| < draft-ietf-ipsecme-ipv6-ipv4-codes-00.txt | draft-ietf-ipsecme-ipv6-ipv4-codes-01.txt > | |||
|---|---|---|---|---|
| Network Working Group M. Boucadair | Network Working Group M. Boucadair | |||
| Internet-Draft Orange | Internet-Draft Orange | |||
| Updates: 7296 (if approved) October 21, 2018 | Updates: 7296 (if approved) November 05, 2018 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: April 24, 2019 | Expires: May 9, 2019 | |||
| IKEv2 Notification Codes for IPv4/IPv6 Coexistence | IKEv2 Notification Status Types for IPv4/IPv6 Coexistence | |||
| draft-ietf-ipsecme-ipv6-ipv4-codes-00 | draft-ietf-ipsecme-ipv6-ipv4-codes-01 | |||
| Abstract | Abstract | |||
| This document specifies new IKEv2 notification codes to better manage | This document specifies new IKEv2 notification status types to better | |||
| IPv4 and IPv6 co-existence. | manage IPv4 and IPv6 co-existence. | |||
| This document updates RFC7296. | This document updates RFC7296. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 24, 2019. | This Internet-Draft will expire on May 9, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 12 ¶ | skipping to change at page 2, line 12 ¶ | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Why Not INTERNAL_ADDRESS_FAILURE? . . . . . . . . . . . . . . 3 | 3. Why Not INTERNAL_ADDRESS_FAILURE? . . . . . . . . . . . . . . 3 | |||
| 4. An Update to RFC7296 . . . . . . . . . . . . . . . . . . . . 3 | 4. An Update to RFC7296 . . . . . . . . . . . . . . . . . . . . 3 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 | 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 5 | 8.2. Informative References . . . . . . . . . . . . . . . . . 5 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 1. Introduction | 1. Introduction | |||
| As described in [RFC7849], if the subscription data or network | As described in [RFC7849], if the subscription data or network | |||
| configuration allows only one IP address family (IPv4 or IPv6), the | configuration allows only one IP address family (IPv4 or IPv6), the | |||
| cellular host must not request a second PDP-Context to the same APN | cellular host must not request a second PDP-Context to the same APN | |||
| for the other IP address family. The Third Generation Partnership | for the other IP address family. The Third Generation Partnership | |||
| Project (3GPP) network informs the cellular host about allowed Packet | Project (3GPP) network informs the cellular host about allowed Packet | |||
| Data Protocol (PDP) types by means of Session Management (SM) cause | Data Protocol (PDP) types by means of Session Management (SM) cause | |||
| codes. In particular, the following cause codes can be returned: | codes. In particular, the following cause codes can be returned: | |||
| skipping to change at page 3, line 8 ¶ | skipping to change at page 3, line 8 ¶ | |||
| Point Name (APN). The purpose of initiating a second PDP-Context is | Point Name (APN). The purpose of initiating a second PDP-Context is | |||
| to achieve dual-stack connectivity by means of two PDP-Contexts. | to achieve dual-stack connectivity by means of two PDP-Contexts. | |||
| According to 3GPP specifications (TS.24302), when the UE attaches the | According to 3GPP specifications (TS.24302), when the UE attaches the | |||
| network using a WLAN access by means of IKEv2 capabilities [RFC7296], | network using a WLAN access by means of IKEv2 capabilities [RFC7296], | |||
| there are no equivalent notification codes to inform the User | there are no equivalent notification codes to inform the User | |||
| Equipment (UE) why an IP address family is not assigned or whether | Equipment (UE) why an IP address family is not assigned or whether | |||
| that UE should retry with another address family. | that UE should retry with another address family. | |||
| This document fills that void by introducing new IKEv2 notification | This document fills that void by introducing new IKEv2 notification | |||
| codes for the sake of deterministic UE behaviors. | status types for the sake of deterministic UE behaviors. | |||
| These notification codes are not specific to 3GPP architectures, but | These notification status types are not specific to 3GPP | |||
