idnits 2.17.1 draft-cui-dhc-dhcp4o6-bulk-active-leasequery-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There is 1 instance of too long lines in the document, the longest one being 5 characters in excess of 72. ** The abstract seems to contain references ([RFC7341]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 9, 2015) is 3333 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC5007' is defined on line 328, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-dhc-dynamic-shared-v4allocation' is defined on line 359, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-softwire-lw4over6' is defined on line 365, but no explicit reference was found in the text == Outdated reference: A later version (-07) exists of draft-fsc-softwire-dhcp4o6-saddr-opt-01 == Outdated reference: A later version (-07) exists of draft-ietf-dhc-dhcpv4-active-leasequery-02 == Outdated reference: A later version (-04) exists of draft-ietf-dhc-dhcpv6-active-leasequery-02 == Outdated reference: A later version (-09) exists of draft-ietf-dhc-dynamic-shared-v4allocation-05 Summary: 3 errors (**), 0 flaws (~~), 8 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 dhc Working Group Y. Cui 3 Internet-Draft Z. Liu 4 Intended status: Informational C. Liu 5 Expires: September 10, 2015 Tsinghua University 6 Y. Lee 7 Comcast 8 March 9, 2015 10 DHCP4o6 Bulk and Active Leasequery 11 draft-cui-dhc-dhcp4o6-bulk-active-leasequery-01 13 Abstract 15 As networks migrate towards IPv6, some entities still have the 16 requirement for IPv4 configuration. DHCPv4 over DHCPv6 [RFC7341] 17 provides a mechanism for obtaining IPv4 configuration information 18 dynamically in IPv6 networks. DHCPv4/DHCPv6 Bulk Leasequery and 19 Active Leasequery allow a client to get DHCP address binding 20 information data in bulk transfer or in real-time via TCP. This 21 document describes an extension of DHCPv6 Bulk and Active Leasequery 22 that provides a mechanism to get DHCPv4 over DHCPv6 lease 23 information. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on September 10, 2015. 42 Copyright Notice 44 Copyright (c) 2015 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 3 62 4. Message and Option Description . . . . . . . . . . . . . . . 4 63 5. Requestor and Server Behavior . . . . . . . . . . . . . . . . 5 64 5.1. Extension to Bulk Leasequery . . . . . . . . . . . . . . 5 65 5.2. Extension to Active Leasequery . . . . . . . . . . . . . 6 66 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 67 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 68 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 69 7.2. Informative References . . . . . . . . . . . . . . . . . 8 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 72 1. Introduction 74 The DHCPv4 Leasequery [RFC4388] extends the basic DHCPv4 capability 75 [RFC2131] [RFC2132]to allow a requestor to query a DHCPv4 server for 76 an individual binding information. DHCPv4 Bulk Leasequery[RFC6926] 77 extends [RFC4388] to allow a requestor to query a DHCPv4 server for 78 bulk transfer of binding information. DHCPv4 Active Leasequery 79 further extends [RFC6926] to create a long-lived TCP connection 80 between the requester and DHCPv4 server for near real-time binding 81 information. Paralle Leasequery protocols are also defined for 82 DHCPv6. 