RE: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 = o n Co nference Call Agenda)

From owner-dhcp-v6@bucknell.edu Fri Sep 1 09:47:01 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA11850 for ; Fri, 1 Sep 2000 09:47:00 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e81Df9i21621; Fri, 1 Sep 2000 09:41:54 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e81Df1i14246 for ; Fri, 1 Sep 2000 09:41:01 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Fri, 1 Sep 2000 09:40:45 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC08D@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: Discussion Item - Using DHCPv4 options in DHCPv6 (Item 6 on Confe rence Call Agenda) Date: Fri, 1 Sep 2000 09:40:45 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN During the DHCPv6 conference call on Thursday, August 31st, I was assigned the "responsibility" of coming to a resolution on item 6 on Ralph's compiled list: 6. Where appropriate, keep v4 and v6 options/extensions "the same". Use the same option numbers. Use the same format (except for 16-bit type/length). As I was one of the people that proposed this, let me give you my reasons. While there are many options in DHCPv4 that are no appropriate to DHCPv6 (either because the options configure things that aren't appropriate or don't exist in IPv6 or because they contain internet addresses), there are many other options that are appropriate to both (such as domain names and URLs). I'm not proposing that all DHCPv4 options be valid in DHCPv6. I'm just proposing that we reserve option (or extension) numbers from 0 to 255 in DHCPv6 and adopt any of the DHCPv4 options that make sense in DHCPv6 and use the same option numbers. >From some point forward, all new DHCP options RFCs should have a statement that indicates whether the option is valid in DHCPv4 and/or DHCPv6. And, for those that are appropriate to DHCPv4, we use whatever limitations exist on the number space (<256). For DHCPv6 only options, any number is valid. For existing DHCPv4 options that are also valid for DHCPv6, we now only need to write a document that indicates what these options are and that the format of the option data is the same, though the option header now uses 16-bit option number and length. We don't have to re-specify the behavoir of the client and server with respect to these options. Note also that while we may feel that having DHCPv6 options for the DHCPv4 NDS ones makes little sense, perhaps someone will find a need. In that case, they could easily issue a 1 page draft (excluding the draft boiler-plate requirements) that says DHCPv4 option x is valid on DHCPv6 with a 16-bit option number and length. I think we'd all agree that reviewing these drafts is much easier and faster than having to review the entire text again (since we'd then likely want to add other rewording, etc.). I am not proposing that we re-format the data of options (such as those that carry internet addresses) for those would not work "as is" for DHCPv6. If DHCPv6 needs that option, a new option should be defined to carry the data appropriate to DHCPv6. Only those options where the data can be used "as is" should be adopted in DHCPv6. IANA must also only assign numbers from ONE space instead of having two option spaces (DHCPv4 and DHCPv6) to consider. Though, IANA would need to be instructed that options that apply to DHCPv4 would need to be assigned from the current DHCPv4 space (0..127) and that DHCPv6 only options must be assigned numbers >255. This also allows for simplier configuration of DHCP servers should a server support both DHCPv4 and DHCPv6. Or in storing options data in a database or LDAP repository (as an author of the LDAP schema for DHCP, I'd like us not to have a "dhcpv4option" and "dhcpv6option" attribute - much easier to have just a "dhcpoption" attribute which can store either). Doing the work do go through all of the DHCPv4 options to determine applicability to DHCPv6 is likely not an easy task. So, my suggestion is that as we develop the options we want for DHCPv6, we look to the DHCPv4 options. If we find an identical option in DHCPv4, we use that option number and option data format. If someone later wants to add another option, they write that 1 page draft I mentioned earlier. What's the impact to DHCPv6 for doing this? I think almost nothing except to reserve options 0 to 255 and use the DHCPv4 option numbers (and data format) if and only if appropriate. So, with that ... let's start the discussion. As we did not set a deadline at the conference call, other than stating a week, and given the Labor Day holiday, I'd like to conclude this discussion by end of day Friday, September 8. - Bernie Volz IPWorks, Inc. From owner-dhcp-v6@bucknell.edu Fri Sep 1 09:52:54 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA11995 for ; Fri, 1 Sep 2000 09:52:53 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e81DqKi24615; Fri, 1 Sep 2000 09:52:20 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e81DqBi21594 for ; Fri, 1 Sep 2000 09:52:11 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Fri, 1 Sep 2000 09:51:56 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC08E@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 on Co nference Call Agenda) Date: Fri, 1 Sep 2000 09:51:55 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN During the DHCPv6 conference call on Thursday, August 31st, I was assigned the "responsibility" of coming to a resolution on reconfiguration in DHCPv6 (items 8, 9, and 18 on Ralph's compiled list): 8. Allow Reconfigure and Reconfigure-reply messages to be sent via a relay to client's which do not have such reachable IP addresses, in order to inform them of changes in non-releasable resources? The same thing could also go for Reconfigure-init to some extent. 9. Might a client send a Solicit in response to a Reconfigure-init? What if the topology changes such that this is necessary in order find a DHCP server with can allocate addresses on the new subnet? 18. Simplify reconfiguration; Use DHCPv4-style reconfiguration I believe the general consensus was a desire to use the DHCPv4-style reconfiguration (unicast from server to client). However, there is also a desire to accommondate multicasting as for major network reconfiguration events, unicasting may inefficient (if there are 1000's of clients to notify). But multicasting opens up significant security issues. Let's start the discussion. As we did not set a deadline at the conference call, other than stating a week, and given the Labor Day holiday, I'd like to conclude this discussion by end of day Friday, September 8. - Bernie Volz IPWorks, Inc. From owner-dhcp-v6@bucknell.edu Fri Sep 1 10:03:36 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA12267 for ; Fri, 1 Sep 2000 10:03:36 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e81E16i14451; Fri, 1 Sep 2000 10:01:06 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e81E13i08807 for ; Fri, 1 Sep 2000 10:01:03 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id KAA04269 for ; Fri, 1 Sep 2000 10:00:47 -0400 (EDT) Message-Id: <4.3.1.2.20000901100107.00b31960@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Fri, 01 Sep 2000 10:03:14 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: DHCPv6 design team Conference Call Agenda In-Reply-To: <63D30D6E10CFD11190A90000F805FE8602BEC08E@lespaul.process.c om> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie has posted a couple of notes referring to the design team conference call that took place 8/31. I will post notes and minutes from that meeting this AM, along with the list of agenda items Bernie mentioned in his notes... - Ralph From owner-dhcp-v4@bucknell.edu Fri Sep 1 10:51:31 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA13192 for ; Fri, 1 Sep 2000 10:51:31 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e81Elei04763; Fri, 1 Sep 2000 10:47:40 -0400 (EDT) Received: from postal.metaip.checkpoint.com (metaip.checkpoint.com [204.29.28.25]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e81ElTi26590 for ; Fri, 1 Sep 2000 10:47:29 -0400 (EDT) Received: from cartman.metainfo.com (cartman.metainfo.com [204.29.28.145]) by postal.metaip.checkpoint.com (8.9.3/8.9.3VRJ666) with ESMTP id OAA21977 for ; Sat, 2 Sep 2000 14:40:46 -0700 Received: by cartman.metainfo.com with Internet Mail Service (5.5.2650.21) id ; Fri, 1 Sep 2000 07:47:27 -0700 Received: from sea.checkpoint.com (sneakers.metainfo.com [204.29.28.213]) by cartman.metainfo.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id RTW2NJYM; Fri, 1 Sep 2000 07:47:15 -0700 From: richardj@sea.checkpoint.com To: DHCPv4 discussion list Message-ID: <39AFC172.CEC6E01E@sea.checkpoint.com> Date: Fri, 01 Sep 2000 07:47:14 -0700 Organization: Checkpoint Software Technologies X-Mailer: Mozilla 4.61 [en] (X11; U; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 Subject: Re: Authentication option References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Reply-To: richardj@sea.checkpoint.com Sender: owner-dhcp-v4@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 7bit That sounds to me like the clearest expression of the problem and its solution so far - I'd like to see it go into the draft. It supports the issue in a 'framework-like' manner, in keeping with the rest of the draft. Richard "William A. Arbaugh" wrote: > I propose the following: > > 1. An authentication mis-match should be treated in a similar fashion as > if the server did not include authentication information. Any thing > further and we're going done the security association negotiation trail > (and it's a long one). > > 2. While I don't like the idea of accepting packets where the > authentication option failed to verify, the server could just as well have > sent the packet without authentication information and we would accept it > (assumming the client would accept un-authenticated packets). Therefore, > I propose that: > a. If the client is configured to accept un-authenticated packets, > then it MAY accept (if further configured) authenticated packets that > fail to verify. We should stress that this is very dangerous and is only > done for the sake of robustness. > b. If the client is configured NOT to accept un-authenticated > packets, then the client MUST NOT accept authenticated packets that fail > to verify. > > Bill From owner-dhcp-v6@bucknell.edu Fri Sep 1 16:30:41 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA19634 for ; Fri, 1 Sep 2000 16:30:38 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e81KPFi25056; Fri, 1 Sep 2000 16:25:15 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e81KPDi17584 for ; Fri, 1 Sep 2000 16:25:13 -0400 (EDT) Received: from rdroms-nt.cisco.com (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id QAA21056 for ; Fri, 1 Sep 2000 16:24:56 -0400 (EDT) Message-Id: <4.3.1.2.20000901160948.00b30100@funnel.cisco.com> X-Sender: rdroms@funnel.cisco.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Fri, 01 Sep 2000 16:27:19 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Design team teleconference, 8/31 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN We held a DHCPv6 spec design team teleconference on 8/31. The purpose of the teleconference was to develop a plan for getting the spec ready for final WG review in San Diego, followed by a WG last call in early January. To meet that goal, we put together a calendar of milestones to be accomplished over the next four months and a list of issues that need to be resolved in the current spec. This message will summarize the outcomes of the meeting. I will follow up with a list of discussion items and dispositions later today and a full set of minutes early next week. Participants: Mark Stapp mjs@cisco.com Rich Woundy rwoundy@cisco.com Michael Carney Michael.Carney@eng.sun.com Jim Bound bound@zk3.dec.com Bernie Volz Volz@ipworks.com Richard Jones richardj@metaip.checkpoint.com Thomas Narten narten@raleigh.ibm.com Ted Lemon mellon@isc.org Barr Hibbs rbhibbs@ultraDNS.com Bernard Aboba baboba@internaut.com Francis Dupont Francis.Dupont@enst-bretagne.fr Josh Littlefield joshl@cisco.com Subir Das subir@mailee.research.telcordia.com Tony McAuley mcauley@research.telcordia.com Ralph Droms rdroms@cisco.com Outcomes: Milestones and calendar ----------------------- 9/30/2000 Publish revised spec, with changes based on design team teleconference 10/10/2000 Interim WG meeting to review revised spec 11/15/2000 Publish final spec for WG review in San Diego, based on input from WG review on 10/10 12/1x/2000 Final WG review in San Diego 1/ 5/2001 WG last call Discussion Issues ----------------- We discussed the following issues, which were generated from design team input prior to the teleconference. The issue numbers are from the original list of issues; the design team edited the list during the teleconference to generate this final list. The design team performed a triage on the list of issues, dividing the list into YES - do it now FUTURE WORK - consider in future - responsible person TRANS. DOC - include in a (yet-to-be-written) transition doc DEFER - reconsider later for current doc YES 1. Use of multicast instead of broadcast TED 2. Use of globally-unique "client identifier": link-local address may not be sufficiently "permanent" for client lease identification 20. Support a client-identifier hierarchy, a la DHCPv4. DEFER 3. Cleaner and simpler message formats. 10. Smaller DHCP message header for B/W efficiency. 16. A single fixed header for (at least) Solicit, Advertise, Request, Reply, and Release messages, rather than different headers for different messages, with most information in extensions; get rid of mode bits wherever possible; multi-bit numbers should be 8, 16, 32, 64 or 128 bits; there should be no reserved fields in extensions. 27. Any bits in extensions that change the meaning of the extension type for the whole extension should be represented as new extensions. 28. The client, when it is referring to an address it wants to renew, should be able to reflect back at the server the exact IP Address extension that it got from the server, rather than having to tweak it. YES 4. Avoid stateful server (in terms of the protocol interaction). Clarifications: - Correct server operation will not depend on XID - Clients will use XID consistently to allow for server optimizations YES 5. Reduce number of ways to release resources BERNIE 6. Where appropriate, keep v4 and v6 options/extensions "the same". Use the same option numbers. Use the same format (except for 16-bit type/length). FUTURE 7. Define DHCPng as ONE new protocol can that can accommodate WORK IPv4 and IPv6 address assignments. YES 18. Simplify reconfiguration; Use DHCPv4-style reconfiguration 8. Allow Reconfigure and Reconfigure-reply messages to be sent via a relay to client's which do not have such reachable IP addresses, in order to inform them of changes in non-releasable resources? The same thing could also go for Reconfigure-init to some extent. 9. Might a client send a Solicit in response to a Reconfigure-init? What if the topology changes such that this is necessary in order find a DHCP server with can allocate addresses on the new subnet? BERNIE - Implement multicast reconfigure? MARK 11. Reduce the number of messages to configure a node; e.g. - a two-message lease binding - permitting a client to obtain 1-n addresses as needed rather than all at "boot" time FUTURE 12. To rapidly configure roaming users, avoid ND Neighbor WORK Solicitation and Neighbor Advertisement, both for the link local addresses and the address given by DHCP. FUTURE 13. Configure a router's interface if it is on the same link WORK as the DHCP server. FUTURE 14. Define a new interface to DHCP for doing things such as WORK adding a new address pool, changing some configuration parameters, or being able to request a new address pool. DEFER 15. No state transition diagram in spec YES 17. Use the delayed authentication mechanism that dhcpv4 has been developing. FUTURE 19. Consider IPv6 address compression. WORK TED 21. Address model: * One interface, with a single unique identifier, can be assigned multiple addresses * Server knows exactly what addresses to assign to client * Client asks for "configuration", which includes assigned addresses * Client may extend leases on addresses individually TED 22. Messages and semantics * Rename messages and change semantics to match RFC2131 * Use message exchanges from RFC2131 * Change formats to optimize message size and carry IPv6 addresses 30. Why 'extensions' and not 'options'? BARR 23. Relay agents - adopt DHCPv4 function: relay agents insert interface address in 'giaddr' and forward to DHCP servers 26. Relay agents should simply encapsulate the client message in a DHCPv6 extension; the relay message should have its own type. YES 24. Discard references to "releasable resources" FUTURE 29. Releasable resources should be documented in a separate WORK draft. TRANS. 25. What happens when the network type is ambiguous - could be DOC IPv6, could be IPv4. From owner-dhcp-v4@bucknell.edu Tue Sep 5 01:56:10 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA18108 for ; Tue, 5 Sep 2000 01:56:09 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e855p0i22902; Tue, 5 Sep 2000 01:51:00 -0400 (EDT) Received: from web702.mail.yahoo.com (web702.mail.yahoo.com [128.11.23.22]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e855ovi24371 for ; Tue, 5 Sep 2000 01:50:57 -0400 (EDT) Received: (qmail 28186 invoked by uid 60001); 5 Sep 2000 05:55:10 -0000 Message-ID: <20000905055510.28185.qmail@web702.mail.yahoo.com> Received: from [165.228.129.11] by web702.mail.yahoo.com; Mon, 04 Sep 2000 22:55:10 PDT Date: Mon, 4 Sep 2000 22:55:10 -0700 (PDT) From: =?iso-8859-1?q?Roni=20Marks?= Subject: DNS and DHCP servers To: DHCPv4 discussion list MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Reply-To: rapid11@yahoo.com Sender: owner-dhcp-v4@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 8bit Could someone explain how a host can keep its name permanently in the case that a DHCP server is to assign it an IP address? Any responses would be greatly appreciated. Andrew Smiles rapid11@yahoo.com Sydney, Australia __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ From owner-dhcp-v4@bucknell.edu Tue Sep 5 09:59:19 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA02380 for ; Tue, 5 Sep 2000 09:59:18 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e85DmTi07170; Tue, 5 Sep 2000 09:48:31 -0400 (EDT) Received: from relay02.rabobank.nl (relay02.rabobank.nl [145.72.69.21]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e85Dlwi20190 for ; Tue, 5 Sep 2000 09:47:58 -0400 (EDT) Received: from 172.31.65.109 by relay02.rabobank.nl with ESMTP ( WorldSecure Server SMTP Relay(WSS) v4.5); Tue, 05 Sep 2000 15:44:01 +0200 X-Server-Uuid: d32dbd14-b86d-11d3-8c8e-0008c7bba343 Received: by corvus.rf.rabobank.nl with Internet Mail Service ( 5.5.2650.21) id ; Tue, 5 Sep 2000 15:47:08 +0200 Message-ID: <4DD4836FE7B6D311AC1B00508B61656C7F06C4@pyxis.rf.rabobank.nl> From: "Boersma, A (Abe)" To: DHCPv4 discussion list Subject: IP conflict Date: Tue, 5 Sep 2000 15:47:05 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) X-WSS-ID: 15AA272A643236-01-01 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Reply-To: A.Boersma@rf.rabobank.nl Sender: owner-dhcp-v4@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 7bit Hi, Hopefully someone can help me out here. At my office we have about 10.000 workstations and PC's. Most of them are Windows95/osr2. About 75% of these PC use DHCP. We use the Microsoft DHCP Server on NT 4. Now when you have as much PC's as we do your bound to run into duplicate error messages on the Windows95 stations. And so we do about once every two weeks. Somehow to me it seems as if the Windows95 implementation of the DHC Protocol refuses to let go of it's previous IP adress and simply want continue working when the DHCP servers NACKS it's renewal request. What we do now is is we give this machine a static IP adress for a period of a week, and then return it to DHCP. This works most of the time but just doesn't seem the best solution for this problem. Can anyone tell me what i can do best in these cases. Also can someone tell me if my suspison about the Windows95 implementation fo DHCP is kinda wrong, and if this is better of fixed in Windows NT? Thanks a lot Abe Boersma Rabofacet the Netherlands a.boersma@rf.rabobank.nl ================================================ De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. ================================================ The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. From owner-dhcp-v4@bucknell.edu Tue Sep 5 10:20:15 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA03062 for ; Tue, 5 Sep 2000 10:20:15 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e85EJPi16977; Tue, 5 Sep 2000 10:19:25 -0400 (EDT) Received: from gw-us3.philips.com (gw-us3.philips.com [205.167.15.10]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e85EJAi04180 for ; Tue, 5 Sep 2000 10:19:10 -0400 (EDT) Received: from smtprelay-us2.philips.com (localhost.philips.com [127.0.0.1]) by gw-us3.philips.com with ESMTP id JAA14503; Tue, 5 Sep 2000 09:19:03 -0500 (CDT) (envelope-from dan.forthun@philips.com) From: dan.forthun@philips.com Received: from smtprelay-nam2.philips.com(167.81.233.16) by gw-us3.philips.com via mwrap (4.0a) id xma014498; Tue, 5 Sep 00 09:19:03 -0500 Received: from AMLMS01.DIAMOND.PHILIPS.COM (amlms01sv1.diamond.philips.com [161.88.79.213]) by smtprelay-us2.philips.com (8.9.3/8.8.5-1.2.2m-19990317) with ESMTP id JAA26964; Tue, 5 Sep 2000 09:19:02 -0500 (CDT) Received: by AMLMS01.DIAMOND.PHILIPS.COM (Soft-Switch LMS 4.0) with snapi via AMEC id 0056910007014043; Tue, 5 Sep 2000 09:21:21 -0500 To: DHCPv4 discussion list Subject: Re: IP conflict Message-ID: <0056910007014043000002L132*@MHS> Date: Tue, 5 Sep 2000 09:21:21 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; name="MEMO 09/05/00 09:26:21" Content-Disposition: inline Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.bucknell.edu id e85EJCi16791 Reply-To: dan.forthun@philips.com Sender: owner-dhcp-v4@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 8bit Hi Abe, You can run the dos command "winipcfg". A pop up menu will come up and this has a button on it that says "release all". Select it and this will release the IP address then click on "renew all" to request another address from the dhcp server. Dan A.Boersma@rf.rabobank.nl@SMTP@bucknell.edu on 09/05/2000 07:53:04 AM Please respond to A.Boersma@rf.rabobank.nl@SMTP Sent by: owner-dhcp-v4@bucknell.edu To: dhcp-v4@bucknell.edu@SMTP cc: Subject: IP conflict Classification: Restricted Hi, Hopefully someone can help me out here. At my office we have about 10.000 workstations and PC's. Most of them are Windows95/osr2. About 75% of these PC use DHCP. We use the Microsoft DHCP Server on NT 4. Now when you have as much PC's as we do your bound to run into duplicate error messages on the Windows95 stations. And so we do about once every two weeks. Somehow to me it seems as if the Windows95 implementation of the DHC Protocol refuses to let go of it's previous IP adress and simply want continue working when the DHCP servers NACKS it's renewal request. What we do now is is we give this machine a static IP adress for a period of a week, and then return it to DHCP. This works most of the time but just doesn't seem the best solution for this problem. Can anyone tell me what i can do best in these cases. Also can someone tell me if my suspison about the Windows95 implementation fo DHCP is kinda wrong, and if this is better of fixed in Windows NT? Thanks a lot Abe Boersma Rabofacet the Netherlands a.boersma@rf.rabobank.nl ================================================ De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. ================================================ The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. From owner-dhcp-v6@bucknell.edu Wed Sep 6 03:35:53 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA05205 for ; Wed, 6 Sep 2000 03:35:38 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e867Voi28839; Wed, 6 Sep 2000 03:31:51 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e867VYi13839 for ; Wed, 6 Sep 2000 03:31:35 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-139.ip.theriver.com [206.97.58.139]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id GAA03052 for ; Tue, 5 Sep 2000 06:38:07 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e867TfC01827 for ; Wed, 6 Sep 2000 00:29:42 -0700 (MST) Message-Id: <200009060729.e867TfC01827@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: DHCPv6 address model proposal... Date: Wed, 06 Sep 2000 00:29:41 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN We talked a bit about the DHCPv6 address model at the end of the conference call, and I think we sort of all knew what we were talking about, but it's not entirely clear. I think there are two aspects to this: to what form of identification are addresses bound, what sort of address requests are permissible, and who decides what to do? I think there are actually only two questions a client ever needs to ask the server: "please associate an IP address with this identity," and "please renew the association for this identity." In the current DHCPv6 model, "this identity" is the local link address, although there are limitations to this model that need to be discussed seperately. Anyway, I'm going to call the association between a client-supplied identity and the client's IP address an "identity association." One complication with IPv6 is that globally-routable addresses can have prefixes that change over time. DHCPv6 seems to need a mechanism to support this. When the DHCP server is asked to renew an association with a given identity, it may be that there is an old prefix that is still usable but deprecated, that the DHCP server should renew for the client just in case the client is still using it, and there may also be a new prefix that the client should be told to use for all new connections. The time when the leases on each of these addresses expires may be different - the deprecated address may not be valid for the full duration of the lease on the recommended address. It's hard to solve this problem in a way that isn't really hairy. I know this from trying to state a solution, and also from having watched the draft authors and the WG chair wrestle with this issue in the past. I don't have a trivially simple model to propose. What I will propose is this: Each identity association can have more than one IP address associated with it, but except for the deprecated/non-deprecated status of these IP addresses, all of the IP addresses are semantically equivalent. Each address, recommended or deprecated, comes with an individual lease. The identity association comes with a seperate renewal time. It's possible for any address in an identity association to expire before the renewal time on that association, and it's very likely that a deprecated address would expire before this renewal time, and very unlikely that a recommended address would. The server tells the client what addresses it has for an identity association - the client can't say "I'd like three". This choice is based strictly on the network topology - the server is not giving the client three addresses to do three different things with. If the client wants to have IP addresses that have different meanings, it generates more than one identity. That is, if the client wants to be able to listen on one IP address and provide service for www.arf.org, and on another IP address and provide service for www.blaznorf.edu, it creates two seperate identities, and it maintains completely seperate state machines for two seperate identity associations. The server doesn't need to know that the two identities are related, although we may want to make it *possible* for the server to know that they are related. There is also the question of when the client can ask for addresses. I think the answer is "anytime". It should be possible to fork a new identity association at the request of an application, and to get rid of it later at the request of the application. It should be possible for the DHCP client to generate an identity association for each network interface at boot time. I don't think we need to specify this, other than to say "the client gets to decide when it does this." As to the question of synchronization between identity associations, I don't think it's possible, although it's a seductive idea. I think the DHCP client should send seperate packets for each identity association. We could make it optionally possible to combine requests on behalf of more than one identity association, but I think this costs us some complexity and I can't see any way that it helps us, beyond perhaps the initial packet requesting addresses for each identity association. It would be nice if the DHCP server could present a uniform set of extensions that is consistent across identity associations, but I don't see any way to specify this that is helpful - I think this is a topic for future research. One interesting fallout from having a renewal time on the identity association rather than on the address is that it means that the server can respond with zero IP addresses and a renewal time, forcing the client to wait some period of time without getting an IP address, and then try again. I don't know if we care about this - it's just something that occurred to me. We have talked about similar functionality for DHCPv4 in the past, but I don't get the impression that everybody thinks this is a good idea. So I have two questions: first, does this presentation make sense, or have I left out things that are obvious to me but not to the reader. Second, if it makes sense, is it the right thing to do? What do we need to change? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 03:47:13 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA05329 for ; Wed, 6 Sep 2000 03:47:13 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e867kmi15902; Wed, 6 Sep 2000 03:46:48 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e867kWi32366 for ; Wed, 6 Sep 2000 03:46:33 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-139.ip.theriver.com [206.97.58.139]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id GAA03079 for ; Tue, 5 Sep 2000 06:53:07 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e867idC01841 for ; Wed, 6 Sep 2000 00:44:39 -0700 (MST) Message-Id: <200009060744.e867idC01841@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: DHCPv6 client identification... Date: Wed, 06 Sep 2000 00:44:39 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN We had a nice discussion about client identifiers during the conference call. The issues that I remember us talking about are: (a) Giving a DHCP client a unique identification that does not change when network hardware changes (b) Providing a way to identify more than one instance of usage (I called these identity associations in my message about the DHCPv6 address model) within an individual client. (c) Providing a way for the server to tell that two identity associations actually represent one client. (d) Providing a way to have a single authentication key work with all of a client's identity associations. For (a), we seem to have pretty much agreed that we need a universally-unique identifier, similar to what Intel has done in the PXE specification. We can solve (b) by having the client come up with more than one UUID. However, to solve (c) and (d), it would be better if we defined a way to have the DHCP client specify a UUID and then specify a modifier to that UUID, so that the identity association would actually be made up of {modifier, UUID}. Authentication would be done based on {UUID}, not on {modifier, UUID}, and the server could therefore tell that two identity associations are the same client by noticing that although the modifier is different, the UUID is the same. In order to avoid creating the possibility of namespace clashes, I'd suggest that we specify the modifier as a 16-bit number, defined by the client, that's just an index. So if a DHCP client had two network interfaces, its two identity associations would probably be {0, UUID} and {1, UUID}. There is one problem with this: if the DHCP client is not consistent about assigning prefixes, it would be possible for it to assign {0, UUID} to one network interface one time, and {1, UUID} to that network interface the next time. This shouldn't be a huge problem for a typical client, but for fancy clients the client implementor might want to actually maintain its own mapping between the network hardware address and the index. It might also make sense to have the modifier be an 8-bit interface index and an 8-bit application index, with application index == 0 always being the initial configuration for that interface. So a typical client with two network interfaces would have these two identity associations: {0, 0, UUID} and {1, 0, UUID}. And if an application decided to listen with its own address on each interface, then the client would have four identity associations: {0, 0, UUID}, {0, 1, UUID}, {1, 0, UUID} and {1, 1, UUID}. