Dhc Status PagesDynamic Host Configuration (Active WG)
Int Area: Suresh Krishnan, Terry Manderson | 1989-Apr-13 —Chairs:
IETF-99 dhc minutes
Session 2017-07-19 1330-1500: Athens/Barcelona - Audio stream - dhc chatroom
DHC WG minutes for IETF-99 Prague (DRAFT) Date: Wednesday, July 19, 2017, 13:30-15:00 (CEST) Location: Athens/Barcelona Chairs: Tomek Mrugalski & Bernie Volz 1. The meeting had started with co-chairs (Bernie Volz and Tomek Mrugalski) going through the agenda and summarizing the state of the game (two RFCs 8156, 8168 being published, with another one in RFC-Ed queue). 2. John Brzozowski delivered an excellent presentation about DHCPv6 deployment at Comcast, which is one of the biggest production networks that use DHCPv6. The scope of this deployment (devices counted in tens of millions) was of particular interest to the WG. 99% of 44 million cable modems is using IPv6 and 90% of them are v6-only. As John said "The scale doubled over the years. Every day is a first". Some details of specific mechanisms were shared: IA_NA and IA_PD are used, with CPE getting /56 prefix, splits to /58s or /60s. There are plans to retire IA_NA and use PD only. SLAAC is everywhere on home networks, with some gateways doing stateful as well. Intention is to deploy rapid-commit to optimize traffic. No specific protocol issues reported, but there may be some operational experience draft coming. 3. Tomek Mrugalski presented Secure DHCPv6 update - draft-ietf-dhc-sedhcpv6. We did conclude a WGLC since previous meeting, but serious objections were raised. On technical level the solution was almost workable, but as preparation for a hackathon serious questions were raised that quickly escalated into discussion about base assumptions. Bernie and Tomek discussed the matter with co-authors and Sec AD, and came up with several possible ways forward: a) fix the key signing issue, publish as experimental; b) scope down to just do opportunistic encryption; c) step back and do a problem statement draft first; d) drop the work. It became very clear that going with the experimental publication route was not favored by anyone, so quickly discarded. People in the room cared about the security, so dropping the work was discarded as well. Suresh Krishnan (responsible Int AD) was ok with dropping the work, but was also fine with going with the problem statement. Kathleen Moriarty (Sec AD) asked whether the DHC needs help. The ipsec WG is small, but it's full of experts. Also pointed out that the threat analysis is typically done by the WG. Discussion evolved around the question of whether opportunistic encryption could be achieved with IPSec. The major problem here is that DHCPv6 uses deployed relay agents that can't really be modified and clients communicate with relays using multicast. It was not immediately clear whether IPSec can handle that or not. It is clear that 3315bis and its security considerations section requires some additional work. 4. Srinivasa Rao Nallurim presented DHCP/DHCPv6 options for LWM2M bootstrapping (draft-nalluri-dhc-dhcpv6-lwm2m-bootstrap-options), which was a first remote presentation in DHC in a very long time. It went well. Some concerns were raised by Francis Dupont, who pointed out that the text about storing a certificate requires clarification. People in the room were generally in favor of the concept. There are no WGs dedicated to this work. Chairs asked Suresh, as responsible AD, that it would be ok to adopt this work in DHC. An adoption call will be announced soon. 5. Danny Moses presented OnDemand Extensions to DHCPv6 for IP Session Continuity Requests (draft-moses-dmm-dhcp-ondemand-mobility, draft-ietf-dmm-ondemand-mobility). This is a work being done in the DMM WG and was presented in DHC to provide background information and ask for a review. Some discussion ensued with the option formats looking good. There was a question whether anchor preference option is needed at all as the desired functionality could possibly be done with a IA_PD with hints sent using IAPREFIX option. The meeting finished almost exactly on time, taking good use of all 90 minutes.