< draft-ietf-6man-addr-select-opt-09.txt   draft-ietf-6man-addr-select-opt-10.txt >
6man Working Group A.M. Matsumoto 6man Working Group A.M. Matsumoto
Internet-Draft T.F. Fujisaki Internet-Draft T.F. Fujisaki
Intended status: Standards Track NTT Intended status: Standards Track NTT
Expires: October 27, 2013 T.C. Chown Expires: November 01, 2013 T.C. Chown
University of Southampton University of Southampton
April 25, 2013 April 30, 2013
Distributing Address Selection Policy using DHCPv6 Distributing Address Selection Policy using DHCPv6
draft-ietf-6man-addr-select-opt-09.txt draft-ietf-6man-addr-select-opt-10.txt
Abstract Abstract
RFC 6724 defines default address selection mechanisms for IPv6 that RFC 6724 defines default address selection mechanisms for IPv6 that
allow nodes to select an appropriate address when faced with multiple allow nodes to select an appropriate address when faced with multiple
source and/or destination addresses to choose between. The RFC 6724 source and/or destination addresses to choose between. The RFC 6724
allowed for the future definition of methods to administratively allowed for the future definition of methods to administratively
configure the address selection policy information. This document configure the address selection policy information. This document
defines a new DHCPv6 option for such configuration, allowing a site defines a new DHCPv6 option for such configuration, allowing a site
administrator to distribute address selection policy overriding the administrator to distribute address selection policy overriding the
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 27, 2013. This Internet-Draft will expire on November 01, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 38 skipping to change at page 2, line 38
RFC 6724, it is suggested that the default policy table may be RFC 6724, it is suggested that the default policy table may be
administratively configured to suit the specific needs of a site. administratively configured to suit the specific needs of a site.
This specification defines a new DHCPv6 option for such This specification defines a new DHCPv6 option for such
configuration. configuration.
Some problems have been identified with the default RFC 3484 address Some problems have been identified with the default RFC 3484 address
selection policy [RFC5220]. It is unlikely that any default policy selection policy [RFC5220]. It is unlikely that any default policy
will suit all scenarios, and thus mechanisms to control the source will suit all scenarios, and thus mechanisms to control the source
address selection policy will be necessary. Requirements for those address selection policy will be necessary. Requirements for those
mechanisms are described in [RFC5221], while solutions are discussed mechanisms are described in [RFC5221], while solutions are discussed
in [I-D.ietf-6man-addr-select-sol] and in [I-D.ietf-6man-addr-select-considerations]. Those documents have
[I-D.ietf-6man-addr-select-considerations]. Those documents have
helped shape the improvements in the default address selection helped shape the improvements in the default address selection
algorithm [RFC6724] as well as the DHCPv6 option defined in this algorithm [RFC6724] as well as the DHCPv6 option defined in this
specification. specification.
1.1. Conventions Used in This Document 1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
skipping to change at page 3, line 14 skipping to change at page 3, line 14
This document uses the terminology defined in [RFC2460] and the This document uses the terminology defined in [RFC2460] and the
DHCPv6 specification defined in [RFC3315] DHCPv6 specification defined in [RFC3315]
2. Address Selection options 2. Address Selection options
The Address Selection option provides the address selection policy The Address Selection option provides the address selection policy
table, and some other configuration parameters. table, and some other configuration parameters.
An Address Selection option contains zero or more policy table An Address Selection option contains zero or more policy table
options. Multiple Policy Table options in an Address Selection options. Multiple Policy Table options in an Address Selection
option constitute a single policy table. option constitute a single policy table. When it does not contain
policy table option, it is used to convey the A and P flags.
The format of the Address Selection option is given below. The format of the Address Selection option is given below.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_ADDRSEL | option-len | | OPTION_ADDRSEL | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |A|P| | | Reserved |A|P| |
+-+-+-+-+-+-+-+-+ POLICY TABLE OPTIONS | +-+-+-+-+-+-+-+-+ POLICY TABLE OPTIONS |
skipping to change at page 4, line 13 skipping to change at page 4, line 22
policy table. policy table.
