RA DHCP problem...

2013-12-28 Thread Roger Jørgensen 
Hi all,

Here is my summary from an online discussion. We know this affect alot of
different things, RFCs, documents, not to forget many religious views, but
_try_ to put all that aside for a while...



We all think it's time to address this reoccurring issue and discussion on
RAs and DHCP. RA isn't perfect, neither is DHCP but sometime there is a
need to use DHCP instead of RAs. In short - DHCP need to be able to supply
default gateway independing of RAs or no RAs. That is a client should be
able to get only in a IPv6 only network _if_ there is no RAs, only DHCP
there.


The core change we're suggesting are to change things so:

Supporting RAs is mandatory so no change there. However it is recommended
to have it on by default, but NOT mandatory. We're _only_ opening up so
anything else can provide defaultroute.

DHCP must support defaultroute and must be decoupled from RAs, no M-bit or
whatever.

If DHCP and RA shows up, all should be added to the routing table and the
kernel should sort it out. That is the implementer have a choice here but
that's a completely other discussion thread all together.



(tons of options on how DHCP and RAs can live together, all with their own
pitfalls. From the simple one that dhcpclient can disable the kernel from
accepting RAs with it's own pitfalls, to let the kernel sorting them out,
and over to preferring either one - RAs or DHCPs defaultroute)



-- 
--
Roger Jorgensen  | - ROJO9-RIPE  - RJ1866P-NORID
ro...@jorgensen.no   | - The Future is IPv6
---

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?

Re: RA DHCP problem...

2013-12-28 Thread Mikael Abrahamsson 

On Sat, 28 Dec 2013, Roger Jørgensen wrote:

supply default gateway independing of RAs or no RAs. That is a client 
should be able to get only in a IPv6 only network _if_ there is no RAs, 
only DHCP there.


Why? What problem are you solving by changing the current behavior?

DHCP must support defaultroute and must be decoupled from RAs, no M-bit 
or whatever.


M-bit is a hint, nothing in the standard says a host isn't allowed to use 
DHCP on a network.


(tons of options on how DHCP and RAs can live together, all with their 
own pitfalls. From the simple one that dhcpclient can disable the kernel 
from accepting RAs with it's own pitfalls, to let the kernel sorting 
them out, and over to preferring either one - RAs or DHCPs defaultroute)


Personally I think it's a huge mistake for an implementor to have the 
kernel process RAs, all this control plane should be done in userspace, 
not in the kernel.


--
Mikael Abrahamssonemail: swm...@swm.pp.se

Re: RA DHCP problem...

2013-12-28 Thread Tarko Tikan 

hey,


Why? What problem are you solving by changing the current behavior?


We propose to decouple DHCP from RA, view them as two different 
autoconfiguration protocols. Today you can't deploy DHCP without RA and 
this forces you to support/secure two protocols that mostly overlap.



Personally I think it's a huge mistake for an implementor to have the
kernel process RAs, all this control plane should be done in userspace,
not in the kernel.


Kernel, userspace, doesn't matter but we propose not to make it 
complicated and prefer one over another. Let RA and DHCP work 
independently and configure interfaces/routing tables. Let kernel sort 
out which address/route to use based on weights or even ECMP over both 
RA and DHCP defaultroutes if one chooses to do so.


--
tarko

Re: RA DHCP problem...

2013-12-28 Thread Hannes Frederic Sowa 
On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote:
 It should be possible to have a network running DHCP without any RA, if
 someone wants to do that. As far as I know, and you need RAs in todays
 world because DHCPv6 can not give out defaultroute. It break the
 standard if it (DHCPv6) does...

DHCPv6 does not provide any on-link information. So you would have to
include those, too. IIRC dibbler dhcp implementation has their own option
to specificy prefix length and on-link information so I assume you can
already use it standalone without RA. But I don't see any benefit in
doing so.

(dibbler already supports sending gateway and route informations in
dhcpv6).

Greetings,

  Hannes

Re: RA DHCP problem...

2013-12-28 Thread Marco Sommani 
On 28/dic/2013, at 17:36, Hannes Frederic Sowa han...@stressinduktion.org 
wrote:

 On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote:
 It should be possible to have a network running DHCP without any RA, if
 someone wants to do that. As far as I know, and you need RAs in todays
 world because DHCPv6 can not give out defaultroute. It break the
 standard if it (DHCPv6) does...
 
 DHCPv6 does not provide any on-link information. So you would have to
 include those, too. IIRC dibbler dhcp implementation has their own option
 to specificy prefix length and on-link information so I assume you can
 already use it standalone without RA. But I don't see any benefit in
 doing so.
 
 (dibbler already supports sending gateway and route informations in
 dhcpv6).


Dibbler sends them, but no DHCPv6 client except dibbler's can use them. 
Non-standard solutions are useless in this case.

-- 
Marco Sommani
Consiglio Nazionale delle Ricerche
Istituto di Informatica e Telematica
Via Giuseppe Moruzzi 1
56124 Pisa - Italia
work: +390506212127
mobile: +393487981019 
fax: +390503158327
mailto:marco.somm...@iit.cnr.it



smime.p7s
Description: S/MIME cryptographic signature

Re: RA DHCP problem...

2013-12-28 Thread Hannes Frederic Sowa 
On Sat, Dec 28, 2013 at 05:57:14PM +0100, Marco Sommani wrote:
 On 28/dic/2013, at 17:36, Hannes Frederic Sowa han...@stressinduktion.org 
 wrote:
 
  On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote:
  It should be possible to have a network running DHCP without any RA, if
  someone wants to do that. As far as I know, and you need RAs in todays
  world because DHCPv6 can not give out defaultroute. It break the
  standard if it (DHCPv6) does...
  
  DHCPv6 does not provide any on-link information. So you would have to
  include those, too. IIRC dibbler dhcp implementation has their own option
  to specificy prefix length and on-link information so I assume you can
  already use it standalone without RA. But I don't see any benefit in
  doing so.
  
  (dibbler already supports sending gateway and route informations in
  dhcpv6).
 
 
 Dibbler sends them, but no DHCPv6 client except dibbler's can use them. 
 Non-standard solutions are useless in this case.

Sure, I just wanted to maybe give a starting point if OP wants to bring this
ot the IETF 6man's table.

Re: RA DHCP problem...

2013-12-28 Thread Mikael Abrahamsson 

On Sat, 28 Dec 2013, Roger Jørgensen wrote:


did you see the start of my mail?


Yes.


It should be possible to have a network running DHCP without any RA, if
someone wants to do that.


Why?

Because I want to isn't a good technical answer.

--
Mikael Abrahamssonemail: swm...@swm.pp.se