Movatterモバイル変換
[0]ホーム
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page]
Obsoleted by:8415 PROPOSED STANDARD
Updated by:6603,7550Errata ExistNetwork Working Group O. TroanRequest for Comments: 3633 R. DromsCategory: Standards Track Cisco Systems December 2003IPv6 Prefix Options forDynamic Host Configuration Protocol (DHCP) version 6Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved.Abstract The Prefix Delegation options provide a mechanism for automated delegation of IPv6 prefixes using the Dynamic Host Configuration Protocol (DHCP). This mechanism is intended for delegating a long- lived prefix from a delegating router to a requesting router, across an administrative boundary, where the delegating router does not require knowledge about the topology of the links in the network to which the prefixes will be assigned.Table of Contents1. Introduction . . . . . . . . . . . . . . . . . . . . . . . .22. DHCPv6 specification dependency . . . . . . . . . . . . . .33. Terminology . . . . . . . . . . . . . . . . . . . . . . . .34. Requirements . . . . . . . . . . . . . . . . . . . . . . . .35. Model and Applicability . . . . . . . . . . . . . . . . . .35.1. Example network architecture . . . . . . . . . . . . .46. Identity Association for Prefix Delegation . . . . . . . . .57. Overview of DHCP with Prefix Delegation . . . . . . . . . .68. Interface Selection . . . . . . . . . . . . . . . . . . . .79. Identity Association for Prefix Delegation Option . . . . .710. IA_PD Prefix option . . . . . . . . . . . . . . . . . . . .911. Delegating Router Solicitation . . . . . . . . . . . . . . .1111.1. Requesting router behavior . . . . . . . . . . . . . .1111.2. Delegating router behavior . . . . . . . . . . . . . .1112. Requesting router initiated prefix delegation . . . . . . .12Troan & Droms Standards Track [Page 1]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200312.1. Requesting router behavior . . . . . . . . . . . . . .1212.2. Delegating Router behavior . . . . . . . . . . . . . .1413. Prefix Delegation reconfiguration . . . . . . . . . . . . .1513.1. Delegating Router behavior . . . . . . . . . . . . . .1513.2. Requesting Router behavior . . . . . . . . . . . . . .1514. Relay agent behavior . . . . . . . . . . . . . . . . . . . .1515. Security Considerations . . . . . . . . . . . . . . . . . .1616. IANA Considerations . . . . . . . . . . . . . . . . . . . .1617. Intellectual Property Statement. . . . . . . . . . . . . . .1718. References . . . . . . . . . . . . . . . . . . . . . . . . .1718.1. Normative References . . . . . . . . . . . . . . . . .1718.2. Informative References . . . . . . . . . . . . . . . .1719. Acknowledgements . . . . . . . . . . . . . . . . . . . . . .1820. Authors' Addresses . . . . . . . . . . . . . . . . . . . . .1821. Full Copyright Statement . . . . . . . . . . . . . . . . . .191. Introduction This document describes new options for Dynamic Host Configuration Protocol (DHCP) that provide a mechanism for the delegation of IPv6 prefixes [1]. Through these options, a delegating router can delegate prefixes to authorized requesting routers. The prefix delegation mechanism described in this document is intended for simple delegation of prefixes from a delegating router to requesting routers. It is appropriate for situations in which the delegating router does not have knowledge about the topology of the networks to which the requesting router is attached, and the delegating router does not require other information aside from the identity of the requesting router to choose a prefix for delegation. For example, these options would be used by a service provider to assign a prefix to a Customer Premise Equipment (CPE) device acting as a router between the subscriber's internal network and the service provider's core network. Many applications expect stable addresses. Even though this mechanism makes automatic renumbering easier, it is expected that prefixes have a long lifespan. During renumbering it is expected that the old and the new prefix co-exist for some time. The design of this prefix delegation mechanism meets the requirements for prefix delegation in Requirements for IPv6 prefix delegation [6]. Note that this use of DHCP is not bound to the assignment of IP addresses or other configuration information to hosts, and that no mechanism is currently available to communicate delegated prefixes to a DHCP server that serves such a function. This may be an item of future work, should usage warrant.Troan & Droms Standards Track [Page 2]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 20032. DHCPv6 specification dependency This document describes new DHCPv6 options for IPv6 prefix delegation. This document should be read in conjunction with the DHCPv6 specification,RFC 3315 [2], for a complete specification of the Prefix Delegation options and mechanism. Definitions for terms and acronyms not specifically defined in this document are defined inRFC 3315.3. Terminology This document uses