84 In IPv6 migration, some hosts in IPv6 network may also need DHCPv4 85 configuration using DHCPv4 over DHCPv6[RFC7341]. In some use cases, 86 it also need to extend DHCPv4 over DHCPv6 to carry related IPv6 87 information along with the DHCPv4 configuration, such as 88 [I-D.fsc-softwire-dhcp4o6-saddr-opt]. In these extending DHCPv4 over 89 DHCPv6 messages, IPv4 and IPv6 bindings may interact and correlate 90 with each other. The DHCPv4 lease information (including IPv4 91 address and other DHCPv4 options) is encapsulated in DHCPv4 Message 92 option as defined in[RFC7341]. And the related IPv6 bindings is 93 encapsulated in DHCPv6 message (DHCPV4-QUERY/DHCPV4-RESPONSE 94 messages). 96 The interaction of the DHCPv4 and IPv6 information used by DHCP4o6 97 makes it different from original DHCPv4 [RFC2131]. One example is 98 Lightweight 4over6 dynamic provisioning: A client (lwB4) may use 99 DHCPv6 option(OPTION_DHCP4O6_SADDR) 100 [I-D.fsc-softwire-dhcp4o6-saddr-opt] to set the IPv6 tunnel source 101 address in the DHCP4o6 server. For each lwB4, the lwAFTR needs to 102 create a mapping entry. The mapping contains the tuple (lease IPv4 103 address, port set, IPv6 tunnel source address). The lwAFTR must 104 obtain the tuple before providing service to a particular lwB4. 105 However, there is no single DHCP server contains all three pieces of 106 information. 108 The lwB4's IPv6 tunnel source address may be an active IPv6 address 109 lease or a manual static address. The OPTION_DHCP4O6_SADDR is a 110 DHCPv6 option but may not bind to the active IPv6 address lease. 111 Furthermore, DHCP4o6 message doesn't contain DUID or any kind of 112 identifiers for the requestor to query the DHCPv4 lease and co-relate 113 it to the IPv6 configuration. In this scenario, the requestor 114 (lwAFTR) cannot get the lwB4s' IPv6 tunnel source address using 115 DHCPv4 Bulk/Active Leasequery or DHCPv6 Bulk/Active Leasequery. 117 DHCPv4 Bulk/Active Leasequery is DHCPv4 protocol, they can't be used 118 to query DHCPv6 bindings. Similarly, DHCPv6 Bulk/Active Leasequery 119 is DHCPv6 protocol, it can't be used to query DHCPv4 bindings. This 120 document describes an extension of DHCPv6 Bulk and Active Leasequery 121 to allow a requestor to request DHCPv4 lease and related IPv6 122 configuration. 124 2. Terminology 126 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 127 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 128 document are to be interpreted as described in [RFC2119]. 130 3. Protocol Overview 132 In IPv6 network, entities use DHCPv4 over DHCPv6 to get DHCPv4 133 configuration and even get the related IPv6 configuration just like 134 the OPTION_DHCP4O6_SADDR defined in 135 [I-D.fsc-softwire-dhcp4o6-saddr-opt]. Entities may need other 136 related IPv6 configuration along with DHCPv4 lease using DHCPv4 over 137 DHCPv6. DHCP4o6 Bulk/Active Leasequery mechanism based on both 138 DHCPv4/DHCPv6 Bulk Leasequery and DHCPv4/DHCPv6 Active Leasequery 139 make requestor get DHCP4o6 lease information (DHCPv4 lease and 140 related IPv6 configuration) in bulk transfer or in real-time from 141 DHCP4o6 server via TCP. 143 The DHCP4o6 Bulk/Active Leasequery mechanism is modeled on the 144 existing DHCPv4 over DHCPv6 protocol in[RFC7341], which combines 145 DHCPv4 Bulk/Active Leasequery and DHCPv6 Bulk/Active Leasequery to 146 provide DHCPv4 lease and related IPv6 information in IPv6 network. 147 The DHCP4o6 Bulk/Active Leasequery requestors and DHCP4o6 servers 148 communicate with each other using DHCPv6 Bulk/Active Leasequery which 149 contains DHCPv4 Message Option defined in [RFC7341]. In DHCPv6 Bulk/ 150 Active Leasequery messages, DHCPv4 Message Option contains the DHCPv4 151 Bulk/Active leasequery message. The type and status of DHCPv4 Bulk/ 152 Active leasequery message in the option should be synchronous with 153 the DHCPv6 part in the same message during the process of leasequery. 