P: Privacy Preference flag. This flag toggles the Privacy P: Privacy Preference flag. This flag toggles the Privacy
Preference flag at client hosts, which is described in the Preference flag at client hosts, which is described in the
section 5 in RFC 6724 [RFC6724]. If this flag is set to 1, it section 5 in RFC 6724 [RFC6724]. If this flag is set to 1, it
does not change client host behavior, that is, a client will does not change client host behavior, that is, a client will
prefer temporary addresses. If set to 0, the Privacy Preference prefer temporary addresses. If set to 0, the Privacy Preference
flag is disabled, and a client will prefer public addresses. flag is disabled, and a client will prefer public addresses.
POLICY TABLE OPTIONS: Zero or more Address Selection Policy Table POLICY TABLE OPTIONS: Zero or more Address Selection Policy Table
options described below. options described below. This option corresponds to a row in
the policy table defined in the section 2.1 in RFC 6724
[RFC6724].
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_ADDRSEL_TABLE | option-len | | OPTION_ADDRSEL_TABLE | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| label | precedence | prefix-len | | | label | precedence | prefix-len | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | | |
| prefix (variable length) | | prefix (variable length) |
skipping to change at page 4, line 35 skipping to change at page 5, line 6
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Address Selection Policy Table option format Figure 2: Address Selection Policy Table option format
option-code: OPTION_ADDRSEL_TABLE (TBD). option-code: OPTION_ADDRSEL_TABLE (TBD).
option-len: The total length of the label field, precedence field, option-len: The total length of the label field, precedence field,
prefix-len field, and prefix field. prefix-len field, and prefix field.
label: An 8-bit unsigned integer; this value is for correlation of label: An 8-bit unsigned integer; this value is for correlation of
source address prefixes and destination address prefixes. source address prefixes and destination address prefixes. This
field is used to deliver a label value in RFC 6724 policy table.
precedence: An 8-bit unsigned integer; this value is used for precedence: An 8-bit unsigned integer; this value is used for
sorting destination addresses. sorting destination addresses. This field is used to to deliver
a precedence value in RFC 6724 policy table.
prefix-len: An 8-bit unsigned integer; the number of leading bits in prefix-len: An 8-bit unsigned integer; the number of leading bits in
the prefix that are valid. The value ranges from 0 to 128. the prefix that are valid. The value ranges from 0 to 128.
prefix: A variable-length field containing an IP address or the prefix: A variable-length field containing an IP address or the
prefix of an IP address. An IPv4-mapped address [RFC4291] must prefix of an IP address. An IPv4-mapped address [RFC4291] must
be used to represent an IPv4 address as a prefix value. This be used to represent an IPv4 address as a prefix value. This
field is padded with zeros up to the nearest octet boundary when field is padded with zeros up to the nearest octet boundary when
prefix6-len is not divisible by 8. This can be expressed using prefix6-len is not divisible by 8. This can be expressed using
the following equation: (prefix-len+7)/8 So the length of this the following equation: (prefix-len+7)/8 So the length of this
skipping to change at page 5, line 22 skipping to change at page 5, line 33
2001:db8::/60 would be encoded with an prefix-len of 60, the 2001:db8::/60 would be encoded with an prefix-len of 60, the
prefix would be 8 octets and would contains octets 20 01 0d b8 prefix would be 8 octets and would contains octets 20 01 0d b8
00 00 00 00. 00 00 00 00.
3. Processing the Policy Table option 3. Processing the Policy Table option
This section describes how to process received Policy Table option at This section describes how to process received Policy Table option at
the DHCPv6 client. the DHCPv6 client.
This option's concept is to serve as a hint for a node about how to This option's concept is to serve as a hint for a node about how to
behave in the network. So, basically, it should be up to the node's behave in the network. Ultimately, it can be controlled by the
administrator how to deal with the received policy information in the node's administrator how to deal with the received policy
way described below. information, but the implementation SHOULD follow the way described
below uniformly to ease diagnose brokenness and to reduce operational
costs.