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 11:23:17 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA14892 for ; Wed, 6 Sep 2000 11:23:16 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86FJKi18834; Wed, 6 Sep 2000 11:19:20 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86FJCi08601 for ; Wed, 6 Sep 2000 11:19:13 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 11:18:56 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0B0@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 11:18:54 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted: I think you almost have it. I was thinking more of a model that would have the client/server maintain lists that have three main entries - the address assignment ID, the address, and the expiration time. When a client requests [new] address(es) it sends a request with an address assignment ID (we may allow it to be absent or "null"). It is assigned any number of addresses (0 to n). Each of these addresses may expire at different times. When a client needs to renew one or more addresses, it sends the address assignment ID and the list of addresses (which may be 1 to n). It need NOT renew all of the addresses at once (since they may each expire at different times). Note that a request with the address assignment ID and 0 addresses means that the client doesn't know what addresses it has and thus the server would send it *ALL* of the addresses it wants to allocate for that client's address assignment ID. Bookkeeping is rather simple - when an address expires, that entry is removed. A client MAY also renew each address (even if multiple ones use the same address assignment ID) individually. I also think that a client should be able to ask for "specific" addresses. The way it does this is that is supplies the "address" option but provides an INCOMPLETE address (for IPv6, this is one with a prefix length of less than 128; for IPv4, this is one with a mask length of less than 32?). Since these are incomplete addresses, the server knows that this is a "subnet selection" type request and can supply those addresses (if available to the client); the server MAY supply any number of other addresses it deems the client should have. I also believe that we should have a "magic" address assignment ID such that a server knows that this is the "basic" set of addresses for the client. This could be the "null" (or absent) address assignment ID. I think this has value in that a server may want to know to give out single addresses for non-"magic" address assignment IDs since these are likely for application specific purposes and thus a single address likely suffices. I'm not suggesting that we require this; just that it would be helpful for the client and server to agree on what is a "basic" address request. I agree with you that a request should be simple and we should not allow a request to include multiple address assignment IDs. Otherwise, the processing at the server becomes rather complex. And, a request should either renew one or more addresses or request "new" addresses, not both. - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 3:30 AM To: DHCPv6 discussion list Subject: DHCPv6 address model proposal... We talked a bit about the DHCPv6 address model at the end of the conference call, and I think we sort of all knew what we were talking about, but it's not entirely clear. I think there are two aspects to this: to what form of identification are addresses bound, what sort of address requests are permissible, and who decides what to do? I think there are actually only two questions a client ever needs to ask the server: "please associate an IP address with this identity," and "please renew the association for this identity." In the current DHCPv6 model, "this identity" is the local link address, although there are limitations to this model that need to be discussed seperately. Anyway, I'm going to call the association between a client-supplied identity and the client's IP address an "identity association." One complication with IPv6 is that globally-routable addresses can have prefixes that change over time. DHCPv6 seems to need a mechanism to support this. When the DHCP server is asked to renew an association with a given identity, it may be that there is an old prefix that is still usable but deprecated, that the DHCP server should renew for the client just in case the client is still using it, and there may also be a new prefix that the client should be told to use for all new connections. The time when the leases on each of these addresses expires may be different - the deprecated address may not be valid for the full duration of the lease on the recommended address. It's hard to solve this problem in a way that isn't really hairy. I know this from trying to state a solution, and also from having watched the draft authors and the WG chair wrestle with this issue in the past. I don't have a trivially simple model to propose. What I will propose is this: Each identity association can have more than one IP address associated with it, but except for the deprecated/non-deprecated status of these IP addresses, all of the IP addresses are semantically equivalent. Each address, recommended or deprecated, comes with an individual lease. The identity association comes with a seperate renewal time. It's possible for any address in an identity association to expire before the renewal time on that association, and it's very likely that a deprecated address would expire before this renewal time, and very unlikely that a recommended address would. The server tells the client what addresses it has for an identity association - the client can't say "I'd like three". This choice is based strictly on the network topology - the server is not giving the client three addresses to do three different things with. If the client wants to have IP addresses that have different meanings, it generates more than one identity. That is, if the client wants to be able to listen on one IP address and provide service for www.arf.org, and on another IP address and provide service for www.blaznorf.edu, it creates two seperate identities, and it maintains completely seperate state machines for two seperate identity associations. The server doesn't need to know that the two identities are related, although we may want to make it *possible* for the server to know that they are related. There is also the question of when the client can ask for addresses. I think the answer is "anytime". It should be possible to fork a new identity association at the request of an application, and to get rid of it later at the request of the application. It should be possible for the DHCP client to generate an identity association for each network interface at boot time. I don't think we need to specify this, other than to say "the client gets to decide when it does this." As to the question of synchronization between identity associations, I don't think it's possible, although it's a seductive idea. I think the DHCP client should send seperate packets for each identity association. We could make it optionally possible to combine requests on behalf of more than one identity association, but I think this costs us some complexity and I can't see any way that it helps us, beyond perhaps the initial packet requesting addresses for each identity association. It would be nice if the DHCP server could present a uniform set of extensions that is consistent across identity associations, but I don't see any way to specify this that is helpful - I think this is a topic for future research. One interesting fallout from having a renewal time on the identity association rather than on the address is that it means that the server can respond with zero IP addresses and a renewal time, forcing the client to wait some period of time without getting an IP address, and then try again. I don't know if we care about this - it's just something that occurred to me. We have talked about similar functionality for DHCPv4 in the past, but I don't get the impression that everybody thinks this is a good idea. So I have two questions: first, does this presentation make sense, or have I left out things that are obvious to me but not to the reader. Second, if it makes sense, is it the right thing to do? What do we need to change? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 14:13:17 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA19617 for ; Wed, 6 Sep 2000 14:13:09 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86I6Ci15673; Wed, 6 Sep 2000 14:06:12 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86I60i15396 for ; Wed, 6 Sep 2000 14:06:00 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 14:05:44 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0B6@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Date: Wed, 6 Sep 2000 14:05:34 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted: Why do you need an interface index? Unless we expect a client to have more than one interface connected to a single subnet, do we really need this? The interface identifier is implied by the source of the client's request at the server (giaddr or received interface). I suppose that if we want to be really robust, the interface index is useful. However, why not just use some opaque identifier such as the hardware (or link local in IPv6) address. This avoids the problem of interface number, since the number may not always be fixed (ie, if I add a new interface to a system, it might change what was interface 1 to interface 2). There is the problem of devices without hardware addresses, but these could fall back to an index as you indicated. The only problem with using the hardware address is probably its length. But, then again you already need to include SOME information for the server to be able to communicate back to the client, so if this same piece of information were used, you're all set. I also suggest we don't limit the application index to any fixed length. We could certainly specify a limit (such as 16 bytes), but why not let the client implement pick what it wants. And, as I mentioned in my reply to the address model proposal, I'd suggest using a null (or absent) application index to mean the default. That way, we don't argue as to whether it is 0 or 1 or whatever. It's also nice since it reduces the size of the normal (default case) messages since there is no need to include it. The exact format of how this information is communicated hasn't been specifically stated. Let me suggest: - The unique client identification (only) is sent in an option/extension. - The application index (or address index or whatever) is also sent as a SEPARATE option/extension. - The interface index is based on the whatever link-layer information is sent by the client to allow the server to communicate with it (in IPv6, the link local address). This would likely be carried in the packet header since it will be required. - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 3:45 AM To: DHCPv6 discussion list Subject: DHCPv6 client identification... We had a nice discussion about client identifiers during the conference call. The issues that I remember us talking about are: (a) Giving a DHCP client a unique identification that does not change when network hardware changes (b) Providing a way to identify more than one instance of usage (I called these identity associations in my message about the DHCPv6 address model) within an individual client. (c) Providing a way for the server to tell that two identity associations actually represent one client. (d) Providing a way to have a single authentication key work with all of a client's identity associations. For (a), we seem to have pretty much agreed that we need a universally-unique identifier, similar to what Intel has done in the PXE specification. We can solve (b) by having the client come up with more than one UUID. However, to solve (c) and (d), it would be better if we defined a way to have the DHCP client specify a UUID and then specify a modifier to that UUID, so that the identity association would actually be made up of {modifier, UUID}. Authentication would be done based on {UUID}, not on {modifier, UUID}, and the server could therefore tell that two identity associations are the same client by noticing that although the modifier is different, the UUID is the same. In order to avoid creating the possibility of namespace clashes, I'd suggest that we specify the modifier as a 16-bit number, defined by the client, that's just an index. So if a DHCP client had two network interfaces, its two identity associations would probably be {0, UUID} and {1, UUID}. There is one problem with this: if the DHCP client is not consistent about assigning prefixes, it would be possible for it to assign {0, UUID} to one network interface one time, and {1, UUID} to that network interface the next time. This shouldn't be a huge problem for a typical client, but for fancy clients the client implementor might want to actually maintain its own mapping between the network hardware address and the index. It might also make sense to have the modifier be an 8-bit interface index and an 8-bit application index, with application index == 0 always being the initial configuration for that interface. So a typical client with two network interfaces would have these two identity associations: {0, 0, UUID} and {1, 0, UUID}. And if an application decided to listen with its own address on each interface, then the client would have four identity associations: {0, 0, UUID}, {0, 1, UUID}, {1, 0, UUID} and {1, 1, UUID}. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 15:06:48 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA20889 for ; Wed, 6 Sep 2000 15:06:48 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86J3ti06489; Wed, 6 Sep 2000 15:03:55 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86J3Mi31039 for ; Wed, 6 Sep 2000 15:03:22 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id SAA04421 for ; Tue, 5 Sep 2000 18:09:53 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86J1HF01433 for ; Wed, 6 Sep 2000 12:01:23 -0700 (MST) Message-Id: <200009061901.e86J1HF01433@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 14:05:34 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0B6@lespaul.process.com> Date: Wed, 06 Sep 2000 12:01:17 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > Why do you need an interface index? Unless we expect a client to have more > than one interface connected to a single subnet, do we really need this? The > interface identifier is implied by the source of the client's request at the > server (giaddr or received interface). I am trying to get away from the notion that an IP address is uniquely identified by {client identifier, physical network}. This causes lots of obnoxious ambiguity in RFC2131 that I don't think adds any value - to correctly implement the protocol, I have to allow clients to have active leases with the same client identifier on different physical networks at the same time, which means that when a client moves from physical network to physical network within the same administrative domain, the server may wind up with active leases for that client on more than one network when the client is only connected to one network. Having one identity association per network interface avoids this problem - if you are multiply attached, you'll have multiple identity associations, and if you're singly attached, I can nuke your old lease when you change networks. Why have an interface index? I'm trying to avoid a situation where you have a client with lots of network interfaces that change around - e.g., a laptop that has an ethernet card and an 802.11 card that get swapped in and out - that winds up not being able to keep a static address, or winds up consuming extra addresses, because the DHCP client doesn't maintain a consistent identification for each interface. Consider the following sequence of events: (1) laptop is powered on with an ethernet card in pcmcia slot 1. (2) laptop gets IP address using DHCP for {0, UUID} (3) application starts, requests the client to get another identity (4) client gets that identity using {1, UUID} (5) user inserts 802.11 card, which acquires an identity using {2, UUID} (6) user power cycles laptop (7) laptop gets IP address for ethernet card using {0, UUID} (8) laptop gets IP address for 802.11 card using {1, UUID} (9) application starts, gets its IP address using {2, UUID} Note that the IP addresses assigned to {1, UUID} and {2, UUID} will likely be different the second time through. You see the problem? Using the interface index doesn't actually solve this problem, but it makes it less likely to happen, and it also raises the issue in the mind of the implementor. I'm not sure this matters, but I mention it because I think it's useful to think about. As for having variable-width prefixes, I think this is not a good idea, because it invites the possibility of identifier clashes. The algorithm for generating a UUID may work pretty well, but it's probably predicated on the idea that everybody will use a similar algorithm. So what happens when you modify this algorithm by allowing the client to attach arbitrary strings to it? How do you avoid the case where {prefix1, UUID1} and {prefix2, UUID2} happen to be the same quantity? I can implement an algorithm that avoids this problem by doing a two-stage hash lookup, but do we want to *require* that all DHCP server implementors implement this more complicated algorithm? If you use a fixed-width prefix that is always present, I think you avoid having to do this, and I think that's worthwhile. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 16:31:11 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA22739 for ; Wed, 6 Sep 2000 16:31:11 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86KEai17846; Wed, 6 Sep 2000 16:14:36 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86KEWi08495 for ; Wed, 6 Sep 2000 16:14:32 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 16:14:16 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0B8@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Date: Wed, 6 Sep 2000 16:14:13 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted ... OK, I'm in agreement with you regarding the interface identifier. You give good reasons for this. (The one situation that might be a problem is where a host has no stable storage or looses this and might come up with numbering the interfaces differently and if these are on different physical networks yet are served by a single server, the server might find a conflict where the "old" address for the ids isn't valid. But, that just means it has to place that address into a weird state until the lease would expire.) The only item I still don't fully agree with is the fixed vs variable-length issue. I wasn't saying that I was using a PREFIX. I feel the interface id and application id should be SEPARATE from the UUID. Each address allocation has these three values associated with it, but they are separate items not a single byte-string. There is no disagreement that fixed is easier to deal with. But, I just hate limiting ourselves today for no good reason. Are you certain that no system (such as a server) might not want more than 256 addresses at a time for an interface? Sure, it could change the UUID, but we want to get away from that. Also, if applications are going to be requesting addresses (we're all assuming this, aren't we?), might it not be useful for the server to potentially be configured to provide a specific address (from a pool) for a particular application? And having that be something like "www.xyz.com" is far more useful than having it be 1. - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 3:01 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... > Why do you need an interface index? Unless we expect a client to have more > than one interface connected to a single subnet, do we really need this? The > interface identifier is implied by the source of the client's request at the > server (giaddr or received interface). I am trying to get away from the notion that an IP address is uniquely identified by {client identifier, physical network}. This causes lots of obnoxious ambiguity in RFC2131 that I don't think adds any value - to correctly implement the protocol, I have to allow clients to have active leases with the same client identifier on different physical networks at the same time, which means that when a client moves from physical network to physical network within the same administrative domain, the server may wind up with active leases for that client on more than one network when the client is only connected to one network. Having one identity association per network interface avoids this problem - if you are multiply attached, you'll have multiple identity associations, and if you're singly attached, I can nuke your old lease when you change networks. Why have an interface index? I'm trying to avoid a situation where you have a client with lots of network interfaces that change around - e.g., a laptop that has an ethernet card and an 802.11 card that get swapped in and out - that winds up not being able to keep a static address, or winds up consuming extra addresses, because the DHCP client doesn't maintain a consistent identification for each interface. Consider the following sequence of events: (1) laptop is powered on with an ethernet card in pcmcia slot 1. (2) laptop gets IP address using DHCP for {0, UUID} (3) application starts, requests the client to get another identity (4) client gets that identity using {1, UUID} (5) user inserts 802.11 card, which acquires an identity using {2, UUID} (6) user power cycles laptop (7) laptop gets IP address for ethernet card using {0, UUID} (8) laptop gets IP address for 802.11 card using {1, UUID} (9) application starts, gets its IP address using {2, UUID} Note that the IP addresses assigned to {1, UUID} and {2, UUID} will likely be different the second time through. You see the problem? Using the interface index doesn't actually solve this problem, but it makes it less likely to happen, and it also raises the issue in the mind of the implementor. I'm not sure this matters, but I mention it because I think it's useful to think about. As for having variable-width prefixes, I think this is not a good idea, because it invites the possibility of identifier clashes. The algorithm for generating a UUID may work pretty well, but it's probably predicated on the idea that everybody will use a similar algorithm. So what happens when you modify this algorithm by allowing the client to attach arbitrary strings to it? How do you avoid the case where {prefix1, UUID1} and {prefix2, UUID2} happen to be the same quantity? I can implement an algorithm that avoids this problem by doing a two-stage hash lookup, but do we want to *require* that all DHCP server implementors implement this more complicated algorithm? If you use a fixed-width prefix that is always present, I think you avoid having to do this, and I think that's worthwhile. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 16:37:05 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA22864 for ; Wed, 6 Sep 2000 16:36:56 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86KZni11125; Wed, 6 Sep 2000 16:35:50 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86KZLi13879 for ; Wed, 6 Sep 2000 16:35:23 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id TAA04689 for ; Tue, 5 Sep 2000 19:41:49 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86KXBF01749 for ; Wed, 6 Sep 2000 13:33:12 -0700 (MST) Message-Id: <200009062033.e86KXBF01749@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 11:18:54 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0B0@lespaul.process.com> Date: Wed, 06 Sep 2000 13:33:11 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > I also think that a client should be able to ask for "specific" addresses. > The way it does this is that is supplies the "address" option but provides > an INCOMPLETE address (for IPv6, this is one with a prefix length of less > than 128; for IPv4, this is one with a mask length of less than 32?). Since > these are incomplete addresses, the server knows that this is a "subnet > selection" type request and can supply those addresses (if available to the > client); the server MAY supply any number of other addresses it deems the > client should have. Hm. Missed this part. I agree that this makes sense, although I don't grok IPv6 addressing well enough to understand exactly how this would work. Jim asked us to contribute actual verbiage for any changes we want to the current spec, so I'm expecting to contribute verbiage for the address model proposal, but I don't feel confident that I could word this part correctly. Could you do that? > I also believe that we should have a "magic" address assignment ID such that > a server knows that this is the "basic" set of addresses for the client. > This could be the "null" (or absent) address assignment ID. I think this has > value in that a server may want to know to give out single addresses for > non-"magic" address assignment IDs since these are likely for application > specific purposes and thus a single address likely suffices. I'm not > suggesting that we require this; just that it would be helpful for the > client and server to agree on what is a "basic" address request. I'm afraid I don't know what you mean by a "basic" address request. Can you expand on this? > A request should either renew one or more addresses or request "new" > addresses, not both. Good point. However, I'm not sure we actually need to add anything to support this - really, if you want a "new" address, you're generating a new identity association. So the server will have to allocate it a new address, because it never previously allocated it an address. If you have an old identity association, that fact in itself means you're hoping to get back an old address, doesn't it? Do we need to make an explicit distinction here between "new" and "renew"? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 16:47:55 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA22984 for ; Wed, 6 Sep 2000 16:47:45 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86Kkti02624; Wed, 6 Sep 2000 16:46:55 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Kkki17666 for ; Wed, 6 Sep 2000 16:46:46 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 16:46:29 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0BC@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 16:46:22 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN >Jim asked us to contribute actual verbiage for any >changes we want to the current spec, so I'm expecting to contribute >verbiage for the address model proposal, but I don't feel confident >that I could word this part correctly. Could you do that? Hm. I'm using my IPv6 knowledge that's several years old. From what I understand, it is hopefully still valid. I can certainly try, but there may be little need as this concept (requesting an address with a specific prefix) is already in the DHCPv6 draft. >I'm afraid I don't know what you mean by a "basic" address request. >Can you expand on this? Sure. What I meant was the request the system generates when it comes up, instead of an application or otherwise requested allocation. All systems are likely to request this whenever DHCP is enabled on an interface, so rather than having them supply an identifier, make this the no (or null) identifier. That way, a simple client that only supports "one" allocation never has to deal with this identifier. - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 4:33 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... > I also think that a client should be able to ask for "specific" addresses. > The way it does this is that is supplies the "address" option but provides > an INCOMPLETE address (for IPv6, this is one with a prefix length of less > than 128; for IPv4, this is one with a mask length of less than 32?). Since > these are incomplete addresses, the server knows that this is a "subnet > selection" type request and can supply those addresses (if available to the > client); the server MAY supply any number of other addresses it deems the > client should have. Hm. Missed this part. I agree that this makes sense, although I don't grok IPv6 addressing well enough to understand exactly how this would work. Jim asked us to contribute actual verbiage for any changes we want to the current spec, so I'm expecting to contribute verbiage for the address model proposal, but I don't feel confident that I could word this part correctly. Could you do that? > I also believe that we should have a "magic" address assignment ID such that > a server knows that this is the "basic" set of addresses for the client. > This could be the "null" (or absent) address assignment ID. I think this has > value in that a server may want to know to give out single addresses for > non-"magic" address assignment IDs since these are likely for application > specific purposes and thus a single address likely suffices. I'm not > suggesting that we require this; just that it would be helpful for the > client and server to agree on what is a "basic" address request. I'm afraid I don't know what you mean by a "basic" address request. Can you expand on this? > A request should either renew one or more addresses or request "new" > addresses, not both. Good point. However, I'm not sure we actually need to add anything to support this - really, if you want a "new" address, you're generating a new identity association. So the server will have to allocate it a new address, because it never previously allocated it an address. If you have an old identity association, that fact in itself means you're hoping to get back an old address, doesn't it? Do we need to make an explicit distinction here between "new" and "renew"? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 17:27:54 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23505 for ; Wed, 6 Sep 2000 17:27:54 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86LOvi17984; Wed, 6 Sep 2000 17:24:57 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86LOdi26360 for ; Wed, 6 Sep 2000 17:24:39 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id UAA04804 for ; Tue, 5 Sep 2000 20:31:12 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86LLvF01856 for ; Wed, 6 Sep 2000 14:21:57 -0700 (MST) Message-Id: <200009062121.e86LLvF01856@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 16:14:13 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0B8@lespaul.process.com> Date: Wed, 06 Sep 2000 14:21:57 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > The only item I still don't fully agree with is the fixed vs variable-length > issue. I wasn't saying that I was using a PREFIX. I feel the interface id > and application id should be SEPARATE from the UUID. Each address allocation > has these three values associated with it, but they are separate items not a > single byte-string. I think that they will be sent seperately. The question is, do we want to force the server to deal with them seperately. Also, think about how options are formed. Do we want: +-------------+-----+--------+-------------+-----+------+ | option code | len | prefix | option code | len | UUID | +-------------+-----+--------+-------------+-----+------+ or: +-------------+-----+--------+------+ | option code | len | prefix | UUID | +-------------+-----+--------+------+ I think the second option is pretty desirable, so we should have a good reason for not doing it. > There is no disagreement that fixed is easier to deal with. But, I just hate > limiting ourselves today for no good reason. Are you certain that no system > (such as a server) might not want more than 256 addresses at a time for an > interface? Sure, it could change the UUID, but we want to get away from > that. We could make the application prefix 16 bytes instead of 8... I agree that limiting things this way sounds a bit lame. > Also, if applications are going to be requesting addresses (we're all > assuming this, aren't we?), might it not be useful for the server to > potentially be configured to provide a specific address (from a pool) for a > particular application? And having that be something like "www.xyz.com" is > far more useful than having it be 1. Hm. Yes, but... Supporting a fixed association like this cleanly opens a huge can of worms. What if you want to move the application to a different client? Is there a way to tell the server that {0, www.xyz.com, UUID1} and {0, www.xyz.com, UUID2} are the same? How far do you want to carry this? I think as an academic point, you're right, but as a pragmatic point, I don't think we're answering a common case here, and I think that figuring out how to do this right is a much harder problem than we should be considering, and not something that this protocol really needs to address. The ability to get more than one IP address? Sure. The ability to do fancy associations? Not sure. I think exporting this problem to the server is too much - if the client wants consistency, it should be responsible for maintaining it. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 17:28:55 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23558 for ; Wed, 6 Sep 2000 17:28:55 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86LS5i03343; Wed, 6 Sep 2000 17:28:05 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86LQmi10436 for ; Wed, 6 Sep 2000 17:26:48 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id UAA04810 for ; Tue, 5 Sep 2000 20:33:22 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86LOgF01866 for ; Wed, 6 Sep 2000 14:24:42 -0700 (MST) Message-Id: <200009062124.e86LOgF01866@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 16:46:22 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0BC@lespaul.process.com> Date: Wed, 06 Sep 2000 14:24:42 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > Sure. What I meant was the request the system generates when it comes up, > instead of an application or otherwise requested allocation. All systems are > likely to request this whenever DHCP is enabled on an interface, so rather > than having them supply an identifier, make this the no (or null) > identifier. That way, a simple client that only supports "one" allocation > never has to deal with this identifier. But there *has* to be an identifier. Right now it's the local link address, but as we discussed last week, this doesn't work well, because the local link address can change arbitrarily based on swapping hardware. I think we need this the *most* in the simple case, actually. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 17:42:54 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23796 for ; Wed, 6 Sep 2000 17:42:54 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86LgIi13188; Wed, 6 Sep 2000 17:42:18 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Lg8i14012 for ; Wed, 6 Sep 2000 17:42:08 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 17:41:51 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0BD@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 17:41:46 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN >> Sure. What I meant was the request the system generates when it comes up, >> instead of an application or otherwise requested allocation. All systems are >> likely to request this whenever DHCP is enabled on an interface, so rather >> than having them supply an identifier, make this the no (or null) >> identifier. That way, a simple client that only supports "one" allocation >> never has to deal with this identifier. > >But there *has* to be an identifier. Right now it's the local link >address, but as we discussed last week, this doesn't work well, >because the local link address can change arbitrarily based on >swapping hardware. I think we need this the *most* in the simple >case, actually. > > _MelloN_ I think we're discussing different issues? When I was saying identifier, I meant "application index". Agreed that a UUID and "interface index" needs to be supplied (using terminology from your original message). - Bernie From owner-dhcp-v6@bucknell.edu Wed Sep 6 17:53:03 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23866 for ; Wed, 6 Sep 2000 17:53:02 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86LqHi00837; Wed, 6 Sep 2000 17:52:17 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Lq7i01458 for ; Wed, 6 Sep 2000 17:52:07 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 17:51:52 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0BE@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Date: Wed, 6 Sep 2000 17:51:46 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Well, there's also: +-------------+-----+----------+-------------+---------------+-------------- ----+- | option code | len | UUID-len | UUID ... | interface-len | interface-id ... | +-------------+-----+----------+-------------+---------------+-------------- ----+- ---------+--------------------+ app-len | application-id ... | ---------+--------------------+ where the interface-len and app-len are from 0 to , inclusive. Regarding the application-id, the example of www.xyz.com was bad. And, perhaps the concept is bad. I was thinking of this as more of a "kind-of-service" that the DHCP server could use to select a specific "range" of addresses. I guess this is probably not a good use of this (especially for IPv6 addresses). [And DHCPv6 will likely have other means of doing this - like user class, etc.] - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 5:22 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... > The only item I still don't fully agree with is the fixed vs variable-length > issue. I wasn't saying that I was using a PREFIX. I feel the interface id > and application id should be SEPARATE from the UUID. Each address allocation > has these three values associated with it, but they are separate items not a > single byte-string. I think that they will be sent seperately. The question is, do we want to force the server to deal with them seperately. Also, think about how options are formed. Do we want: +-------------+-----+--------+-------------+-----+------+ | option code | len | prefix | option code | len | UUID | +-------------+-----+--------+-------------+-----+------+ or: +-------------+-----+--------+------+ | option code | len | prefix | UUID | +-------------+-----+--------+------+ I think the second option is pretty desirable, so we should have a good reason for not doing it. > There is no disagreement that fixed is easier to deal with. But, I just hate > limiting ourselves today for no good reason. Are you certain that no system > (such as a server) might not want more than 256 addresses at a time for an > interface? Sure, it could change the UUID, but we want to get away from > that. We could make the application prefix 16 bytes instead of 8... I agree that limiting things this way sounds a bit lame. > Also, if applications are going to be requesting addresses (we're all > assuming this, aren't we?), might it not be useful for the server to > potentially be configured to provide a specific address (from a pool) for a > particular application? And having that be something like "www.xyz.com" is > far more useful than having it be 1. Hm. Yes, but... Supporting a fixed association like this cleanly opens a huge can of worms. What if you want to move the application to a different client? Is there a way to tell the server that {0, www.xyz.com, UUID1} and {0, www.xyz.com, UUID2} are the same? How far do you want to carry this? I think as an academic point, you're right, but as a pragmatic point, I don't think we're answering a common case here, and I think that figuring out how to do this right is a much harder problem than we should be considering, and not something that this protocol really needs to address. The ability to get more than one IP address? Sure. The ability to do fancy associations? Not sure. I think exporting this problem to the server is too much - if the client wants consistency, it should be responsible for maintaining it. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:01:47 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA23989 for ; Wed, 6 Sep 2000 18:01:47 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86Lwoi25830; Wed, 6 Sep 2000 17:58:50 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Lwji14094 for ; Wed, 6 Sep 2000 17:58:46 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id VAA04876 for ; Tue, 5 Sep 2000 21:05:18 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86LuYF01975 for ; Wed, 6 Sep 2000 14:56:36 -0700 (MST) Message-Id: <200009062156.e86LuYF01975@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 17:41:46 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0BD@lespaul.process.com> Date: Wed, 06 Sep 2000 14:56:34 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > I think we're discussing different issues? When I was saying identifier, I > meant "application index". Agreed that a UUID and "interface index" needs to > be supplied (using terminology from your original message). Okay, we agree on this, sort of. I actually spent some time thinking about how to make this work when I composed my other reply to you, but I finally decided that there was no way to do it that didn't force significant complexity on the server. For something like the ISC DHCP server, which practically revels in (I hope useful!) complexity, this is not such a problem, but for something like an Apple Airport base station, I think it would be. Basically, if you force the server to treat the application ID as an additional qualifier, you force it to have a two-stage lookup - first it looks up the UUID, which returns a data structure that contains all the information about all the identity associations for that UUID, and then you do a lookup in that. I think for a trivial embedded DHCP server, you really want to just take the identity association as a whole and do a single lookup on it. I don't think it's right to require the additional complexity in this protocol specification. Note that you are forced to do this because if you don't, you run the risk of the interface index and optional application index combining with the UUID to produce something that's no longer unique. So you could argue that the DHCP server should just mash them all together and do a lookup on that, but I think that would be a bad idea. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:12:07 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24063 for ; Wed, 6 Sep 2000 18:12:06 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86MBei00424; Wed, 6 Sep 2000 18:11:40 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86MBWi03568 for ; Wed, 6 Sep 2000 18:11:32 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id VAA04919 for ; Tue, 5 Sep 2000 21:18:05 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86M9LF02027 for ; Wed, 6 Sep 2000 15:09:21 -0700 (MST) Message-Id: <200009062209.e86M9LF02027@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 11:18:54 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0B0@lespaul.process.com> Date: Wed, 06 Sep 2000 15:09:21 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Hm, I know I already replied to this, but I just reread it, so now I have more opinions to generously share with you... :'} > When a client needs to renew one or more addresses, it sends the address > assignment ID and the list of addresses (which may be 1 to n). It need NOT > renew all of the addresses at once (since they may each expire at different > times). Note that a request with the address assignment ID and 0 addresses > means that the client doesn't know what addresses it has and thus the server > would send it *ALL* of the addresses it wants to allocate for that client's > address assignment ID. This is how DHCPv6 works now, and I think it's too complicated. I think that all of the addresses in any given identity association should be renewed at once. I think it makes sense that the client should be able to request a particular address (perhaps stripped of its prefix), but this should just be advisory, and the server should send back a renewal of all the addresses associated with that identity association, not just those the client selected. Otherwise I think it's too complicated to implement, and it doesn't really add much value - why is it useful for the client to renew out of sync? Why would the client know what it should renew and what it shouldn't? It might make sense for the client to drop the deprecated address once all the connections on that address have been dropped, but since this address is deprecated, I don't think there's any contention for it, so it doesn't actually add any value to allow (and therefore require the implementation of) this negotiation. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:17:31 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24094 for ; Wed, 6 Sep 2000 18:17:30 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86MGxi20863; Wed, 6 Sep 2000 18:16:59 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86MGui24627 for ; Wed, 6 Sep 2000 18:16:56 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id VAA04944 for ; Tue, 5 Sep 2000 21:23:30 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86MEkF02081 for ; Wed, 6 Sep 2000 15:14:46 -0700 (MST) Message-Id: <200009062214.e86MEkF02081@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 17:51:46 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0BE@lespaul.process.com> Date: Wed, 06 Sep 2000 15:14:46 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > And DHCPv6 will likely have other means of doing this - like user > class, etc. Right, this sounds good. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:25:01 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24200 for ; Wed, 6 Sep 2000 18:25:00 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86MOHi26431; Wed, 6 Sep 2000 18:24:17 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86MO7i30700 for ; Wed, 6 Sep 2000 18:24:08 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 18:23:52 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0BF@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 18:23:43 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN >Basically, if you force the server to treat the application ID as an >additional qualifier, you force it to have a two-stage lookup - first >it looks up the UUID, which returns a data structure that contains all >the information about all the identity associations for that UUID, and >then you do a lookup in that. I'm not sure we should comment too heavily on how this is implemented (internet-drafts usually stay away from forcing implementations). A simple server could simply use the UUID as a hash and then look through all the entries matching that UUID for the other two ids. Yes, it means it can't hash over the entire field. Or, a simple server could hash on/use the byte stream of: uuid-len:uuid:fill1:ifid-len:ifid:fill2:appid-len:appid:fill3 where fill1, fill2, and fill3 are filler bytes (0) up to the maximum length allowed for each of these fields. That way, you always have a unique value and never any potential for overlap. Sure, it isn't as compact as it could be but it also doesn't impose any potentially unrealistic restrictions. The maximum length for each identifier is likely something that we'd want to specify anyway. - Bernie -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 5:57 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... > I think we're discussing different issues? When I was saying identifier, I > meant "application index". Agreed that a UUID and "interface index" needs to > be supplied (using terminology from your original message). Okay, we agree on this, sort of. I actually spent some time thinking about how to make this work when I composed my other reply to you, but I finally decided that there was no way to do it that didn't force significant complexity on the server. For something like the ISC DHCP server, which practically revels in (I hope useful!) complexity, this is not such a problem, but for something like an Apple Airport base station, I think it would be. Basically, if you force the server to treat the application ID as an additional qualifier, you force it to have a two-stage lookup - first it looks up the UUID, which returns a data structure that contains all the information about all the identity associations for that UUID, and then you do a lookup in that. I think for a trivial embedded DHCP server, you really want to just take the identity association as a whole and do a single lookup on it. I don't think it's right to require the additional complexity in this protocol specification. Note that you are forced to do this because if you don't, you run the risk of the interface index and optional application index combining with the UUID to produce something that's no longer unique. So you could argue that the DHCP server should just mash them all together and do a lookup on that, but I think that would be a bad idea. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:34:36 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24322 for ; Wed, 6 Sep 2000 18:34:36 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86MVhi10398; Wed, 6 Sep 2000 18:31:43 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86MVfi13981 for ; Wed, 6 Sep 2000 18:31:41 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 18:31:22 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0C0@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 18:31:17 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN I think this is just a difference of how you treat the data. I don't see why allowing individual renewals is such a big deal - the DHCP server can find the addresses either by looking for the requested addres. For renewals, that seems most efficient for me. - Bernie -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 6:09 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... Hm, I know I already replied to this, but I just reread it, so now I have more opinions to generously share with you... :'} > When a client needs to renew one or more addresses, it sends the address > assignment ID and the list of addresses (which may be 1 to n). It need NOT > renew all of the addresses at once (since they may each expire at different > times). Note that a request with the address assignment ID and 0 addresses > means that the client doesn't know what addresses it has and thus the server > would send it *ALL* of the addresses it wants to allocate for that client's > address assignment ID. This is how DHCPv6 works now, and I think it's too complicated. I think that all of the addresses in any given identity association should be renewed at once. I think it makes sense that the client should be able to request a particular address (perhaps stripped of its prefix), but this should just be advisory, and the server should send back a renewal of all the addresses associated with that identity association, not just those the client selected. Otherwise I think it's too complicated to implement, and it doesn't really add much value - why is it useful for the client to renew out of sync? Why would the client know what it should renew and what it shouldn't? It might make sense for the client to drop the deprecated address once all the connections on that address have been dropped, but since this address is deprecated, I don't think there's any contention for it, so it doesn't actually add any value to allow (and therefore require the implementation of) this negotiation. _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:44:43 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24381 for ; Wed, 6 Sep 2000 18:44:43 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86Mewi14405; Wed, 6 Sep 2000 18:40:58 -0400 (EDT) Received: from mail.ultradns.com (mail.ultradns.net [64.41.145.150]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86Meli06830 for ; Wed, 6 Sep 2000 18:40:48 -0400 (EDT) Received: (qmail 11335 invoked from network); 6 Sep 2000 22:40:46 -0000 Received: from nat-external.ultradns.net (HELO ULTRADNS6PMNFK) (216.15.7.195) by mail.ultradns.com with SMTP; 6 Sep 2000 22:40:46 -0000 From: "Barr Hibbs" To: DHCPv6 discussion list Subject: RE: DHCPv6 Relay Changes Date: Wed, 6 Sep 2000 15:41:25 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal In-Reply-To: <63D30D6E10CFD11190A90000F805FE8602BEC0BC@lespaul.process.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 7bit I had only this one work item following the interim DHCPv6 Working Group meeting on 31 August. After reviewing the task and the protocol draft, I'm offering the following wording changes. I have not proposed a specific value for the proposed Encapsulated Message Extension, nor for the new Relayed message type, believing that such details follow, almost mechanically, once the principles are agreed. The many other sections which mention or discuss Relay behavior could remain untouched, as I believe the sections I'm offering below are the crucial ones. Please have a lively discussion about this, and reword or rework as you see fit -- I'm going to be on vacation beginning tomorrow until the 24th, sampling the food and wine of the Champagne and Burgundy regions of France, all without my laptop! --Barr Hibbs UltraDNS Corporation "Relay agents should simply encapsulate the clilent message in a DHCPv6 Extension; the relay message should have its own type." Internet Draft DHCP for IPv6 5 May 2000 8.3. What if the client and server(s) are on different links? Use of DHCP in such environments requires one or more DHCP relays be set up on the client's link, because a client may only have a link-local address. Relays pick up the Solicit and Request messages from the client and forward them to some set of servers within the DHCP | domain, after encapsulating the entire received Solicit | or Request message in an extension (number to be | determined) -- the Relay then forwards the encapsulated | message on towards its destination as a new message of | type Relay (number to be determined). | Upon receipt of a relayed message, the client looks in | the extension for the complete, original message, and | acts upon it appropriately. Replies to relayed | messages are first constructed as if they were being | sent directly to the originating server, then | encapsulated in an extension and sent to the Relay from | which the message was received. In the case where multiple Relays are in the path between client and server, each Relay encapsulates messages to forward, so that multiple layers of nesting are possibly where multiple Relays are traversed. A relay will include one of its own addresses (of sufficient scope) of the interface on the same link as the client. The relay also includes the subnet prefix length of that address in the client's messages. Servers receiving the forwarded traffic use this information to aid in selecting configuration parameters appropriate to the client's link. The servers also use the relay's address as the destination to forward client-destined messages for final delivery by the relay. Relays forward client messages to servers using some combination of the FF05::1:3(All Servers) site-local multicast address, some other (perhaps a combination) of site-local multicast addresses set up within the DHCP domain to include the servers in that domain, or a list of unicast addresses for servers. The network administrator makes relay configuration decisions based upon the topological requirements (scope) of the DHCP domain they are managing. Note that if the DHCP domain spans more than the site-local scope, then the relays MUST be configured with global addresses for the client's link so as to be reachable by servers outside the relays' site-local environment. 10.4. Relay Behavior For this discussion, the Relay is assumed to have been configured with some list of server destination addresses, which may be unicast, the FF05::1:3 (All DHCP Servers) multicast address, or some other multicast address selected by the network administrator. 10.4.1. Relaying of Solicit messages When a Relay receives a valid Solicit message, it | first encapsulates the entire received Solicit | message in a new Extension (number to be | determined), then the Relay | places the IP address of the interface upon which it | received the Solicit message in the ``relay-address'' | field of the new (outer) message which | encapsulates the Solicit. The Relay also places the number of bits of that make up the subnet prefix for this address in the ``prefix-len'' field of the | encapsulating message. | The Relay then forwards the encapsulating message to the list of server destination addresses that it has been configured with. 10.4.2. Relaying of Advertise messages When a Relay receives a valid Advertise message, it unicasts the message to the link-local address found in the ``client's link-local address'' field by way of the appropriate network interface. | The Relay need not encapsulate the Advertise message. 11.5. Relay Behavior 11.5.1. Relaying of Request or Release messages When a Relay receives a valid Request or Release message, it forwards it to the IP address found in the ``server-address'' field of the message. | The Relay encapsulates the received message in an Extension | (number to be determined) and forwards the new message. From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:50:12 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24433 for ; Wed, 6 Sep 2000 18:50:12 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86Mmsi28049; Wed, 6 Sep 2000 18:48:59 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Mmni06471 for ; Wed, 6 Sep 2000 18:48:49 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id VAA05058 for ; Tue, 5 Sep 2000 21:55:23 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86MkbF02182 for ; Wed, 6 Sep 2000 15:46:37 -0700 (MST) Message-Id: <200009062246.e86MkbF02182@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 18:23:43 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0BF@lespaul.process.com> Date: Wed, 06 Sep 2000 15:46:36 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > Or, a simple server could hash on/use the byte stream of: > uuid-len:uuid:fill1:ifid-len:ifid:fill2:appid-len:appid:fill3 Right, you could have a complicated way of solving the problem. Of course, a representation like this would waste a lot of memory. The question is, why do you want the complicated solution - what does it buy us? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 18:53:44 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24460 for ; Wed, 6 Sep 2000 18:53:44 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e86MrLi28867; Wed, 6 Sep 2000 18:53:21 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e86Mr5i32695 for ; Wed, 6 Sep 2000 18:53:06 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-242.ip.theriver.com [206.97.58.242]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id VAA05066 for ; Tue, 5 Sep 2000 21:59:33 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e86MokF02195 for ; Wed, 6 Sep 2000 15:50:46 -0700 (MST) Message-Id: <200009062250.e86MokF02195@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Bernie Volz of "Wed, 06 Sep 2000 18:31:17 -0400." <63D30D6E10CFD11190A90000F805FE8602BEC0C0@lespaul.process.com> Date: Wed, 06 Sep 2000 15:50:46 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > I think this is just a difference of how you treat the data. I don't see why > allowing individual renewals is such a big deal - the DHCP server can find > the addresses either by looking for the requested addres. For renewals, that > seems most efficient for me. If you provide a mechanism for allowing the client to renew individual portions of the set of addresses provided for an identity association, it complicates both the specification and the implementation. The server has to implement the case where it returns all the addresses for an identity association. Now you want to have a special case where it returns some subset of that. Why? What does this buy us? When are you going to have expiry times that vary in this way? I would expect that the only time you'd give addresses different expiry times would be when one or more addresses are deprecated - those might expire early. But you can't renew them - when they expire, that's it - you're done with them. So providing a mechanism like this doesn't make any sense to me. Can you come up with a practical reason why we would want such a mechanism? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 21:20:10 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA25659 for ; Wed, 6 Sep 2000 21:20:10 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e871EZi27589; Wed, 6 Sep 2000 21:14:35 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e871EUi21185 for ; Wed, 6 Sep 2000 21:14:30 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 21:14:14 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0C2@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Wed, 6 Sep 2000 21:14:07 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted: Let's step back a moment. I've been thinking in IPv4 terms when DHCPv6 is really dealing with IPv6 terms. Addresses have lifetimes, not lease times. Lifetimes are 32-bit values, in seconds. They actually have two lifetimes - valid and preferred. In IPv6 Router Advertisements, each prefix has a lifetime (RFC 2461, 4.6.2. Prefix Information). Therefore, why would not each address have a lifetime? And, this lifetime could easily be different. Also, a case in point (from the DHCPv6 Extensions draft): To perform renumbering, the server will include two IP address extensions, one to reduce the preferred and valid lifetimes for the old address, and another to give the client its new address. Looking into the IPv6 documents brings up some interesting issues: - How do the DHCPv6 lifetimes interact with the Router Advertisements lifetimes? Routers will likely be advertising these prefixes with the 'A' bit clear. I think the DHCPv6 draft should provide some guidelines for clients. - Is a multicast RECONFIGURE request really required? The Router Advertisements might do the job as they would "deprecate" the address and force clients to renew (if they must honor Router Advertisements). [Jim/Mike/Charlie - Sorry if you've already addressed these issues in the DHCPv6 drafts, but I was unable to find the sections.] I'd suggest that clients honor Router Advertisements and use the lesser of Router Advertisement and DHCPv6 lifetimes. But this likely requires some integration between the DHCPv6 client and the IPv6 stack (client needs to be passed and parse Router Advertisements or some signalling mechanism). [Sorry for adding complexity.] - Bernie Volz -----Original Message----- From: Ted Lemon [mailto:mellon@nominum.com] Sent: Wednesday, September 06, 2000 6:51 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... > I think this is just a difference of how you treat the data. I don't see why > allowing individual renewals is such a big deal - the DHCP server can find > the addresses either by looking for the requested addres. For renewals, that > seems most efficient for me. If you provide a mechanism for allowing the client to renew individual portions of the set of addresses provided for an identity association, it complicates both the specification and the implementation. The server has to implement the case where it returns all the addresses for an identity association. Now you want to have a special case where it returns some subset of that. Why? What does this buy us? When are you going to have expiry times that vary in this way? I would expect that the only time you'd give addresses different expiry times would be when one or more addresses are deprecated - those might expire early. But you can't renew them - when they expire, that's it - you're done with them. So providing a mechanism like this doesn't make any sense to me. Can you come up with a practical reason why we would want such a mechanism? _MelloN_ From owner-dhcp-v6@bucknell.edu Wed Sep 6 21:30:56 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA25746 for ; Wed, 6 Sep 2000 21:30:47 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e871TRi29480; Wed, 6 Sep 2000 21:29:27 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e871TAi02222 for ; Wed, 6 Sep 2000 21:29:10 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Wed, 6 Sep 2000 21:28:54 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0C3@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 Relay Changes Date: Wed, 6 Sep 2000 21:28:46 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Barr: While I understand the forward (client to relay to server) message traffic, the reverse traffic isn't clear. I assume the server sends back the message to the relay without having to encapsulate it? If you allow the multiple encapsulations (one for each relay), how does the reverse traffic occur? It goes to the relay nearest the client since it is the only one that can communicate with the client? Why then include information about the other relays along the forward (to server) path (I guess this in case of IPsec? But why re-encapsulate?). Perhaps I missed something in the write up? Please see two comments (prefixed by >>>) in the original message below. Have a good time on your vacation. - Bernie -----Original Message----- From: Barr Hibbs [mailto:rbhibbs@ultraDNS.com] Sent: Wednesday, September 06, 2000 6:41 PM To: DHCPv6 discussion list Subject: RE: DHCPv6 Relay Changes I had only this one work item following the interim DHCPv6 Working Group meeting on 31 August. After reviewing the task and the protocol draft, I'm offering the following wording changes. I have not proposed a specific value for the proposed Encapsulated Message Extension, nor for the new Relayed message type, believing that such details follow, almost mechanically, once the principles are agreed. The many other sections which mention or discuss Relay behavior could remain untouched, as I believe the sections I'm offering below are the crucial ones. Please have a lively discussion about this, and reword or rework as you see fit -- I'm going to be on vacation beginning tomorrow until the 24th, sampling the food and wine of the Champagne and Burgundy regions of France, all without my laptop! --Barr Hibbs UltraDNS Corporation "Relay agents should simply encapsulate the clilent message in a DHCPv6 Extension; the relay message should have its own type." Internet Draft DHCP for IPv6 5 May 2000 8.3. What if the client and server(s) are on different links? Use of DHCP in such environments requires one or more DHCP relays be set up on the client's link, because a client may only have a link-local address. Relays pick up the Solicit and Request messages from the client and forward them to some set of servers within the DHCP | domain, after encapsulating the entire received Solicit | or Request message in an extension (number to be | determined) -- the Relay then forwards the encapsulated | message on towards its destination as a new message of | type Relay (number to be determined). | Upon receipt of a relayed message, the client looks in >>> Isn't "client" in the above line "server"? | the extension for the complete, original message, and | acts upon it appropriately. Replies to relayed | messages are first constructed as if they were being | sent directly to the originating server, then >>> Isn't "server" in the above line "client"? (servers don't originate messages) | encapsulated in an extension and sent to the Relay from | which the message was received. In the case where multiple Relays are in the path between client and server, each Relay encapsulates messages to forward, so that multiple layers of nesting are possibly where multiple Relays are traversed. A relay will include one of its own addresses (of sufficient scope) of the interface on the same link as the client. The relay also includes the subnet prefix length of that address in the client's messages. Servers receiving the forwarded traffic use this information to aid in selecting configuration parameters appropriate to the client's link. The servers also use the relay's address as the destination to forward client-destined messages for final delivery by the relay. Relays forward client messages to servers using some combination of the FF05::1:3(All Servers) site-local multicast address, some other (perhaps a combination) of site-local multicast addresses set up within the DHCP domain to include the servers in that domain, or a list of unicast addresses for servers. The network administrator makes relay configuration decisions based upon the topological requirements (scope) of the DHCP domain they are managing. Note that if the DHCP domain spans more than the site-local scope, then the relays MUST be configured with global addresses for the client's link so as to be reachable by servers outside the relays' site-local environment. 10.4. Relay Behavior For this discussion, the Relay is assumed to have been configured with some list of server destination addresses, which may be unicast, the FF05::1:3 (All DHCP Servers) multicast address, or some other multicast address selected by the network administrator. 10.4.1. Relaying of Solicit messages When a Relay receives a valid Solicit message, it | first encapsulates the entire received Solicit | message in a new Extension (number to be | determined), then the Relay | places the IP address of the interface upon which it | received the Solicit message in the ``relay-address'' | field of the new (outer) message which | encapsulates the Solicit. The Relay also places the number of bits of that make up the subnet prefix for this address in the ``prefix-len'' field of the | encapsulating message. | The Relay then forwards the encapsulating message to the list of server destination addresses that it has been configured with. 10.4.2. Relaying of Advertise messages When a Relay receives a valid Advertise message, it unicasts the message to the link-local address found in the ``client's link-local address'' field by way of the appropriate network interface. | The Relay need not encapsulate the Advertise message. 11.5. Relay Behavior 11.5.1. Relaying of Request or Release messages When a Relay receives a valid Request or Release message, it forwards it to the IP address found in the ``server-address'' field of the message. | The Relay encapsulates the received message in an Extension | (number to be determined) and forwards the new message. From owner-dhcp-v6@bucknell.edu Thu Sep 7 00:38:02 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA29726 for ; Thu, 7 Sep 2000 00:38:02 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e874Z8i06085; Thu, 7 Sep 2000 00:35:08 -0400 (EDT) Received: from zmamail01.zma.compaq.com (zmamail01.zma.compaq.com [161.114.64.101]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e874Z2i14091 for ; Thu, 7 Sep 2000 00:35:02 -0400 (EDT) Received: by zmamail01.zma.compaq.com (Postfix, from userid 12345) id EF5F14824; Thu, 7 Sep 2000 00:34:42 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail01.zma.compaq.com (Postfix) with ESMTP id C0ED74953 for ; Thu, 7 Sep 2000 00:34:42 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id AAA0000736898; Thu, 7 Sep 2000 00:33:52 -0400 (EDT) From: Jim Bound Message-Id: <200009070433.AAA0000736898@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Discussion Item - Using DHCPv4 options in DHCPv6 (Item 6 on Confe rence Call Agenda) In-reply-to: Your message of "Fri, 01 Sep 2000 09:40:45 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC08D@lespaul.process.com> Date: Thu, 07 Sep 2000 00:33:51 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Hi Bernie, I think this is a good idea. As a note we did go thru the dhcpv4 options (not the latest ones) and tried to copy them to dhcpv6 exts draft. I strongly agree that it will be much easier for us in the future to look at options this way too. regards, /jim, From owner-dhcp-v6@bucknell.edu Thu Sep 7 00:57:32 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA29795 for ; Thu, 7 Sep 2000 00:57:26 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e874uwi24321; Thu, 7 Sep 2000 00:56:58 -0400 (EDT) Received: from zmamail01.zma.compaq.com (zmamail01.zma.compaq.com [161.114.64.101]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e874uii20739 for ; Thu, 7 Sep 2000 00:56:44 -0400 (EDT) Received: by zmamail01.zma.compaq.com (Postfix, from userid 12345) id AFA0D4969; Thu, 7 Sep 2000 00:56:28 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail01.zma.compaq.com (Postfix) with ESMTP id 6D6A74B16 for ; Thu, 7 Sep 2000 00:56:28 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id AAA0000739886; Thu, 7 Sep 2000 00:56:26 -0400 (EDT) From: Jim Bound Message-Id: <200009070456.AAA0000739886@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 on Co nference Call Agenda) In-reply-to: Your message of "Fri, 01 Sep 2000 09:51:55 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC08E@lespaul.process.com> Date: Thu, 07 Sep 2000 00:56:25 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie, >During the DHCPv6 conference call on Thursday, August 31st, I was assigned >the "responsibility" of coming to a resolution on reconfiguration in DHCPv6 >(items 8, 9, and 18 on Ralph's compiled list): >8. Allow Reconfigure and Reconfigure-reply messages to be sent via a > relay to client's which do not have such reachable IP addresses, in > order to inform them of changes in non-releasable resources? The > same thing could also go for Reconfigure-init to some extent. Not a problem for reconfigure-init either. But more important question. #1 Did the reconfigurexxxx come initially from the server? #2 Or can the relay send this without any prodding by the server? I think net admins I know running DHCPv4 would not be happy having to manage relays to do reconfigures at all. So I question #2 is useful to the market. Also for #2 the server has no way of identifying the trans ID for reconfigure to know a client responded and we don't want the relay doing this as then it must keep state. >9. Might a client send a Solicit in response to a Reconfigure-init? > What if the topology changes such that this is necessary in order > find a DHCP server with can allocate addresses on the new subnet? As long as the client uses the reconfigure trans-id from the reconfigure init. But if the client has a globally reachable address (or of sufficient scope) this is uncessary as I see it. Can you expound on why allocating a new subnet? I would not think the server reconfigure-init should reach the client if it could not do this? >18. Simplify reconfiguration; Use DHCPv4-style reconfiguration Why is DHCPv4-Style more simple? Can you expound on what the changes would be for the list from what is done in DHCPv6 at this point to how it would look as dhcpv4 does it? For example I think we need the archtype of reconfigure and reconfigure-init as a architectural model. reconfigure for mobile nodes as optimization and reconfigure-init for general purpose which is similar to dhcpv4 reconfigure option. >I believe the general consensus was a desire to use the DHCPv4-style >reconfiguration (unicast from server to client). However, there is also a >desire to accommondate multicasting as for major network reconfiguration >events, unicasting may inefficient (if there are 1000's of clients to >notify). But multicasting opens up significant security issues. We cannot not assume multicast for reconfigure in IPv6. We may want health warnings. But I need to hear on the list what does this all mean from your perspective comparing the two so we can have that discussion to reach resolution. >Let's start the discussion. As we did not set a deadline at the conference >call, other than stating a week, and given the Labor Day holiday, I'd like >to conclude this discussion by end of day Friday, September 8. I don't think that will happen we have to have some discussion on this one. thanks /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 01:22:23 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA01914 for ; Thu, 7 Sep 2000 01:22:23 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e875J5i25406; Thu, 7 Sep 2000 01:19:05 -0400 (EDT) Received: from zmamail01.zma.compaq.com (zmamail01.zma.compaq.com [161.114.64.101]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e875Iqi19420 for ; Thu, 7 Sep 2000 01:18:52 -0400 (EDT) Received: by zmamail01.zma.compaq.com (Postfix, from userid 12345) id BDBC958DE; Thu, 7 Sep 2000 01:17:59 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail01.zma.compaq.com (Postfix) with ESMTP id 0F46222E9 for ; Thu, 7 Sep 2000 01:17:59 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id BAA0000743709; Thu, 7 Sep 2000 01:17:56 -0400 (EDT) From: Jim Bound Message-Id: <200009070517.BAA0000743709@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 00:29:41 PDT." <200009060729.e867TfC01827@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 01:17:55 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, >If the client wants to have IP addresses that have different meanings, >it generates more than one identity. That is, if the client wants to >be able to listen on one IP address and provide service for >www.arf.org, and on another IP address and provide service for >www.blaznorf.edu, it creates two seperate identities, and it maintains >completely seperate state machines for two seperate identity >associations. The server doesn't need to know that the two identities >are related, although we may want to make it *possible* for the server >to know that they are related. It is imperative IMO that we make it so the server can know that a client "set" of identities applies to a client interface on the link. The reason is an implementation one. I want to be able to reduce my search tree for clients on the same link and interface for admin reasons too. Soooo.. I think part of the client identifier should include a set of bits that identify the interface too. Right now the identifier is a link-local address and 128bits. I am sure we can do this in 64bits but I don't trust 32bits. But that is details. What I would like is to have a "set" part in the identifier. I also think this can reduce the state machine complexity at the client implementation. A client identity for the same interfaces if known will make the code base for IPv6 base reqs much easier to be managed and perform better. >There is also the question of when the client can ask for addresses. >I think the answer is "anytime". It should be possible to fork a new >identity association at the request of an application, and to get rid >of it later at the request of the application. It should be possible >for the DHCP client to generate an identity association for each >network interface at boot time. I don't think we need to specify >this, other than to say "the client gets to decide when it does this." Just a nit. It don't have to be a fork could be an asynch op or thread. The input to the client dhcpv6 mod will have to apply to an interface though as more reason to make a set within the identifier. >As to the question of synchronization between identity associations, I >don't think it's possible, although it's a seductive idea. I think >the DHCP client should send seperate packets for each identity >association. We could make it optionally possible to combine requests >on behalf of more than one identity association, but I think this >costs us some complexity and I can't see any way that it helps us, >beyond perhaps the initial packet requesting addresses for each >identity association. It would be nice if the DHCP server could >present a uniform set of extensions that is consistent across identity >associations, but I don't see any way to specify this that is helpful >- I think this is a topic for future research. I think if we add a set section of bits we can head in the right direction. >One interesting fallout from having a renewal time on the identity >association rather than on the address is that it means that the >server can respond with zero IP addresses and a renewal time, forcing >the client to wait some period of time without getting an IP address, >and then try again. I don't know if we care about this - it's just >something that occurred to me. We have talked about similar >functionality for DHCPv4 in the past, but I don't get the impression >that everybody thinks this is a good idea. I think its a fine idea as long as the adherence to the reqs for Ipv6 addresses in stateless addrconf applies to dhcpv6 too. One of the implementation reqs for dhcpv6 is to not break the if6_net (new ifnet for IPv6) on an IPv6 implementation. But I don't think it matters if we renew valid and preferred lifetimes (this is far different than dhcpv4 nomenclature too and we have to use it) for the addresses a client identifier. I also think with the set bits above we could kill all addresses still on an interface on a link too. Net admins will not want to send out 3 messages to 3 different identitity associations to stop address use on a client that has an interface it want to kill. >So I have two questions: first, does this presentation make sense, or >have I left out things that are obvious to me but not to the reader. >Second, if it makes sense, is it the right thing to do? What do we >need to change? I would like to explore during the design of the identifier the ability to clump if you will a set of bits in the identifiers that make it known that its from the same client interface. But I do like this model. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 01:34:59 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA03509 for ; Thu, 7 Sep 2000 01:34:56 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e875YOi30224; Thu, 7 Sep 2000 01:34:24 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e875YMi22059 for ; Thu, 7 Sep 2000 01:34:22 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id 7F4762595; Thu, 7 Sep 2000 00:34:06 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id C756D1342 for ; Thu, 7 Sep 2000 00:34:05 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id BAA0000747748; Thu, 7 Sep 2000 01:34:02 -0400 (EDT) From: Jim Bound Message-Id: <200009070534.BAA0000747748@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-reply-to: Your message of "Wed, 06 Sep 2000 00:44:39 PDT." <200009060744.e867idC01841@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 01:33:57 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, >We had a nice discussion about client identifiers during the >conference call. The issues that I remember us talking about are: > (a) Giving a DHCP client a unique identification that does > not change when network hardware changes > (b) Providing a way to identify more than one instance of > usage (I called these identity associations in my message > about the DHCPv6 address model) within an individual client. > (c) Providing a way for the server to tell that two identity > associations actually represent one client. I would add and an interface on the client. > (d) Providing a way to have a single authentication > key work with all of a client's identity associations. I think this is mandatory. >For (a), we seem to have pretty much agreed that we need a >universally-unique identifier, similar to what Intel has done in the >PXE specification. I would also look at what infiniband has done for the GUID. I also think we cannot be stingy with the bits here. If we need 128bits so be it if we can use less fine. >We can solve (b) by having the client come up with more than one >UUID. However, to solve (c) and (d), it would be better if we >defined a way to have the DHCP client specify a UUID and then specify >a modifier to that UUID, so that the identity association would >actually be made up of {modifier, UUID}. Authentication would be >done based on {UUID}, not on {modifier, UUID}, and the server could >therefore tell that two identity associations are the same client by >noticing that although the modifier is different, the UUID is the >same. This will work I think. >In order to avoid creating the possibility of namespace clashes, I'd >suggest that we specify the modifier as a 16-bit number, defined by >the client, that's just an index. So if a DHCP client had two >network interfaces, its two identity associations would probably be >{0, UUID} and {1, UUID}. I would like to see the UUID be recognizable if its the same client for the same interface. So I guess I want to discuss what we do with the UUID? This may be where the infiniband GUID helps. >There is one problem with this: if the DHCP client is not consistent >about assigning prefixes, it would be possible for it to assign {0, >UUID} to one network interface one time, and {1, UUID} to that network >interface the next time. This shouldn't be a huge problem for a >typical client, but for fancy clients the client implementor might >want to actually maintain its own mapping between the network hardware >address and the index. Do you mean "prefixes" above for the UUID? >It might also make sense to have the modifier be an 8-bit interface >index and an 8-bit application index, with application index == 0 >always being the initial configuration for that interface. So a >typical client with two network interfaces would have these two >identity associations: {0, 0, UUID} and {1, 0, UUID}. And if an >application decided to listen with its own address on each interface, >then the client would have four identity associations: {0, 0, UUID}, >{0, 1, UUID}, {1, 0, UUID} and {1, 1, UUID}. I would use more than 8 bits for each. I would use 16 for each and 96 for the UUID. The success or failure of this is how we do the UUID or whatever it ends up to be. I think that needs its own mail thread discussion to get some ideas. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:00:10 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA06439 for ; Thu, 7 Sep 2000 02:00:09 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e875uqi14284; Thu, 7 Sep 2000 01:56:52 -0400 (EDT) Received: from zmamail02.zma.compaq.com (zmamail02.zma.compaq.com [161.114.64.102]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e875uji30394 for ; Thu, 7 Sep 2000 01:56:45 -0400 (EDT) Received: by zmamail02.zma.compaq.com (Postfix, from userid 12345) id 5C35211D1; Thu, 7 Sep 2000 01:56:30 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail02.zma.compaq.com (Postfix) with ESMTP id 223661340 for ; Thu, 7 Sep 2000 01:56:30 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id BAA0000750393; Thu, 7 Sep 2000 01:55:39 -0400 (EDT) From: Jim Bound Message-Id: <200009070555.BAA0000750393@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 13:33:11 PDT." <200009062033.e86KXBF01749@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 01:55:38 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, >Do we need to make an explicit distinction here between "new" and >"renew"? This I think must be an idempotent semantic to the server and how it is in dhcpv6 since we removed the xid stuff. The client should not have to do anything special or understand this with your proposed model. An identity association will only ever get x number of addresses for a specific instance of the UUID with the modifiers: Interface Instance Identifier 1 1 glok-glok-clump 1 2 glok-glok-clump 2 1 glok-glok-clump Interface 1 Instance 1 will get x addresses Interface 1 Instance 2 will get x addresses (client wanted more addresses for another URL like your example in your kick-off thread on this topic) [I don't like zero to represent interfaces or instances also I liked your three-tuple approach to identification and I think Bernie did to as his respond had 3-tuple also] Once the server gives Interface 1 Instance 1 a set of addresses and the client comes back its either asking for a renewal or releasing them. This also I think addresses Ralphs concern about the multiple address model being different than DHCPv4. We keep the good implementation knowledge of a finite set address model from DHCPv4, but permit with the Interface+Instance+UUID model the ability to do what Charlie wants with minimal work to the spec and I think a much clearer implementation model. As captain kirk stated we would have a win-win scenario and we can declare victory as a WG and move on. If we can also define this UUID beast. p.s. Also you should re-suggest your clump idea to send these addresses back and forth at the appropriate time you hinted at in the design team. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:04:21 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA12310 for ; Thu, 7 Sep 2000 02:04:19 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8763ji28257; Thu, 7 Sep 2000 02:03:45 -0400 (EDT) Received: from zmamail02.zma.compaq.com (zmamail02.zma.compaq.com [161.114.64.102]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8763ci06740 for ; Thu, 7 Sep 2000 02:03:38 -0400 (EDT) Received: by zmamail02.zma.compaq.com (Postfix, from userid 12345) id 10C9B11C7; Thu, 7 Sep 2000 02:03:23 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail02.zma.compaq.com (Postfix) with ESMTP id CD63A103D for ; Thu, 7 Sep 2000 02:03:22 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000751978; Thu, 7 Sep 2000 02:03:19 -0400 (EDT) From: Jim Bound Message-Id: <200009070603.CAA0000751978@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 16:46:22 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC0BC@lespaul.process.com> Date: Thu, 07 Sep 2000 02:03:18 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie, >>Jim asked us to contribute actual verbiage for any >>changes we want to the current spec, so I'm expecting to contribute >>verbiage for the address model proposal, but I don't feel confident >>that I could word this part correctly. Could you do that? > >Hm. I'm using my IPv6 knowledge that's several years old. From what I >understand, it is hopefully still valid. I can certainly try, but there may >be little need as this concept (requesting an address with a specific >prefix) is already in the DHCPv6 draft. We need to recall that we today permit two ways to give out addresses. In dhcpv6 of course. #1. Send the client 128bit address in total. #2. Send the client prefixes and they use their link-local. (this is how stateless works). This is not a problem to write up if we understand our own model it will work both ways above again I assume. >>I'm afraid I don't know what you mean by a "basic" address request. >>Can you expand on this? >Sure. What I meant was the request the system generates when it comes up, >instead of an application or otherwise requested allocation. All systems are >likely to request this whenever DHCP is enabled on an interface, so rather >than having them supply an identifier, make this the no (or null) >identifier. That way, a simple client that only supports "one" allocation >never has to deal with this identifier. I don't think a null identifier is wise. Recall one of the goals. These need to be used for security. I think the IESG will barf all over any identifiers that also are used to determine security associations and then we permit it to be null. At least I would if on the IESG. If we go with teds model I don't see any overhead using the identifier and their is minimal performance gain vs the functionality we get by saying you must use the identifier. We have an opportunity with this model to also make dhcpv6 very "secure" ""in a cost efficienct manner". regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:10:23 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA12696 for ; Thu, 7 Sep 2000 02:10:23 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8769mi11780; Thu, 7 Sep 2000 02:09:48 -0400 (EDT) Received: from zmamail02.zma.compaq.com (zmamail02.zma.compaq.com [161.114.64.102]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8769ki28612 for ; Thu, 7 Sep 2000 02:09:46 -0400 (EDT) Received: by zmamail02.zma.compaq.com (Postfix, from userid 12345) id 41B58E5B; Thu, 7 Sep 2000 02:09:31 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail02.zma.compaq.com (Postfix) with ESMTP id 1F2C81DE for ; Thu, 7 Sep 2000 02:09:31 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000752627; Thu, 7 Sep 2000 02:08:48 -0400 (EDT) From: Jim Bound Message-Id: <200009070608.CAA0000752627@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-reply-to: Your message of "Wed, 06 Sep 2000 14:21:57 PDT." <200009062121.e86LLvF01856@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 02:08:42 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, >+-------------+-----+--------+-------------+-----+------+ >| option code | len | prefix | option code | len | UUID | >+-------------+-----+--------+-------------+-----+------+ > >or: > >+-------------+-----+--------+------+ >| option code | len | prefix | UUID | >+-------------+-----+--------+------+ > >I think the second option is pretty desirable, so we should have a >good reason for not doing it. Absolutely correct. As side note I was one of the key principles in IPv6 that shot variable addresses in the head and had some formiddable opponents. I am pretty adamant about this the second case is much less code all around too. Also I had suggested in earlier response use 16bits for interface 16bits for instance thats 32K of interfaces and 32k of instances. something else in dhcpv6 will break before that does. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:17:11 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA12754 for ; Thu, 7 Sep 2000 02:17:10 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e876Gci02738; Thu, 7 Sep 2000 02:16:38 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e876GUi25181 for ; Thu, 7 Sep 2000 02:16:30 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id 5CA3927BE; Thu, 7 Sep 2000 01:16:15 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id DF7BC1350 for ; Thu, 7 Sep 2000 01:16:14 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000753948; Thu, 7 Sep 2000 02:16:12 -0400 (EDT) From: Jim Bound Message-Id: <200009070616.CAA0000753948@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 14:56:34 PDT." <200009062156.e86LuYF01975@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 02:16:11 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, Sorry I am catching up. Just got back from labor day really. >Basically, if you force the server to treat the application ID as an >additional qualifier, you force it to have a two-stage lookup - first >it looks up the UUID, which returns a data structure that contains all >the information about all the identity associations for that UUID, and >then you do a lookup in that. I think for a trivial embedded DHCP >server, you really want to just take the identity association as a >whole and do a single lookup on it. I don't think it's right to >require the additional complexity in this protocol specification. I think we need Instance or Application-index or whatever. But I don't think its a problem for a server if the field is split or all in one chunk. Interface App-Index-Instance UUID or UUID == Interface+App-Index-Instance+client ID In either case I think 16bits+16bits+96bits is required and sufficient. When I do the hash, link-list, or btree search I will concatenate them at the server and do the lookup once (unless I don't get hit right). Either way your search will be the same. >Note that you are forced to do this because if you don't, you run the >risk of the interface index and optional application index combining >with the UUID to produce something that's no longer unique. So you >could argue that the DHCP server should just mash them all together >>and do a lookup on that, but I think that would be a bad idea. Superb argument. Thats right we want the uuid to be alone for the security too. They should be split up in the eventual message format. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:22:43 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA12790 for ; Thu, 7 Sep 2000 02:22:43 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e876MDi19867; Thu, 7 Sep 2000 02:22:13 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e876M9i22963 for ; Thu, 7 Sep 2000 02:22:09 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id F0AEF1294; Thu, 7 Sep 2000 01:21:53 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id 7F5191CE2 for ; Thu, 7 Sep 2000 01:21:53 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000754841; Thu, 7 Sep 2000 02:21:51 -0400 (EDT) From: Jim Bound Message-Id: <200009070621.CAA0000754841@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 15:09:21 PDT." <200009062209.e86M9LF02027@grosse.bisbee.fugue.com> Date: Thu, 07 Sep 2000 02:21:50 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted, >This is how DHCPv6 works now, and I think it's too complicated. I >think that all of the addresses in any given identity association >should be renewed at once. I think it makes sense that the client >should be able to request a particular address (perhaps stripped of >its prefix), but this should just be advisory, and the server should >send back a renewal of all the addresses associated with that identity >association, not just those the client selected. Otherwise I think >it's too complicated to implement, and it doesn't really add much >value - why is it useful for the client to renew out of sync? Why >would the client know what it should renew and what it shouldn't? It >might make sense for the client to drop the deprecated address once >all the connections on that address have been dropped, but since this >address is deprecated, I don't think there's any contention for it, so >it doesn't actually add any value to allow (and therefore require the >implementation of) this negotiation. Also why would a server give one valid / preferred time to one address and not the other? I can see it happening but why? But then lets suppose an admin says this client gets three addresses for this Interface+Instance+UUID. But one of them I want to renew with me cause the prefix is a "special" thing? Then we do have the situation where renewing all of them is a waste of client and server processing. We need to consider this carefully. But it is still not like dhcpv6. The difference is that this model has finite set of addresses for a specific client UUID not variable. So it is very managable. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 02:55:13 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA12962 for ; Thu, 7 Sep 2000 02:55:12 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e876nYi12304; Thu, 7 Sep 2000 02:49:34 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e876nKi24126 for ; Thu, 7 Sep 2000 02:49:20 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id 03BB4420C; Thu, 7 Sep 2000 01:49:04 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id 611B9246D for ; Thu, 7 Sep 2000 01:49:04 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000756655; Thu, 7 Sep 2000 02:49:00 -0400 (EDT) From: Jim Bound Message-Id: <200009070649.CAA0000756655@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-reply-to: Your message of "Wed, 06 Sep 2000 21:14:07 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC0C2@lespaul.process.com> Date: Thu, 07 Sep 2000 02:48:58 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie, >Let's step back a moment. I've been thinking in IPv4 terms when DHCPv6 is >really dealing with IPv6 terms. This is an important mind set for dhcpv6. >Addresses have lifetimes, not lease times. Lifetimes are 32-bit values, in >seconds. They actually have two lifetimes - valid and preferred. yes we need to not think in the same lease terms as dhcpv4 but as you state above I said this in earlier thread. >In IPv6 Router Advertisements, each prefix has a lifetime (RFC 2461, 4.6.2. >Prefix Information). >Therefore, why would not each address have a lifetime? And, this lifetime >could easily be different. This was my input to Ted. In fact IPv6 does encourage admins to give ou different times for different prefixes. They may know that the first prefix to a client who can have 3 addresses will expire before the other too and reduce the preferred lifetime. As I said if an admin does this dhcpv6 should not require the entire addresses set to be renewed because the earlier address has become deprecated and about to expire. >Also, a case in point (from the DHCPv6 Extensions draft): > To perform renumbering, the server will include two IP address > extensions, one to reduce the preferred and valid lifetimes > for the old address, and another to give the client its new > address. Also what we wanted to do to support the notion of T1 and T2 in dhcpv4 was state that when your address is 80% till it becomes deprecated (the preferred timer goes off) renew the address or ask for a new one. In the model Ted is proposing all the client can do is renew the address or request a new set. But in IPv6 it is permissable to have addresses expire at different times. >Looking into the IPv6 documents brings up some interesting issues: >- How do the DHCPv6 lifetimes interact with the Router Advertisements >lifetimes? Routers will likely be advertising these prefixes with the 'A' >bit clear. I think the DHCPv6 draft should provide some guidelines for >clients. They must coexist. We have to do duplicate address detection for dhcpv6 addresses just like we do for stateless addresses. This will prevent collisions. Implementor Note - What I would do is put the dhcpv6 addresses on the same if6_net list that the stateless are on and mark them as dhcpv6 begotten. >- Is a multicast RECONFIGURE request really required? The Router >Advertisements might do the job as they would "deprecate" the address and >force clients to renew (if they must honor Router Advertisements). >[Jim/Mike/Charlie - Sorry if you've already addressed these issues in the >DHCPv6 drafts, but I was unable to find the sections.] Assume the customer is not running stateless or only to tell the clients go use dhcpv6. The admin does not want stateless sending out any prefixes? Stateless does not need reconfigure archtype Router is on the link and advertisements rule. >I'd suggest that clients honor Router Advertisements and use the lesser of >Router Advertisement and DHCPv6 lifetimes. But this likely requires some >integration between the DHCPv6 client and the IPv6 stack (client needs to be >passed and parse Router Advertisements or some signalling mechanism). [Sorry >for adding complexity.] Yes stateless rules for a prefix. If a network permits this they should have good reason. One good reason would be use dhcpv6 to give out addresses using prefixes as stateless does but use stateless router advertisements to force renumbering by reducing valid and preferred lifetimes for all addresses. Thats why I will mark the ipv6 addresses on the if6_net as stateful or stateless. If Rtr adv reduces lifetimes I will know this and be able to either release the address or renew it. Another reason to permit individual renewals because one prefix may get renumbered and the others are fine. The bottom line is once you permit a client to have mulitple addresses for an identifier though finite and fixed they must be individually renewable and updated per IPv6 architecture and stateless addrconf. The good news is that stateless or stateful are NOT permitted to send a zero valid lifetime to kill and address it must be not less than 2 minutes. This was added to stateless rfc2462.txt to prevent DOS attacks from shooting IPv6 nodes in the head with rtr advs. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 03:02:00 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA13076 for ; Thu, 7 Sep 2000 03:01:59 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e87713i21366; Thu, 7 Sep 2000 03:01:03 -0400 (EDT) Received: from ztxmail02.ztx.compaq.com (ztxmail02.ztx.compaq.com [161.114.1.206]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e87710i26498 for ; Thu, 7 Sep 2000 03:01:00 -0400 (EDT) Received: by ztxmail02.ztx.compaq.com (Postfix, from userid 12345) id 5D3CB10CC; Thu, 7 Sep 2000 02:00:45 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail02.ztx.compaq.com (Postfix) with ESMTP id 474C811EF for ; Thu, 7 Sep 2000 02:00:41 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id CAA0000757316; Thu, 7 Sep 2000 02:59:49 -0400 (EDT) From: Jim Bound Message-Id: <200009070659.CAA0000757316@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 Relay Changes In-reply-to: Your message of "Wed, 06 Sep 2000 21:28:46 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC0C3@lespaul.process.com> Date: Thu, 07 Sep 2000 02:59:48 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Barr/folks, Is this really encapsulation? or A new relay extension msg type to encapsulate client solicits and requests. At the design meeting I was thinking real encapsulation. So the entire Ipv6 would be encapsulated by the relay and sent to the server in the various ways as Barr noted (multicast/unicast). We would have a new protocol-id for IPv6 that says inside this IPv6 header is a dhcpv6 message proto-id ??? TBD. The server upon receiving this at the IPv6 net layer would decapsulate move the relay address into the giaddr or whatever field, then deliver it via udp to the server. The server then would respond directly back to the relay as it does now in dhcpv4 or dhcpv6. This model would need no nested encaps or decaps as the routing would take care of getting the packet to the server from the relay based on the dst address in IPv6 header. If one wants to use a new extension to do this then the question is the clients Ipv6 header kept in tact behind the relay UDP data (where the new extension will exist)? But even in that case it is not necessary to nest the extension or the encap/decap as this is handled by the routing fabric for IPv6. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 11:11:27 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA18111 for ; Thu, 7 Sep 2000 11:11:23 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e87F6Ri04278; Thu, 7 Sep 2000 11:06:29 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e87F5ri02801 for ; Thu, 7 Sep 2000 11:05:53 -0400 (EDT) Received: from mjs-pc (mjs-pc.cisco.com [172.27.181.69]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id LAA08398 for ; Thu, 7 Sep 2000 11:05:36 -0400 (EDT) Message-Id: <4.2.0.58.20000907102335.0351bb90@funnel.cisco.com> X-Sender: mjs@funnel.cisco.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 07 Sep 2000 11:06:13 -0400 To: DHCPv6 discussion list From: Mark Stapp Subject: Re: DHCPv6 client identification... In-Reply-To: <200009061901.e86J1HF01433@grosse.bisbee.fugue.com> References: <63D30D6E10CFD11190A90000F805FE8602BEC0B6@lespaul.process.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN I think Ted uses a really interesting example. I'd like to suggest that client implementations MUST maintain a consistent association between the binding-id part of the identification and a physical interface as long as that interface has a DHCP-assigned address. In Ted's example: >address, or winds up consuming extra addresses, because the DHCP >client doesn't maintain a consistent identification for each >interface. Consider the following sequence of events: > >(1) laptop is powered on with an ethernet card in pcmcia slot 1. >(2) laptop gets IP address using DHCP for {0, UUID} >(3) application starts, requests the client to get another identity >(4) client gets that identity using {1, UUID} >(5) user inserts 802.11 card, which acquires an identity using {2, UUID} >(6) user power cycles laptop >(7) laptop gets IP address for ethernet card using {0, UUID} >(8) laptop gets IP address for 802.11 card using {1, UUID} >(9) application starts, gets its IP address using {2, UUID} > >Note that the IP addresses assigned to {1, UUID} and {2, UUID} will >likely be different the second time through. The client has active bindings for the ethernet and the 802.11 devices, but doesn't use the binding-id part of the client-id consistently across re-starts. That shouldn't happen: the client should be required to use the client-id tuple consistently once it has acquired lease(s) with it. Requiring consistent use means that we can just use a single 16- or 32-bit binding-id along with the UUID to form the tuple: we don't need to require the client to manage 'interface indexes', we just have to require that the client use the binding-id consistently during the lifetime of the leases associated with it. The other part of this that's interesting is the 'application-requested' address situation. This example raises several very interesting questions. What does that application do with the address that it asked for across reboots? What do the stack and dhcp client do with the address? When this host reboots, its dhcp client and stack find three dhcp client-identities, and a set of one or more addresses associated with each of those three. I can imagine how the dhcp client handles the two binding sets that are associated with the interface cards, and I suppose that it pays attention to those leases' expiration times, and renews them pretty much indefinitely. Is the stack supposed to know which of the three was 'application-requested'? Is there some way for the application to determine that one of the address sets was allocated by a previous instance of the application process? Is the stack supposed to prohibit other processes from using the address(es) associated with that application-requested allocation? Is the dhcp client supposed to keep renewing those addresses indefinitely, even if the application doesn't run before the leases' renewal time(s)? What if the application never runs again? I like the example a lot, but I dislike having to answer all of these questions now, in the absence of concrete proposals about the interaction between applications and the ipv6 dhcp client. I feel that we're trying to imagine a capability from the server-side, a capability that we all seem to think will be useful (and possibly inevitable). But the capability is fundamentally a client problem, and I don't personally see enough detail to know what I would have to do if I were to have to implement a client. We should either be extremely restrictive, and require that the dhcp client release all application-requested lease bindings upon restart, or we should specify that the dhcp client will ignore and not renew any application-requested bindings. Either of those choices seems awkward to me. Either way, we'd have to require that the dhcp client would distinguish application requested bindings from stack- or interface-requested bindings. We either need to add a significant work-item to decide how the dhcp client should handle this hypothetical application-level capability, or we need to decide that we won't chase our tails trying to handle it until it exists. The client-id mechanism that's been proposed seems flexible enough that it can accomodate multiple requests for new bindings from a single host, even a host with a single physical interface. That suggests that the protocol can handle application-requested bindings whenever they show up, although dhcp client behavior will have to be carefully specified. -- Mark From owner-dhcp-v6@bucknell.edu Thu Sep 7 12:04:02 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA19673 for ; Thu, 7 Sep 2000 12:03:55 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e87Fxxi16416; Thu, 7 Sep 2000 11:59:59 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e87Fxsi04997 for ; Thu, 7 Sep 2000 11:59:54 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Thu, 7 Sep 2000 11:59:28 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0CA@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Date: Thu, 7 Sep 2000 11:59:22 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Mark: The only problem with the consistent ids across reboots is for clients that either don't have permanent storage or where the permanent storage has failed. But, in these cases we really should require the client to first release any resources it might have had. BTW: This is a reason I personally don't like the interface id just being a number such as 1, 2, 3. A more descriptive value means that the mac address or other identifier for the interface can be used and avoid some of the problems. Agreed that you create others, such as by swapping out a card for a replacement; in that case the two are really identical and there is no reason for the client to get different addresses. Regarding the application issues, I think part of the application/DHCP API would be for the application to register continued interest in the address. One simple way to do this is to maintain a reference count on the address in the DHCP client that is incremented when an application requests the address and decremented when it releases it (note that this is an explicit release, not just it has no open connections - process rundown would need to notify the DHCP client). Once the reference count is 0, the DHCP client could either then release the address or just not renew it next time it expires. Across a reboot, the DHCP client would reset the reference count (and release the address). For a warm reboot, the application is still running and therefore the client takes the same steps it does for other addresses to determine if they are still valid or whether the client has moved to a different network. - Bernie -----Original Message----- From: Mark Stapp [mailto:mjs@cisco.com] Sent: Thursday, September 07, 2000 11:06 AM To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... I think Ted uses a really interesting example. I'd like to suggest that client implementations MUST maintain a consistent association between the binding-id part of the identification and a physical interface as long as that interface has a DHCP-assigned address. In Ted's example: >address, or winds up consuming extra addresses, because the DHCP >client doesn't maintain a consistent identification for each >interface. Consider the following sequence of events: > >(1) laptop is powered on with an ethernet card in pcmcia slot 1. >(2) laptop gets IP address using DHCP for {0, UUID} >(3) application starts, requests the client to get another identity >(4) client gets that identity using {1, UUID} >(5) user inserts 802.11 card, which acquires an identity using {2, UUID} >(6) user power cycles laptop >(7) laptop gets IP address for ethernet card using {0, UUID} >(8) laptop gets IP address for 802.11 card using {1, UUID} >(9) application starts, gets its IP address using {2, UUID} > >Note that the IP addresses assigned to {1, UUID} and {2, UUID} will >likely be different the second time through. The client has active bindings for the ethernet and the 802.11 devices, but doesn't use the binding-id part of the client-id consistently across re-starts. That shouldn't happen: the client should be required to use the client-id tuple consistently once it has acquired lease(s) with it. Requiring consistent use means that we can just use a single 16- or 32-bit binding-id along with the UUID to form the tuple: we don't need to require the client to manage 'interface indexes', we just have to require that the client use the binding-id consistently during the lifetime of the leases associated with it. The other part of this that's interesting is the 'application-requested' address situation. This example raises several very interesting questions. What does that application do with the address that it asked for across reboots? What do the stack and dhcp client do with the address? When this host reboots, its dhcp client and stack find three dhcp client-identities, and a set of one or more addresses associated with each of those three. I can imagine how the dhcp client handles the two binding sets that are associated with the interface cards, and I suppose that it pays attention to those leases' expiration times, and renews them pretty much indefinitely. Is the stack supposed to know which of the three was 'application-requested'? Is there some way for the application to determine that one of the address sets was allocated by a previous instance of the application process? Is the stack supposed to prohibit other processes from using the address(es) associated with that application-requested allocation? Is the dhcp client supposed to keep renewing those addresses indefinitely, even if the application doesn't run before the leases' renewal time(s)? What if the application never runs again? I like the example a lot, but I dislike having to answer all of these questions now, in the absence of concrete proposals about the interaction between applications and the ipv6 dhcp client. I feel that we're trying to imagine a capability from the server-side, a capability that we all seem to think will be useful (and possibly inevitable). But the capability is fundamentally a client problem, and I don't personally see enough detail to know what I would have to do if I were to have to implement a client. We should either be extremely restrictive, and require that the dhcp client release all application-requested lease bindings upon restart, or we should specify that the dhcp client will ignore and not renew any application-requested bindings. Either of those choices seems awkward to me. Either way, we'd have to require that the dhcp client would distinguish application requested bindings from stack- or interface-requested bindings. We either need to add a significant work-item to decide how the dhcp client should handle this hypothetical application-level capability, or we need to decide that we won't chase our tails trying to handle it until it exists. The client-id mechanism that's been proposed seems flexible enough that it can accomodate multiple requests for new bindings from a single host, even a host with a single physical interface. That suggests that the protocol can handle application-requested bindings whenever they show up, although dhcp client behavior will have to be carefully specified. -- Mark From owner-dhcp-v6@bucknell.edu Thu Sep 7 18:00:15 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA28130 for ; Thu, 7 Sep 2000 18:00:10 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e87Luui01974; Thu, 7 Sep 2000 17:56:56 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e87Lupi31003 for ; Thu, 7 Sep 2000 17:56:51 -0400 (EDT) Received: from mjs2-nt (ch2-dhcp133-96.cisco.com [161.44.133.96]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id RAA03909 for ; Thu, 7 Sep 2000 17:56:35 -0400 (EDT) Message-Id: <4.2.0.58.20000907123921.01a65dc0@funnel.cisco.com> X-Sender: mjs@funnel.cisco.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 07 Sep 2000 17:56:47 -0400 To: DHCPv6 discussion list From: Mark Stapp Subject: RE: DHCPv6 client identification... In-Reply-To: <63D30D6E10CFD11190A90000F805FE8602BEC0CA@lespaul.process.c om> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie, I hear you, but I still think that there are two kinds of info that are useful, and that both are available. As you noted in one of your earlier emails, some kind of link address must be available anyway. I think that that doesn't _have_ to be part of the binding identification, though some server implementations _might_ use that address to make decisions about lease bindings. I'm only trying to suggest that, rather than mandating that some physical characteristic be used in addition to the uuid, we only mandate the opaque binding-id. As you say, that only poses a problem for clients who've lost all of their state. The link address information is still available to the server, which may use it as part of its internal implementation, but it doesn't _have_ to. The common workstation client could simply use binding-id '0' (or '1') to refer to its single ethernet interface, and that interface could be changed without confusing the server or generating new address bindings. The laptop client in Ted's example must maintain enough state along with the leases it obtains to use the binding-ids consistently. If the laptop loses its state, it may inadvertently swap the relationship between the two interfaces and the two binding-ids. I guess I don't see more than two possibilities there: 1) the server doesn't care which interface either set of addresses is associated with. That is, the server doesn't distinguish between the two link-local addresses. For example, it doesn't detect wireless cards or give out different addresses to wireless cards. The server either notices that the relationship between links and binding-ids has swapped, decides that it cares about that, and swaps ip bindings to match, or it doesn't notice or doesn't care and it gives out the existing ip bindings that match the binding-ids. 2) the server cares which addresses are associated with each link address. The server either clears its existing binding info for the uuid+binding-id tuples, and creates new bindings, or it has recorded the previous link addresses, notices what has happened, and updates its bindings to reflect the new binding-id to interface relationship. That's why I prefer an arbitrary binding-id. It saves the expense of describing how to use some semantically meaningful component, and it avoids over-specification of implementations' internal data structures. Some implementations will use link addresses, host-names, user-class strings, vendor-specific strings, etc. to make decisions, but none of those components has to be used in forming the client-id. I absolutely agree that it would be very handy for clients to set a 'no state available' bit in their initial message as an indication that the client has no existing state for the uuid+binding-id tuple. -- Mark At 11:59 AM 9/7/00 -0400, you wrote: >Mark: > >The only problem with the consistent ids across reboots is for clients that >either don't have permanent storage or where the permanent storage has >failed. But, in these cases we really should require the client to first >release any resources it might have had. BTW: This is a reason I personally >don't like the interface id just being a number such as 1, 2, 3. A more >descriptive value means that the mac address or other identifier for the >interface can be used and avoid some of the problems. Agreed that you create >others, such as by swapping out a card for a replacement; in that case the >two are really identical and there is no reason for the client to get >different addresses. > >Regarding the application issues, I think part of the application/DHCP API >would be for the application to register continued interest in the address. >One simple way to do this is to maintain a reference count on the address in >the DHCP client that is incremented when an application requests the address >and decremented when it releases it (note that this is an explicit release, >not just it has no open connections - process rundown would need to notify >the DHCP client). Once the reference count is 0, the DHCP client could >either then release the address or just not renew it next time it expires. > >Across a reboot, the DHCP client would reset the reference count (and >release the address). For a warm reboot, the application is still running >and therefore the client takes the same steps it does for other addresses to >determine if they are still valid or whether the client has moved to a >different network. > >- Bernie > >-----Original Message----- >From: Mark Stapp [mailto:mjs@cisco.com] >Sent: Thursday, September 07, 2000 11:06 AM >To: DHCPv6 discussion list >Subject: Re: DHCPv6 client identification... > > >I think Ted uses a really interesting example. I'd like to suggest that >client implementations MUST maintain a consistent association between the >binding-id part of the identification and a physical interface as long as >that interface has a DHCP-assigned address. In Ted's example: > > >address, or winds up consuming extra addresses, because the DHCP > >client doesn't maintain a consistent identification for each > >interface. Consider the following sequence of events: > > > >(1) laptop is powered on with an ethernet card in pcmcia slot 1. > >(2) laptop gets IP address using DHCP for {0, UUID} > >(3) application starts, requests the client to get another identity > >(4) client gets that identity using {1, UUID} > >(5) user inserts 802.11 card, which acquires an identity using {2, UUID} > >(6) user power cycles laptop > >(7) laptop gets IP address for ethernet card using {0, UUID} > >(8) laptop gets IP address for 802.11 card using {1, UUID} > >(9) application starts, gets its IP address using {2, UUID} > > > >Note that the IP addresses assigned to {1, UUID} and {2, UUID} will > >likely be different the second time through. > >The client has active