155 Requestor sends a DHCPv6 Bulk/Active Leasequery message contains 156 DHCPv4 Message Option to query for DHCP4o6 lease information. In the 157 message, the DHCPv4 lease query is put in the DHCPv4 Bulk/Active 158 Leasequery message in DHCPv4 Message Option, and related IPv6 159 configuration is put in the DHCPv6 option. 161 The DHCPv4 lease in the DHCPv4 Message Option of the messages sent by 162 DHCP4o6 server in response should be identical to the messages sent 163 by the DHCPv4 Bulk/Active Leasequery server. The related IPv6 164 configuration part in response is put in the DHCPv6 Bulk/Active 165 Leasequery options. 167 Applications which employ Active Leasequery to keep a database up to 168 date with respect to the server's lease state database usually use an 169 initial Bulk Leasequery to bring their database into equivalence with 170 that of the server. In DHCP4o6 Bulk and Active Leasequery, it works 171 in the same way. 173 4. Message and Option Description 175 All of the message types and options defined in DHCPv4/DHCPv6 Bulk/ 176 Active Leasequery [RFC5460][I-D.ietf-dhc-dhcpv6-active-leasequery] 177 [RFC6926][I-D.ietf-dhc-dhcpv4-active-leasequery] are also used by 178 DHCP4o6 Bulk/Active Leasequery. In addition, a new usage of the 179 existing option is defined in this document. DHCPv4 Message Option 180 defined in [RFC7341] contains the DHCPv4 message sent by the DHCP 181 client or server. In DHCP4o6 Bulk/Active Leasequery scenario, DHCPv4 182 Message Option contains the DHCPv4 Bulk/Active Leasequery message 183 sent by requestor and DHCP4o6 server. 185 0 1 2 3 186 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 187 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 188 | option-code | option-len | 189 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 190 . . 191 . DHCPv4-Bulk/Active-Leasequery-message . 192 . . 193 . . 194 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 196 option-code: OPTION_DHCPV4_MSG (87) 198 option-len: Length of the DHCPv4 Bulk/Active Leasequery message. 200 DHCPv4-Bulk/Active-Leasequery-message: 201 The DHCPv4 Bulk or Active Leasequery message sent by the client 202 or the server. 204 Figure 1: DHCPv4 Message Option 206 When using in DHCP4o6 Bulk Leasequery, DHCPv4 Message Option contains 207 DHCPv4 Bulk Leasequery message. When DHCP4o6 Bulk Leasequery 208 requestors query for DHCP4o6 lease information, DHCPv4 Message Option 209 contains the DHCPv4 DHCPBULKLEASEQUERY message. In response, DHCP4o6 210 servers will put the DHCPv4 reply message (DHCPLEASEACTIVE , 211 DHCPLEASEUNASSIGNED or DHCPLEASEQUERYDONE message) in the DHCPv4 212 Message Option. 214 When using in DHCP4o6 Active Leasequery, DHCPv4 Message Option 215 contains DHCPv4 Active Leasequery message. When DHCP4o6 Active 216 Leasequery requestors query for DHCP4o6 lease information, DHCPv4 217 Message Option contains the DHCPv4 ACTIVELEASEQUERY message. In 218 response, DHCP4o6 servers will put the DHCPv4 reply message 219 (DHCPLEASEQUERYSTATUS, DHCPLEASEACTIVE , DHCPLEASEUNASSIGNED or 220 DHCPLEASEQUERYDONE message) in the DHCPv4 Message Option. 222 5. Requestor and Server Behavior 224 5.1. Extension to Bulk Leasequery 226 DHCP4o6 Bulk Leasequery extends the Bulk Leasequery to allow a 227 requestor getting bulk of DHCP4o6 lease information. A requestor 228 attempts to establish a TCP connection to a DHCP4o6 server in order 229 to initiate a leasequery exchange. If the attempt fails, the 230 requestor MAY retry. 