3.1. Handling of the local policy table 3.1. Handling of the local policy table
RFC 6724 defines the default policy table. Also, users are usually RFC 6724 defines the default policy table. Also, users are usually
able to configure the policy table to satisfy their own requirements. able to configure the policy table to satisfy their own requirements.
The client implementation SHOULD provide the following choices to the The client implementation SHOULD provide the following choices to the
user: user. The choice a SHOULD be default, as far as the policy table is
not configured by the user.
a) replace the existing active policy table with the DHCPv6 a) replace the existing active policy table with the DHCPv6
distributed policy table. distributed policy table.
b) preserve the existing active policy table, whether this be the b) preserve the existing active policy table, whether this be the
default policy table, or user configured policy. default policy table, or user configured policy.
3.2. Handling of the stale policy table 3.2. Handling of the stale policy table
When the information from the DHCP server goes stale, the policy When the information from the DHCP server goes stale, the policy
received form the DHCP server should be deprecated. received form the DHCP server SHOULD be deprecated.
The received information can be considered stale in several cases, The received information can be considered stale in several cases,
such as, when the interface goes down, the DHCP server does not such as, when the interface goes down, the DHCP server does not
respond for a certain amount of time, and the Information Refresh respond for a certain amount of time, and the Information Refresh
Time is expired. Time is expired.
3.3. Multi-interface situation 3.3. Multi-interface situation
The policy table, and other parameters specified in this document are The policy table, and other parameters specified in this document are
node-global information by their nature. One reason being that the node-global information by their nature. One reason being that the
outbound interface is usually chosen after destination address outbound interface is usually chosen after destination address
selection. So, a host cannot make use of multiple address selection selection. So, a host cannot make use of multiple address selection
policies even if they are stored per interface. policies even if they are stored per interface.
Even if the received policy from one source is merged with one from Even if the received policy from one source is merged with one from
another source, the effect of both policy are more or less changed. another source, the effect of both policy are more or less changed.
The policy table is defined as a whole, so the slightest addition/ The policy table is defined as a whole, so the slightest addition/
deletion from the policy table brings a change in semantics of the deletion from the policy table brings a change in semantics of the
policy. policy.
It also should be noted that absence of the distributed policy from a It also should be noted that absence of the distributed policy from a
certain network interface should not be treated as absence of policy certain network interface should not be treated as absence of policy
itself, because it may mean preference for the default address itself, because it may mean preference for the default address
selection policy. selection policy.
Under the above assumptions, how to handle received policy is Under the above assumptions, how to handle received policy is
specified below. specified below.
A node MAY use Address Selection options by default in any of the A node SHOULD use Address Selection options by default in any of the
following two cases: following two cases:
1: The host is single-homed, where the host belongs to one 1: The host is single-homed, where the host belongs to one
administrative network domain exclusively usually through one administrative network domain exclusively usually through one
active network interface. active network interface.
2: The host implements some advanced heuristics to deal with multiple 2: The host implements some advanced heuristics to deal with multiple
received policy, which is outside the scope of this document. received policy, which is outside the scope of this document.
The above restrictions do not preclude implementations from providing The above restrictions do not preclude implementations from providing
skipping to change at page 7, line 44 skipping to change at page 8, line 17
Another threat is about privacy concern. As in the security Another threat is about privacy concern. As in the security
consideration section of RFC 6724, at least a part of, the address consideration section of RFC 6724, at least a part of, the address
selection policy stored in a host can be leaked by a packet from a selection policy stored in a host can be leaked by a packet from a
remote host. This issue will not be modified by the introduction of remote host. This issue will not be modified by the introduction of
this option, regardless of whether the host is multihomed or not. this option, regardless of whether the host is multihomed or not.
