draft-ietf-6man-addr-select-opt-01.txt   draft-ietf-6man-addr-select-opt-02.txt 
6man Working Group A. Matsumoto 6man Working Group A. Matsumoto
Internet-Draft T. Fujisaki Internet-Draft T. Fujisaki
Intended status: Standards Track J. Kato Intended status: Standards Track J. Kato
Expires: December 30, 2011 NTT Expires: August 18, 2012 NTT
T. Chown T. Chown
University of Southampton University of Southampton
June 28, 2011 February 15, 2012
Distributing Address Selection Policy using DHCPv6 Distributing Address Selection Policy using DHCPv6
draft-ietf-6man-addr-select-opt-01.txt draft-ietf-6man-addr-select-opt-02.txt
Abstract Abstract
RFC 3484 defines default address selection mechanisms for IPv6 that RFC 3484 defines default address selection mechanisms for IPv6 that
allow nodes to select appropriate address when faced with multiple allow nodes to select appropriate address when faced with multiple
source and/or destination addresses to choose between. The RFC source and/or destination addresses to choose between. The RFC 3484
allowed for the future definition of methods to administratively allowed for the future definition of methods to administratively
configure the address selection policy information. This document configure the address selection policy information. This document
defines a new DHCPv6 option for such configuration, allowing a site defines a new DHCPv6 option for such configuration, allowing a site
administrator to distribute address selection policy, and thus administrator to distribute address selection policy overriding the
control the address selection behavior of nodes in their site. While default address selection policy table, and thus control the address
RFC 3484 is in the process of being updated, with a revised default selection behavior of nodes in their site.
policy table, that table may not suit every scenario, and thus the
DHCPv6 option defined in this text may be used to override that
policy where desired.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 30, 2011. This Internet-Draft will expire on August 18, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 31 skipping to change at page 2, line 28
the copyright in such materials, this document may not be modified the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other it for publication as an RFC or to translate it into languages other
than English. than English.
1. Introduction 1. Introduction
RFC 3484 [RFC3484] describes default algorithms for selecting an RFC 3484 [RFC3484] describes default algorithms for selecting an
address when a node has multiple destination and/or source addresses address when a node has multiple destination and/or source addresses
to choose between by using an address selection policy. In Section 2 to choose from by using an address selection policy. In Section 2 of
of RFC 3484, it is suggested that the default policy table may be RFC 3484, it is suggested that the default policy table may be
administratively configured to suit the specific needs of a site. administratively configured to suit the specific needs of a site.
This text defines a new DHCPv6 option for such configuration. This specification defines a new DHCPv6 option for such
configuration.
Some problems have been identified with the default address selection Some problems have been identified with the default RFC 3484 address
policy detailed in RFC 3484 [RFC5220], and as a result the RFC is in selection policy [RFC5220]. It is unlikely that any default policy
the process of being updated, as per [I-D.ietf-6man-rfc3484-revise]. will suit all scenarios, and thus mechanisms to control the source
While this update provides a better default address selection policy, address selection policy will be necessary. Requirements for those
it is unlikely that such a default will suit all scenarios, and thus mechanisms are described in [RFC5221], while solutions are discussed
mechanisms to control the source address selection policy will be in [I-D.ietf-6man-addr-select-sol] and
necessary. Requirements for those mechanisms are described in
[RFC5221], while solutions are discussed in
[I-D.ietf-6man-addr-select-sol] and
[I-D.ietf-6man-addr-select-considerations]. Those documents have [I-D.ietf-6man-addr-select-considerations]. Those documents have
helped shape the improvements in [I-D.ietf-6man-rfc3484-revise] as helped shape the improvements in the default address selection
well as the DHCPv6 option defined here. algorithm [I-D.ietf-6man-rfc3484-revise] as well as the DHCPv6 option
defined in this specification.
1.1. Conventions Used in This Document 1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
1.2. Terminology 1.2. Terminology
This document uses the terminology defined in [RFC2460] and the This document uses the terminology defined in [RFC2460] and the
DHCPv6 specification defined in [RFC3315] DHCPv6 specification defined in [RFC3315]
2. Address Selection Policy Option 2. Address Selection Policy Option
The Address Selection Policy Option provides the policy table for The Address Selection Policy Option provides the policy table for
address selection rules as described in RFC 3484 and updated in address selection rules as described in RFC 3484 and in
[I-D.ietf-6man-rfc3484-revise]. [I-D.ietf-6man-rfc3484-revise].
