[kea-dev] Proposed design for DHCP4o6 in Kea
Tomek Mrugalski
tomasz at isc.org
Wed Aug 19 16:54:22 UTC 2015
On 13.08.2015 20:55, Francis Dupont wrote:
> Tomek Mrugalski writes:
>> Design: http://kea.isc.org/wiki/Dhcp4o6Design
>
> => the main issue in the previous attempt is to pas the decapsulated packet.
> In fact not only the whole packet with the DHCPv6 relay stuff is required
> but some extra infos are needed too: the receiving interface and the
> IPv6 source/client address.
> BTW Unix sockets are again the worst solution. For ISC DHCP I used a
> pair of UDP sockets bound to the loopback. As I explained in this list
> we can use the same format and transport so be able to develop both
> sides (DHCPv6 and DHCPv4) in parallel...
But it's also a solution that does not suffer from security problem:
with UDP sockets open on loopback, any non-root user can send packets
to. But the approach has more long term implications.
CommandSocketFactory is expected to be extended with other communication
methods, not just unix sockets. When this is done, both control channel
for Kea as well as 4o6 communication channel will be extended to cover it.
> A final note: it seems the same format should be used in both way,
> i.e., in DHCPv6 -> DHCPv4 and DHCPv4 -> DHCPv6. And TWO sockets are
> needed if you don't want to read what you've just written.
My intention as to use the same format both ways. If the text is unclear
about it, we need to reword it.
>> If possible, I'd like this design discussion to conclude no later than
>> the next Friday, Aug. 14th.
> => a bit short and BTW I didn't see any contributions...
We had a discussion in Prague that we'll provide a preliminary design
within 2 weeks and a final one within 3-4 weeks. That's where the Aug.
14th came from. However, since Tsinghua team is now on vacation and is
expected to come back on Aug. 20th, we still have couple more days.
Tomek
More information about the kea-dev
mailing list