the terminology defined inRFC 2460 [1] andRFC3315. In addition, this document uses the following terms: requesting router: The router that acts as a DHCP client and is requesting prefix(es) to be assigned. delegating router: The router that acts as a DHCP server, and is responding to the prefix request. Identity Association for Prefix Delegation (IA_PD): A collection of prefixes assigned to the requesting router. Each IA_PD has an associated IAID. A requesting router may have more than one IA_PD assigned to it; for example, one for each of its interfaces.4. Requirements The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described inBCP 14,RFC 2119 [3].5. Model and Applicability The model of operation for prefix delegation is as follows. A delegating router is provided IPv6 prefixes to be delegated to requesting routers. Examples of ways in which the delegating router may be provided these prefixes are given inSection 12.2. A requesting router requests prefix(es) from the delegating router, as described inSection 12.1. The delegating router chooses prefix(es) for delegation, and responds with prefix(es) to the requesting router. The requesting router is then responsible for the delegated prefix(es). For example, the requesting router might assign a subnet from a delegated prefix to one of its interfaces, and begin sending router advertisements for the prefix on that link.Troan & Droms Standards Track [Page 3]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 Each prefix has an associated valid and preferred lifetime, which constitutes an agreement about the length of time over which the requesting router is allowed to use the prefix. A requesting router can request an extension of the lifetimes on a delegated prefix and is required to terminate the use of a delegated prefix if the valid lifetime of the prefix expires. This prefix delegation mechanism would be appropriate for use by an ISP to delegate a prefix to a subscriber, where the delegated prefix would possibly be subnetted and assigned to the links within the subscriber's network.5.1. Example network architecture Figure 1 illustrates a network architecture in which prefix delegation could be used. ______________________ \ / \ \ | ISP core network | \ \__________ ___________/ | | | +-------+-------+ | | Aggregation | | ISP | device | | network | (delegating | | | router) | | +-------+-------+ | | / |DSL to subscriber / |premises / | +------+------+ \ | CPE | \ | (requesting | \ | router) | | +----+---+----+ | | | | Subscriber ---+-------------+-----+- -+-----+-------------+--- | network | | | | |+----+-----+ +-----+----+ +----+-----+ +-----+----+ ||Subscriber| |Subscriber| |Subscriber| |Subscriber| /| PC | | PC | | PC | | PC | /+----------+ +----------+ +----------+ +----------+ / Figure 1: An example of prefix delegation.Troan & Droms Standards Track [Page 4]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 In this example, the delegating router is configured with a set of prefixes to be used for assignment to customers at the time of each customer's first connection to the ISP service. The prefix delegation process begins when the requesting router requests configuration information through DHCP. The DHCP messages from the requesting router are received by the delegating router in the aggregation device. When the delegating router receives the request, it selects an available prefix or prefixes for delegation to the requesting router. The delegating router then returns the prefix or prefixes to the requesting router. The requesting router subnets the delegated prefix and assigns the longer prefixes to links in the subscriber's network. In a typical scenario based on the network shown in Figure 1, the requesting router subnets a single delegated /48 prefix into /64 prefixes and assigns one /64 prefix to each of the links in the subscriber network. The prefix delegation options can be used in conjunction with other DHCP options carrying other configuration information to the requesting router. The requesting router may, in turn, then provide DHCP service to hosts attached to the internal network. For example, the requesting router may obtain the addresses of DNS and NTP servers from the ISP delegating router, and then pass that configuration information on to the subscriber hosts through a DHCP server in the requesting router.6. Identity Association for Prefix Delegation An IA_PD is a construct through which a delegating router and a requesting router can identify, group and manage a set of related IPv6 prefixes. Each IA_PD consists of an IAID and associated configuration information. An IA_PD for prefixes is the equivalent of an IA (described inRFC 3315) for addresses. An IA_PD is different from an IA, in that it does not need to be associated with exactly one interface. One IA_PD can be associated with the requesting router, with a set of interfaces or with exactly one interface. A requesting router must create at least one distinct IA_PD. It may