[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] Some question and suggestion on LDRA draft

To: "Bharat Joshi" <bharat_joshi at infosys.com>, <dhcwg at ietf.org>
Subject: Re: [dhcwg] Some question and suggestion on LDRA draft
From: "MILES DAVID" <David.Miles at alcatel-lucent.com.au>
Date: Wed, 24 Sep 2008 00:33:56 +0800
Delivered-to: ietfarch-dhcwg-web-archive at core3.amsl.com
Delivered-to: dhcwg at core3.amsl.com
In-reply-to: <31D55C4D55BEED48A4459EB64567589A0C67E7B7C3 at BLRKECMBX02.ad.infosys.com>
List-archive: <https://www.ietf.org/mailman/private/dhcwg>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: <dhcwg.ietf.org>
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <31D55C4D55BEED48A4459EB64567589A0C67E7B7C3 at BLRKECMBX02.ad.infosys.com>
Sender: dhcwg-bounces at ietf.org
Thread-index: AckIUmsifz/9vS0QQOCLwyvZn+X0hQVRsj2w
Thread-topic: [dhcwg] Some question and suggestion on LDRA draft

With respect to the DHCPv6 LDRA, there is only one item that remains
outstanding - the capability of the LDRA to support client-side relays,
and the method to handle this.

Bharat has pointed out that:
>The advantage of using 'trust' interface is that a spoof packet is
dropped in the network element where it is getting into the network
while with this, it will reach all the way till DHCP server >and DHCP
server will parse it to find out that this is not a valid/trusted
packet.

It's fair to say there are two approaches:
- Re-use the IPv4 L2RA Trusted and Un-trusted approach with respect to
relay support (ie, is it okay to get a relay-forward from the client)
- Use hop-count to determine whether the message has been relayed, per
the current text in the draft

I'd like to invite others to comment on this item directly to resolve.
Can others give their opinion on their preferred approach?

Best Regards,

-David

Current extract below:
http://tools.ietf.org/html/draft-miles-dhc-dhcpv6-ldra-00

6.1.2.  Trusted and Untrusted Interfaces

   In [RFC3046] DHCPv4 relay-agents had their client-facing interfaces
   set to trusted and untrusted.  In DHCPv4 it was not possible for a
   DHCP server to determine whether the client or an intermediate relay
   had added relay agent information options and thus trusted interfaces
   (relay-agent interfaces that would allow any DHCP options to be
   present on incoming messages) and untrusted interfaces (relay-agent
   interfaces that would ensure there are no relay-agent options on
   incoming messages) were defined.  In DHCPv6 relay agents encapsulate
   the received message into the Relay-Message Option in addition to
   adding any relay-agent options.  This nested message behaviour allows
   a server to identify the options each relay-agent has inserted along
   the path.

   When an LDRA is deployed, DHCPv6 servers MUST be configured with the
   Relay-Forward hop-count of the LDRA to instruct at which level of
   nesting the relay-agent options should be parsed.  This removes the
   need for an interface to be configured as trusted or untrusted by
   providing the DHCPv6 server with an awareness of the LDRA logical
   location in the DHCP relay path.  This behaviour is dependant on the
   interception of all DHCP messages by the LDRA and the incrementing of
   the Relay-Forward hop-count if a Relay-Forward message is received
   from the client-facing LDRA interface.

_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

References:
- [dhcwg] Some question and suggestion on LDRA draft
  - From: Bharat Joshi

Prev by Date: [dhcwg] Move two vendor message drafts to WGLC?
Next by Date: Re: [dhcwg] I-D Action:draft-ietf-dhc-relay-id-suboption-02.txt
Previous by thread: Re: [dhcwg] Some question and suggestion on LDRA draft
Next by thread: [dhcwg] *DRAFT* minutes for dhc WG meeting in Dublin
Index(es):
- Date
- Thread