bindings for the ethernet and the 802.11 devices, but >doesn't use the binding-id part of the client-id consistently across >re-starts. That shouldn't happen: the client should be required to use the >client-id tuple consistently once it has acquired lease(s) with it. >Requiring consistent use means that we can just use a single 16- or 32-bit >binding-id along with the UUID to form the tuple: we don't need to require >the client to manage 'interface indexes', we just have to require that the >client use the binding-id consistently during the lifetime of the leases >associated with it. > >The other part of this that's interesting is the 'application-requested' >address situation. This example raises several very interesting questions. >What does that application do with the address that it asked for across >reboots? What do the stack and dhcp client do with the address? When this >host reboots, its dhcp client and stack find three dhcp client-identities, >and a set of one or more addresses associated with each of those three. I >can imagine how the dhcp client handles the two binding sets that are >associated with the interface cards, and I suppose that it pays attention >to those leases' expiration times, and renews them pretty much >indefinitely. Is the stack supposed to know which of the three was >'application-requested'? Is there some way for the application to determine >that one of the address sets was allocated by a previous instance of the >application process? Is the stack supposed to prohibit other processes from >using the address(es) associated with that application-requested >allocation? Is the dhcp client supposed to keep renewing those addresses >indefinitely, even if the application doesn't run before the leases' >renewal time(s)? What if the application never runs again? > >I like the example a lot, but I dislike having to answer all of these >questions now, in the absence of concrete proposals about the interaction >between applications and the ipv6 dhcp client. I feel that we're trying to >imagine a capability from the server-side, a capability that we all seem to >think will be useful (and possibly inevitable). But the capability is >fundamentally a client problem, and I don't personally see enough detail to >know what I would have to do if I were to have to implement a client. We >should either be extremely restrictive, and require that the dhcp client >release all application-requested lease bindings upon restart, or we should >specify that the dhcp client will ignore and not renew any >application-requested bindings. Either of those choices seems awkward to >me. Either way, we'd have to require that the dhcp client would distinguish >application requested bindings from stack- or interface-requested bindings. >We either need to add a significant work-item to decide how the dhcp client >should handle this hypothetical application-level capability, or we need to >decide that we won't chase our tails trying to handle it until it exists. > >The client-id mechanism that's been proposed seems flexible enough that it >can accomodate multiple requests for new bindings from a single host, even >a host with a single physical interface. That suggests that the protocol >can handle application-requested bindings whenever they show up, although >dhcp client behavior will have to be carefully specified. > >-- Mark From owner-dhcp-v6@bucknell.edu Thu Sep 7 20:04:00 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id UAA00437 for ; Thu, 7 Sep 2000 20:03:59 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8800Ti17068; Thu, 7 Sep 2000 20:00:29 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8800Ki04667 for ; Thu, 7 Sep 2000 20:00:20 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Thu, 7 Sep 2000 20:00:04 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0E2@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Date: Thu, 7 Sep 2000 19:59:57 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Mark: I agree with you that we can make the binding-id a single opaque value. And, leave it up to clients as to how they use these for requesting addresses. Going back to Ted's original message, he had 4 cases: > (a) Giving a DHCP client a unique identification that does > not change when network hardware changes The client could create binding-ids that support this if the client wishes to implement it. While this is a good goal, I don't think it is a requirement (for the protocol to specify). Especially in IPv6 as autoconfigured addresses will change anyway if the network hardware changes. > (b) Providing a way to identify more than one instance of > usage (I called these identity associations in my message > about the DHCPv6 address model) within an individual client. A change in the binding-id could be used to do this. The client is free to generate any ids it wants. A change in binding-id is used to get a new address. > (c) Providing a way for the server to tell that two identity > associations actually represent one client. The UUID (not binding-id) accomplishes this. > (d) Providing a way to have a single authentication > key work with all of a client's identity associations. The UUID accomplishes this. - Bernie -----Original Message----- From: Mark Stapp [mailto:mjs@cisco.com] Sent: Thursday, September 07, 2000 5:57 PM To: DHCPv6 discussion list Subject: RE: DHCPv6 client identification... Bernie, I hear you, but I still think that there are two kinds of info that are useful, and that both are available. As you noted in one of your earlier emails, some kind of link address must be available anyway. I think that that doesn't _have_ to be part of the binding identification, though some server implementations _might_ use that address to make decisions about lease bindings. I'm only trying to suggest that, rather than mandating that some physical characteristic be used in addition to the uuid, we only mandate the opaque binding-id. As you say, that only poses a problem for clients who've lost all of their state. The link address information is still available to the server, which may use it as part of its internal implementation, but it doesn't _have_ to. The common workstation client could simply use binding-id '0' (or '1') to refer to its single ethernet interface, and that interface could be changed without confusing the server or generating new address bindings. The laptop client in Ted's example must maintain enough state along with the leases it obtains to use the binding-ids consistently. If the laptop loses its state, it may inadvertently swap the relationship between the two interfaces and the two binding-ids. I guess I don't see more than two possibilities there: 1) the server doesn't care which interface either set of addresses is associated with. That is, the server doesn't distinguish between the two link-local addresses. For example, it doesn't detect wireless cards or give out different addresses to wireless cards. The server either notices that the relationship between links and binding-ids has swapped, decides that it cares about that, and swaps ip bindings to match, or it doesn't notice or doesn't care and it gives out the existing ip bindings that match the binding-ids. 2) the server cares which addresses are associated with each link address. The server either clears its existing binding info for the uuid+binding-id tuples, and creates new bindings, or it has recorded the previous link addresses, notices what has happened, and updates its bindings to reflect the new binding-id to interface relationship. That's why I prefer an arbitrary binding-id. It saves the expense of describing how to use some semantically meaningful component, and it avoids over-specification of implementations' internal data structures. Some implementations will use link addresses, host-names, user-class strings, vendor-specific strings, etc. to make decisions, but none of those components has to be used in forming the client-id. I absolutely agree that it would be very handy for clients to set a 'no state available' bit in their initial message as an indication that the client has no existing state for the uuid+binding-id tuple. -- Mark At 11:59 AM 9/7/00 -0400, you wrote: >Mark: > >The only problem with the consistent ids across reboots is for clients that >either don't have permanent storage or where the permanent storage has >failed. But, in these cases we really should require the client to first >release any resources it might have had. BTW: This is a reason I personally >don't like the interface id just being a number such as 1, 2, 3. A more >descriptive value means that the mac address or other identifier for the >interface can be used and avoid some of the problems. Agreed that you create >others, such as by swapping out a card for a replacement; in that case the >two are really identical and there is no reason for the client to get >different addresses. > >Regarding the application issues, I think part of the application/DHCP API >would be for the application to register continued interest in the address. >One simple way to do this is to maintain a reference count on the address in >the DHCP client that is incremented when an application requests the address >and decremented when it releases it (note that this is an explicit release, >not just it has no open connections - process rundown would need to notify >the DHCP client). Once the reference count is 0, the DHCP client could >either then release the address or just not renew it next time it expires. > >Across a reboot, the DHCP client would reset the reference count (and >release the address). For a warm reboot, the application is still running >and therefore the client takes the same steps it does for other addresses to >determine if they are still valid or whether the client has moved to a >different network. > >- Bernie > >-----Original Message----- >From: Mark Stapp [mailto:mjs@cisco.com] >Sent: Thursday, September 07, 2000 11:06 AM >To: DHCPv6 discussion list >Subject: Re: DHCPv6 client identification... > > >I think Ted uses a really interesting example. I'd like to suggest that >client implementations MUST maintain a consistent association between the >binding-id part of the identification and a physical interface as long as >that interface has a DHCP-assigned address. In Ted's example: > > >address, or winds up consuming extra addresses, because the DHCP > >client doesn't maintain a consistent identification for each > >interface. Consider the following sequence of events: > > > >(1) laptop is powered on with an ethernet card in pcmcia slot 1. > >(2) laptop gets IP address using DHCP for {0, UUID} > >(3) application starts, requests the client to get another identity > >(4) client gets that identity using {1, UUID} > >(5) user inserts 802.11 card, which acquires an identity using {2, UUID} > >(6) user power cycles laptop > >(7) laptop gets IP address for ethernet card using {0, UUID} > >(8) laptop gets IP address for 802.11 card using {1, UUID} > >(9) application starts, gets its IP address using {2, UUID} > > > >Note that the IP addresses assigned to {1, UUID} and {2, UUID} will > >likely be different the second time through. > >The client has active bindings for the ethernet and the 802.11 devices, but >doesn't use the binding-id part of the client-id consistently across >re-starts. That shouldn't happen: the client should be required to use the >client-id tuple consistently once it has acquired lease(s) with it. >Requiring consistent use means that we can just use a single 16- or 32-bit >binding-id along with the UUID to form the tuple: we don't need to require >the client to manage 'interface indexes', we just have to require that the >client use the binding-id consistently during the lifetime of the leases >associated with it. > >The other part of this that's interesting is the 'application-requested' >address situation. This example raises several very interesting questions. >What does that application do with the address that it asked for across >reboots? What do the stack and dhcp client do with the address? When this >host reboots, its dhcp client and stack find three dhcp client-identities, >and a set of one or more addresses associated with each of those three. I >can imagine how the dhcp client handles the two binding sets that are >associated with the interface cards, and I suppose that it pays attention >to those leases' expiration times, and renews them pretty much >indefinitely. Is the stack supposed to know which of the three was >'application-requested'? Is there some way for the application to determine >that one of the address sets was allocated by a previous instance of the >application process? Is the stack supposed to prohibit other processes from >using the address(es) associated with that application-requested >allocation? Is the dhcp client supposed to keep renewing those addresses >indefinitely, even if the application doesn't run before the leases' >renewal time(s)? What if the application never runs again? > >I like the example a lot, but I dislike having to answer all of these >questions now, in the absence of concrete proposals about the interaction >between applications and the ipv6 dhcp client. I feel that we're trying to >imagine a capability from the server-side, a capability that we all seem to >think will be useful (and possibly inevitable). But the capability is >fundamentally a client problem, and I don't personally see enough detail to >know what I would have to do if I were to have to implement a client. We >should either be extremely restrictive, and require that the dhcp client >release all application-requested lease bindings upon restart, or we should >specify that the dhcp client will ignore and not renew any >application-requested bindings. Either of those choices seems awkward to >me. Either way, we'd have to require that the dhcp client would distinguish >application requested bindings from stack- or interface-requested bindings. >We either need to add a significant work-item to decide how the dhcp client >should handle this hypothetical application-level capability, or we need to >decide that we won't chase our tails trying to handle it until it exists. > >The client-id mechanism that's been proposed seems flexible enough that it >can accomodate multiple requests for new bindings from a single host, even >a host with a single physical interface. That suggests that the protocol >can handle application-requested bindings whenever they show up, although >dhcp client behavior will have to be carefully specified. > >-- Mark From owner-dhcp-v6@bucknell.edu Thu Sep 7 20:31:26 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id UAA00633 for ; Thu, 7 Sep 2000 20:31:16 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e880UPi09095; Thu, 7 Sep 2000 20:30:25 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e880UFi11284 for ; Thu, 7 Sep 2000 20:30:22 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id 6979011BB; Thu, 7 Sep 2000 19:29:38 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id F378A13BB for ; Thu, 7 Sep 2000 19:29:37 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id UAA0000894360; Thu, 7 Sep 2000 20:29:10 -0400 (EDT) From: Jim Bound Message-Id: <200009080029.UAA0000894360@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-reply-to: Your message of "Thu, 07 Sep 2000 17:56:47 EDT." <4.2.0.58.20000907123921.01a65dc0@funnel.cisco.com> Date: Thu, 07 Sep 2000 20:29:09 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Mark, >That's why I prefer an arbitrary binding-id. It saves the expense of >describing how to use some semantically meaningful component, and it avoids >over-specification of implementations' internal data structures. Some >implementations will use link addresses, host-names, user-class strings, >vendor-specific strings, etc. to make decisions, but none of those >components has to be used in forming the client-id. I can live with this and prefer it. My impression was the WG has always wanted this specified? >I absolutely agree that it would be very handy for clients to set a 'no >state available' bit in their initial message as an indication that the >client has no existing state for the uuid+binding-id tuple. I second that. /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 23:43:29 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id XAA04377 for ; Thu, 7 Sep 2000 23:43:29 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e883eGi21389; Thu, 7 Sep 2000 23:40:16 -0400 (EDT) Received: from ztxmail02.ztx.compaq.com (ztxmail02.ztx.compaq.com [161.114.1.206]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e883e3i18663 for ; Thu, 7 Sep 2000 23:40:03 -0400 (EDT) Received: by ztxmail02.ztx.compaq.com (Postfix, from userid 12345) id 583FB23A4; Thu, 7 Sep 2000 22:39:48 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail02.ztx.compaq.com (Postfix) with ESMTP id B35292158 for ; Thu, 7 Sep 2000 22:39:44 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id XAA0000917919; Thu, 7 Sep 2000 23:39:30 -0400 (EDT) From: Jim Bound Message-Id: <200009080339.XAA0000917919@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Design team teleconference, 8/31 In-reply-to: Your message of "Fri, 01 Sep 2000 16:27:19 EDT." <4.3.1.2.20000901160948.00b30100@funnel.cisco.com> Date: Thu, 07 Sep 2000 23:39:28 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Was not clear what thread to post this too. But one of the discussions was the name of the messages. The current DHCPv6 message names correspond directly to Neighbor Discovery rfc 2462 thats where they came from. I think it more important to stay in synch with that part of IPv6 than DHCPv4. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 23:44:55 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id XAA04388 for ; Thu, 7 Sep 2000 23:44:55 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e883iYi19861; Thu, 7 Sep 2000 23:44:34 -0400 (EDT) Received: from zmamail01.zma.compaq.com (zmamail01.zma.compaq.com [161.114.64.101]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e883iPi02675 for ; Thu, 7 Sep 2000 23:44:25 -0400 (EDT) Received: by zmamail01.zma.compaq.com (Postfix, from userid 12345) id 8347E586F; Thu, 7 Sep 2000 23:44:10 -0400 (EDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by zmamail01.zma.compaq.com (Postfix) with ESMTP id 6B7695576 for ; Thu, 7 Sep 2000 23:44:10 -0400 (EDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id XAA0000919423; Thu, 7 Sep 2000 23:44:08 -0400 (EDT) From: Jim Bound Message-Id: <200009080344.XAA0000919423@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 on Co nference Call Agenda) In-reply-to: Your message of "Fri, 01 Sep 2000 09:51:55 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC08E@lespaul.process.com> Date: Thu, 07 Sep 2000 23:44:07 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Hi Bernie, I have been thinking about this a lot and know very well what is needed for IPv6 deployment. I think we MUST permit Reconfigure and Reconfigure-Init with Multicast to support site renumbering operations where stateless address configuration is not used by the site. It will permit a dhcpv6 server to tell clients come get your new prefix NOW. And in the response begin the deprecation of old addresses. regards, /jim From owner-dhcp-v6@bucknell.edu Thu Sep 7 23:51:39 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id XAA04482 for ; Thu, 7 Sep 2000 23:51:39 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e883pHi00810; Thu, 7 Sep 2000 23:51:17 -0400 (EDT) Received: from ztxmail02.ztx.compaq.com (ztxmail02.ztx.compaq.com [161.114.1.206]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e883p7i27716 for ; Thu, 7 Sep 2000 23:51:07 -0400 (EDT) Received: by ztxmail02.ztx.compaq.com (Postfix, from userid 12345) id E9D6520FE; Thu, 7 Sep 2000 22:50:51 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail02.ztx.compaq.com (Postfix) with ESMTP id A2B742066 for ; Thu, 7 Sep 2000 22:50:51 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id XAA0000919807; Thu, 7 Sep 2000 23:50:48 -0400 (EDT) From: Jim Bound Message-Id: <200009080350.XAA0000919807@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Design team teleconference, 8/31 In-reply-to: Your message of "Thu, 07 Sep 2000 23:39:28 EDT." <200009080339.XAA0000917919@anw.zk3.dec.com> Date: Thu, 07 Sep 2000 23:50:47 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN dhcpv6 message names correct: whoops specifically solicit and advertisement. request, reply, and release were from dhcpv4. reconfigure was new concept. regards, /jim From owner-dhcp-v6@bucknell.edu Fri Sep 8 08:23:41 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA21224 for ; Fri, 8 Sep 2000 08:23:41 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e88CKVi28698; Fri, 8 Sep 2000 08:20:31 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e88CKGi14208 for ; Fri, 8 Sep 2000 08:20:16 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Fri, 8 Sep 2000 08:20:01 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC0E3@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) Date: Fri, 8 Sep 2000 08:19:57 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Jim: OK. I was just wondering whether it was possible ... it would reduce security issues as we push them off to the router advertisement messages. Agreed that they are going to be useful if there are no routers (and perhaps even if there are to effect transitions more quickly). BTW: If there are no router advertisements received (after some period), I assume a IPv6 host is supposed to attempt stateful address configuration (by default). - Bernie -----Original Message----- From: Jim Bound [mailto:bound@zk3.dec.com] Sent: Thursday, September 07, 2000 11:44 PM To: DHCPv6 discussion list Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 on Co nference Call Agenda) Hi Bernie, I have been thinking about this a lot and know very well what is needed for IPv6 deployment. I think we MUST permit Reconfigure and Reconfigure-Init with Multicast to support site renumbering operations where stateless address configuration is not used by the site. It will permit a dhcpv6 server to tell clients come get your new prefix NOW. And in the response begin the deprecation of old addresses. regards, /jim From owner-dhcp-v6@bucknell.edu Fri Sep 8 10:19:00 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id KAA23251 for ; Fri, 8 Sep 2000 10:19:00 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e88EFXi30957; Fri, 8 Sep 2000 10:15:33 -0400 (EDT) Received: from ztxmail01.ztx.compaq.com (ztxmail01.ztx.compaq.com [161.114.1.205]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e88EF8i09341 for ; Fri, 8 Sep 2000 10:15:08 -0400 (EDT) Received: by ztxmail01.ztx.compaq.com (Postfix, from userid 12345) id C8A8F1C25; Fri, 8 Sep 2000 09:14:51 -0500 (CDT) Received: from anw.zk3.dec.com (wasted.zk3.dec.com [16.140.32.3]) by ztxmail01.ztx.compaq.com (Postfix) with ESMTP id 69F771D13 for ; Fri, 8 Sep 2000 09:14:51 -0500 (CDT) Received: from localhost by anw.zk3.dec.com (8.9.3/1.1.22.2/08Sep98-0251PM) id KAA0001019178; Fri, 8 Sep 2000 10:14:25 -0400 (EDT) From: Jim Bound Message-Id: <200009081414.KAA0001019178@anw.zk3.dec.com> To: DHCPv6 discussion list Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) In-reply-to: Your message of "Fri, 08 Sep 2000 08:19:57 EDT." <63D30D6E10CFD11190A90000F805FE8602BEC0E3@lespaul.process.com> Date: Fri, 08 Sep 2000 10:14:24 -0400 X-Mts: smtp Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Bernie, >OK. I was just wondering whether it was possible ... it would reduce >security issues as we push them off to the router advertisement messages. >Agreed that they are going to be useful if there are no routers (and perhaps >even if there are to effect transitions more quickly). Two things: 1. I am not saying there are no routers on the LAN where clients exist but something much more important as an assumption and important we consider the assumption: Network Admins may not want to use stateless addrconf for address configuration but will have all routers set the M bit in router advertrisements and tell clients go do address configuration with DHCPv6. Its a customer/user policy decision to not use stateless addrconf on purpose. We need to be prepared for that policy as we enhance DHCPv6 as a working group. 2. If anyone wants to add to any of the Neighbor Discovery packets they must go propose this in the IPng Working Group. Like Mobile IPv6 has done. We can't do that here the expertise is not wide enough on this list or enough of a quorum of IPv6 Neighbor Discovery implementors (I think we only have Tim, Erik, Francis, and I as a note)???? And I think it should be done on IPng as IETF policy IMO. >BTW: If there are no router advertisements received (after some period), I >assume a IPv6 host is supposed to attempt stateful address configuration (by >default). It has been left unspecified if there are no router advertisements so that means if a client does not hear from a router our implementation will go look for a dhcpv6 server, once we nail this spec down of course. But if there are router advertisements I read the specs that an implementaiton should not go look for DHCPv6 server unless the M bit is set or the O bit (INFORM) is set. regards, /jim From owner-dhcp-v6@bucknell.edu Mon Sep 11 13:55:46 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id NAA07161 for ; Mon, 11 Sep 2000 13:55:45 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8BHpIb26067; Mon, 11 Sep 2000 13:51:22 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8BHp4b28439 for ; Mon, 11 Sep 2000 13:51:05 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Mon, 11 Sep 2000 13:50:43 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC10A@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) Date: Mon, 11 Sep 2000 13:50:39 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN FYI - -----Original Message----- From: Jim Bound [mailto:bound@zk3.dec.com] Sent: Monday, September 11, 2000 9:48 AM To: Bernie Volz Cc: bound@zk3.dec.com Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) Hi Bernie, My systems were all down this weekend they had to do some wiring in our building and shutdown power for 36 hours. >This is more for my own clarification (I didn't send it to the list): OK. >For IPv6, suppose there is a router. It sends router advertisements with the >'M' bit set. It also sends the prefix list with the 'A' bit clear for those >prefixes that are stateful, meaning that the client can not autoconfigure an >address. In those advertisements are also the lifetimes. How do these >lifetimes and any DHCPv6 specified lifetimes interact. If the A bit is clear the implementation basically ignores the addresses and lifetimes. So they won't interact with DHCPv6. The WG needs to understand this. If the A bit is not set there is no problem. If the A bit was set for the same prefixes that DHCPv6 are using then clearly the lifetimes would be affected. I would think the same admin people will be in control and this is really a "misconfiguration". But what I did in a prototype is marked the if6_net addresses as stateless or stateful. As I did the code for all this on T64 I know it well. If a router reduces the lifetime this is a problem and we either need to release it or renew. I don't think want to get into the role of telling the server from the client here are the NEW lifetimes the stateless says you should use Mr. Server? That defeats the point of "tight control by dhcpv6 server adim". >Recall that I raised this issue in an earlier discussion (a few days ago). Yep wanted to wait to see where it went? >If router advertisements deprecate the address before the DHCPv6 specified >lifetimes do, should the client honor it or assume that the lease is >"correct" (unless the DHCPv6 server sends it a reconfigure). Or might this >be used as a trigger for the client to attempt to renew the address? Well according to stateless and nd specs the client must change the leases as stateless is the head cheese so to speak. Should we bring this up on the list? regards, /jim From owner-dhcp-v6@bucknell.edu Mon Sep 11 15:36:41 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA08437 for ; Mon, 11 Sep 2000 15:36:41 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8BJWxb05527; Mon, 11 Sep 2000 15:32:59 -0400 (EDT) Received: from ertpg14e1.nortelnetworks.com (ertpg14e1.nortelnetworks.com [47.234.0.35]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8BJWlb03609 for ; Mon, 11 Sep 2000 15:32:47 -0400 (EDT) Received: from zrtpd004.us.nortel.com (actually zrtpd004) by ertpg14e1.nortelnetworks.com; Mon, 11 Sep 2000 15:32:28 -0400 Received: by zrtpd004.us.nortel.com with Internet Mail Service (5.5.2652.35) id ; Mon, 11 Sep 2000 15:32:25 -0400 Message-ID: From: "Peter Tam" To: DHCPv6 discussion list Subject: RE: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) Date: Mon, 11 Sep 2000 15:28:21 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2652.35) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C01C26.71DE4160" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C01C26.71DE4160 Content-Type: text/plain; charset="iso-8859-1" Jim, See in-line comments. Regards....Peter Tam, Nortel Networks -----Original Message----- From: Jim Bound [SMTP:bound@zk3.dec.com] Sent: Friday, September 08, 2000 10:14 AM To: DHCPv6 discussion list Subject: Re: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call Agenda) Bernie, >OK. I was just wondering whether it was possible ... it would reduce >security issues as we push them off to the router advertisement messages. >Agreed that they are going to be useful if there are no routers (and perhaps >even if there are to effect transitions more quickly). Two things: 1. I am not saying there are no routers on the LAN where clients exist but something much more important as an assumption and important we consider the assumption: Network Admins may not want to use stateless addrconf for address configuration but will have all routers set the M bit in router advertrisements and tell clients go do address configuration with DHCPv6. Its a customer/user policy decision to not use stateless addrconf on purpose. We need to be prepared for that policy as we enhance DHCPv6 as a working group. 2. If anyone wants to add to any of the Neighbor Discovery packets they must go propose this in the IPng Working Group. Like Mobile IPv6 has done. We can't do that here the expertise is not wide enough on this list or enough of a quorum of IPv6 Neighbor Discovery implementors (I think we only have Tim, Erik, Francis, and I as a note)???? And I think it should be done on IPng as IETF policy IMO. >BTW: If there are no router advertisements received (after some period), I >assume a IPv6 host is supposed to attempt stateful address configuration (by >default). It has been left unspecified if there are no router advertisements so that means if a client does not hear from a router our implementation will go look for a dhcpv6 server, once we nail this spec down of course. >> RFC2462, section 5.5.2 does specify that a host MUST default to stateful autoconfiguration, if router advertisements are absent. But, you are right, it does NOT say it must be DHCPv6: "If a link has no routers, a host MUST attempt to use stateful autoconfiguration....." But if there are router advertisements I read the specs that an implementaiton should not go look for DHCPv6 server unless the M bit is set or the O bit (INFORM) is set. regards, /jim ------_=_NextPart_001_01C01C26.71DE4160 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: Discussion Item - Reconfiguration in DHCPv6 (Items 8, 9, 18 = o n Co nference Call Agenda)