associate a distinct IA_PD with each of its downstream network interfaces and use that IA_PD to obtain a prefix for that interface from the delegating router. The IAID uniquely identifies the IA_PD and must be chosen to be unique among the IA_PD IAIDs on the requesting router. The IAID is chosen by the requesting router. For any given use of an IA_PD by the requesting router, the IAID for that IA_PD MUST be consistent across restarts of the requesting router. The requesting router mayTroan & Droms Standards Track [Page 5]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 maintain consistency either by storing the IAID in non-volatile storage or by using an algorithm that will consistently produce the same IAID as long as the configuration of the requesting router has not changed. If the requesting router uses only one IAID, it can use a well-known value, e.g., zero. The configuration information in an IA_PD consists of one or more IPv6 prefixes along with the times T1 and T2 for the IA_PD. Seesection 9 for the representation of an IA_PD in a DHCP message.7. Overview of DHCP with Prefix Delegation Prefix delegation with DHCP is independent of address assignment with DHCP. A requesting router can use DHCP for just prefix delegation or for prefix delegation along with address assignment and other configuration information. A requesting router first creates an IA_PD and assigns it an IAID. The requesting router then transmits a Solicit message containing an IA_PD option describing the IA_PD. Delegating routers that can delegate prefixes to the IA_PD respond to the requesting router with an Advertise message. The requesting router may include prefixes in the IA_PDs as a hint to the delegating router about specific prefixes for which the requesting router has a preference. When the requesting router has identified a delegating router, the requesting router uses a Request message to populate the IA_PDs with prefixes. The requesting router includes one or more IA_PD options in the Request message. The delegating router returns prefixes and other information about the IA_PDs to the requesting router in IA_PD options in a Reply message. The requesting router records the lifetimes for the delegated prefix(es) and uses the prefix(es) as described in the previous section. Before the valid lifetime on each delegated prefix expires, the requesting router includes the prefix in an IA_PD option sent in a Renew message to the delegating router. The delegating router responds by returning the prefix with updated lifetimes to the requesting router.Troan & Droms Standards Track [Page 6]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 20038. Interface Selection Delegated prefixes are not associated with a particular interface in the same way as addresses are for address assignment, and the rules described insection 16, "Client Source Address and Interface Selection" ofRFC 3315 do not apply. When a requesting router sends a DHCP message, it SHOULD be sent on the interface associated with the upstream router (ISP network). The upstream interface is typically determined by configuration. This rule applies even in the case where a separate IA_PD is used for each downstream interface. When a requesting router sends a DHCP message directly to a delegating router using unicast (after receiving the Server Unicast option from that delegating router), the source address SHOULD be an address from the upstream interface and which is suitable for use by the delegating router in responding to the requesting router.9. Identity Association for Prefix Delegation Option The IA_PD option is used to carry a prefix delegation identity association, the parameters associated with the IA_PD and the prefixes associated with it. The format of the IA_PD option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_IA_PD | option-length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IAID (4 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | T1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | T2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . IA_PD-options . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code: OPTION_IA_PD (25) option-length: 12 + length of IA_PD-options field.Troan & Droms Standards Track [Page 7]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 IAID: The unique identifier for this IA_PD; the IAID must be unique among the identifiers for all of this requesting router's IA_PDs. T1: The time at which the requesting router should contact the delegating router from which the prefixes in the IA_PD were obtained to extend the lifetimes of the prefixes delegated to the IA_PD; T1 is a time duration relative to the current time expressed in units of seconds. T2: The time at which the requesting router should contact any available delegating router to extend the lifetimes of the prefixes assigned to the IA_PD; T2 is a time duration relative to the current time expressed in units of seconds. IA_PD-options: Options associated