232 After a connection is established, the requestor constructs a DHCP4o6 233 Bulk Leasequery message. In DHCPv6 LEASEQUERY message, the Query 234 options MUST include an OPTION_ORO option to indicate the options for 235 each client's related IPv6 configuration that the requestor would 236 like the server to return. The query-type in Query option MUST be 237 identical with the query-type of the DHCPv4 Bulk Leasequery message 238 in DHCPv4 Message Option. Related IPv6 configuration is binding to 239 the DHCPv4 lease, and DHCPv4 DHCPBULKLEASEQUERY message in the DHCPv4 240 Message Option formats as defined in [RFC6926]. 242 When DHCP4o6 server receives the extending DHCPv6 Bulk Leasequery 243 message, it first addresses the DHCPv4 Bulk Leasequery message as 244 defined in [RFC6926]. Then DHCP4o6 server addresses related IPv6 245 configuration query recording to the DHCPv4 replying. In LEASEQUERY- 246 REPLY, LEASEQUERY-DATA or LEASEQUERY-DONE message, DHCPv4 Message 247 Option contains the DHCPLEASEACTIVE , DHCPLEASEUNASSIGNED or 248 DHCPLEASEQUERYDONE message as a reply to DHCPv4 lease query and 249 Client Data Option contains the related IPv6 option as a reply to 250 related IPv6 configuration query. The status description in DHCPv6 251 reply message MUST be identical with the status in DHCPv4 reply 252 message in semantics. 254 5.2. Extension to Active Leasequery 256 DHCP4o6 Active Leasequery extends the Active Leasequery to allow a 257 requestor getting the current DHCP4o6 lease information and in this 258 scenario, DHCP4o6 server MUST support the DHCP4o6 Bulk Leasequery. 259 As defined in[I-D.ietf-dhc-dhcpv6-active-leasequery], an Active 260 Leasequery requestor would typically use Bulk Leasequery to 261 initialize its database with all current data when that database 262 contains no binding information. In addition, requestors would use 263 Bulk Leasequery to recover missed information in the event that it 264 recover from the failure. It also works in DHCP4o6 Active 265 Leasequery. 267 A requestor attempts to establish a TCP connection to a DHCP4o6 268 server in order to initiate an Active Leasequery exchange. If the 269 attempt fails, the requestor MAY retry. After a connection is 270 established, the requestor constructs a DHCP4o6 Active Leasequery 271 message. In ACTIVELEASEQUERY message, the Query options MUST include 272 an OPTION_ORO option to indicate the options for each client's 273 related IPv6 configration that the requestor would like the server to 274 return. The query-type in Query option MUST be identical with the 275 query-type of the DHCPv4 Active Leasequery message in DHCPv4 Message 276 Option. Similar to Bulk Leasequery, the DHCPv4 Active Leasequery 277 message DHCPACTIVELEASEQUERY message in the DHCPv4 Message Option 278 composes as defined in [I-D.ietf-dhc-dhcpv4-active-leasequery]. 280 When DHCP4o6 server receives the extending Active Leasequery message, 281 it first addresses the DHCPv4 Active Leasequery message as defined 282 in[I-D.ietf-dhc-dhcpv4-active-leasequery]. Then DHCP4o6 server 283 addresses related IPv6 configuration query according to the DHCPv4 284 replying. The status description in DHCPv6 reply message MUST be 285 identical with the status in DHCPv4 reply message in semantics. When 286 the server updates DHCPv4 lease or related IPv6 information, it will 287 generate a response to requestors. In response, the server sends 288 updates of DHCPv4o6 lease information in the DHCPv6 LEASEQUERY-DATA 289 message. In LEASEQUERY-REPLY, LEASEQUERY-DATA or LEASEQUERY-DONE 290 message, DHCPv4 Message Option contains the DHCPLEASEACTIVE, 291 DHCPLEASEUNASSIGNED or DHCPLEASEQUERYDONE message as a reply to 292 DHCPv4 lease query and Client Data Option contains the related IPv6 293 option as a reply to related IPv6 configuration query. 