idnits 2.17.1 draft-ietf-6man-addr-select-opt-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC2606-compliant FQDNs in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 07, 2013) is 3914 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 3484 (Obsoleted by RFC 6724) -- Obsolete informational reference (is this intentional?): RFC 4941 (Obsoleted by RFC 8981) Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6man Working Group A. Matsumoto 3 Internet-Draft T. Fujisaki 4 Intended status: Standards Track NTT 5 Expires: February 08, 2014 T. Chown 6 University of Southampton 7 August 07, 2013 9 Distributing Address Selection Policy using DHCPv6 10 draft-ietf-6man-addr-select-opt-11.txt 12 Abstract 14 RFC 6724 defines default address selection mechanisms for IPv6 that 15 allow nodes to select an appropriate address when faced with multiple 16 source and/or destination addresses to choose between. RFC 6724 17 allows for the future definition of methods to administratively 18 configure the address selection policy information. This document 19 defines a new DHCPv6 option for such configuration, allowing a site 20 administrator to distribute address selection policy overriding the 21 default address selection parameters and policy table, and thus to 22 control the address selection behavior of nodes in their site. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at http://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on February 08, 2014. 41 Copyright Notice 43 Copyright (c) 2013 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (http://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 This document may contain material from IETF Documents or IETF 57 Contributions published or made publicly available before November 58 10, 2008. The person(s) controlling the copyright in some of this 59 material may not have granted the IETF Trust the right to allow 60 modifications of such material outside the IETF Standards Process. 61 Without obtaining an adequate license from the person(s) controlling 62 the copyright in such materials, this document may not be modified 63 outside the IETF Standards Process, and derivative works of it may 64 not be created outside the IETF Standards Process, except to format 65 it for publication as an RFC or to translate it into languages other 66 than English. 68 1. Introduction 70 [RFC6724] describes default algorithms for selecting an address when 71 a node has multiple destination and/or source addresses to choose 72 from by using an address selection policy. In Section 2 of RFC 6724, 73 it is suggested that the default policy table may be administratively 74 configured to suit the specific needs of a site. This specification 75 defines a new DHCPv6 option for such configuration. 77 Some problems were identified with the default address selection 78 policy as originally defined in [RFC3484]. As a result, RFC 3484 was 79 updated and obsoleted by [RFC6724]. While this update corrected a 80 number of issues identifed from operational experience, it is 81 unlikely that any default policy will suit all scenarios, and thus 82 mechanisms to control the source address selection policy will be 83 necessary. Requirements for those mechanisms are described in 84 [RFC5221], while solutions are discussed in 85 [I-D.ietf-6man-addr-select-considerations]. Those documents have 86 helped shape the improvements in the default address selection 87 algorithm in [RFC6724] as well as the requirements for the DHCPv6 88 option defined in this specification. 90 1.1. Conventions Used in This Document 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 94 document are to be interpreted as described in [RFC2119]. 96 1.2. Terminology 98 This document uses the terminology defined in [RFC2460] and the 99 DHCPv6 specification defined in [RFC3315] 101 2. Address Selection options 103 The Address Selection option provides the address selection policy 104 table, and some other configuration parameters. 106 An Address Selection option contains zero or more policy table 107 options. Multiple policy table options in an Address Selection 108 option constitute a single policy table. When an Address Selection 109 option does not contain a policy table option, it may be used to just 110 convey the A and P flags. 112 The format of the Address Selection option is given below. 114 0 1 2 3 115 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 117 | OPTION_ADDRSEL | option-len | 118 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 119 | Reserved |A|P| | 120 +-+-+-+-+-+-+-+-+ POLICY TABLE OPTIONS | 121 | (variable length) | 122 | | 123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 125 Figure 1: Address Selection option format 127 option-code: OPTION_ADDRSEL (TBD). 129 option-len: The total length of the Reserved field, A, P flags, and 130 POLICY TABLE OPTIONS in octets. 