with this IA_PD. The IA_PD-options field encapsulates those options that are specific to this IA_PD. For example, all of the IA_PD Prefix Options carrying the prefixes associated with this IA_PD are in the IA_PD-options field. An IA_PD option may only appear in the options area of a DHCP message. A DHCP message may contain multiple IA_PD options. The status of any operations involving this IA_PD is indicated in a Status Code option in the IA_PD-options field. Note that an IA_PD has no explicit "lifetime" or "lease length" of its own. When the valid lifetimes of all of the prefixes in a IA_PD have expired, the IA_PD can be considered as having expired. T1 and T2 are included to give delegating routers explicit control over when a requesting router should contact the delegating router about a specific IA_PD. In a message sent by a requesting router to a delegating router, values in the T1 and T2 fields indicate the requesting router's preference for those parameters. The requesting router sets T1 and T2 to zero if it has no preference for those values. In a message sent by a delegating router to a requesting router, the requesting router MUST use the values in the T1 and T2 fields for the T1 and T2 parameters. The values in the T1 and T2 fields are the number of seconds until T1 and T2. The delegating router selects the T1 and T2 times to allow the requesting router to extend the lifetimes of any prefixes in theTroan & Droms Standards Track [Page 8]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 IA_PD before the lifetimes expire, even if the delegating router is unavailable for some short period of time. Recommended values for T1 and T2 are .5 and .8 times the shortest preferred lifetime of the prefixes in the IA_PD that the delegating router is willing to extend, respectively. If the time at which the prefixes in an IA_PD are to be renewed is to be left to the discretion of the requesting router, the delegating router sets T1 and T2 to 0. If a delegating router receives an IA_PD with T1 greater than T2, and both T1 and T2 are greater than 0, the delegating router ignores the invalid values of T1 and T2 and processes the IA_PD as though the delegating router had set T1 and T2 to 0. If a requesting router receives an IA_PD with T1 greater than T2, and both T1 and T2 are greater than 0, the client discards the IA_PD option and processes the remainder of the message as though the delegating router had not included the IA_PD option.10. IA_PD Prefix option The IA_PD Prefix option is used to specify IPv6 address prefixes associated with an IA_PD. The IA_PD Prefix option must be encapsulated in the IA_PD-options field of an IA_PD option. The format of the IA_PD Prefix option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_IAPREFIX | option-length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | preferred-lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | valid-lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | prefix-length | | +-+-+-+-+-+-+-+-+ IPv6 prefix | | (16 octets) | | | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . +-+-+-+-+-+-+-+-+ . . IAprefix-options . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+Troan & Droms Standards Track [Page 9]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 option-code: OPTION_IAPREFIX (26) option-length: 25 + length of IAprefix-options field preferred-lifetime: The recommended preferred lifetime for the IPv6 prefix in the option, expressed in units of seconds. A value of 0xFFFFFFFF represents infinity. valid-lifetime: The valid lifetime for the IPv6 prefix in the option, expressed in units of seconds. A value of 0xFFFFFFFF represents infinity. prefix-length: Length for this prefix in bits IPv6-prefix: An IPv6 prefix IAprefix-options: Options associated with this prefix In a message sent by a requesting router to a delegating router, the values in the fields can be used to indicate the requesting router's preference for those values. The requesting router may send a value of zero to indicate no preference. A requesting router may set the IPv6 prefix field to zero and a given value in the prefix-length field to indicate a preference for the size of the prefix to be delegated. In a message sent by a delegating router the preferred and valid lifetimes should be set to the values of AdvPreferredLifetime and AdvValidLifetime as specified insection 6.2.1, "Router Configuration Variables" ofRFC 2461 [4], unless administratively configured. A requesting router discards any prefixes for which the preferred lifetime is greater than the valid lifetime. A delegating router ignores the lifetimes set by the requesting router if the preferred lifetime is greater than the valid lifetime and ignores the values for T1 and T2 set by the requesting router if those values are greater than the preferred lifetime. The values in the preferred and valid lifetimes are the number of seconds remaining for each lifetime. An IA_PD Prefix option may appear only in an IA_PD