295 6. Security Considerations 297 The "Security Considerations" section of [RFC5460] and 298 [I-D.ietf-dhc-dhcpv6-active-leasequery]details the threats to DHCPv6 299 Bulk Leasequery and Active Leasequery especially additional concerns 300 for the use of TCP. In this document, DHCPv4 leasequery messages are 301 encapsulated in the defined option. In order to bypass firewalls or 302 network authentication gateways, a malicious attacker may leverage 303 this feature to convey other messages using DHCPv6 leasequery 304 message. 306 It is possible for a rogue host to reply as a DHCP4o6 leasequery 307 requestor, which may get configuration of the network. Or there is a 308 rogue server to provide false lease, which may misdirect requestor. 309 Requestors and DHCP4o6 servers may use TLS or other authentication 310 methods to protect the leasequery process. 312 7. References 314 7.1. Normative References 316 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 317 Requirement Levels", BCP 14, RFC 2119, March 1997. 319 [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 320 2131, March 1997. 322 [RFC2132] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor 323 Extensions", RFC 2132, March 1997. 325 [RFC4388] Woundy, R. and K. Kinnear, "Dynamic Host Configuration 326 Protocol (DHCP) Leasequery", RFC 4388, February 2006. 328 [RFC5007] Brzozowski, J., Kinnear, K., Volz, B., and S. Zeng, 329 "DHCPv6 Leasequery", RFC 5007, September 2007. 331 [RFC5460] Stapp, M., "DHCPv6 Bulk Leasequery", RFC 5460, February 332 2009. 334 [RFC6926] Kinnear, K., Stapp, M., Desetti, R., Joshi, B., Russell, 335 N., Kurapati, P., and B. Volz, "DHCPv4 Bulk Leasequery", 336 RFC 6926, April 2013. 338 [RFC7341] Sun, Q., Cui, Y., Siodelski, M., Krishnan, S., and I. 339 Farrer, "DHCPv4-over-DHCPv6 (DHCP 4o6) Transport", RFC 340 7341, August 2014. 342 7.2. Informative References 344 [I-D.fsc-softwire-dhcp4o6-saddr-opt] 345 Farrer, I., Sun, Q., and Y. Cui, "DHCPv4 over DHCPv6 346 Source Address Option", draft-fsc-softwire-dhcp4o6-saddr- 347 opt-01 (work in progress), September 2014. 349 [I-D.ietf-dhc-dhcpv4-active-leasequery] 350 Kinnear, K., Stapp, M., Volz, B., and N. Russell, "Active 351 DHCPv4 Lease Query", draft-ietf-dhc-dhcpv4-active- 352 leasequery-02 (work in progress), March 2015. 354 [I-D.ietf-dhc-dhcpv6-active-leasequery] 355 Dushyant, D., Kinnear, K., and D. Kukrety, "DHCPv6 Active 356 Leasequery", draft-ietf-dhc-dhcpv6-active-leasequery-02 357 (work in progress), March 2015. 359 [I-D.ietf-dhc-dynamic-shared-v4allocation] 360 Cui, Y., Qiong, Q., Farrer, I., Lee, Y., Sun, Q., and M. 361 Boucadair, "Dynamic Allocation of Shared IPv4 Addresses", 362 draft-ietf-dhc-dynamic-shared-v4allocation-05 (work in 363 progress), February 2015. 365 [I-D.ietf-softwire-lw4over6] 366 Cui, Y., Qiong, Q., Boucadair, M., Tsou, T., Lee, Y., and 367 I. Farrer, "Lightweight 4over6: An Extension to the DS- 368 Lite Architecture", draft-ietf-softwire-lw4over6-13 (work 369 in progress), November 2014. 371 Authors' Addresses 372 Yong Cui 373 Tsinghua University 374 Beijing 100084 375 P.R.China 377 Phone: +86-10-6260-3059 378 Email: yong@csnet1.cs.tsinghua.edu.cn 380 ZiLong Liu 381 Tsinghua University 382 Beijing 100084 383 P.R.China 385 Phone: +86-10-6278-5822 386 Email: liuzilong8266@163.com 388 Cong Liu 389 Tsinghua University 390 Beijing 100084 391 P.R.China 393 Phone: +86-10-6278-5822 394 Email: gnocuil@gmail.com 396 Yiu L. Lee 397 Comcast 398 U.S.A 400 Email: yiu_lee@cable.comcast.com