intarea B. Bruneau Internet-Draft EcolepolytechniquePolytechnique Intended status: Informational P. Pfister Expires:September 14, 2017January 1, 2018 Cisco D. Schinazi T. Pauly Apple E.Vyncke, Ed.Vyncke CiscoMarch 13,June 30, 2017Proposals to discoverDiscovering ProvisioningDomains draft-bruneau-intarea-provisioning-domains-00Domain Names and Data draft-bruneau-intarea-provisioning-domains-01 Abstract An increasing number of hosts and networks are connected to the Internet through multiple interfaces, some of which may provide multiple ways to access the internet by the mean of multiple IPv6 prefix configurations. This document describesone possiblea way for hosts to retrieve additional information about theirInternetnetwork accessconfiguration.characteristics. The set of configuration items required to access the Internet is called a Provisioning Domain (PvD) and is identified by a Fully Qualified DomainName.Name (FQDN). Thisdocument separates the way of getting the Provisioning Domainidentifier, retrieved using a new Router Advertisement (RA) option, is associated with thewayset ofgetting the Provisioning Domaininformationandincluded within thepotentialRA and may later be used to retrieve additional informationcontained inassociated to theProvisioning Domain.PvD by the mean of an HTTP request. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire onSeptember 14, 2017.January 1, 2018. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 32.1. Requirements Language . . . . . . . . . . .3. Provisioning Domain Identification using Router Advertisements . . . . . . .4 3. Retrieving the PvD ID . . . .. . . . . . . . . . . . . . . . 4 3.1.Using One Router Advertisement perPvD ID Option for Router Advertisements . . . . . . . . . 4 3.2.Rationale for not selecting other techniques . . . .Router Behavior . .5 3.2.1. Using DNS-SD .. . . . . . . . . . . . . . . . . . . 53.2.2. Using Reverse DNS lookup . . . . . . . . . . . . . . 53.3.IoT Considerations . . . . . . .Host Behavior . . . . . . . . . . . .6 3.4. Linking IPv4 Information to an IPv6 PvD. . . . . . . . .6 4. Getting the full set of PvD information. 5 3.3.1. DHCPv6 configuration association . . . . . . . . . . 64.1. Using the PvD Bootstrap Information Option . . . . . . . 7 4.2. Downloading a JSON file over HTTPS .3.3.2. DHCPv4 configuration association . . . . . . . . . . 74.2.1. Advantages . . . . . . . . . . . .3.3.3. Interconnection Sharing by the Host . . . . . . . . . 74.2.2. Disadvantages . . . . . . . . . . . . . . . . . . . . 8 4.3. Using DNS TXT ressource records (not selected) . . . . . 8 4.3.1. Advantages . . . . . . . . . . . . . . . . . . . . . 8 4.3.2. Disadvantages . . . . . . . . . . . . . . . . . . . . 8 4.3.3. Using DNS SRV ressource records . . . .4. Provisioning Domain Identification using IKEv2 . . . . . . .87 5.PvDProvisioning Domain Additional Information . . . . . . . . .. . . . . . . . . . . . . . 98 5.1. Retrieving the PvDName . . . . . . . . . . . . . . . .Additional Information . . . . . . . . 9 5.2.Trust ofProviding thebootstrapPvD. . . . . . .Additional Information . . . . . . . . 10 5.3.Reachability . . . . . . . . . . . . . . . . . . . . . . 11 5.4. DNS Configuration . . . . . . . .PvD Additional Information Format . . . . . . . . . . . .12 5.5.10 5.3.1. Connectivity Characteristics Information . . . . . . 12 5.3.2. Private Extensions . . . . . . . .13 5.6. Connection monetary cost. . . . . . . . . 12 5.3.3. Example . . . . . . .14 5.6.1. Conditions. . . . . . . . . . . . . . . . 12 6. Security Considerations . . . . .15 5.6.2. Price. . . . . . . . . . . . . . 13 7. IANA Considerations . . . . . . . . . .15 5.6.3. Examples. . . . . . . . . . . 14 8. Acknowledgements . . . . . . . . . . .16 5.7. Private Extensions. . . . . . . . . . . 14 9. References . . . . . . . .17 5.8. Examples. . . . . . . . . . . . . . . . . 14 9.1. Normative references . . . . . . .17 5.8.1. Using JSON. . . . . . . . . . . 14 9.2. Informative references . . . . . . . . . .17 5.8.2. Using DNS TXT records. . . . . . . 15 Appendix A. Changelog . . . . . . . . .18 6. Use case examples. . . . . . . . . . . . 16 A.1. Version 00 . . . . . . . . . .19 6.1. Multihoming. . . . . . . . . . . . . 16 A.2. Version 01 . . . . . . . . . .19 6.2. VPN/Extranet example. . . . . . . . . . . . . 16 Appendix B. Connection monetary cost . . . . .19 7. Security Considerations. . . . . . . . . 17 B.1. Conditions . . . . . . . . . .19 8. Acknowledgements. . . . . . . . . . . . . 17 B.2. Price . . . . . . . . .19 9. References. . . . . . . . . . . . . . . . . 18 B.3. Examples . . . . . . . .19 9.1. Normative references . .. . . . . . . . . . . . . . . . 199.2. Informative references . . . . . . . . . . . . . . . . . 20Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 1. Introduction It has become very common in modern networks that hosts have Internet or more specific network access through different networking interfaces, tunnels, or next-hop routers. The concept of Provisioning Domain (PvD) was defined inRFC7556[RFC7556] as a set of network configuration information which can be used by hosts in order to access the network. In this document, PvDs areassociated with aidentified by Fully Qualified DomainName (calledNames called PvDID)IDs, whichisare included in Router Advertisements [RFC4861] as a new option and are usedwithin the hostto identify correlated sets ofconfiguration data and also used to retrieve additional information about the services that thenetworkprovides.configuration data. Devices connected to the Internet through multiple interfaces would typically be provisioned with one PvD per interface, but it is worth noting that multiple PvDs with different PvD IDs could be provisioned on any host interface, as well as noting that the same PvD ID could be used on different interfaces in order to inform the host that both PvDs, on different interfaces, ultimately provideequivalentidentical services. This documentproposes multiple methods allowing the host toalso introduces a way for hosts to retrievethe PvD ID associated withadditional information related to asetspecific PvD by the mean ofnetworking discoveran HTTP-over-TLS query using an URI derived from the PvDand retrieveID. The retrieved JSON object contains additional network information that would typically be considered unfit, or too large, to be directly included in thePvD information. It also explains configuration as well asRouter Advertisements. This information can be used by themethods and format in ordernetworking stack, the applications, or even be partially displayed toretrieve some oftheparameters that can describeusers (e.g., by displaying aPvD.localized network service name). 2. TerminologyPvD A provisioning domain, usually with a set of provisioning domain information; for more information, see [RFC7556]. 