses which are all valid AT THE TIME OF ALLOCATION ? Even if your proposal were implemented, these addresses would be accepted and configured because they would be valid AT THE TIME OF ALLOCATION. The DHCP server and client cannot do anything about it if, say, 5 seconds into a 60 day lease, a router stops advertising a prefix appropriate to that address.
>
> It would be for the OS to detect that situation, and simply stop using that address for outbound connections. IMO it would be inappropriate for all the clients to somehow tell the server that all these addresses are bad - only to have 20,000 clients all contact the server again a few minutes later when the router comes back up and the prefix becomes valid again. That would be designing in network instability.
>
> > A client address can become unreachable on a local link
>
> ?
>
> > - A client does not release unused addresses
>
> So ? There's 2^64 addresses in a minimal IPv6 prefix. How many billion addresses do you intend using for each client ? Even if your 20,000 clients all took and held onto 1000 addresses each, that's still a tiny tiny fraction of the available addresses.
>
>
>
> > - A client validates the addresses and the address prefixes and notifies DHCPv6 server about the problems
>
> HOW ?
> You will need to define the algorithm for validating addresses. So far you've only come up with "isn't on any prefix advertised by a router" (as above, not a valid test) and "in a deprecated prefix" (as mentioned in an earlier message, not a valid test).
>
> You will also need to define a mechanism whereby all clients can have the algorithm updated as policies change - eg prefixes get deprecated (as previously discussed), new prefixes come into use (eg I assume you would expect currently unused prefixes to be rejected, but they could come into use at any time when it's considered that they are needed).
> You will also need to define a mechanism for the local admins to over-ride the stock algorithm - eg where the admins have made a policy decision to run isolated networks. This introduces a catch-22 situation where new devices might not be configurable (they won't attach to the network) until they have been configured (policy edited to allow them to connect).
>
> This is critical to your proposal - until you can come up with an easily defined, and robust, algorithm then your proposal CANNOT work. Worse, it may cause far more problems than it is supposed to solve.
>
>
> > - A client returns unused addresses
> > - DHCPv6 server:
> >  -- logs error messages (invalid & unreachable addresses with device IDs)
> >  -- does not assign the invalid addresses
> >  -- periodically checks for the reachability of unreachable addresses and, when they become reachable, assigns them again
>
> Define "valid" and "reachable" here ?
> The implication from this and your earlier emails is that you define "reachable" as "has an IP which is routable to/from 'the internet'". See my comment above about running isolated networks, that backend isolated network runs a DHCP service - so the addresses on it are "reachable" in terms of "the DHCP server can reach them", but they aren't globally routable (they are actually RFC1918 IPv4 addresses, but the argument stands).
> With a previous hat on, I had 2 Class C public IPv4 allocations which weren't globally routable.
>
> There is also the issue that the server (in the general case) CANNOT determine the reachability/routability of any prefix. There are plenty of network topologies where the server may lose connectivity to "something" while clients don't, or vice-versa, while connectivity between server and client network is still working. Similarly, there are topologies while server-client comms could be lost, while both still have connectivity to "something". This is the reason that, out of the box, DHCP4 servers in failover do NOT automatically go into partner-down state when they lose connectivity between them.
>
> > - An operator
> > -- checks if there are unreachable devices and the reason codes
>
> An alternative: The site/organisation admins take care to co-ordinate changes, and test changes in configuration. They should employ monitoring to detect issues, and respond appropriately to helpdesk tickets.
> Configuration management (and especially automation) will detect many of the issues you've raised.
>
> _______________________________________________
> dhcwg mailing list
> [hidden email]
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_dhcwg&d=DQICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=-9s7e0Ks0EQLldj5oI4E9zLJKH-0ehGNzPg6r665zKo&s=yZV16lh2Yih0GhvVieDz2J5SHShPy-iKWBYCkGKJkSo&e= 
>
>
> -----Original Message-----
> From: dhcwg [mailto:[hidden email]] On Behalf Of Mudric, Dusan (Dusan)
> Sent: Monday, February 13, 2017 9:02 AM
> To: dhcp-users; dhcwg
> Subject: Re: [dhcwg] RFC3315 DECLINE definition
>
> Thanks to DHCWG group for their comments. I believe the proposals would benefit DHCv6 users.
>
> For the record:
>
> PROBLEM STATEMENTS:
> - A network operator can set client IPv6 addresses on DHCPv6 server. An address can be invalid or make a client unreachable.
> - A network operator can change an address prefix on a router. A client address can become unreachable
> - A default router offering a prefix to a client can become unreachable. A client address can become unreachable on a local link
> - A client does not release unused addresses
>
> PROPOSED FAILURE INDICATIONS
> - A client validates the addresses and the address prefixes and notifies DHCPv6 server about the problems
> - A client returns unused addresses
> - DHCPv6 server:
>   -- logs error messages (invalid & unreachable addresses with device IDs)
>   -- does not assign the invalid addresses
>   -- periodically checks for the reachability of unreachable addresses and, when they become reachable, assigns them again
> - An operator
>  -- checks if there are unreachable devices and the reason codes _______________________________________________
> dhcwg mailing list
> [hidden email]
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_dhcwg&d=DQICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=Qxk02ZIjaVguViwH6GFfRlZ1P5VOsYQOjA3jNkynsoA&s=2J3Xq9IQVsoMl7JTQP52olq6E_tc1b6kLGRuJ0RnkWE&e=
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: [dhcwg] RFC3315 DECLINE definition

perl-list
In reply to this post by Simon Hobson




From: "Simon Hobson" <[hidden email]>
To: [hidden email]
Sent: Tuesday, February 14, 2017 3:00:10 AM
Subject: Re: [dhcwg] RFC3315 DECLINE definition
김우태(Network Innovation Projec) <[hidden email]> wrote:

> I think IPv6 is co-existed with IPv4 for a while.
> Devices have dual stack with IPv4 and IPv6 address.
> And there are cases that traces the problem with IPv4 & IPv6 address information.
> But, now there have no common key between them.
> So, I think IPv6 information is included with device mac address for tracing IPv4.

If I understand you correctly, you are describing a completely separate issue - that of identifying the MAC-IP pairing for IPv6 because your IPv4 workflow is based on that.
That too has been done to death in the DHC WG list - to the extent that (IIRC) there is now a MAC address option defined that clients may send, or was it that relay agents could add ? I think it might have been the latter since it's easier to upgrade a few relay agents rather than every client.

It is RFC 6939, specifically option 79 (OPTION_CLIENT_LINKLAYER_ADDR).  It will contain client link layer address if the relay agent supports such relay option stuffing.  So far, I hear that Cisco and Brocade support such.  Juniper does not yet support.  Not sure if they ever will at this point.

See: http://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml  and https://tools.ietf.org/html/rfc6939 for details if interested.


For devices not using a relay agent, the MAC address is in the packet.
Also, there's been quite firm statements that the wording of the RFCs that prohibits "looking inside" the client identifier does not in fact prohibit that, although since on a multi-homed device that may not be based on the same interface, it's not necessarily all that useful anyway.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users