| < draft-ietf-magma-mld-source-06.txt | draft-ietf-magma-mld-source-07.txt > | |||
|---|---|---|---|---|
| A new Request for Comments is now available in online RFC libraries. | ||||
| MAGMA Working Group B. Haberman | RFC 3590 | |||
| draft-ietf-magma-mld-source-06.txt Caspian Networks | ||||
| Expires December 2003 June 2003 | ||||
| Source Address Selection for Multicast | ||||
| Listener Discovery Protocol (RFC 2710) | ||||
| Status of this Memo | ||||
| This document is an Internet-Draft and is in full conformance with | ||||
| all provisions of Section 10 of RFC2026. | ||||
| Internet-Drafts are working documents of the Internet Engineering | ||||
| Task Force (IETF), its areas, and its working groups. Note that other | ||||
| groups may also distribute working documents as Internet- Drafts. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | ||||
| and may be updated, replaced, or obsoleted by other documents at any | ||||
| time. It is inappropriate to use Internet- Drafts as reference | ||||
| material or to cite them other than as "work in progress." | ||||
| The list of current Internet-Drafts can be accessed at | ||||
| http://www.ietf.org/ietf/1id-abstracts.txt. | ||||
| The list of Internet-Draft Shadow Directories can be accessed at | ||||
| http://www.ietf.org/shadow.html. | ||||
| Abstract | ||||
| It has come to light that there is an issue with the selection of a | ||||
| suitable IPv6 source address for Multicast Listener Discovery | ||||
| messages when a node is performing stateless address | ||||
| autoconfiguration. This memo is intended to clarify the rules on | ||||
| selecting an IPv6 address to use for MLD messages. | ||||
| This document updates RFC 2710. | ||||
| Introduction | ||||
| The original specification of the Multicast Listener Discovery | ||||
| Protocol[RFC 2710] mandates the use of a link-local IPv6 source | ||||
| address for the transmission of MLD messages. In addition, MLD also | ||||
| requires nodes to send MLD Report messages when joining any IPv6 | ||||
| multicast group (except the All-Nodes address and addresses of scope | ||||
| less than 2). | ||||
| These MLD requirements conflict with the use of IPv6 multicast within | ||||
| the Neighbor Discovery Protocol[RFC 2461]. For stateless | ||||
| autoconfiguration, as defined in [RFC 2462], a node is required to | ||||
| join several IPv6 multicast groups in order to perform Duplicate | ||||
| Address Detection prior to its use. Since the only address the node | ||||
| has is tentative, and cannot be used for communication, it does not | ||||
| have a suitable address to utilize as a source address. | ||||
| This document will clarify the IPv6 source address selection rules | ||||
| for use with MLD when no link-local addresses are available. | ||||
| Terminology | ||||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | ||||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | ||||
| document are to be interpreted as described in [RFC 2119]. | ||||
| Justification | ||||
| In [RFC 2710], Section 3 requires that all MLD messages be sent with | ||||
| a valid link-local IPv6 source address. However, a node in the | ||||
| process of performing duplicate address detection for its link-local | ||||
| address will not have one available to use as a source address. For | ||||
| this reason, this document provides an alternative IPv6 source | ||||
| address for MLD messages being used during duplicate address | ||||
| detection. | ||||
| In addition, Sections 5 and 6 of [RFC 2710] mandates that a node | ||||
| receiving an MLD Report message verify that the IPv6 source address | ||||
| is a link-local address. This document relaxes this rule in order to | ||||
| support the alternative IPv6 source address in use during duplicate | ||||
| address detection. | ||||
| The discrepencies in the rules defined in [RFC 2710] and [RFC 2462] | ||||
| has led to implementation issues. Several IPv6 implementations skip | ||||
| sending MLD Report messages during duplicate address detection | ||||
| because they have no valid link-local address. This leads to | ||||
| operational problems when a node is attached to switches that perform | ||||
| MLD snooping. In this scenario, duplicate address detection will | ||||
| complete successfully and collisions can occur once the address is | ||||
| put into use because switches may not have forwarded the DAD messages | ||||
| to all nodes on the link as required. This document fixes this | ||||
| problem by specifying that MLD reports are to be sent using an | ||||
| unspecified source address prior to DAD being started in order to | ||||
| ensure that messages sent to LL multicast addresses (e.g., including | ||||
| MLD) are forwarded to all appropriate nodes as required. | ||||
| MLD Source Address Selection Guidelines | ||||
| An MLD speaking node is required to choose a suitable IPv6 source | ||||
| address for all MLD messages (Report, Done, and Query). | ||||
| MLD Query messages MUST be sent with a valid link-local address as | ||||
| the IPv6 source address. If a node (router or host) receives a query | ||||
| message with an IPv6 source address set to the unspecified address | ||||
| (::), it MUST silently discard the message and SHOULD log a warning. | ||||
| MLD Report and Done messages are sent with a link-local address as | ||||
| the IPv6 source address, if a valid address is available on the | ||||
| interface. If a valid link-local address is not available (e.g. one | ||||
| has not been configured), the message is sent with the unspecified | ||||
| address (::) as the IPv6 source address. | ||||
| Once a valid link-local address is available, a node SHOULD generate | ||||
| new MLD Report messages for all multicast addresses joined on the | ||||
| interface. | ||||
| Routers receiving an MLD Report or Done message with the unspecified | ||||
| address as the IPv6 source address MUST silently discard the packet | ||||
| without taking any action on the packets contents. | ||||
| Snooping switches MUST manage multicast forwarding state based on MLD | ||||
| Report and Done messages sent with the unspecified address as the | ||||
| IPv6 source address. | ||||
| Source Address Selection Implications | ||||
| In RFC 2710, MLD Report and Done messages are required to have an | ||||
| IPv6 source address that is link-local. This memo augments that rule | ||||
| by allowing these messages to contain the unspecified address (::) as | ||||
| the source address. | ||||
| The behavior of RFC 2710 implementations, when receiving a message | ||||