option. More than one IA_PD Prefix Option can appear in a single IA_PD option. The status of any operations involving this IA_PD Prefix option is indicated in a Status Code option in the IAprefix-options field.Troan & Droms Standards Track [Page 10]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200311. Delegating Router Solicitation The requesting router locates and selects a delegating router in the same way as described insection 17, "DHCP Server Solicitation" ofRFC 3315. The details of the solicitation process are described in this section.11.1. Requesting router behavior The requesting router creates and transmits a Solicit message as described in sections17.1.1, "Creation of Solicit Messages" and 17.1.2, "Transmission of Solicit Messages" ofRFC 3315. The requesting router creates an IA_PD and assigns it an IAID. The requesting router MUST include the IA_PD option in the Solicit message. The requesting router processes any received Advertise messages as described insection 17.1.3, "Receipt of Advertise Messages" ofRFC3315. The requesting router MAY choose to consider the presence of advertised prefixes in its decision about which delegating router to respond to. The requesting router MUST ignore any Advertise message that includes a Status Code option containing the value NoPrefixAvail, with the exception that the requesting router MAY display the associated status message to the user.11.2. Delegating router behavior The delegating router sends an Advertise message to the requesting router in the same way as described insection 17.2.2, "Creation and transmission of Advertise messages" ofRFC 3315. If the message contains an IA_PD option and the delegating router is configured to delegate prefix(es) to the requesting router, the delegating router selects the prefix(es) to be delegated to the requesting router. The mechanism through which the delegating router selects prefix(es) for delegation is not specified in this document. Examples of ways in which the delegating router might select prefix(es) for a requesting router include: static assignment based on subscription to an ISP; dynamic assignment from a pool of available prefixes; selection based on an external authority such as a RADIUS server using the Framed- IPv6-Prefix option as described inRFC 3162 [5]. If the requesting router includes an IA_PD Prefix option in the IA_PD option in its Solicit message, the delegating router MAY choose to use the information in that option to select the prefix(es) or prefix size to be delegated to the requesting router.Troan & Droms Standards Track [Page 11]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 The delegating router sends an Advertise message to the requesting router in the same way as described in section, "Creation and transmission of Advertise messages" ofRFC 3315. The delegating router MUST include an IA_PD option, identifying any prefix(es) that the delegating router will delegate to the requesting router. If the delegating router will not assign any prefixes to any IA_PDs in a subsequent Request from the requesting router, the delegating router MUST send an Advertise message to the requesting router that includes the IA_PD with no prefixes in the IA_PD and a Status Code option in the IA_PD containing status code NoPrefixAvail and a status message for the user, a Server Identifier option with the delegating router's DUID and a Client Identifier option with the requesting router's DUID.12. Requesting router initiated prefix delegation A requesting router uses the same message exchanges as described insection 18, "DHCP Client-Initiated Configuration Exchange" ofRFC3315 to obtain or update prefix(es) from a delegating router. The requesting router and the delegating router use the IA_PD Prefix option to exchange information about prefix(es) in much the same way IA Address options are used for assigned addresses.12.1. Requesting router behavior The requesting router uses a Request message to populate IA_PDs with prefixes. The requesting router includes one or more IA_PD options in the Request message. The delegating router then returns the prefixes for the IA_PDs to the requesting router in IA_PD options in a Reply message. The requesting router includes IA_PD options in any Renew, or Rebind messages sent by the requesting router. The IA_PD option includes all of the prefixes the requesting router currently has associated with that IA_PD. In some circumstances the requesting router may need verification that the delegating router still has a valid binding for the requesting router. Examples of times when a requesting router may ask for such verification include: o The requesting router reboots. o The requesting router's upstream link flaps. o The requesting router is physically disconnected from a wired connection.Troan & Droms Standards Track [Page 12]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 If such verification is needed the requesting router MUST initiate a Rebind/Reply message exchange as