132 Reserved: Reserved field. The server MUST set this value to zero 133 and the client MUST ignore its content. 135 A: Automatic Row Addition flag. This flag toggles the Automatic 136 Row Addition flag at client hosts, which is described in section 137 2.1 of [RFC6724]. If this flag is set to 1, it does not change 138 client host behavior, that is, a client MAY automatically add 139 additional site-specific rows to the policy table. If set to 0, 140 the Automatic Row Addition flag is disabled, and a client SHOULD 141 NOT automatically add rows to the policy table. If the option 142 contains a POLICY TABLE option, this flag is meaningless, and 143 automatic row addition SHOULD NOT be performed against the 144 distributed policy table. 146 P: Privacy Preference flag. This flag toggles the Privacy 147 Preference flag on client hosts, which is described in section 5 148 of [RFC6724]. If this flag is set to 1, it does not change 149 client host behavior, that is, a client will prefer temporary 150 addresses [RFC4941]. If set to 0, the Privacy Preference flag 151 is disabled, and a client will prefer public addresses. 153 POLICY TABLE OPTIONS: Zero or more Address Selection Policy Table 154 options, as described below. This option corresponds to a row 155 in the policy table defined in section 2.1 of [RFC6724]. 157 0 1 2 3 158 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 160 | OPTION_ADDRSEL_TABLE | option-len | 161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 162 | label | precedence | prefix-len | | 163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 164 | | 165 | prefix (variable length) | 166 | | 167 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 169 Figure 2: Address Selection Policy Table option format 171 option-code: OPTION_ADDRSEL_TABLE (TBD). 173 option-len: The total length of the label field, precedence field, 174 prefix-len field, and prefix field. 176 label: An 8-bit unsigned integer; this value is for correlation of 177 source address prefixes and destination address prefixes. This 178 field is used to deliver a label value in the [RFC6724] policy 179 table. 181 precedence: An 8-bit unsigned integer; this value is used for 182 sorting destination addresses. This field is used to to deliver 183 a precedence value in [RFC6724] policy table. 185 prefix-len: An 8-bit unsigned integer; the number of leading bits in 186 the prefix that are valid. The value ranges from 0 to 128. 188 prefix: A variable-length field containing an IP address or the 189 prefix of an IP address. An IPv4-mapped address [RFC4291] must 190 be used to represent an IPv4 address as a prefix value. This 191 field is padded with zeros up to the nearest octet boundary when 192 prefix-len is not divisible by 8. This can be expressed using 193 the following equation: (prefix-len + 7)/8 So the length of this 194 field should be between 0 and 16 bytes. For example, the prefix 195 2001:db8::/60 would be encoded with an prefix-len of 60, the 196 prefix would be 8 octets and would contains octets 20 01 0d b8 197 00 00 00 00. 199 3. Processing the Address Selection option 201 This section describes how to process a received Address Selection 202 option at the DHCPv6 client. 204 This option's concept is to serve as a hint for a node about how to 205 behave in the network. Ultimately, while the node's administrator 206 can control how to deal with the received policy information, the 207 implementation SHOULD follow the method described below uniformly, to 208 ease troubleshooting and to reduce operational costs. 210 3.1. Handling local configurations 212 [RFC6724] defines two flags (A, P) and the default policy table. 213 Also, users are usually able to configure the flags and the policy 214 table to satisfy their own requirements. 216 The client implementation SHOULD provide the following choices to the 217 user. 219 (a) replace the existing flags and active policy table with the 220 DHCPv6 distributed flags and policy table. 222 (b) preserve the existing flags and active policy table, whether 223 this be the default policy table, or user configured policy. 225 Choice (a) SHOULD be the default, i.e. that the policy table is not 226 explictly configured by the user. 228 3.2. Handling stale policy tables 230 When the information from the DHCP server goes stale, the policy 231 received from the DHCP server SHOULD be deprecated. 233 The received information can be considered stale in several cases, 234 e.g., when the interface goes down, the DHCP server does not respond 235 for a certain amount of time, and the Information Refresh Time is 236 expired. 