| with a source address of ::, is dependent upon how the implementation | ||||
| treats the unspecified address. That is, these messages will be | ||||
| dropped if the implementation does not consider the unspecified | ||||
| address to be link-local in scope. | ||||
| As the unspecified address is only used when there is no link-local | ||||
| address, RFC 2710 implementations discarding these packets will have | ||||
| no affect on the packet's sender as the use should only be for | ||||
| joining the link-local solicited-node multicast group [RFC 2462]. | ||||
| There is an implication to senders with respect to joining other | ||||
| multicast groups prior to the activation of a link-local address. | ||||
| The dropping of Reports using the unspecified address as a source | ||||
| address could cause a lack of multicast traffic that is expected by | ||||
| the node. This black hole will be temporary until the node can send | ||||
| a Report with a valid link-local address. | ||||
| Security Considerations | ||||
| General security issues related to MLD are discussed in [RFC 2710]. | ||||
| For hosts and routers, all received MLD messages from an unspecified | ||||
| source address are silently discarded. This is the required behavior | ||||
| from [RFC 2710] and is not changed by this document. Thus, the | ||||
| changes have no new security impacts. | ||||
| In the case of snooping switches, multicast forwarding state will be | ||||
| maintained based on Report and Done messages sent with the | ||||
| unspecified address as the source address. However, the security | ||||
| vulnerabilities in this scenario are similar to those describing | ||||
| forged messages in the security considerations section of [RFC 2710]. | ||||
| References | ||||
| Normative References | ||||
| [RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate | Title: Source Address Selection for the | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Multicast Listener Discovery (MLD) Protocol | |||
| Author(s): B. Haberman | ||||
| Status: Standards Track | ||||
| Date: September 2003 | ||||
| Mailbox: brian@innovationslab.net | ||||
| Pages: 6 | ||||
| Characters: 11554 | ||||
| Updates: 2710 | ||||
| [RFC 2710] Deering, S., Fenner, W., Haberman, B., "Multicast | I-D Tag: draft-ietf-magma-mld-source-07.txt | |||
| Listener Discovery (MLD) for IPv6", RFC 2710, October | ||||
| 1999. | ||||
| Informative References | URL: ftp://ftp.rfc-editor.org/in-notes/rfc3590.txt | |||
| [RFC 2461] Narten, T., Nordmark, E., Simpson, W., "Neighbor | It has come to light that there is an issue with the selection of a | |||
| Discovery for IP Version 6 (IPv6)", RFC 2461, December | suitable IPv6 source address for Multicast Listener Discovery | |||
| 1998. | (MLD) messages when a node is performing stateless address | |||
| autoconfiguration. This document is intended to clarify the rules on | ||||
| selecting an IPv6 address to use for MLD messages. | ||||
| [RFC 2462] Thomson, S., Narten, T., "IPv6 Stateless Address | This document is a product of the Multicast & Anycast Group Membership | |||
| Autoconfiguration", RFC 2462, December 1998. | Working Group of the IETF. | |||
| Author's Address | This is now a Proposed Standard Protocol. | |||
| Brian Haberman | This document specifies an Internet standards track protocol for | |||
| Caspian Networks | the Internet community, and requests discussion and suggestions | |||
| One Park Drive | for improvements. Please refer to the current edition of the | |||
| Suite 300 | "Internet Official Protocol Standards" (STD 1) for the | |||
| Research Triangle Park, NC 27709 | standardization state and status of this protocol. Distribution | |||
| Phone: +1-919-949-4828 | of this memo is unlimited. | |||
| EMail: brian@innovationslab.net | ||||
| Full Copyright Statement | This announcement is sent to the IETF list and the RFC-DIST list. | |||
| Requests to be added to or deleted from the IETF distribution list | ||||
| should be sent to IETF-REQUEST@IETF.ORG. Requests to be | ||||
| added to or deleted from the RFC-DIST distribution list should | ||||
| be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG. | ||||
| Copyright (C) The Internet Society (2003). All Rights Reserved. | Details on obtaining RFCs via FTP or EMAIL may be obtained by sending | |||
| an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body | ||||
| help: ways_to_get_rfcs. For example: | ||||
| This document and translations of it may be copied and furnished to | To: rfc-info@RFC-EDITOR.ORG | |||
| others, and derivative works that comment on or otherwise explain it | Subject: getting rfcs | |||
| or assist in its implementation may be prepared, copied, published | ||||
| and distributed, in whole or in part, without restriction of any | ||||
| kind, provided that the above copyright notice and this paragraph are | ||||
| included on all such copies and derivative works. However, this | ||||
| document itself may not be modified in any way, such as by removing | ||||
| the copyright notice ore references to the Internet Society or other | ||||
| Internet organizations, except as needed for the purpose of | ||||
| developing Internet standards in which case the procedures for | ||||
| copyrights defined in the Internet Standards process must be | ||||
| followed, or as required to translate it into languages other than | ||||
| English. | ||||
| The limited permissions granted above are perpetual and will not be | help: ways_to_get_rfcs | |||
| revoked by the Internet Society or its successors or assigns. | ||||
| This document and the information contained herein is provided on an | Requests for special distribution should be addressed to either the | |||
| "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING | author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG. Unless | |||
| TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING | specifically noted otherwise on the RFC itself, all RFCs are for | |||
| BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION | unlimited distribution.echo | |||
| HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF | Submissions for Requests for Comments should be sent to | |||
| MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. | RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC | |||
| Authors, for further information. | ||||
| End of changes. 14 change blocks. | ||||
| 200 lines changed or deleted | 38 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||