| can be used in other deployment contexts. Cellular networks are | architectures, but can be used in other deployment contexts. | |||
| provided as an illustration example. | Cellular networks are provided as an illustration example. | |||
| 2. Terminology | 2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119][RFC8174] when, and only when, they appear in all | 14 [RFC2119][RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This document makes use of the terms defined in [RFC7296]. In | This document makes use of the terms defined in [RFC7296]. In | |||
| particular, readers should be familiar with "initiator" and | particular, readers should be familiar with "initiator" and | |||
| "responder" terms used in that document. | "responder" terms used in that document. | |||
| 3. Why Not INTERNAL_ADDRESS_FAILURE? | 3. Why Not INTERNAL_ADDRESS_FAILURE? | |||
| Section 3.15.4 of [RFC7296] defines a generic notification code that | Section 3.15.4 of [RFC7296] defines a generic notification error type | |||
| is related to a failure to handle an internal address failure. That | that is related to a failure to handle an internal address failure. | |||
| code does not explicitly allow an initiator to determine why a given | That error type does not explicitly allow an initiator to determine | |||
| address family is not assigned, nor whether it should try using | why a given address family is not assigned, nor whether it should try | |||
| another address family. INTERNAL_ADDRESS_FAILURE is a catch-all code | using another address family. INTERNAL_ADDRESS_FAILURE is a catch- | |||
| when an address-related issue is encountered by an IKEv2 responder. | all error type when an address-related issue is encountered by an | |||
| IKEv2 responder. | ||||
| INTERNAL_ADDRESS_FAILURE does not provide sufficient hints to the | INTERNAL_ADDRESS_FAILURE does not provide sufficient hints to the | |||
| IKEv2 initiator to adjust its behavior. | IKEv2 initiator to adjust its behavior. | |||
| 4. An Update to RFC7296 | 4. An Update to RFC7296 | |||
| The following notification codes are defined: | The following notification status types are defined: | |||
| o UNSUPPORTED_AF: This code indicates that the requested address | o UNSUPPORTED_AF: This status type indicates that the requested | |||
| family (IPv4 or IPv6) is not supported. Subsequent exchanges with | address family (IPv4 or IPv6) is not supported. Subsequent | |||
| the remote peer MUST NOT include any object of that address | exchanges with the remote peer MUST NOT include any object of that | |||
| family. | address family. | |||
| o IP6_ONLY_SUPPORTED: This code indicates that only IPv6 is | o IP6_ONLY_SUPPORTED: This status type indicates that only IPv6 is | |||
| supported. Subsequent exchanges with the remote peer MUST NOT | supported. Subsequent exchanges with the remote peer MUST NOT | |||
| include any IPv4-related object. | include any IPv4-related object. | |||
| Concretely, if the initiator requests both IPv4 and IPv6 | Concretely, if the initiator requests both IPv4 and IPv6 | |||
| addresses/prefixes, the responder replies with IPv6 | addresses/prefixes, the responder replies with IPv6 | |||
| address(es)/prefix(es) and the IP6_ONLY_SUPPORTED notification | address(es)/prefix(es) and the IP6_ONLY_SUPPORTED notification | |||
| code. If the initiator requests only IPv4 address(es) but gets | status type. If the initiator requests only IPv4 address(es) but | |||
| the IP6_ONLY_SUPPORTED notification code from the responder, the | gets the IP6_ONLY_SUPPORTED notification status type from the | |||
| IPv6-capable initiator should request IPv6 address(es) only in | responder, the IPv6-capable initiator should request IPv6 | |||
| subsequent requests. | address(es) only in subsequent requests. | |||
| o IP4_ONLY_SUPPORTED: This code indicates that only IPv4 is | o IP4_ONLY_SUPPORTED: This status type indicates that only IPv4 is | |||
| supported. Subsequent exchanges with the remote peer MUST NOT | supported. Subsequent exchanges with the remote peer MUST NOT | |||
| include any IPv6-related object. | include any IPv6-related object. | |||
| Concretely, if the initiator requests both IPv4 and IPv6 | Concretely, if the initiator requests both IPv4 and IPv6 | |||