238 3.3. Handling multiple interfaces 240 The policy table, and other parameters specified in this document, 241 are node-global information by their nature. One reason being that 242 the outbound interface is usually chosen after destination address 243 selection. So a host cannot make use of multiple address selection 244 policies even if they are stored per interface. 246 The policy table is defined as a whole, so the slightest addition/ 247 deletion from the policy table brings a change in the semantics of 248 the policy. 250 It also should be noted that the absence of a DHCP-distributed policy 251 from a certain network interface should not infer that the network 252 administrator does not care about address selection policy at all, 253 because it may mean there is a preference to use the default address 254 selection policy. So, it should be safe to assume that the default 255 address selection policy should be used where no overriding policy is 256 provided. 258 Under the above assumptions, we can specify how to handle received 259 policy as follows. 261 In the absence of distributed policy for a certain network interface, 262 the default address selection policy SHOULD be used. A node should 263 use Address Selection options by default in any of the following two 264 cases: 266 1: A single-homed host SHOULD use default address selection options, 267 where the host belongs exclusively to one administrative network 268 domain, usually through one active network interface. 270 2: Hosts that use advanced heuristics to deal with multiple received 271 policies that are defined outside the scope of this document 272 SHOULD use Address Selection options. 274 Implementations MAY provide configuration options to enable this 275 protocol on a per interface basis. 277 Implementations MAY store distributed address selection policies per 278 interface. They can be used effectively on implementations that 279 adopt per-application interface selection. 281 4. Implementation Considerations 283 o The value 'label' is passed as an unsigned integer, but there is 284 no special meaning for the value, that is whether it is a large or 285 small number. It is used to select a preferred source address 286 prefix corresponding to a destination address prefix by matching 287 the same label value within the DHCP message. DHCPv6 clients 288 SHOULD convert this label to a representation appropriate for the 289 local implementation (e.g., string). 291 o The maximum number of address selection rules that may be conveyed 292 in one DHCPv6 message depends on the prefix length of each rule 293 and the maximum DHCPv6 message size defined in [RFC3315]. It is 294 possible to carry over 3,000 rules in one DHCPv6 message (maximum 295 UDP message size). However, it should not be expected that DHCP 296 clients, servers and relay agents can handle UDP fragmentation. 297 Network adiministrators SHOULD consider local limitations to the 298 maximum DHCPv6 message size that can be reliably transported via 299 their specific local infrastructure to end nodes; and therefore 300 they SHOULD consider the number of options, the total size of the 301 options, and the resulting DHCPv6 message size, when defining 302 their policy table. 304 5. Security Considerations 306 A rogue DHCPv6 server could issue bogus address selection policies to 307 a client. This might lead to incorrect address selection by the 308 client, and the affected packets might be blocked at an outgoing ISP 309 because of ingress filtering, incur additional network charges, or be 310 misdirected to an attacker's machine. Alternatively, an IPv6 311 transition mechanism might be preferred over native IPv6, even if it 312 is available. To guard against such attacks, a legitimate DHCPv6 313 server should communicate through a secure, trusted channel, such as 314 a channel protected by IPsec, SEND and DHCP authentication, as 315 described in section 21 of [RFC3315]. A commonly used alternative 316 mitigation is to employ DHCP snooping at Layer 2. 318 Another threat surrounds the potential privacy concern as described 319 in the security considerations section of [RFC6724], whereby an 320 attacker can send packets with different source addresses to a 321 destination to solicit different source addresses in the responses 322 from that destination. This issue will not be modified by the 323 introduction of this option, regardless of whether the host is 324 multihomed or not. 326 6. IANA Considerations 328 IANA is requested to assign option codes to OPTION_ADDRSEL and 329 OPTION_ADDRSEL_TABLE from the "DHCP Option Codes" registry (http:// 330 www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xml). 332 7. References 334 7.1. Normative References 336 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 337 Requirement Levels", BCP 14, RFC 2119, March 1997. 339 [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., 340 and M. Carney, "Dynamic Host Configuration Protocol for 341 IPv6 (DHCPv6)", RFC 3315, July 2003. 