Each end node is expected to configure its policy table, as described Each end node is expected to configure its policy table, as described
in RFC 3484, using the Address Selection Policy option information as in RFC 3484, using the Address Selection Policy option information as
described in the section below on processing the option. described in the section below on processing the option.
The format of the Address Selection Policy option is given below: The format of the Address Selection Policy option is given below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_DASP | option-len | | OPTION_DASP | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| label | precedence |z| reserved | prefix-len | | label | precedence |z| reserved | prefix-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| zone-index (if present (z = 1)) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Prefix (Variable Length) | | Prefix (Variable Length) +-+-+-+-+-+-+-+-+
| | | | suboption-len |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| label | precedence |z| reserved | prefix-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| zone-index (if present (z = 1)) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Prefix (Variable Length) |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| label | precedence |z| reserved | prefix-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| zone-index (if present (z = 1)) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | suboption-zone-index (if present (z = 1)) |
| Prefix (Variable Length) |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[Fig. 1] [Fig. 1]
Fields: Fields:
option-code: OPTION_DASP (TBD) option-code: OPTION_DASP (TBD)
option-len: The total length of the label fields, precedence fields, option-len: The total length of the label fields, precedence fields,
zone-index fields, prefix-len fields, and prefix fields in zone-index fields, prefix-len fields, and prefix fields in
octets. octets.
label: An 8-bit unsigned integer; this value is used to make a label: An 8-bit unsigned integer; this value is used to make a
combination of source address prefixes and destination address combination of source address prefixes and destination address
prefixes. prefixes.
precedence: An 8-bit unsigned integer; this value is used for precedence: An 8-bit unsigned integer; this value is used for
sorting destination addresses. sorting destination addresses.
skipping to change at page 5, line 27 skipping to change at page 4, line 24
z bit: 'zone-index' bit. If z bit is set to 1, 32 bit zone-index z bit: 'zone-index' bit. If z bit is set to 1, 32 bit zone-index
value is included right after the "prefix-len" field, and value is included right after the "prefix-len" field, and
"Prefix" value continues after the "zone-index" field. If z bit "Prefix" value continues after the "zone-index" field. If z bit
is 0, "Prefix" value continues right after the "prefix-len" is 0, "Prefix" value continues right after the "prefix-len"
value. value.
reserved: 6-bit reserved field. Initialized to zero by sender, and reserved: 6-bit reserved field. Initialized to zero by sender, and
ignored by receiver. ignored by receiver.
zone-index: If the z-bit is set to 1, this field is inserted between suboption-len: 'suboption-len' specifies the length of the suboption
"prefix-len" field and "Prefix" field. The zone-index field is fields in bytes. Currently, the only defined suboption is zone-
an 32-bit unsigned integer and used to specify zones for scoped index, described as 'suboption-zone-index'.
addresses. This bit length is defined in RFC3493 [RFC3493] as
'scope ID'. suboption-zone-index: If the z-bit is set to 1, this field is
inserted between "prefix-len" field and "Prefix" field. The
zone-index field is an 32-bit unsigned integer and used to
specify zones for scoped addresses. The zone-index is defined
in RFC 3493 [RFC3493] as 'scope ID'.
prefix-len: An 8-bit unsigned integer; the number of leading bits in prefix-len: An 8-bit unsigned integer; the number of leading bits in
the prefix that are valid. The value ranges from 0 to 128. The the prefix that are valid. The value ranges from 0 to 128.
Prefix field is 0, 4, 8, 12, or 16 octets, depending on the
length.
Prefix: A variable-length field containing an IP address or the Prefix: A variable-length field containing an IP address or the
prefix of an IP address. An IPv4-mapped address [RFC4291] must prefix of an IP address. An IPv4-mapped address [RFC4291] must
be used to represent an IPv4 address as a prefix value. be used to represent an IPv4 address as a prefix value. The
Prefix should be truncated on the byte boundary. So the length
of this field should be between 0 and 16 bytes.
3. Appearance of this Option Multiple Address Selection Policy options MAY appear in a DHCPv6
message. They MUST be treated in the way that they constitute a
single policy table.
3. Appearance of the Address Selection Policy Option
The Address Selection Policy option MUST NOT appear in any messages The Address Selection Policy option MUST NOT appear in any messages
other than the following ones: Solicit, Advertise, Request, Renew, other than the following ones: Solicit, Advertise, Request, Renew,
Rebind, Information-Request, and Reply. Rebind, Reconfigure, Information-Request, and Reply.