described insection 18.1.4, "Creation and Transmission of Rebind Messages" ofRFC 3315, with the exception that the retransmission parameters should be set as for the Confirm message, described insection 18.1.2, "Creation and Transmission of Confirm Messages" ofRFC 3315. The requesting router includes any IA_PDs, along with prefixes associated with those IA_PDs in its Rebind message. Each prefix has valid and preferred lifetimes whose durations are specified in the IA_PD Prefix option for that prefix. The requesting router uses Renew and Rebind messages to request the extension of the lifetimes of a delegated prefix. The requesting router uses a Release message to return a delegated prefix to a delegating router. The prefixes to be released MUST be included in the IA_PDs. The Confirm and Decline message types are not used with Prefix Delegation. Upon the receipt of a valid Reply message, for each IA_PD the requesting router assigns a subnet from each of the delegated prefixes to each of the links to which the associated interfaces are attached, with the following exception: the requesting router MUST NOT assign any delegated prefixes or subnets from the delegated prefix(es) to the link through which it received the DHCP message from the delegating router. When a requesting router subnets a delegated prefix, it must assign additional bits to the prefix to generate unique, longer prefixes. For example, if the requesting router in Figure 1 were delegated 3FFE:FFFF:0::/48, it might generate 3FFE:FFFF:0:1::/64 and 3FFE:FFFF:0:2::/64 for assignment to the two links in the subscriber network. If the requesting router were delegated 3FFE:FFFF:0::/48 and 3FFE:FFFF:5::/48, it might assign 3FFE:FFFF:0:1::/64 and 3FFE:FFFF:5:1::/64 to one of the links, and 3FFE:FFFF:0:2::/64 and 3FFE:FFFF:5:2::/64 for assignment to the other link. If the requesting router assigns a delegated prefix to a link to which the router is attached, and begins to send router advertisements for the prefix on the link, the requesting router MUST set the valid lifetime in those advertisements to be no later than the valid lifetime specified in the IA_PD Prefix option. A requesting router MAY use the preferred lifetime specified in the IA_PD Prefix option.Troan & Droms Standards Track [Page 13]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 Handling of Status Codes options in received Reply messages is described insection 18.1.8, "Receipt of Reply Messages" ofRFC 3315. The NoPrefixAvail Status Code is handled in the same manner as the NoAddrsAvail Status Code.12.2. Delegating Router behavior When a delegating router receives a Request message from a requesting router that contains an IA_PD option, and the delegating router is authorized to delegate prefix(es) to the requesting router, the delegating router selects the prefix(es) to be delegated to the requesting router. The mechanism through which the delegating router selects prefix(es) for delegation is not specified in this document.Section 11.2 gives examples of ways in which a delegating router might select the prefix(es) to be delegated to a requesting router. A delegating router examines the prefix(es) identified in IA_PD Prefix options (in an IA_PD option) in Renew and Rebind messages and responds according to the current status of the prefix(es). The delegating router returns IA_PD Prefix options (within an IA_PD option) with updated lifetimes for each valid prefix in the message from the requesting router. If the delegating router finds that any of the prefixes are not in the requesting router's binding entry, the delegating router returns the prefix to the requesting router with lifetimes of 0. The delegating router behaves as follows when it cannot find a binding for the requesting router's IA_PD: Renew message: If the delegating router cannot find a binding for the requesting router's IA_PD the delegating router returns the IA_PD containing no prefixes with a Status Code option set to NoBinding in the Reply message. Rebind message: If the delegating router cannot find a binding for the requesting router's IA_PD and the delegating router determines that the prefixes in the IA_PD are not appropriate for the link to which the requesting router's interface is attached according to the delegating routers explicit configuration, the delegating router MAY send a Reply message to the requesting router containing the IA_PD with the lifetimes of the prefixes in the IA_PD set to zero. This Reply constitutes an explicit notification to the requesting router that the prefixes in the IA_PD are no longer valid. If the delegating router isTroan & Droms Standards Track [Page 14]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003 unable to determine if the prefix is not appropriate for the link, the Rebind message is discarded. A delegating router may mark any prefix(es) in IA_PD Prefix options in a Release message from a requesting router as "available", dependent on the mechanism used to acquire the