2.1. Requirements LanguageThe key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described inRFC 2119[RFC2119].3. Retrieving the PvD IDIn addition, thisdocument, eachdocument uses the following terminology: PvD: A Provisioning Domain, a set of network configuration information; for more information, see [RFC7556]. PvD ID: A Fully Qualified Domain Name (FQDN) used to identify a PvD. Explicit PvD: A PvD uniquely identified with a PvD ID. Implicit PvD: A PvD associated with a set of configuration information that, in the absence of a PvD ID, is associated with the advertising router. 3. Provisioning Domain Identification using Router Advertisements Each provisioning domain is identified by a PvD ID. The PvD ID is a Fully Qualified Domain Name (FQDN) whichbelongsMUST belong to the network operator in order to avoidconflicts among network operators.ambiguity. The same PvD IDcan existMAY be used in several access networks if the set of configuration information is identicalin all those networks (such as(e.g. in all home networksof a residential subscriber). Within a host, the PvD ID SHOULD be associatedsubscribed toalltheconfiguration information associated to thissame service). 3.1. PvDID; this allowsID Option foreasy update and removal of information while keeping a consistent state. This section assumes that IPv6Router Advertisementsare used to discoverThis document introduces a new Router Advertisement (RA) option called the PvD IDand explains why this technique was selected. 3.1. Using OneRouter Advertisementper PvD Hosts receive implicit PvDs byOption, used to convey themeans of Router Advertisements (RA). A router MAY addFQDN identifying asinglegiven PvD. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Seq |H|L| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PvD IDOption in its RAs. TheFQDN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ PvD IDspecified in thisRouter Advertisements Option format Type : (8 bits) To be defined by IANA. Length : (8 bits) The length of the optionis then associated with all(including thePrefixType and Length fields) in units of 8 octets. Seq : (4 bits) Sequence number for the PvD Additional Information, as described in Section 5. H-flag : (1 bit) Whether some PvD Additional InformationOptions (PIO) includedis made available through HTTP over TLS, as described in Section 5. L-flag : (1 bit) Whether theRA (albeit itrouter isexpected that only one PIO willalso providing IPv4 access using DHCPv4 (see Section 3.3.2). Reserved : (10 bits) Reserved for later use. It MUST beincluded inset to zero by theRA). All other information containedsender and ignored by the receiver. Lifetime : (32 bits) The length of time in seconds (relative to theRA (notablytime theRDNSS and Route Information Option) are to be associated withpacket is sent) that the PvDID. The setID option is valid. A value ofinformation containedall one bits (0xffffffff) represents infinity. PvD ID FQDN : The FQDN used as PvD ID in DNS binary format [RFC1035], padded until theRA formsnext 8 octets boundary. All thebootstrap (or hint) PvD. A new RA option willbytes after the first empty DNS label MUST berequiredset toconveyzero by thePvD ID. When a host receives an RA which does notsender and MUST be ignored by the receiver. The DNS name compression technique described in [RFC1035] MUST NOT be used. Routers MUST NOT includeamore than one PvD IDOption,Router Advertisement Option in each RA. In case multiple PvD ID options are found in a given RA, hosts MUST ignore all but thesetfirst PvD ID option. Note: The existence and/or size ofinformation included intheRA (such as Recursive DNS server, IPv6 prefix)sequence number isattachedsubject toan implicitdiscussion. The validity of a PvDidentified byAdditional Information object is included in thelocal interface ID on whichobject itself, but this only allows for 'pull based' updates, whereas the RA options usually provide 'push based' updates. Note: including the lifetime option isreceived, and bycongruent with thelink-local addresslifetime option of the other RA option. On the other hand, do we need it ? 3.2. Router Behavior A routersendingMAY insert at most one PvD ID Option in its RAs. The included PvD ID is associated with all theRA. Inother options included in thecases where a router shouldsame RA (e.g., Prefix Information [RFC4861], Recursive DNS Server [RFC6106], Routing Information [RFC4191], Captive Portal [RFC7710] options). In order to provide multiple independentPvDs to all hosts, including non-PvD aware hosts, it shouldPvDs, a router MUST send multipleRAs, as proposed in [I-D.bowbakova-rtgwg-enterprise-pa-multihoming]RAs using different source link-local addresses(LLA);(LLA) (as proposed in [I-D.bowbakova-rtgwg-enterprise-pa-multihoming]), each of which MAY include a PvD ID option. In such cases, routers MAY originate thedatalink layer (MAC) address could bedifferent RAs using the samefor all the different RA.datalink layer address. If the router is actually a VRRPinstance,instance [RFC5798], then the procedure is identical except that the virtuallink-layerdatalink layer address is used as well as virtuallink-layerIPv6 addresses.Using3.3. Host Behavior RAs are used to configure IPv6 hosts. When a host receives a RAallows for an early discovery of themessage including a PvD IDasOption with a non-zero lifetime, itis early inMUST associate all theinterface start-up. As RA is usually processedconfiguration options included in thekernel, this requires a host OS upgrade. TheRASHOULD contain other(e.g., Prefix Information [RFC4861], Recursive DNS Server [RFC6106], Routing Information [RFC4191], Captive Portal [RFC7710] options) with the PvDinformation as explained in section Section 4.1. 3.2. Rationale forID). If the received RA does notselecting other techniques There are other techniques to discoverinclude a PvD ID Option, or whenever the included PvD IDthat were not selectedOption has a lifetime set to zero, the host MUST associate the options included in the RA with an implicit PvD. This implicit PvD is identified by theauthorslink-local address of the router sending the RA andreviewers, this section explains why. The design goalthe interface on which the RA wasto be as reliable as possible (doreceived. This document does notdepend on Internet connectivity) and as fast as possible. 3.2.1. Using DNS-SD Forupdate the way Router Advertisement options are processed. But in addition to the option processing defined in other documents, hosts implementing this specification MUST associate each created or updated object (e.g. address, default route, more specific route, DNS server list) with the PvD associated with the received RAincluding a RDNSS optionas well asa DNS search list option,thehost MAY retrieveinterface and link-local address of the router which last updated the object. Each configuration object has a PvD validity timer set to the PvD IDby queryingoption lifetime whenever an RA that updates theconfigured DNS server for records of type PTR associated with _pvd.