Jim,

See in-line comments.

Regards....Peter Tam,
Nortel Networks

-----Original = Message-----
From:   Jim Bound = [SMTP:bound@zk3.dec.com]
Sent:   Friday, September 08, 2000 10:14 AM
To:     DHCPv6 discussion list
Subject:       = Re: Discussion Item - = Reconfiguration in DHCPv6 (Items 8, 9, 18 o n Co nference Call = Agenda)

Bernie,

>OK. I was just wondering whether = it was possible ... it would reduce
>security issues as we push them = off to the router advertisement messages.
>Agreed that they are going to be = useful if there are no routers (and perhaps
>even if there are to effect = transitions more quickly).

Two things:

1. I am not saying there are no = routers on the LAN where clients exist
but something much more important as = an assumption and important we
consider the assumption:

    Network Admins may = not want to use stateless addrconf for
    address = configuration but will have all routers set the M
    bit in router = advertrisements and tell clients go do address
    configuration with = DHCPv6. Its a customer/user policy decision
    to not use = stateless addrconf on purpose. We need to be prepared
    for that policy as = we enhance DHCPv6 as a working group.

2. If anyone wants to add to any = of the Neighbor Discovery packets
    they must go = propose this in the IPng Working Group. Like Mobile
    IPv6 has = done. We can't do that here the expertise is not wide
    enough on this = list or enough of a quorum of IPv6 Neighbor
    Discovery = implementors (I think we only have Tim, Erik, Francis,
    and I as a = note)???? And I think it should be done on IPng as
    IETF policy = IMO.

>BTW: If there are no router = advertisements received (after some period), I
>assume a IPv6 host is supposed to = attempt stateful address configuration (by
>default).

It has been left unspecified if there = are no router advertisements so
that means if a client does not hear = from a router our implementation
will go look for a dhcpv6 server, = once we nail this spec down of course.

>> RFC2462, section 5.5.2 does specify that a host MUST = default = to stateful autoconfiguration, = if router = advertisements are = absent. But, you are right, it does NOT say it must be = DHCPv6:

"If a link has no routers, a host MUST attempt to use = stateful autoconfiguration....."

But if there are router advertisements = I read the specs that an
implementaiton should not go look for = DHCPv6 server unless the M bit is
set or the O bit (INFORM) is = set.