prefix, e.g., in the case of a dynamic pool. The delegating router MUST include an IA_PD Prefix option or options (in an IA_PD option) in Reply messages sent to a requesting router.13. Prefix Delegation reconfiguration This section describes prefix delegation in Reconfigure message exchanges.13.1. Delegating Router behavior The delegating router initiates a configuration message exchange with a requesting router, as described insection 19, "DHCP Server- Initiated Configuration Exchange" ofRFC 3315, by sending a Reconfigure message (acting as a DHCP server) to the requesting router, as described insection 19.1, "Server Behavior" ofRFC 3315. The delegating router specifies the IA_PD option in the Option Request option to cause the requesting router to include an IA_PD option to obtain new information about delegated prefix(es).13.2. Requesting Router behavior The requesting router responds to a Reconfigure message, acting as a DHCP client, received from a delegating router as described insection 19.4, "Client Behavior" ofRFC 3315. The requesting router MUST include the IA_PD Prefix option(s) (in an IA_PD option) for prefix(es) that have been delegated to the requesting router by the delegating router from which the Reconfigure message was received.14. Relay agent behavior A relay agent forwards messages containing Prefix Delegation options in the same way as described insection 20, "Relay Agent Behavior" ofRFC 3315. If a delegating router communicates with a requesting router through a relay agent, the delegating router may need a protocol or other out-of-band communication to add routing information for delegated prefixes into the provider edge router.Troan & Droms Standards Track [Page 15]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200315. Security Considerations Security considerations in DHCP are described insection 23, "Security Considerations" ofRFC 3315. A rogue delegating router can issue bogus prefixes to a requesting router. This may cause denial of service due to unreachability. A malicious requesting router may be able to mount a denial of service attack by repeated requests for delegated prefixes that exhaust the delegating router's available prefixes. To guard against attacks through prefix delegation, requesting routers and delegating routers SHOULD use DHCP authentication as described insection 21, "Authentication of DHCP messages" ofRFC3315. For point to point links, where one trusts that there is no man in the middle, or one trusts layer two authentication, DHCP authentication or IPsec may not be necessary. Because a requesting router and delegating routers must each have at least one assigned IPv6 address, the routers may be able to use IPsec for authentication of DHCPv6 messages. The details of using IPsec for DHCPv6 are under development. Networks configured with delegated prefixes should be configured to preclude intentional or inadvertent inappropriate advertisement of these prefixes.16. IANA Considerations IANA has assigned option codes to: OPTION_IA_PD (25) OPTION_IAPREFIX (26) from the option-code space as defined insection 24.3, "DHCP Options" ofRFC 3315. IANA has assigned status code 6 to: NoPrefixAvail: Delegating router has no prefixes available to assign to the IAPD(s) from the status-code space as defined insection 24.4, "Status Codes" ofRFC 3315.Troan & Droms Standards Track [Page 16]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200317. Intellectual Property Statement The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found inBCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director.18. References18.1. Normative References [1] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification",RFC 2460, December 1998. [2] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",RFC 3315, July 2003. [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels",BCP 14,RFC 2119, March 1997. [4] Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)",RFC 2461, December 1998. [5] Aboba, B., Zorn, G. and D. Mitton, "RADIUS and IPv6",RFC 3162, August 2001.18.2. Informative References [6] Miyakawa, S. and R. Droms, "Requirements for IPv6 prefix delegation", Work in Progress, August 2003.Troan & Droms Standards Track [Page 17]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200319. Acknowledgements Thanks for the input and review by (in alphabetical order) Steve Deering, Dave Forster, Brian Haberman, Tatuya Jinmei, Shin Miyakawa, Pekka Savola, Bernie Volz, Trevor Warwick and Toshi Yamasaki.20. Authors' Addresses Ole Troan Cisco Systems 250 Longwater Avenue Reading RG2 6GB United Kingdom Phone: +44 20 8824 8666 EMail: ot@cisco.com Ralph Droms Cisco Systems 1414 Massachusetts Avenue Boxborough, MA 01719 USA Phone: +1 978 936 1674 EMail: rdroms@cisco.comTroan & Droms Standards Track [Page 18]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 200321. Full Copyright Statement Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society.Troan & Droms Standards Track [Page 19]
[8]ページ先頭