[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] DHCPv6 router option

To: "Bernie Volz (volz)" <volz at cisco.com>
Subject: Re: [dhcwg] DHCPv6 router option
From: Thomas Narten <narten at us.ibm.com>
Date: Fri, 20 Mar 2009 14:11:31 -0400
Cc: dhcwg at ietf.org, Ted Lemon <ted.lemon at nominum.com>, "Ralph Droms \(rdroms\)" <rdroms at cisco.com>
Comments: In-reply-to "Bernie Volz (volz)" <volz at cisco.com> message dated "Thu, 12 Mar 2009 10:07:32 -0400."
Delivered-to: dhcwg at core3.amsl.com
In-reply-to: <8E296595B6471A4689555D5D725EBB210BAB2FBB at xmb-rtp-20a.amer.cisco.com>
List-archive: <http://www.ietf.org/mail-archive/web/dhcwg>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: <dhcwg.ietf.org>
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <E206991E-081C-4EFC-81AD-7559DCBDD864 at muada.com><20090311.175355.74747534.sthaug at nethelp.no><29D0BBDB-051B-4811-A118-B5D6C96939A1 at nominum.com> <397B3101-A576-4A66-BC56-2E4B5BE94427 at cisco.com> <8E296595B6471A4689555D5D725EBB210BAB2FBB at xmb-rtp-20a.amer.cisco.com>

Bernie,

"Bernie Volz (volz)" <volz at cisco.com> writes:

> While we can't do anything about existing hosts that don't make use of
> these new options, it seems to me that ideally people may want three
> modes (for hosts that support these new options):

> 1. Use RAs. Hence if a client includes the options in the ORO, the
> server SHOULD NOT include these options in the response. This is what we
> have today.

Right. This works today Just Fine.

> 2. Use DHCP. Whether RAs are sent or not, the hosts should ignore RAs
> and only make use of the information provided via DHCP.

I disagree with this approach. The problem is that the
*implementation* is the one that has to decide whether to ignore RAs
or not. But that decision is really best made by the network
adminsistrator, since they know what is running on their network and
what their requirements are. The worst situation here would be if
clients did varying things, and the network admin couldn't run their
network as they'd like.

IMO, the only viable approach is that a client accept information from
both DHC and RAs and merge the info together. Clients are not smart
enough to know how to make any other choice when there are conflicts.

> 3. Use both? Perhaps 'prefer' the information provided via DHCP, perhaps
> not?

I would be nervous about configuration learned via one or the other as
being more "prefered". But I agree we need to think about this a bit
and have recommendations on what a client should implement.

> This draft states:

>    Conflicting or overlapping information received through Router
>    Advertisements and through DHCP is considered a misconfiguration and
>    is out-of-scope of this document.  For example, if a host receives a
>    list of default routers through DHCP and a Router Advertisement with
>    a non-zero lifetime, the result is undefined.

> Which makes 2 (when RAs exist with overlapping information) and 3 out of
> scope? This is probably what is causing much of the problem as I think
> some want to use this to avoid rogue RAs (putting aside whether DHCP is
> any more secure than RAs).

> I also think that expecting to live in a clean world (whether EITHER RAs
> OR DHCP are ONLY used) is unrealistic.

> Therefore, I think the draft needs to address this as it has little
> benefit to just declare this as "out-of-scope". Perhaps it can be
> addressed in a separate document, but I don't think we should advance
> this work until that document is also available.

I agree that the draft needs to address this.

Thomas

Follow-Ups:
- Re: [dhcwg] DHCPv6 router option
  - From: Bernie Volz (volz)

References:
- [dhcwg] DHCPv6 router option
  - From: Iljitsch van Beijnum
- Re: [dhcwg] DHCPv6 router option
  - From: sthaug
- Re: [dhcwg] DHCPv6 router option
  - From: Ted Lemon
- Re: [dhcwg] DHCPv6 router option
  - From: Ralph Droms
- Re: [dhcwg] DHCPv6 router option
  - From: Bernie Volz (volz)

Prev by Date: Re: [dhcwg] DHCPv6 router option
Next by Date: Re: [dhcwg] BBF and DHCP auth, was: We really mean it this time *FINAL* agendafor dhc WG meeting
Previous by thread: Re: [dhcwg] DHCPv6 router option
Next by thread: Re: [dhcwg] DHCPv6 router option
Index(es):
- Date
- Thread