6. IANA Considerations 6. IANA Considerations
IANA is requested to assign option codes to OPTION_ADDRSEL and IANA is requested to assign option codes to OPTION_ADDRSEL and
OPTION_ADDRSEL_TABLE from the option-code space as defined in section OPTION_ADDRSEL_TABLE from the "DHCP Option Codes" registry (http://
"DHCPv6 Options" of RFC 3315. www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xml).
7. References 7. References
7.1. Normative References 7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for and M. Carney, "Dynamic Host Configuration Protocol for
skipping to change at page 8, line 26 skipping to change at page 8, line 45
"Default Address Selection for Internet Protocol Version 6 "Default Address Selection for Internet Protocol Version 6
(IPv6)", RFC 6724, September 2012. (IPv6)", RFC 6724, September 2012.
7.2. Informative References 7.2. Informative References
[I-D.ietf-6man-addr-select-considerations] [I-D.ietf-6man-addr-select-considerations]
Chown, T. and A. Matsumoto, "Considerations for IPv6 Chown, T. and A. Matsumoto, "Considerations for IPv6
Address Selection Policy Changes", draft-ietf-6man-addr- Address Selection Policy Changes", draft-ietf-6man-addr-
select-considerations-05 (work in progress), April 2013. select-considerations-05 (work in progress), April 2013.
[I-D.ietf-6man-addr-select-sol]
Matsumoto, A., Fujisaki, T., and R. Hiromi, "Solution
approaches for address-selection problems", draft-ietf-
6man-addr-select-sol-03 (work in progress), March 2010.
[RFC2460] Deering, S.E. and R.M. Hinden, "Internet Protocol, Version [RFC2460] Deering, S.E. and R.M. Hinden, "Internet Protocol, Version
6 (IPv6) Specification", RFC 2460, December 1998. 6 (IPv6) Specification", RFC 2460, December 1998.
[RFC3493] Gilligan, R., Thomson, S., Bound, J., McCann, J., and W. [RFC3493] Gilligan, R., Thomson, S., Bound, J., McCann, J., and W.
Stevens, "Basic Socket Interface Extensions for IPv6", RFC Stevens, "Basic Socket Interface Extensions for IPv6", RFC
3493, February 2003. 3493, February 2003.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, February 2006.
skipping to change at page 9, line 13 skipping to change at page 9, line 29
July 2008. July 2008.
Appendix A. Acknowledgements Appendix A. Acknowledgements
Authors would like to thank to Dave Thaler, Pekka Savola, Remi Denis- Authors would like to thank to Dave Thaler, Pekka Savola, Remi Denis-
Courmont, Francois-Xavier Le Bail, Ole Troan, Bob Hinden, Dmitry Courmont, Francois-Xavier Le Bail, Ole Troan, Bob Hinden, Dmitry
Anipko, Ray Hunter, Rui Paulo, Brian E Carpenter, Tom Petch, and the Anipko, Ray Hunter, Rui Paulo, Brian E Carpenter, Tom Petch, and the
members of 6man's address selection design team for their invaluable members of 6man's address selection design team for their invaluable
contributions to this document. contributions to this document.
Appendix B. Past Discussion
o The 'zone index' value is used to specify a particular zone for
scoped addresses. This can be used effectively to control address
selection in the site scope (e.g., to tell a node to use a
specified source address corresponding to a site-scoped multicast
address). However, in some cases such as a link-local scope
address, the value specifying one zone is only meaningful locally
within that node. There might be some cases where the
administrator knows which clients are on the network and wants
specific interfaces to be used though. However, in general case,
it is really rare case, and the field was removed.
Authors' Addresses Authors' Addresses
Arifumi Matsumoto Arifumi Matsumoto
NTT NT Lab NTT NT Lab
3-9-11 Midori-Cho 3-9-11 Midori-Cho
Musashino-shi, Tokyo 180-8585 Musashino-shi, Tokyo 180-8585
Japan Japan
Phone: +81 422 59 3334 Phone: +81 422 59 3334
Email: arifumi@nttv6.net Email: arifumi@nttv6.net
 End of changes. 17 change blocks. 
36 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/