<DNS search name>.object is received. If the received RA does not include a PvD IDis configured, the DNS recursive resolver MUST reply withoption, or whenever the PvD IDas a PTR record. NXDOMAINoption lifetime isreturned otherwise. Whenzero, theRDNSS address is link-local,associated objects are immediately associated with an implicit PvD, as mentioned in thehost MAY retrieveprevious paragraph. Similarly, whenever an object's PvD timer reaches zero, the object is immediately associated with an implicit PvDID before configuring its global scope address(es). Relying on a valid DNS service atidentified by the link-local address and interfacebootstrap can lead into delay to startof theinterface or starting without enough information: for example whenrouter which last updated theRDNSS is a non localobject. While resolving names, executing the default address selection algorithm [RFC6724] or executing the default router selection algorithm ([RFC2461], [RFC4191] andthere is no Internet connectivity. 3.2.2. Using Reverse DNS lookup [I-D.stenberg-mif-mpvd-dns] proposes a solution to get[RFC8028]), hosts MAY consider only thenameconfiguration associated with an arbitrary set ofthe PvD usingPvDs. For example, areverse DNS lookup based on thehostglobal address(es). It merely relies on prependingMAY associate awell-known prefix '_pvd' to the reverse lookup, for example ' _pvd....ip6.arpa.'. However, the PvD information is typically provided by the network operator, whereas the reverse DNS zone couldgiven process with a specific PvD, or a specific set of PvDs, while associating another process with another PvD. A PvD-aware application might also bedelegated from the operatorable tothe network user, in which case it would not work. It also requiresselect, on afully functional global address to retrieve the informationper-connection basis, whichmayPvDs should betoo lateused for acorrect host configuration. One advantagegiven connection. And particularly constrained devices such as small battery operated devices (e.g. IoT), or devices with limited CPU or memory resources may purposefully use a single PvD while ignoring some received RAs containing different PvD IDs. The way an application expresses its desire to use a given PvD, or a set of PvDs, or the way this selection isthat it does not require any change inenforced, is out of theIPv6 protocol and no changescope of this document. Useful insights about these considerations can be found inthe[I-D.kline-mif-mpvd-api-reqs]. 3.3.1. DHCPv6 configuration association When a hostkernel or even inretrieves configuration information from DHCPv6, theCPE. 3.3. IoT Considerations TBD: should state that when end-host (IoT) cannot impletement completely this RFC it MAY select any ofconfigured elements MUST be associated with thePvDexplicit or implicit PvD of therouter SHOULD send a single unicastRA(hence a single PvD) in response toreceived on theRS or none if it detects that it cannot offersame interface with therightO-flag setof network services. 3.4. Linking IPv4 Information to an IPv6 PvD The document describes IPv6-only PvD but there are[RFC4861]. If multipleways to linkRAs with the O-flag setof IPv4 configuration informationand associated with different PvDs are receivedby DHCPv4: o correlation basedon thedata-link layersame interface, the link-local address of thesource, if the IPv6 RA andDHCPv6 server MAY be compared with theDHCPv4 response haverouters' link- local addresses in order to disambiguate. If thesame data-link layer address,disambiguation is impossible, then the DHCPv6 configuration informationcontained in the IPv4 DHCP canMUST belinkedassociated with an implicit PvD. This process requires hosts to keep track of received RAs, associated PvD IDs, and routers link-local addresses. 3.3.2. DHCPv4 configuration association When a host retrieves configuration from DHCPv4 on an interface, theIPv6 PvD; o correlation basedconfigured elements MUST be associated with the explicit PvD, received on theinterface when theresame interface, whose PVD ID Options L-flag isno data-linkset. If multiple different PvDs are found, the datalink layer addressonused by thelink (such as a 3GPP link), thenDHCPv4 server/relay MAY be compared with theinformation containeddatalink layer address used by on-link advertising routers in order to disambiguate. If no RA associated with a PvD ID option with the L-flag set is found, or if the disambiguation fails, the IPv4PDP context canconfiguration information MUST belinkedassociated with an implicit PvD. 3.3.3. Interconnection Sharing by the Host The situation when a host becomes also a router by acting as a router or ND proxy on a different interface (such as WiFi) to share theIPv6connectivity of another interface (such as cellular), also known as "tethering" is TBD but it is expected that the one or several PvD(*** TO BE VERIFIED before going -01); o correlation based onassociated to theDNS search list, ifshared interface will be also advertised to the clients. 4. Provisioning Domain Identification using IKEv2 RFC 7296 defines Internet Key Exchange version 2 (IKEv2) which includes in sections 2.19 and 3.15 a Configuration Payload (CP) which may be used by an IPsec client to request configuration items (e.g., addresses, recursive DNSsearch lists are identical betweenservers). IKEv2 also negatiates traffic selectors which represent theIPv6 RDNSS5-tuple(s) to be protected by the Security Association (SA) negotiated by IKEv2. This set of information is another PvD and may include INTERNAL_IP6_ADDRESS, INTERNAL_IP6_LINK, INTERNAL_IP6_SUBNET (to be used to route traffic to this subent), INTERNAL_IP6_DNS, INTERNAL_DNS_DOMAIN. The PvD ID Configuration option for IKEv2 has theDHCPV4 response, thenfollowing structure (similar to theinformation containedRA option): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| Attribute Type | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seq |H|L| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PvD ID FQDN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ PvD ID IKEv2 Configuration Payload Attributes format R-bit Reserved (1 bit) - Defined in IKEv2 RFC [RFC7296]. Attribute Type (15 bits) tbd by IANA PVD_ID. Length Length (2 octets, unsigned integer) - Length of PvD ID FQDN + 2. Seq Sequence number (4 bits) for theIPv4 DHCP response canPvD Additional Information, as described in Section 5. H-flag (1 bit) Whether some PvD Additional Information is made available through HTTP over TLS, as described in Section 5. L-flag (1 bit) must belinkedset to 0 if the Configuration Payload contains only IPv6PvD. The correlation couldinformation, else it must beusefulset to 1. Reserved (10 bits) Reserved forsomelater use. It MUST be set to zero by the sender and ignored by the receiver. PvDinformation suchID FQDN The FQDN used asInternet reachability, use of captive portal, display name ofPvD ID in DNS binary format [RFC1035], padded until thePvD, ... In cases wherenext 8 octets boundary. All theIPv4 configuration information could not be associated with a PvD, hostsbytes after the first empty DNS label MUSTconsider it as attachedbe set toan independent implicit PvD containing no other information than what is provided through DHCPv4. 