4. Processing the Address Selection Policy Option 4. Processing the Address Selection Policy Option
This section describes how to process received Address Selection This section describes how to process received Address Selection
Policy Options at the DHCPv6 client. Policy Options at the DHCPv6 client.
This option's concept is to serve as a hint for a node about how to This option's concept is to serve as a hint for a node about how to
behave in the network. So, basically, it should be up to the node's behave in the network. So, basically, it should be up to the node's
administrator how to make use of or even ignore the received policy administrator how to make use of or even ignore the received policy
information. information.
However, we need to define the default behavior of the receiving node 4.1. Handling of the local policy table
in order to reduce operational complexity.
4.1. Handling the local policy table
RFC3484 defines the default policy for the policy table. Also, a RFC 3484 defines the default policy table. Also, a user is usually
user is usually able to configure the policy table to satisfy his able to configure the policy table to satisfy his requirement.
requirement.
The client node SHOULD provide the following choices: The client node SHOULD provide the following choices:
a) It receives distributed policy table, and replaces the existing a) It receives distributed policy table, and replaces the existing
policy tables with that. policy tables with that.
b) It preserves the default policy table, or manually configured b) It preserves the default policy table, or manually configured
policy. policy.
4.2. Processing multiple received policy tables 4.2. Handling of the stale policy table
The policy table is node-global information by its nature. So, the When the information from the DHCP server goes stale, the policy
node cannot use multiple received policy tables at the same time. received form the DHCP server should be removed and the default
policy should be restored.
It should be noted that adopting a received policy table as the node- The received information can be considered stale in several cases,
global information can cause security problems, such as DOS attack, such as, when the interface goes down, the DHCP server does not
and leak of privacy information. respond for a certain amount of time, and the Information Refresh
Time is expired.
Moreover, it also should be noted that, when a node is single-homed 4.3. Processing multiple received policy tables
and has only one upstream line, adopting a received policy table does
not degrade the security level. The policy table is node-global information by its nature. So, the
node cannot use multiple received policy tables at the same time. In
other words, once the received policy from one source is merged with
another source, the policy is more or less changed. The policy table
is defined as a whole, so the slightest addition/deletion from the
policy table brings a change in semantics of the policy.
It also should be noted that, when a node is single-homed and has
only one upstream line, adopting a received policy table does not
degrade the security level.
Under the above assumptions, we specify how to handle multiple Under the above assumptions, we specify how to handle multiple
received policy tables below. received policy tables below.
A node MAY use OPTION_DASP in any of the following two cases: A node MAY use OPTION_DASP in any of the following two cases:
1: The address selection option is delivered across a secure, trusted 1: The address selection option is delivered across the only secure,
channel. trusted channel.
2: The address selection option is not secured, but the node is 2: The address selection option delivery is not secured, but the node
single-homed. is single-homed.
In other cases the node MUST NOT use OPTION_DASP unless the node is In other cases the node MUST NOT use OPTION_DASP unless the node is
specifically configured to do so. specifically configured to do so.
5. Implementation Considerations 5. Implementation Considerations
o The value 'label' is passed as an unsigned integer, but there is o The value 'label' is passed as an unsigned integer, but there is
no special meaning for the value, that is whether it is a large or no special meaning for the value, that is whether it is a large or
small number. It is used to select a preferred source address small number. It is used to select a preferred source address
prefix corresponding to a destination address prefix by matching prefix corresponding to a destination address prefix by matching
skipping to change at page 7, line 31 skipping to change at page 6, line 37
implementation (e.g., string). implementation (e.g., string).
o Currently, the label and precedence values are defined as 8-bit o Currently, the label and precedence values are defined as 8-bit
unsigned integers. In almost all cases, this value will be unsigned integers. In almost all cases, this value will be
enough. enough.
o The maximum number of address selection rules that may be conveyed o The maximum number of address selection rules that may be conveyed
in one DHCPv6 message depends on the prefix length of each rule in one DHCPv6 message depends on the prefix length of each rule
and the maximum DHCPv6 message size defined in RFC 3315. It is and the maximum DHCPv6 message size defined in RFC 3315. It is
possible to carry over 3,000 rules in one DHCPv6 message (maximum possible to carry over 3,000 rules in one DHCPv6 message (maximum
UDP message size), but the usual number would be much smaller, UDP message size). However, it should not be expected that DHCP
e.g. the default policy table defined in RFC 3484 contains 5 clients, servers and relay agents can handle UDP fragmentation.
rules. So, the number of the options and the total size of the options
should be taken care of.
o Since the number of selection rules could be large, an o Since the number of selection rules could be large, an
administrator configuring the policy to be distributed should administrator configuring the policy to be distributed should
consider the resulting DHCPv6 message size. consider the resulting DHCPv6 message size.