| addresses/prefixes, the responder replies with IPv4 address(es) | addresses/prefixes, the responder replies with IPv4 address(es) | |||
| and the IP4_ONLY_SUPPORTED notification code. If the initiator | and the IP4_ONLY_SUPPORTED notification status type. If the | |||
| requests only IPv6 address(es) and gets the IP4_ONLY_SUPPORTED | initiator requests only IPv6 address(es) and gets the | |||
| notification code from the responder, the IPv4-capable initiator | IP4_ONLY_SUPPORTED notification status type from the responder, | |||
| should request IPv4 address(es) only in subsequent requests. | the IPv4-capable initiator should request IPv4 address(es) only in | |||
| subsequent requests. | ||||
| o SINGLE_AF_SUPPORTED: This code indicates that only a single | o SINGLE_AF_SUPPORTED: This status type indicates that only a single | |||
| address family can be assigned per request, not both. This code | address family can be assigned per request, not both. This status | |||
| is returned when an initiator requested both IPv4 and IPv6 | type is returned when an initiator requested both IPv4 and IPv6 | |||
| addresses/prefixes in the same request, but only a single address | addresses/prefixes in the same request, but only a single address | |||
| family can be assigned per request by the responder. | family can be assigned per request by the responder. | |||
| The address family preference is defined by a policy that is local | The address family preference is defined by a policy that is local | |||
| to the responder. | to the responder. | |||
| If a responder receives a request for both IPv4 and IPv6 address | If a responder receives a request for both IPv4 and IPv6 address | |||
| families, it replies with the preferred address family and | families, it replies with the preferred address family and | |||
| includes SINGLE_AF_SUPPORTED notification code. Upon receipt of | includes SINGLE_AF_SUPPORTED notification status type. Upon | |||
| this code, the initiator MAY re-issue another configuration | receipt of this status type, the initiator MAY re-issue another | |||
| request to ask for an additional address family. | configuration request to ask for an additional address family. | |||
| For other address-related error cases that have not been covered by | For other address-related error cases that have not been covered by | |||
| the aforementioned notification codes, the repsonder/initiator MUST | the aforementioned notification status types, the repsonder/initiator | |||
| follow the procedure defined in Section 3.15.4 of [RFC7849]. | MUST follow the procedure defined in Section 3.15.4 of [RFC7849]. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| This document adheres to the security considerations defined in | This document adheres to the security considerations defined in | |||
| [RFC7849] and [RFC7296]. | [RFC7296]. | |||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document requests IANA to update the "IKEv2 Notify Message Types | This document requests IANA to update the "IKEv2 Notify Message Types | |||
| - Error Types" registry available at: | - Status Types" registry available at: | |||
| https://www.iana.org/assignments/ikev2-parameters/ | https://www.iana.org/assignments/ikev2-parameters/ | |||
| ikev2-parameters.xhtml with the following codes: | ikev2-parameters.xhtml with the following status types: | |||
| Value NOTIFY MESSAGES - ERROR TYPES Reference | Value NOTIFY MESSAGES - STATUS TYPES Reference | |||
| TBD UNSUPPORTED_AF [This-Document] | TBD UNSUPPORTED_AF [This-Document] | |||
| TBD IP6_ONLY_SUPPORTED [This-Document] | TBD IP6_ONLY_SUPPORTED [This-Document] | |||
| TBD IP4_ONLY_SUPPORTED [This-Document] | TBD IP4_ONLY_SUPPORTED [This-Document] | |||
| TBD SINGLE_AF_SUPPORTED [This-Document] | TBD SINGLE_AF_SUPPORTED [This-Document] | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| Many thanks to Christian Jacquenet for the review. | Many thanks to Christian Jacquenet for the review. | |||
| Thanks to Paul Wouters and Yaov Nir for the comments. | Thanks to Paul Wouters, Yaov Nir, Valery Smyslov, and Daniel Migault | |||
| for the comments. | ||||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| End of changes. 24 change blocks. | ||||
| 48 lines changed or deleted | 50 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||