4. Gettingzero by thefull set of PvD information Oncesender and MUST be ignored by the receiver. The DNS name compression technique described in [RFC1035] MUST NOT be used. 5. Provisioning Domain Additional Information Once a new PvD ID isknown,discovered, itMAYmay be used to retrieve additionalinformation.information about the characteristics of the provided connectivity. This set of information is called PvDInformationAdditional Information, and ismodeledencoded as akey-value dictionary which keys are ASCII stringsJSON object [RFC7159]. The purpose ofarbitrary length, and values are either strings (encoding can vary), ordered listthis additional set ofvalues (recursively), orinformation is to securely provide additional information to hosts about the connectivity that is provided using adictionary (recursively). The PvD Information maygiven interface and source address pair. It typically includes data that would beretrieved from multiple sources (from the bootstrap PvDconsidered too large, or not critical enough, to be provided with an RA option. The information contained in this object MAY be used by theRAoperating system, network libraries, applications, or users, in order tothe secondary/extended PvDdecide which set of PvDs should be used for which connection, as described inthis section);Section 3.3. 5.1. Retrieving the PvDID is then used to correlateAdditional Information When theinformation from different sources. The way a host should operate when receiving conflicting information is TBD but it SHOULD at least override information from less authenticated sources (RA) by more authenticated sources (via TLS). 4.1. UsingH-flag of the PvDBootstrap InformationID OptionRoutersis set, hosts MAYtransmit, in additionattempt to retrieve the PvDID option, a PvD BootstrapAdditional Informationoption, containingassociated with afirst subset of PvD information. The additional pieces of bootstrapgiven PvDinformation data set are transmitted usingby performing an HTTP over TLS [RFC2818] GET query to https://<PvD- ID>/pvd.json [RFC5785]. On theshort-hand notation proposed in Section 5. This requires another RA option. As thereother hand, hosts MUST NOT do so whenever the H-flag isa size limit onnot set. Note: Should theamount of informationPvD AI retrieval be asingle RA can convey,MAY or a SHOULD ? Could the object contain critical data, or should itis likelyonly contain informational data ? Note that the DNS name resolution of <PvD-ID> as well as the actual query MUST be performed in the PvDBootstrap Information option may not containcontext associated to thewhole set ofPvDInformation. TheID. In other words, the name resolution, source address selection, as well as the next-hop router selection MUST be performed while using exclusively the set ofPvDconfiguration informationincluded inattached with theRA is called PvD Bootstrap Information. 4.2. Downloading a JSON file over HTTPS The host SHOULD try to download a JSON formatted file over HTTPSPvD, as defined inorder to get more PvD information. The host MUST perform an HTTP query to https://<PvD-ID>/v1.json.Section 3.3. If the HTTP status of the answer is greater than or equal to 400 the host MUST abandon and consider that there is no additional PvD information. If the HTTP status of the answer is between 300 included and400399 included it MUST follow the redirection(s). If the HTTP status of the answer is between 200 included and300299 included the host MAY get a file containing a single JSON object.The host MUST respect the cache information in the HTTP header, if any, and at expiration of the downloaded object, it must fetchWhen afresher version if any. 4.2.1. Advantages TheJSONformat allows advanced structures. It canobject could not besecured using HTTPS (and DNSSEC). It is easier to updateretrieved, an error message SHOULD be logged and/ or displayed in afile onrate-limited fashion. After retrieval of the PvD Additional Information, hosts MUST watch the PvD ID Seq field for change. In case aweb serverdifferent value thanto edit DNS records. It can be especially important if we want providers to be able to often updatetheremaining phone plan ofone in theuser. 4.2.2. Disadvantages ItRA Seq field isslower than using DNS because HTTPS uses TCP and TLS and needs more packets to be exchanged to getobserved, or whenever thefile. An additional HTTPS server must be deployed and configured. 4.3. Using DNS TXT ressource records (not selected) This approach was not selected duringvalidity time included in thedesign team meeting but has kept here for reference, it will be removed after global consensusobject isreached. The host couldexpired, hosts MUST either perform aDNSnew queryfor TXT resource records (RR) forand retrieve a new version of theFQDN used as PvD ID (alternatively for _pvd.<PvD-ID>). For each retrieved PvD ID,object, or deprecate theDNS queryobject and stop using it. Hosts retrieving a new PvD Additional Information object MUSTbe sent to the DNS server configured from the same router advertisement ascheck for thePvD ID. Syntaxpresence and validity of theTXT response is defined inmandatory fields Section5 (Section 5). 4.3.1. Advantages It requires a single round-time trip in order to retrieve the PvD Information. It can be secured using DNSSEC. 4.3.2. Disadvantages5.3. ATXT record is limited to 65535 characters in theory but large size of TXT records could require either DNS over TCP (so loosing the 1-RTT advantage)retrieved object including an outdated expiration time orfragmented UDP packets (which could be dropped bymissing abad choice of security policy). Large TXT records could alsomandatory element, MUST beusedignored. In order tomount an amplification attack. 4.3.3. Using DNS SRV ressource records It is expected thatavoid traffic spikes toward theDNS TXT records will be sufficient forserver hosting thehost to configure itself with basic networking and policy configuration. Nevertheless, if further information is required, orPvD Additional Information when an object expires, adifferent security model shall be used to access the PvD Information,host which last retrieved an object at aSRV Resource Recordtime A, including afull URL MAY be included as a response, expectingvalidity time B, SHOULD renew thehost to query this URLobject at a uniformly random time in the interval [(B-A)/2,A]. In order toretrieve additionalprevent PvDinformation. 