6. Security Considerations 6. Security Considerations
A rogue DHCPv6 server could issue bogus address selection policies to A rogue DHCPv6 server could issue bogus address selection policies to
a client. This might lead to incorrect address selection by the a client. This might lead to incorrect address selection by the
client, and the affected packets might be blocked at an outgoing ISP client, and the affected packets might be blocked at an outgoing ISP
because of ingress filtering. Alternatively, an IPv6 transition because of ingress filtering. Alternatively, an IPv6 transition
mechanism might be preferred over native IPv6, even if it is mechanism might be preferred over native IPv6, even if it is
available. available. To guard against such attacks, a legitimate DHCPv6 server
should be communicated through a secure, trusted channel, such as a
channel protected by IPsec, SEND and DHCP authentication, as
described in section 21 of RFC 3315,
To guard against such attacks, both DCHP clients and servers SHOULD Another threat is about privacy concern. As in the security
use DHCP authentication, as described in section 21 of RFC 3315, consideration section of RFC 3484, at least a part of, the address
"Authentication of DHCP messages." selection policy stored in a host can be leaked by a packet from a
remote host. This issue will not be degraded regardless of the
introduction of this option, or regardless of whether the host is
multihomed or not.
7. IANA Considerations 7. IANA Considerations
IANA is requested to assign option codes to OPTION_DASP from the IANA is requested to assign option codes to OPTION_DASP from the
option-code space as defined in section "DHCPv6 Options" of RFC 3315. option-code space as defined in section "DHCPv6 Options" of RFC 3315.
8. References 8. References
8.1. Normative References 8.1. Normative References
skipping to change at page 8, line 28 skipping to change at page 7, line 42
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for and M. Carney, "Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)", RFC 3315, July 2003. IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3484] Draves, R., "Default Address Selection for Internet [RFC3484] Draves, R., "Default Address Selection for Internet
Protocol version 6 (IPv6)", RFC 3484, February 2003. Protocol version 6 (IPv6)", RFC 3484, February 2003.
8.2. Informative References 8.2. Informative References
[I-D.ietf-6man-addr-select-considerations] [I-D.ietf-6man-addr-select-considerations]
Chown, T., "Considerations for IPv6 Address Selection Chown, T. and A. Matsumoto, "Considerations for IPv6
Policy Changes", Address Selection Policy Changes",
draft-ietf-6man-addr-select-considerations-03 (work in draft-ietf-6man-addr-select-considerations-04 (work in
progress), March 2011. progress), October 2011.
[I-D.ietf-6man-addr-select-sol] [I-D.ietf-6man-addr-select-sol]
Matsumoto, A., Fujisaki, T., and R. Hiromi, "Solution Matsumoto, A., Fujisaki, T., and R. Hiromi, "Solution
approaches for address-selection problems", approaches for address-selection problems",
draft-ietf-6man-addr-select-sol-03 (work in progress), draft-ietf-6man-addr-select-sol-03 (work in progress),
March 2010. March 2010.
[I-D.ietf-6man-rfc3484-revise] [I-D.ietf-6man-rfc3484-revise]
Matsumoto, A., Kato, J., and T. Fujisaki, "Update to RFC Matsumoto, A., Kato, J., Fujisaki, T., and T. Chown,
3484 Default Address Selection for IPv6", "Update to RFC 3484 Default Address Selection for IPv6",
draft-ietf-6man-rfc3484-revise-03 (work in progress), draft-ietf-6man-rfc3484-revise-05 (work in progress),
June 2011. October 2011.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998. (IPv6) Specification", RFC 2460, December 1998.
[RFC3493] Gilligan, R., Thomson, S., Bound, J., McCann, J., and W. [RFC3493] Gilligan, R., Thomson, S., Bound, J., McCann, J., and W.
Stevens, "Basic Socket Interface Extensions for IPv6", Stevens, "Basic Socket Interface Extensions for IPv6",
RFC 3493, February 2003. RFC 3493, February 2003.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, February 2006.
 End of changes. 33 change blocks. 
100 lines changed or deleted 94 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/