[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] Re: Regarding Extension of Leasequery draft

To: ric at cisco.com
Subject: Re: [dhcwg] Re: Regarding Extension of Leasequery draft
From: Bharat Joshi <bharat_joshi at infosys.com>
Date: Tue, 19 Dec 2006 16:58:55 +0530
Cc: dhcwg at ietf.org, wdec at cisco.com
In-reply-to: <457E2DB2.6040704@cisco.com>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: dhcwg.ietf.org
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
Organization: Infosys Technologies Ltd
References: <0CA51D55A5DC42479FEBFBCEB7D5F183D44C5F@BLRKECMSG01.ad.infosys.c om> <457E2DB2.6040704@cisco.com>

Hi Richard,

    Thanks for your response and sorry for a delayed reply.

    We think we all [you, Woj and others in DHC WG] agree that our draft
'Extension of Lease Query to switching and bridging networks' solve
certain problems associated with Layer 2 Relay Agents.

    We understand that if an Access Network does not implement BFD, our
solution would be best suitable to the problem we solve.

> Cisco now has a ton of features both in enterprise and in SP markets 
> layer 2 devices that are gleaning feature state by watching DHCP events. 
> These features are the cornerstones of current layer to protection for 
> the ARP table, IP spoofing and control path attacks.
> 

This is the kind of problem we are trying to solve here. Thanks for
pointing out that there are certain layer 2 devices Cisco has which
might require this.

> What I was trying to say was not that we do not need something like your 
> leasequery draft. I feel there is a need to acknowledge that a ton of L2 
> devices snoop DHCP because it is there best indication of what is 
> happening but this approach has problems in the long term if we do not 
> start to engineer for this. The DSL forum BFD is a good example of the 
> types of problems that can occur.
> 
> e.g.  If BFD times a session out.  The BRAS will clean up it's state but 
> the non-directly L1 connected L2 devices will have no indication that 
> the session has gone away.  If we are using the DHCP snooping to close 
> holes, those holes will now be open and nothing will close them before 
> the L2 device times out, probably at the end of the lease period.
> 
> There needs to be some framework for the state in these devices to be 
> coupled to other parts of the system, and while leasequery addresses how 
> to recover from stateloss in the L2 device it does not address how to 
> keep the L2 device coupled for the other changes in the system.
> 

    Please correct us if we are wrong, its our understanding that BFD is
being developed to solve an entirely different problem [keeping alive
the IP session between BRAS and modem/clients]. But because of BFD,
either our solution may not be required in certain network
configurations or layer 2 relay agent may be out of sync when it brings
down the IP session.

    We think that with BFD, we not only have to sync Layer 2 Relay Agent
[i.e. releasing lease information and other details it maintains] but
DHCP server as well. DHCP server would still hold on to a lease until
the lease expires or DHCP client sends a DHCP RELEASE. So even if we
somehow flush the lease information in Layer 2 Relay Agent, we still
have a problem.

    Now why we think it should work as it is that Layer 2 Relay Agent
MUST flush the lease information only in two cases. One is when it sees
a DHCP RELEASE from the client or when the lease timer expires. If BFD
brings an IP session down and modem/CPE/Gateway triggers the DHCP
DISCOVER, layer 2 relay agent should behave similar to the DHCP server
which still has a Lease-Active for this client. So we think everything
will work as expected if states in Layer 2 Relay agent is in sync with
DHCP server and thats exactly what would happen here.

    Please let me know if you have any questions.

Thanks & Regards,
Bharat


**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***

_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

References:
- [dhcwg] Re: Regarding Extension of Leasequery draft
  - From: Richard Pruss

Prev by Date: [dhcwg] New Version Notification - draft-ietf-dhc-paa-option-05.txt
Next by Date: [dhcwg] Last Call: 'DHCP options for PANA Authentication Agents' to Proposed Standard (draft-ietf-dhc-paa-option)
Previous by thread: [dhcwg] Re: Regarding Extension of Leasequery draft
Next by thread: [dhcwg] santosh invites you to join Zorpia
Index(es):
- Date
- Thread