5.spoofing by malicious or misconfigured routers, PvD Additional InformationPvD information isobject includes a set ofkey-value pairs. Keys are ASCII character strings. Values are either a character string, an ordered list of values, or an embedded dictionary. Value types and default behavior with respect to some specific keys MAYIPv6 prefixes which MUST befurther specified (recursively). Some keys have a default value as described inchecked against all thefollowing sections. When there is an expiration timePrefix Information Options advertised ina PvD, then the information MUST be refreshed beforetheexpiration time. The behaviorRouter Advertisement. If any ofa host whentherefresh operationprefixes included in the Prefix Information Options is notsuccessful is TBD. Nodes using the PvD MUST support the two encodings: JSON syntax forin thecompleteset ofPvD information; short-hand notation for the bootstrap PvD. When the PvD information is transferred as a JSON file, then the key used is the second column of the following table. The syntax of the JSON file is obvioulsy JSON and is richer than the short-hand notation specifiedprefixes contained in thenext paragraph. When transmitting more information thanadditional information, the PvDID(the one included in the RA(or when DNS TXT resource records are used), the shorthand notataion for PvD information is usedandconsists of a string containing several "key=value;" substrings. The "key" is the first column of the following tables, the value is encoded as: Shorthand notation for values: integer: expressedindecimal format with a '.' (dot) used for decimals; string: expressed as UTF-8 encoded string, delimited by single quote character,thesingle quote character canadditional information) MUST beexpressed by two consecutive single quote character; boolean: expressed as '0' for falseconsidered unsafe and'1' for true; IPv6 address: printed as RFC5952 [RFC5952]. 5.1. PvD Name PvD SHOULD have a human readable name in order toMUST NOT bepresented onused. While this does not prevent aGUI. The namemalicious network provider, it canalsobelocalized. +------------+------------+---------------+--------------+----------+ | DNS TXT ke | JSON key | Description | Type |used to detect misconfiguration. The server serving the JSON| | y/Bootstra | | | | Example | | p PvD key | | | | | +------------+------------+---------------+--------------+----------+ | n | name | User-visible | human- | "Foobar | | | | service name, | readable | Service" | | | |files SHOULDbe | UTF-8 string | | | | |also check whether the client address is part of the| | | | | | bootstrap PvD | | | | nl10n | localizedN | Localized | human- | "Service | | | ame | user-visible | readable | Blabla" | | | | service name, | UTF-8 string | | | | | language can | | | | | | be selected | | | | | | based on the | | | | | | HTTP Accept- | | | | | | Language | | | | | | header in the | | | | | | request. | | | +------------+------------+---------------+--------------+----------+ 5.2. Trust ofprefixes listed into thebootstrap PvDadditional information and SHOULD return a 403 response code if there is no match. Thecontent ofserver MAY also use thebootstrap PvD (fromclient address to select theoriginal RA) cannotright JSON object to betrusted as it is not authenticated. But, the extended PvD canreturned. Note: In a similar way, a DNS server names list could beassociated with the PvD ID (asincluded in the PvDIDAI in order to avoid rogue APs from inserting a different DNS resolver. But this would also prevent CPEs from advertising themselves as default DNS (which isusedusually done). SPs which really want to use CPEs as DNS, for caching reasons, might find 'creative' ways toconstructgo around this rule. 5.2. Providing theextendedPvDURL) and trusted byAdditional Information Whenever the H-flag is set in theused of TLS. The extendedPvDSHOULD therefore includeRA Option, a valid PvD Additional Information object MUST be made available to all hosts receiving thefollowing information elements and, if they areRA. In particular, when a captive portal is present,the hosthosts MUSTverify that the all PIO ofstill be allowed to access theRA fitsobject, even before logging into themaster prefix list. If any PIO prefix fromcaptive portal. Routers MAY increment thebootstrap PvD does not fitPVD ID Sequence number (Seq) inthe master prefix array, then all information received by the bootstraporder to inform host that a new PvDmust be invalidated. In short, the masterIPv6Prefix received over TLSAdditional Information object isused to authenticate the bootstrap PvD.available and should be retrieved. 5.3. PvD Additional Information Format Thevalues of the bootstrapPvD(RDNSS, ...) are overwritten byAdditional Information is a JSON object. The following array presents thevalues containedmandatory keys which MUST be included in thetrusted extended PvD if they are present. +-----+------------------+-------------+----------+-----------------+ | DNSobject: +----------+-------------------+-----------+------------------------+ | JSON key | Description | Type |JSONExample | +----------+-------------------+-----------+------------------------+ |TXT | |name | Human-readable | UTF-8 | "Awesome Wifi" |key| | service name | string | |+-----+------------------+-------------+----------+-----------------+|mp6expires |masterIpv6PrefixDate after which |All theISO 8601 |Array of"2017-07-23T06:00:00Z" |["2001:db8::/32| | this object is | |IPv6|IPv6|"]| not valid | | |prefixes| prefixes | Array of IPv6 | Array of | ["2001:db8:1::/48", | |linked to| prefixes valid | strings | "2001:db8:4::/48"] | | | for thisPvD | |PVD | | || (such as+----------+-------------------+-----------+------------------------+ A retrieved object which does not include a| | | | | | /29 forvalid string associated with the| | | | | | ISP). | | | +-----+------------------+-------------+----------+-----------------+ 5.3. Reachability The following set of keys can be used to specify"name" key at thesetroot ofservices for whichtherespective PvD should be used. If present they MUST be honored byobject, or a valid date associated with theclient, i.e., if"expiration" key, also at thePvD is marked as not usable for Internet access (walled garden), then itroot of the object, MUSTNOTbeused for Internet access. If the usability is limited to a certain set of domain or address prefixes (typical VPN access), thenignored. In such cases, an error message SHOULD be logged and/or displayed in adifferent PvD MUSTrate-limited fashion. The following table presents some optional keys which MAY beused for other destinations. +-----+---------------+---------------+-----------+-----------------+ | DNSincluded in the object. +-----------------+-----------------------+---------+---------------+ | JSON key | Description | Type |JSONExample | +-----------------+-----------------------+---------+---------------+ |TXT | | | | | | key | | | | | +-----+---------------+---------------+-----------+-----------------+ | s | noInternet | Internet | boolean | true | | | | inaccessible | | | | cp | captivePortal | Presence of a | boolean | false | | | | captive | | | | | | portal |localizedName | Localized user- | UTF-8 |z"Wifi Genial" |dnsZones|DNS zones|array ofvisible service name, |["foo.com","substring | | | |accessiblelanguage can be |DNS zone|.bar.com"]| | | selected based on the |and| | | | HTTP Accept-Language | |searchable| | | header in the |6|prefixes6|IPv6-prefixes|array of|["2001:db8:a::/request. | | | |accessiblenoInternet |IPv6No Internet, set when |48","2001:db8:bboolean | true | | |via thisthe PvD only provides |prefixes | :c::/64"] | | 4 | prefixes4 | IPv4-prefixes | array of | ["192.0.2.0/24"| | | |accessiblerestricted access to |IPv4|,"2.3.0.0/16"]| | | a set of services. | |prefixes| | characteristics | Connectivity | JSON | See Section |in CIDR| | characteristics | object | 5.3.1 | |reachablemetered | metered, when the | boolean | false | | |via thisaccess volume is | | | | | limited. |PvD| |+-----+---------------+---------------+-----------+-----------------+ 5.4. DNS Configuration The following set of keys can be used to specify+-----------------+-----------------------+---------+---------------+ It is worth noting that theDNS configurationJSON format allows forthe respective PvD. If present, theyextensions. Whenever an unknown key is encountered, it MUST behonored and used by the client whenever it wishes to access a resource described by the PvD. +-----+------------+-------------+-----------+----------------------+ | DNS | JSON key | Description | Value | JSON Example | | TXT | | | | | | key | | | | | +-----+------------+-------------+-----------+----------------------+ | r | dnsServers | Recursive | array of | ["2001:db8::1","192. | | | | DNS server | IPv6 and | 0.2.2"] | | | | | IPv4 | | | | | | addresses | | | d | dnsSearch | DNS search | array of | ["foo.com","sub.bar. | | | | domains | search | com"] | | | | | domains | | +-----+------------+-------------+-----------+----------------------+ 5.5.ignored along with its associated elements, unless specified otherwise in future updating documents. 5.3.1. Connectivity CharacteristicsNOTE: open question to the authors/reviewers: should this document include this section or is it useless?Information The following set of keys can be used to signal certain characteristics of the connection towards the PvD. They should reflect characteristics of the overall access technology which is not limited to the link the host is connected to, but rather a combination of the link technology, CPE upstream connectivity, and further quality of service considerations.+------+------------------+------------+--------------+-------------+ | DNS+---------------+--------------+---------------------+--------------+ | JSON key |DescriptioDescription | Type |JSON | | TXT | | n | |Example | +---------------+--------------+---------------------+--------------+ |key | | | | | +------+------------------+------------+--------------+-------------+ | tp | throughputMaxmaxThroughput | Maximum |object({downobject({down(int), | {"down": | | ||achievable |(int), | 10000, | | | | throughput |up(int)}) in| "up": 5000} | | | | (e.g. CPE |kb/s | 10000, "up": | | || downlink/u | | | | | | plink) |throughput | | 5000} |lt|latencyMinminLatency | Minimum |object({downobject({down(int), | {"down":| | | | achievable | (int), |10,"up":| | || latencyachievable | up(int)}) in ms | "up": 20} | | | latency | |ms || | rl |reliabilityMax |Maximum |object({downobject({down(int), | {"down": | | ||achievable |(int), | 1000, "up": | | | | reliabilit |up(int)}) in losses |800} | | | | y | 1/10000.1, "up": | | |cpreliability |captivePortalevery 1000 packets |Captive1} |URL+---------------+--------------+---------------------+--------------+ 5.3.2. Private Extensions JSON keys starting with "x-" are reserved for private use and can be utilized to provide information that is specific to vendor, user or enterprise. It is RECOMMENDED to use one of the| "https://ex | | | | portal | portal | ample.com" | | nat | NAT | IPv4 NAT | boolean | true | | | | in place | | | | natt | NAT Time-out | The value | Integer | 30 | | o | | in seconds | | | | | |patterns "x-FQDN- KEY" or "x-PEN-KEY" where FQDN is a fully qualified domain name or PEN is a private enterprise number [PEN] under control of theNAT | | | | | | time-out | | | | srh | segmentRoutingHe | The IPv6 | Binary | ... | | | ader | Segment | string | | | | | Routing | | | | | | Headerauthor of the extension to| | | | | |avoid collisions. 5.3.3. Example Here are two examples based on the keys defined in this section. { "name": "Foo Wireless", "localizedName": "Foo-France Wifi", "expires": "2017-07-23T06:00:00Z", "prefixes" : ["2001:db8:1::/48", "2001:db8:4::/48"], "characteristics": { "maxThroughput": { "down":200000, "up": 50000 }, "minLatency": { "down": 0.1, "up": 1 } } } { "name": "Bar 4G", "localizedName": "Bar US 4G", "expires": "2017-07-23T06:00:00Z", "prefixes": ["2001:db8:1::/48", "2001:db8:4::/48"], "metered": true, "characteristics": { "maxThroughput": { "down":80000, "up": 20000 } } } 6. Security Considerations Although some solutions such as IPSec or SEND [RFC3971] can be used| | | | | | between | | | | | |in order to secure the IPv6| | | | | | header and | | | | | | any other | | | | | | headers | | | | | | whenNeighbor Discovery Protocol, actual deployments largely rely on link layer or physical layer security mechanisms (e.g. 802.1x [IEEE8021X]). This specification does not improve the Neighbor Discovery Protocol security model, but extends the purely link-local configuration retrieval mechanisms with HTTP-over-TLS communications. During the exchange, the server authenticity is verified by the mean of a certificate, validated based on the FQDN found in the Router Advertisement (e.g. using| | | | | | this PvD | | | | srhD | segmentRoutingHe | Thea list of pre-installed CA certificates, or DNSSec [RFC4035] with DNS| Ascii string | srh.pvd-foo | | NS | aderDnsFQDN | FQDN which | | .example.or | | | |Based Authentication of Named Entities [RFC6698]). This authentication creates a secure binding between the information provided by the trusted Router Advertisement, and the HTTP server. The IPv6 prefixes list included in the PvD Additional Information JSON object is used to| | g | | | |validate that the prefixes included in the Router Advertisements are really part of the PvD. Note: The previous point does not protect against attacker performing NAT66. It would if we mandate the source-address validation on the server side, but not protect against tunnels. In other words, address based security will not protect against rogue APs, but may prevent the use of NAT66. For privacy reasons, it is desirable that the PvD Additional Information object may only be retrieved| | | | | |by theactual | | | | | | IPv6 | | | | | | Segment | | | | | | Routing | | | | | | Header to | | | | | |hosts using the given PvD. Host identity SHOULD be validated based on the client address that is used| | | | | | between | | | | | |during the HTTP query. 