regards,
/jim

------_=_NextPart_001_01C01C26.71DE4160-- From owner-dhcp-v4@bucknell.edu Tue Sep 12 06:54:20 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA28904 for ; Tue, 12 Sep 2000 06:54:20 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8CAnsb04058; Tue, 12 Sep 2000 06:49:54 -0400 (EDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8CAnib32425 for ; Tue, 12 Sep 2000 06:49:44 -0400 (EDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA28503; Tue, 12 Sep 2000 06:49:43 -0400 (EDT) Message-Id: <200009121049.GAA28503@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: DHCPv4 discussion list Cc: dhcp-v4@bucknell.edu From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dhc-subnet-option-07.txt Date: Tue, 12 Sep 2000 06:49:42 -0400 Sender: owner-dhcp-v4@bucknell.edu X-Sender: nsyracus@cnri.reston.va.us X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Dynamic Host Configuration Working Group of the IETF. Title : The Subnet Selection Option for DHCP Author(s) : G. Waters Filename : draft-ietf-dhc-subnet-option-07.txt Pages : 6 Date : 11-Sep-00 This memo defines a new DHCP option for selecting the subnet on which to allocate an address. This option would override a DHCP server's normal methods of selecting the subnet on which to allocate an address for a client. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dhc-subnet-option-07.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dhc-subnet-option-07.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dhc-subnet-option-07.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000911143254.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dhc-subnet-option-07.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dhc-subnet-option-07.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000911143254.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dhcp-v4@bucknell.edu Tue Sep 12 11:54:41 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id LAA07458 for ; Tue, 12 Sep 2000 11:54:41 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8CFp8b24852; Tue, 12 Sep 2000 11:51:09 -0400 (EDT) Received: from zrtps06s.us.nortel.com ([47.140.48.50]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8CFowb20797 for ; Tue, 12 Sep 2000 11:50:58 -0400 (EDT) Received: from zmers013 (actually zmers013.ca.nortel.com) by zrtps06s.us.nortel.com; Tue, 12 Sep 2000 11:44:58 -0400 Received: from zcard00b.ca.nortel.com by zmers013; Tue, 12 Sep 2000 11:44:50 -0400 Received: from netgww (NET-GWW [47.130.100.112]) by zcard00b.ca.nortel.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2652.39) id STDCB8Z9; Tue, 12 Sep 2000 11:44:42 -0400 From: "Glenn Waters" To: DHCPv4 discussion list Subject: RE: I-D ACTION:draft-ietf-dhc-subnet-option-07.txt Date: Tue, 12 Sep 2000 11:45:32 -0400 Message-ID: <00e001c01cd0$7cc38ea0$7064822f@netgww> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal In-Reply-To: <200009121049.GAA28503@ietf.org> X-Orig: Reply-To: gww@nortelnetworks.com Sender: owner-dhcp-v4@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Content-Transfer-Encoding: 7bit FYI. The only change between from the -06 version was the addition of the third paragraph in the "Security Considerations" section. Many thanks to Thomas Narten for his patience in helping with that piece of text. It is believed that all the IESG concerns have been addressed, which means that this draft should be ready to be published as a proposed standard. Cheers, /gww -----Original Message----- From: Internet-Drafts@ietf.org [mailto:Internet-Drafts@ietf.org] Sent: Tuesday, September 12, 2000 06:50 To: DHCPv4 discussion list Cc: dhcp-v4@bucknell.edu Subject: I-D ACTION:draft-ietf-dhc-subnet-option-07.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Dynamic Host Configuration Working Group of the IETF. Title : The Subnet Selection Option for DHCP Author(s) : G. Waters Filename : draft-ietf-dhc-subnet-option-07.txt Pages : 6 Date : 11-Sep-00 This memo defines a new DHCP option for selecting the subnet on which to allocate an address. This option would override a DHCP server's normal methods of selecting the subnet on which to allocate an address for a client. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dhc-subnet-option-07.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dhc-subnet-option-07.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dhc-subnet-option-07.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. From owner-dhcp-v6@bucknell.edu Thu Sep 14 12:56:47 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA18941 for ; Thu, 14 Sep 2000 12:56:47 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EGoFb04132; Thu, 14 Sep 2000 12:50:15 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EGo3b16990 for ; Thu, 14 Sep 2000 12:50:03 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id MAA26878 for ; Thu, 14 Sep 2000 12:49:47 -0400 (EDT) Message-Id: <4.3.1.2.20000914124611.00b6c830@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 12:52:12 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 address model proposal... In-Reply-To: <200009070555.BAA0000750393@anw.zk3.dec.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 01:55 AM 9/7/00 -0400, you wrote: > >Do we need to make an explicit distinction here between "new" and > >"renew"? Well, suppose the client has just a single request it can make of the server: here's an identity association (IA) identifier - tell me the IP addresses (and associated lease lengths) associated with this IA. If the server has no record of the IA (a "new" request), it assigns some addresses and returns them to the client. If the server has previously assigned addresses to the IA, it simply returns those addresses, with (potentially) new lease lengths. If the state of the IA has changed - e.g., some of the previously assigned addresses are no longer valid - the server returns the *current* addresses. This strategy addresses the idempotency/identification problem with the explicit IA identifier, which gives the server a way to differentiate between successive requests for the same IA (address) or different IAs. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 13:11:51 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id NAA19113 for ; Thu, 14 Sep 2000 13:11:51 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EH8gb22612; Thu, 14 Sep 2000 13:08:42 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EH8Xb10939 for ; Thu, 14 Sep 2000 13:08:33 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id NAA29197 for ; Thu, 14 Sep 2000 13:08:16 -0400 (EDT) Message-Id: <4.3.1.2.20000914111231.00b66a30@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 13:09:14 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 address model proposal... In-Reply-To: <200009060729.e867TfC01827@grosse.bisbee.fugue.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN I've finally had a chance to catch up on the DHCPv6 discussion threads. My wife was ill and then in the hospital for a week, so I'm *way* behind on my e-mail... Let me see if I have Ted's model - as amended by Bernie and Jim - right... The basic unit of address allocation is the "identity association" (IA). An IA has: * a unique identifier * one or more associated IP addresses * a renewal time Each IA is managed independently by the server and a client. A client may be an OS or an application and there may be multiple DHCP clients within a single physical box. Servers control the IAs. That is, a server determines the addresses associated with an IA, perhaps based on hints from the client. In particular, the client does not get to "ask for three addresses". I also infer that the client does not get to ask for more addresses to be associated with an existing IA. IA identifiers may be structured to express a relationship between clients. E.g., identifiers from clients on the same computer might share a common prefix. A client can make two requests to a server about an IA: * Associate some IP addresses with this IA * Renew this IA The IP addresses associated with an IA have independent leases, which are also independent of the IA renewal time. Renewing an IA is independent of extending the leases on the IP addresses associated with an IA. Jim noted that "leases" may not be appropriate for IPv6 addresses, as an IPv6 address is either valid or invalid. While valid, an address may be preferred or deprecated. From RFC 2462, "IPv6 Stateless Address Autoconfiguration": IPv6 addresses are leased to an interface for a fixed (possibly infinite) length of time. Each address has an associated lifetime that indicates how long the address is bound to an interface. When a lifetime expires, the binding (and address) become invalid and the address may be reassigned to another interface elsewhere in the Internet. To handle the expiration of address bindings gracefully, an address goes through two distinct phases while assigned to an interface. Initially, an address is "preferred", meaning that its use in arbitrary communication is unrestricted. Later, an address becomes "deprecated" in anticipation that its current interface binding will become invalid. So, RFC 2462 talks both about leasing and so should DHCP... In any event, does this summary capture the consensus on the address model? - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 13:56:57 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id NAA19696 for ; Thu, 14 Sep 2000 13:56:57 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EHpUb10136; Thu, 14 Sep 2000 13:51:30 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EHpNb30806 for ; Thu, 14 Sep 2000 13:51:23 -0400 (EDT) Received: from rdroms-nt.cisco.com (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id NAA04788 for ; Thu, 14 Sep 2000 13:51:02 -0400 (EDT) Message-Id: <4.3.1.2.20000914133739.00b638a0@funnel.cisco.com> X-Sender: rdroms@funnel.cisco.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 13:53:15 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Discussion threads from design team phone call Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Thanks to all who followed up with the recent discussion threads on issues from the design team phone call of a couple of weeks ago. One of the outcomes of the design team phone call is the milestone of publishing a rev of the DHCPv6 spec by 9/30. If the authors are going to meet that completion date, we need to come to consensus on the disposition of the discussion issues *soon*. If you have any additional contributions to make, please speak up! To help us come to closure, I'll ask the person responsible for each discussion issue to post a summary that we can review for completeness and correctness. We're already several days late in finishing up these discussions, so we need to get these summaries posted in the next day or two... - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:20:28 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20018 for ; Thu, 14 Sep 2000 14:20:28 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIH7b20488; Thu, 14 Sep 2000 14:17:07 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIGhb16478 for ; Thu, 14 Sep 2000 14:16:45 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-211.ip.theriver.com [206.97.58.211]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id RAA10167 for ; Wed, 13 Sep 2000 17:23:07 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e8EIEK019520 for ; Thu, 14 Sep 2000 11:14:24 -0700 (MST) Message-Id: <200009141814.e8EIEK019520@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Ralph Droms of "Thu, 14 Sep 2000 12:52:12 -0400." <4.3.1.2.20000914124611.00b6c830@mail.bucknell.edu> Date: Thu, 14 Sep 2000 11:14:20 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > If the server has no record of the IA (a "new" request), it assigns some > addresses and returns them to the client. If the server has previously > assigned addresses to the IA, it simply returns those addresses, with > (potentially) new lease lengths. If the state of the IA has changed - > e.g., some of the previously assigned addresses are no longer valid - the > server returns the *current* addresses. Right, that's what I had in mind too. :') _MelloN_ From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:23:29 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20073 for ; Thu, 14 Sep 2000 14:23:28 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIKFb11934; Thu, 14 Sep 2000 14:20:17 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIISb14389 for ; Thu, 14 Sep 2000 14:18:30 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id OAA08687 for ; Thu, 14 Sep 2000 14:18:12 -0400 (EDT) Message-Id: <4.3.1.2.20000914141239.00b6c2e0@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 14:20:38 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: RE: DHCPv6 client identification... In-Reply-To: <63D30D6E10CFD11190A90000F805FE8602BEC0B8@lespaul.process.c om> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 04:14 PM 9/6/00 -0400, you wrote: >Also, if applications are going to be requesting addresses (we're all >assuming this, aren't we?), I need to remind us here that we have not firmly established a need for applications to request addresses. We've decided that the example of multiple web services on a single host does not require application-specific IPv6 addresses (based on recent versions of HTTP). We've also heard that the model of applications requesting addresses is not currently under consideration anywhere else in the IPv6 spec development community. We need to assess the current spec and proposals to determine if there is complexity in the spec that can be attribute solely to supporting application requests for addresses; if so, we need to understand that complexity and decide whether the complexity is worth the benefit of the additional function. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:26:03 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20129 for ; Thu, 14 Sep 2000 14:26:03 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIN6b18569; Thu, 14 Sep 2000 14:23:06 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIIcb21513 for ; Thu, 14 Sep 2000 14:18:41 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-211.ip.theriver.com [206.97.58.211]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id RAA10173 for ; Wed, 13 Sep 2000 17:25:06 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e8EIGN019550 for ; Thu, 14 Sep 2000 11:16:23 -0700 (MST) Message-Id: <200009141816.e8EIGN019550@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Ralph Droms of "Thu, 14 Sep 2000 13:09:14 -0400." <4.3.1.2.20000914111231.00b66a30@mail.bucknell.edu> Date: Thu, 14 Sep 2000 11:16:23 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > A client can make two requests to a server about an IA: > > * Associate some IP addresses with this IA > * Renew this IA I thought we figured out that these were both the same request! :'} Or is the distinction that the latter case it may include some addresses as a suggestion to the server, whereas in the former case it will never do this? _MelloN_ From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:31:04 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20200 for ; Thu, 14 Sep 2000 14:31:03 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIPWb08231; Thu, 14 Sep 2000 14:25:32 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIM7b18474 for ; Thu, 14 Sep 2000 14:22:09 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id OAA09227 for ; Thu, 14 Sep 2000 14:21:49 -0400 (EDT) Message-Id: <4.3.1.2.20000914135431.00b637f0@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 14:24:15 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 client identification... In-Reply-To: <200009060744.e867idC01841@grosse.bisbee.fugue.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN Ted - I like your statement of the identification problem. At 12:44 AM 9/6/00 -0700, Ted Lemon wrote: >We had a nice discussion about client identifiers during the >conference call. The issues that I remember us talking about are: > > (a) Giving a DHCP client a unique identification that does > not change when network hardware changes > (b) Providing a way to identify more than one instance of > usage (I called these identity associations in my message > about the DHCPv6 address model) within an individual client. > (c) Providing a way for the server to tell that two identity > associations actually represent one client. > (d) Providing a way to have a single authentication > key work with all of a client's identity associations. (a) is important - I'd like the DHCP server to be able to know that my laptop is the same device whether it is plugged in to its docking station or connected through its PC card NIC. (b) and (c) are related, I think - we'd like the server to differentiate IAs but be able to determine that two IAs come from the same DHCP client (physical computer?) (d) simplifies the key management problem. Not trying to be diffcult here - but what, exactly, is a "client"? A physical device, a protocol stack, (potentially?) an application? My understanding of (a)-(d) might change depending on the answer. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:47:18 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20421 for ; Thu, 14 Sep 2000 14:47:17 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIibb16009; Thu, 14 Sep 2000 14:44:37 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIiUb17717 for ; Thu, 14 Sep 2000 14:44:31 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id OAA12437 for ; Thu, 14 Sep 2000 14:44:14 -0400 (EDT) Message-Id: <4.3.1.2.20000914144010.00bbbc40@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 14:45:58 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 address model proposal... In-Reply-To: <200009141816.e8EIGN019550@grosse.bisbee.fugue.com> References: <4.3.1.2.20000914111231.00b66a30@mail.bucknell.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 11:16 AM 9/14/00 -0700, you wrote: > > A client can make two requests to a server about an IA: > > > > * Associate some IP addresses with this IA > > * Renew this IA > >I thought we figured out that these were both the same request! :'} I took this from your original message: >I think there are actually only two questions a client ever needs to >ask the server: "please associate an IP address with this identity," >and "please renew the association for this identity." We might have figured out the are both the same request in another message - I skimmed through all the messages pretty quickly and may have missed it. In fact, I made a similar suggestion in another message: >Well, suppose the client has just a single request it can make of the >server: here's an identity association (IA) identifier - tell me the IP >addresses (and associated lease lengths) associated with this IA. > >If the server has no record of the IA (a "new" request), it assigns some >addresses and returns them to the client. If the server has previously >assigned addresses to the IA, it simply returns those addresses, with >(potentially) new lease lengths. If the state of the IA has changed - >e.g., some of the previously assigned addresses are no longer valid - the >server returns the *current* addresses. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:49:40 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20466 for ; Thu, 14 Sep 2000 14:49:39 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIkvb28321; Thu, 14 Sep 2000 14:46:57 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIkIb32707 for ; Thu, 14 Sep 2000 14:46:19 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id OAA12670 for ; Thu, 14 Sep 2000 14:46:01 -0400 (EDT) Message-Id: <4.3.1.2.20000914144752.00b59480@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 14:48:27 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 address model proposal... In-Reply-To: <200009141814.e8EIEK019520@grosse.bisbee.fugue.com> References: <4.3.1.2.20000914124611.00b6c830@mail.bucknell.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 11:14 AM 9/14/00 -0700, you wrote: > > If the server has no record of the IA (a "new" request), it assigns some > > addresses and returns them to the client. If the server has previously > > assigned addresses to the IA, it simply returns those addresses, with > > (potentially) new lease lengths. If the state of the IA has changed - > > e.g., some of the previously assigned addresses are no longer valid - the > > server returns the *current* addresses. > >Right, that's what I had in mind too. :') Looks like our e-mail is crossing in flight and we're having a time-delayed agreement... - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:52:42 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20531 for ; Thu, 14 Sep 2000 14:52:41 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EInqb32081; Thu, 14 Sep 2000 14:49:52 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EInVb19746 for ; Thu, 14 Sep 2000 14:49:32 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-211.ip.theriver.com [206.97.58.211]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id RAA10254 for ; Wed, 13 Sep 2000 17:56:00 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e8EIlE019982 for ; Thu, 14 Sep 2000 11:47:14 -0700 (MST) Message-Id: <200009141847.e8EIlE019982@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 client identification... In-Reply-To: Message from Ralph Droms of "Thu, 14 Sep 2000 14:24:15 -0400." <4.3.1.2.20000914135431.00b637f0@mail.bucknell.edu> Date: Thu, 14 Sep 2000 11:47:14 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > Not trying to be diffcult here - but what, exactly, is a "client"? A > physical device, a protocol stack, (potentially?) an application? My > understanding of (a)-(d) might change depending on the answer. That's a good question. I think the answer is "that collection of programs running on a single computer that interact on the DHCP protocol port and respond to DHCP requests." I think in order to implement this you probably either have to have all of the identity association state machines either running as part of the same program, or you have to have an API on your computer that acts as a rendezvous point for seperate programs each of which is running one or more of the identity associations. I don't think we talked about this, but this has implications for the DHCP Reconfigure message. The Reconfigure message has to tell the client which identity association to renew (or to renew all of them, I guess). _MelloN_ From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:56:37 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20693 for ; Thu, 14 Sep 2000 14:56:36 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIrSb25301; Thu, 14 Sep 2000 14:53:28 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIrKb29291 for ; Thu, 14 Sep 2000 14:53:21 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-211.ip.theriver.com [206.97.58.211]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id RAA10267 for ; Wed, 13 Sep 2000 17:59:48 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e8EIp2020055 for ; Thu, 14 Sep 2000 11:51:02 -0700 (MST) Message-Id: <200009141851.e8EIp2020055@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Ralph Droms of "Thu, 14 Sep 2000 14:45:58 -0400." <4.3.1.2.20000914144010.00bbbc40@mail.bucknell.edu> Date: Thu, 14 Sep 2000 11:51:02 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > We might have figured out the are both the same request in another message > - I skimmed through all the messages pretty quickly and may have missed > it. In fact, I made a similar suggestion in another message: Right, that's where I took the agreement from. Maybe I hadn't agreed to this before, though... :'} _MelloN_ From owner-dhcp-v6@bucknell.edu Thu Sep 14 14:58:48 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA20742 for ; Thu, 14 Sep 2000 14:58:48 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EIu6b01761; Thu, 14 Sep 2000 14:56:06 -0400 (EDT) Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EIrpb30414 for ; Thu, 14 Sep 2000 14:53:51 -0400 (EDT) Received: from grosse.bisbee.fugue.com (206-97-58-211.ip.theriver.com [206.97.58.211]) by toccata.fugue.com (8.9.3/8.6.11) with ESMTP id SAA10277 for ; Wed, 13 Sep 2000 18:00:19 -0700 (PDT) Received: from grosse.bisbee.fugue.com (localhost [127.0.0.1]) by grosse.bisbee.fugue.com (8.11.0/8.6.11) with ESMTP id e8EIpX020070 for ; Thu, 14 Sep 2000 11:51:33 -0700 (MST) Message-Id: <200009141851.e8EIpX020070@grosse.bisbee.fugue.com> To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... In-Reply-To: Message from Ralph Droms of "Thu, 14 Sep 2000 14:48:27 -0400." <4.3.1.2.20000914144752.00b59480@mail.bucknell.edu> Date: Thu, 14 Sep 2000 11:51:33 -0700 From: Ted Lemon Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN > Looks like our e-mail is crossing in flight and we're having a time-delayed > agreement... I think you're right. :') I should be slower off the mark, I guess. _MelloN_ From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:08:26 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA22678 for ; Thu, 14 Sep 2000 15:08:26 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJ3Jb06488; Thu, 14 Sep 2000 15:03:19 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJ36b22910 for ; Thu, 14 Sep 2000 15:03:07 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id PAA15040 for ; Thu, 14 Sep 2000 15:02:49 -0400 (EDT) Message-Id: <4.3.1.2.20000914145102.00b774b0@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 15:00:21 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: RE: DHCPv6 Relay Changes In-Reply-To: <63D30D6E10CFD11190A90000F805FE8602BEC0C3@lespaul.process.c om> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 09:28 PM 9/6/00 -0400, you wrote: >While I understand the forward (client to relay to server) message traffic, >the reverse traffic isn't clear. I assume the server sends back the message >to the relay without having to encapsulate it? For simplicity and security, I would guess the return traffic is encapsulated as well. >If you allow the multiple encapsulations (one for each relay), how does the >reverse traffic occur? I didn't see any reference to multiple encapsulations in Barr's note - did I miss it? In any event, we probably need multiple encapsulations to accommodate authenticated relay options. > It goes to the relay nearest the client since it is >the only one that can communicate with the client? In case of multiple relays - note that processing a DHCP message in multiple realy agents is an unusual event - I would guess we want to unwrap the messages one at a time through the reverse path. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:08:28 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA22689 for ; Thu, 14 Sep 2000 15:08:28 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJ5cb16813; Thu, 14 Sep 2000 15:05:38 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJ37b32345 for ; Thu, 14 Sep 2000 15:03:07 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id PAA15047 for ; Thu, 14 Sep 2000 15:02:50 -0400 (EDT) Message-Id: <4.3.1.2.20000914150033.00b59e00@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 15:01:34 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 Relay Changes In-Reply-To: <200009070659.CAA0000757316@anw.zk3.dec.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 02:59 AM 9/7/00 -0400, you wrote: >Barr/folks, > >Is this really encapsulation? > >or > >A new relay extension msg type to encapsulate client solicits and >requests. > >At the design meeting I was thinking real encapsulation. I was imagining a new message extension type that carries the client message in another DHCP message between the relay and the server. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:14:40 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA22760 for ; Thu, 14 Sep 2000 15:14:40 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJBmb00676; Thu, 14 Sep 2000 15:11:48 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJBjb08221 for ; Thu, 14 Sep 2000 15:11:45 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id PAA16129 for ; Thu, 14 Sep 2000 15:11:27 -0400 (EDT) Message-Id: <4.3.1.2.20000914151229.00ae2920@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 15:13:51 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: DHCPv6 address model proposal... In-Reply-To: <200009141851.e8EIp2020055@grosse.bisbee.fugue.com> References: <4.3.1.2.20000914144010.00bbbc40@mail.bucknell.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 11:51 AM 9/14/00 -0700, you wrote: > > We might have figured out the are both the same request in another message > > - I skimmed through all the messages pretty quickly and may have missed > > it. In fact, I made a similar suggestion in another message: > >Right, that's where I took the agreement from. Maybe I hadn't agreed >to this before, though... :'} Ah - I had just made that as an off-hand observation. I had no idea someone actually agreed with me. Perhaps it comes from spending so much time one-on-one with my kids over the last week or two. They *never* agree with me... - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:34:26 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA22998 for ; Thu, 14 Sep 2000 15:34:25 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJVdb04084; Thu, 14 Sep 2000 15:31:39 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJVQb08706 for ; Thu, 14 Sep 2000 15:31:26 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Thu, 14 Sep 2000 15:31:10 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC158@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list Subject: RE: DHCPv6 address model proposal... Date: Thu, 14 Sep 2000 15:31:09 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN In agreement with the two basic requests. The first (Associate some IP addresses with this IA) request is really lease me some addresses (or lease me what addresses I might have had in the past) and the second is the renewal request. We did have some open issues with these requests that were under discussion. - I believe we all agreed that allowing the client to supply a list of prefixes for addresses the client wanted is allowed. The server can supply additional addresses and might not assign addresses for all supplied prefixes. - I believe the renewal was a bigger issue because it wasn't clear whether a client could "renew" an individual address or had to renew all of them. The issue also required us to resolve whether lifetimes are per address or per IA, which was never fully resolved. As with router prefix advertisements, I personnally feel that the lifetimes should be per address, not per IA (ie, the "lease" each address includes per address lifetimes, rather than a single lifetime for all addresses). The way the list of requests below reads ("renew this IA") kind of implies that one leases IAs and not addresses. Perhaps you've implied to solve the problem by saying all addresses for an IA have the same lifetimes? - Bernie Volz -----Original Message----- From: Ralph Droms [mailto:droms@bucknell.edu] Sent: Thursday, September 14, 2000 2:46 PM To: DHCPv6 discussion list Subject: Re: DHCPv6 address model proposal... At 11:16 AM 9/14/00 -0700, you wrote: > > A client can make two requests to a server about an IA: > > > > * Associate some IP addresses with this IA > > * Renew this IA > >I thought we figured out that these were both the same request! :'} I took this from your original message: >I think there are actually only two questions a client ever needs to >ask the server: "please associate an IP address with this identity," >and "please renew the association for this identity." We might have figured out the are both the same request in another message - I skimmed through all the messages pretty quickly and may have missed it. In fact, I made a similar suggestion in another message: >Well, suppose the client has just a single request it can make of the >server: here's an identity association (IA) identifier - tell me the IP >addresses (and associated lease lengths) associated with this IA. > >If the server has no record of the IA (a "new" request), it assigns some >addresses and returns them to the client. If the server has previously >assigned addresses to the IA, it simply returns those addresses, with >(potentially) new lease lengths. If the state of the IA has changed - >e.g., some of the previously assigned addresses are no longer valid - the >server returns the *current* addresses. - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:38:13 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA23022 for ; Thu, 14 Sep 2000 15:38:13 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJYqb05219; Thu, 14 Sep 2000 15:34:52 -0400 (EDT) Received: from funnel.cisco.com (funnel.cisco.com [161.44.131.24]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJWcb22689 for ; Thu, 14 Sep 2000 15:32:38 -0400 (EDT) Received: from rdroms-nt.bucknell.edu (ch2-dhcp133-127.cisco.com [161.44.133.127]) by funnel.cisco.com (8.8.5-Cisco.1/8.6.5) with ESMTP id PAA18874 for ; Thu, 14 Sep 2000 15:32:22 -0400 (EDT) Message-Id: <4.3.1.2.20000914152733.00b15700@mail.bucknell.edu> X-Sender: droms@mail.bucknell.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 14 Sep 2000 15:32:35 -0400 To: DHCPv6 discussion list From: Ralph Droms Subject: Re: Design team teleconference, 8/31 In-Reply-To: <200009080339.XAA0000917919@anw.zk3.dec.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Reply-To: dhcp-v6@bucknell.edu Sender: owner-dhcp-v6@bucknell.edu X-Listprocessor-Version: 8.2.10/991025/16:55 -- ListProc(tm) by CREN At 11:39 PM 9/7/00 -0400, you wrote: >Was not clear what thread to post this too. But one of the discussions >was the name of the messages. Right - I'm not sure we actually got that thread kicked off. It was my question - do we need different semantics and message names for DHCPv6 or can we reuse the technology from DHCPv4? For example, the DHCPv6 Solicit message now acts pretty much like the DHCPv4 DHCPDISCOVER message (allowing for differences in the message formats). The Advertise message acts pretty much like a DHCPOFFER, except the Advertise doesn't include any offered parameters. is there a reason for the difference or could we include parameters in the DHCPv6 message and call it a DHCPOFFER? > The current DHCPv6 message names >correspond directly to Neighbor Discovery rfc 2462 thats where they came >from. I think it more important to stay in synch with that part of IPv6 >than DHCPv4. If the messages are really different messages - with different semantics - then sure, we should go with RFC 2462. If the DHCPv6 messages walk and quack like DISCOVER/OFFER/REQUEST/ACK then that's what we oughta call 'em... - Ralph From owner-dhcp-v6@bucknell.edu Thu Sep 14 15:42:12 2000 Received: from mail.bucknell.edu (marge.bucknell.edu [134.82.9.1]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA23082 for ; Thu, 14 Sep 2000 15:42:09 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.bucknell.edu (8.10.1/8.10.1) with SMTP id e8EJbDb15554; Thu, 14 Sep 2000 15:37:13 -0400 (EDT) Received: from lespaul.process.com (lespaul.process.com [192.42.95.27]) by mail.bucknell.edu (8.10.1/8.10.1) with ESMTP id e8EJZbb10722 for ; Thu, 14 Sep 2000 15:35:37 -0400 (EDT) Received: by lespaul.process.com with Internet Mail Service (5.5.2650.21) id ; Thu, 14 Sep 2000 15:35:21 -0400 Message-ID: <63D30D6E10CFD11190A90000F805FE8602BEC159@lespaul.process.com> From: Bernie Volz To: DHCPv6 discussion list