7. IANA Considerations IANA is kindly requested to allocate a new IPv6| | | | | | headerNeighbor Discovery option number for the PvD ID Router Advertisement option and| | | | | | any other | | | | | | headers | | | | | | whena new IKEv2 Configuration Payload Attribute Types for PVD_ID. TBD: JSON keys will need a new register. 8. Acknowledgements Many thanks to M. Stenberg and S. Barth for their earlier work: [I-D.stenberg-mif-mpvd-dns]. Thanks also to Ray Bellis, Lorenzo Colitti, Thierry Danis, Marcus Keane, Erik Kline, Jen Lenkova, Mark Townsley and James Woodyatt for useful and interesting discussions. Finally, many thanks to Thierry Danis for his implementation work: [github]. 9. References 9.1. Normative references [RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2461] Narten, T., Nordmark, E., and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998. [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, DOI 10.17487/ RFC2818, May 2000, <http://www.rfc-editor.org/info/rfc2818>. [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, September 2007. [RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known Uniform Resource Identifiers (URIs)", RFC 5785, DOI 10.17487/RFC5785, April 2010, <http://www.rfc-editor.org/info/rfc5785>. [RFC7159] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data Interchange Format", RFC 7159, DOI 10.17487/RFC7159, March 2014, <http://www.rfc-editor.org/info/rfc7159>. 9.2. Informative references [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, March 2005. [RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Protocol Modifications for the DNS Security Extensions", RFC 4035, DOI 10.17487/RFC4035, March 2005, <http://www.rfc-editor.org/info/rfc4035>. [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", RFC 4191, November 2005. [RFC5798] Nadas, S., Ed., "Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6", RFC 5798, DOI 10.17487/ RFC5798, March 2010, <http://www.rfc-editor.org/info/rfc5798>. [RFC6106] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, "IPv6 Router Advertisement Options for DNS Configuration", RFC 6106, November 2010. [RFC6698] Hoffman, P. and J. Schlyter, "The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA", RFC 6698, DOI 10.17487/RFC6698, August 2012, <http://www.rfc-editor.org/info/rfc6698>. [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, "Default Address Selection for Internet Protocol Version 6 (IPv6)", RFC 6724, September 2012. [RFC7556] Anipko, D., Ed., "Multiple Provisioning Domain Architecture", RFC 7556, DOI 10.17487/RFC7556, June 2015, <http://www.rfc-editor.org/info/rfc7556>. [RFC7710] Kumari, W., Gudmundsson, O., Ebersman, P., and S. Sheng, "Captive-Portal Identification Using DHCP or Router Advertisements (RAs)", RFC 7710, DOI 10.17487/RFC7710, December 2015, <http://www.rfc-editor.org/info/rfc7710>. [RFC8028] Baker, F. and B. Carpenter, "First-Hop Router Selection by Hosts in a Multi-Prefix Network", RFC 8028, DOI 10.17487/ RFC8028, November 2016, <http://www.rfc-editor.org/info/rfc8028>. [I-D.bowbakova-rtgwg-enterprise-pa-multihoming] Baker, F., Bowers, C., and J. Linkova, "Enterprise Multihoming using| | | | | |Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution", draft-bowbakova-rtgwg-enterprise-pa-multihoming-01 (work in progress), October 2016. [I-D.stenberg-mif-mpvd-dns] Stenberg, M. and S. Barth, "Multiple Provisioning Domains using Domain Name System", draft-stenberg-mif-mpvd-dns-00 (work in progress), October 2015. [I-D.kline-mif-mpvd-api-reqs] Kline, E., "Multiple Provisioning Domains API Requirements", draft-kline-mif-mpvd-api-reqs-00 (work in progress), November 2015. [PEN] IANA, "Private Enterprise Numbers", <https://www.iana.org/ assignments/enterprise-numbers>. [IEEE8021X] IEEE, "IEEE Standards for Local and Metropolitan Area Networks: Port based Network Access Control, IEEE Std", . [github] Cisco, "IPv6-mPvD github repository", <https://github.com/ IPv6-mPvD>. Appendix A. Changelog Note to RFC Editors: Remove thisPvD | | | | cost | cost | Costsection before publication. A.1. Version 00 Initial version of| object | See Section | | | |the draft. Edited by Basile Bruneau + Eric Vyncke and based on Basile's work. A.2. Version 01 Major rewrite intended to focus on the the retained solution based on corridors, online, and WG discussions. Edited by Pierre Pfister. The following list only includes major changes. PvD ID is an FQDN retrieved using a single RA option. This option contains a sequence number for push-based updates, a new H-flag, and a L-flag in order to link the| | 5.6 | | | | connection | | | +------+------------------+------------+--------------+-------------+ 5.6.PvD with the IPv4 DHCP server. A lifetime is included in the PvD ID option. Detailed Hosts and Routers specifications. Additional Information is retrieved using HTTP-over-TLS when the PvD ID Option H-flag is set. Retrieving the object is optional. The PvD Additional Information object includes a validity date. DNS-based approach is removed as well as the DNS-based encoding of the PvD Additional Information. Major cut in the list of proposed JSON keys. This document may be extended later if need be. Monetary discussion is moved to the appendix. Clarification about the 'prefixes' contained in the additional information. Clarification about the processing of DHCPv6. Appendix B. Connection monetary cost NOTE: This section is included as a request for comment on the potential use and syntax. The billing of a connection can be done in a lot of different ways. The user can have a global traffic threshold per month, after which his throughput is limited, or after which he/she pays each megabyte. He/she can also have an unlimited access to some websites, or an unlimited access during the weekends.We proposeAn option is to split thefinal billingbill in elementary billings, which have conditions (a start date, an end date, a destination IP address...). The global billing is an ordered list of elementary billings. To know the cost of a transmission, the host goes through the list, and the first elementary billing whose the conditions are fulfilled gives the cost. If no elementary billing conditions match the request, the host MUST make no assumption about the cost.5.6.1.B.1. Conditions Here are the potential conditions for an elementary billing. All conditions MUST be fulfill.Note: the final version should use short-hand key names.+-----------+-------------+---------------+-------------------------+ | Key | Description | Type | JSON Example | +-----------+-------------+---------------+-------------------------+ | beginDate | Date before | ISO 8601 | "1977-04-22T06:00:00Z" | | | which the | | | | | billing is | | | | | not valid | | | | endDate | Date after | ISO 8601 | "1977-04-22T06:00:00Z" | | | which the | | | | | billing is | | | | | not valid | | | | domains | FQDNs whose | array(string) | ["deezer.com","spotify. | | | the billing | | com"] | | | is limited | | | | prefixes4 | IPv4 | array(string) | ["78.40.123.182/32","78 | | | prefixes | | .40.123.183/32"] | | | whose the | | | | | billing is | | | | | limited | | | | prefixes6 | IPv6 | array(string) | ["2a00:1450:4007:80e::2 | | | prefixes | | 00e/64"] | | | whose the | | | | | billing is | | | | | limited | | | +-----------+-------------+---------------+-------------------------+5.6.2.B.2. Price Here are the different possibilities for the cost of an elementary billing. A missing key means "all/unlimited/unrestricted". If the elementary billing selected has a trafficRemaining of 0 kb, then it means that the user has no access to the network. Actually, if the last elementary billing has a trafficRemaining parameter, it means that when the user will reach the threshold, he/she will not have access to the network anymore. +------------------+------------------+--------------+--------------+ | Key | Description | Type | JSON Example | +------------------+------------------+--------------+--------------+ | pricePerGb | The price per | float | 2 | | | Gigabit | (currency | | | | | per Gb) | | | currency | The currency | ISO 4217 | "EUR" | | | used | | | | throughputMax | The maximum | float (kb/s) |1000100000 | | | achievable | | | | | throughput | | | | trafficRemaining | The traffic | float(kb)(kB) |9600000012000000 | | | remaining | | | +------------------+------------------+--------------+--------------+5.6.3.B.3. Examples Example for a user with 20 GB per month for 40 EUR, then reach a threshold, and with unlimited data during weekends and todeezer:example.com: [ { "domains":["deezer.com"]["example.com"] }, { "prefixes4": ["78.40.123.182/32","78.40.123.183/32"] }, { "beginDate": "2016-07-16T00:00:00Z", "endDate": "2016-07-17T23:59:59Z", }, { "beginDate": "2016-06-20T00:00:00Z", "endDate": "2016-07-19T23:59:59Z", "trafficRemaining":9600000012000000 }, { "throughputMax":1000100000 } ] If the host tries to download data fromdeezer.com,example.com, the conditions of the first elementary billing are fulfilled, so the host takes this elementary billing, finds no cost indication in it and so deduces that it is totally free. If the host tries to exchange data withyoutube.comfoobar.com and the date is 2016-07-14T19:00:00Z, the conditions of the first, second and third elementary billing are not fulfilled. But the conditions of the fourth are. So the host takes this elementary billing and sees that there is a threshold, 12 GB are remaining. Another example for a user abroad, who has 3 GB per year abroad, and then pay each MB: [ { "beginDate": "2016-02-10T00:00:00Z", "endDate": "2017-02-09T23:59:59Z", "trafficRemaining":92000003000000 }, { "pricePerGb": 30, "currency": "EUR" } ]5.7. Private Extensions keys starting with "x-" are reserved for private use and can be utilized to provide vendor-, user- or enterprise-specific information. It is RECOMMENDED to use one of the patterns "x-FQDN- KEY" or "x-PEN-KEY" where FQDN is a fully qualified domain name or PEN is a private enterprise number [PEN] under control of the author of the extension to avoid collisions. 5.8. Examples 5.8.1. Using JSON { "name": "Orange France", "localizedName": "Orange France", "dnsServers": ["8.8.8.8", "8.8.4.4"], "throughputMax": { "down": 100000, "up": 20000 }, "cost": [ { "domains": ["deezer.com"] }, { "prefixes4": ["78.40.123.182/32","78.40.123.183/32"] }, { "beginDate": "2016-07-16T00:00:00Z", "endDate": "2016-07-17T23:59:59Z", }, { "beginDate": "2016-06-20T00:00:00Z", "endDate": "2016-07-19T23:59:59Z", "trafficRemaining": 96000000 }, { "throughputMax": 1000 } ] } 5.8.2. Using DNS TXT records n=Orange France r=8.8.8.8,8.8.4.4 tp=100000,20000 cost+0+domains=deezer.com cost+1+prefixes4=78.40.123.182/32,78.40.123.183/32 cost+2+beginDate=2016-07-16T00:00:00Z cost+2+endDate=2016-07-17T23:59:59Z cost+3+beginDate=2016-06-20T00:00:00Z cost+3+endDate=2016-07-19T23:59:59Z cost+3+trafficRemaining=96000000 cost+4+throughputMax=1000 6. Use case examples TBD: 1 or 2 examples when PvD are critical 6.1. Multihoming First example could be multihoming (very much in-line with bowbakova draft). 6.2. VPN/Extranet example using PvD to reach a specific destination (such as VPN or extranet). 7. Security Considerations While the PvD ID can be forged easily, if the host retrieve the extended PvD via TLS, then the host can trust the content of the extended PvD and verifies that the RA prefix(es) are indeed included in the master prefixed of the extended PvD. 8. Acknowledgements Many thanks to M. Stenberg and S. Barth: Section 5.3, Section 5.5 and Section 5.7 are from their document [I-D.stenberg-mif-mpvd-dns]. Thanks also to Ray Bellis, Lorenzo Colitti, Marcus Keane, Erik Kline, Jen Lenkova, Mark Townsley and James Woodyatt for useful and interesting brainstorming sessions. 9. References 9.1. Normative references [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 Address Text Representation", RFC 5952, DOI 10.17487/RFC5952, August 2010, <http://www.rfc-editor.org/info/rfc5952>. [RFC7556] Anipko, D., Ed., "Multiple Provisioning Domain Architecture", RFC 7556, DOI 10.17487/RFC7556, June 2015, <http://www.rfc-editor.org/info/rfc7556>. 9.2. Informative references [I-D.bowbakova-rtgwg-enterprise-pa-multihoming] Baker, F., Bowers, C., and J. Linkova, "Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution", draft-bowbakova-rtgwg-enterprise-pa-multihoming-01 (work in progress), October 2016. [I-D.stenberg-mif-mpvd-dns] Stenberg, M. and S. Barth, "Multiple Provisioning Domains using Domain Name System", draft-stenberg-mif-mpvd-dns-00 (work in progress), October 2015. [PEN] IANA, "Private Enterprise Numbers", <https://www.iana.org/assignments/enterprise-numbers>.Authors' Addresses Basile Bruneau EcolepolytechniquePolytechnique Vannes 56000 France Email: basile.bruneau@polytechnique.edu Pierre Pfister Cisco 11 Rue Camille Desmoulins Issy-les-Moulineaux 92130 France Email: ppfister@cisco.com David Schinazi Apple Email: dschinazi@apple.com Tommy Pauly Apple Email: tpauly@apple.com Eric Vyncke(editor)Cisco De Kleetlaan, 6 Diegem 1831 Belgium Email: evyncke@cisco.com