343 [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, 344 "Default Address Selection for Internet Protocol Version 6 345 (IPv6)", RFC 6724, September 2012. 347 7.2. Informative References 349 [I-D.ietf-6man-addr-select-considerations] 350 Chown, T. and A. Matsumoto, "Considerations for IPv6 351 Address Selection Policy Changes", draft-ietf-6man-addr- 352 select-considerations-05 (work in progress), April 2013. 354 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 355 (IPv6) Specification", RFC 2460, December 1998. 357 [RFC3484] Draves, R., "Default Address Selection for Internet 358 Protocol version 6 (IPv6)", RFC 3484, February 2003. 360 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 361 Architecture", RFC 4291, February 2006. 363 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 364 Extensions for Stateless Address Autoconfiguration in 365 IPv6", RFC 4941, September 2007. 367 [RFC5220] Matsumoto, A., Fujisaki, T., Hiromi, R., and K. Kanayama, 368 "Problem Statement for Default Address Selection in Multi- 369 Prefix Environments: Operational Issues of RFC 3484 370 Default Rules", RFC 5220, July 2008. 372 [RFC5221] Matsumoto, A., Fujisaki, T., Hiromi, R., and K. Kanayama, 373 "Requirements for Address Selection Mechanisms", RFC 5221, 374 July 2008. 376 Appendix A. Acknowledgements 378 Authors would like to thank to Dave Thaler, Pekka Savola, Remi Denis- 379 Courmont, Francois-Xavier Le Bail, Ole Troan, Bob Hinden, Dmitry 380 Anipko, Ray Hunter, Rui Paulo, Brian E Carpenter, Tom Petch, and the 381 members of 6man's address selection design team for their invaluable 382 contributions to this document. 384 Appendix B. Examples 386 [RFC5220] gives several cases where address selection problems 387 happen. This section contains some examples for solving those cases 388 by using the DHCP option defined in this text to update the hosts' 389 policy table in a network accordingly. There is also some discussion 390 of example policy tables in sections 10.3 to 10.7 of RFC 6724. 392 B.1. Ingress Filtering Problem 394 In the case described in section 2.1.2 of [RFC5220], the following 395 policy table should be distributed, when Router performs static 396 routing and directs the default route to ISP1 as per Figure 2. By 397 putting the same label value to all IPv6 addresses (::/0) and the 398 local subnet (2001:db8:1000:1::/64), a host picks a source address in 399 this subnet to send a packet via the default route. 401 Prefix Precedence Label 402 ::1/128 50 0 403 ::/0 40 1 404 2001:db8:1000:1::/64 45 1 405 2001:db8:8000:1::/64 45 14 406 ::ffff:0:0/96 35 4 407 2002::/16 30 2 408 2001::/32 5 5 409 fc00::/7 3 13 410 ::/96 1 3 411 fec0::/10 1 11 412 3ffe::/16 1 12 414 B.2. Half-Closed Network Problem 416 In the case described in section 2.1.3 of [RFC5220], the following 417 policy table should be distributed. By splitting the closed network 418 prefix (2001:db8:8000::/36) from all IPv6 addresses (::/0) and giving 419 different labels, the closed network prefix will only be used when 420 packets are destined for the closed network. 422 Prefix Precedence Label 423 ::1/128 50 0 424 ::/0 40 1 425 2001:db8:8000::/36 45 14 426 ::ffff:0:0/96 35 4 427 2002::/16 30 2 428 2001::/32 5 5 429 fc00::/7 3 13 430 ::/96 1 3 431 fec0::/10 1 11 432 3ffe::/16 1 12 434 B.3. IPv4 or IPv6 Prioritization 436 In the case described in section 2.2.1 of [RFC5220], the following 437 policy table should be distributed to prioritize IPv6. This case is 438 also described in [RFC6724] 440 Prefix Precedence Label 441 ::1/128 50 0 442 ::/0 40 1 443 ::ffff:0:0/96 100 4 444 2002::/16 30 2 445 2001::/32 5 5 446 fc00::/7 3 13 447 ::/96 1 3 448 fec0::/10 1 11 449 3ffe::/16 1 12 451 B.4. ULA or Global Prioritization 453 In the case described in section 2.2.3 of [RFC5220], the following 454 policy table should be distributed, or Automatic Row Addition flag 455 should be set to 1. By splitting the ULA in this site 456 (fc12:3456:789a::/48) from all IPv6 addresses (::/0) and giving it 457 higher precendence, the ULA will be used to connect to servers in the 458 same site. 460 Prefix Precedence Label 461 ::1/128 50 0 462 fc12:3456:789a::/48 45 14 463 ::/0 40 1 464 ::ffff:0:0/96 35 4 465 2002::/16 30 2 466 2001::/32 5 5 467 fc00::/7 3 13 468 ::/96 1 3 469 fec0::/10 1 11 470 3ffe::/16 1 12 472 Authors' Addresses 474 Arifumi Matsumoto 475 NTT NT Lab 476 3-9-11 Midori-Cho 477 Musashino-shi, Tokyo 180-8585 478 Japan 480 Phone: +81 422 59 3334 481 Email: arifumi@nttv6.net 483 Tomohiro Fujisaki 484 NTT NT Lab 485 3-9-11 Midori-Cho 486 Musashino-shi, Tokyo 180-8585 487 Japan 489 Phone: +81 422 59 7351 490 Email: fujisaki@nttv6.net 492 Tim Chown 493 University of Southampton 494 Southampton, Hampshire SO17 1BJ 495 United Kingdom 497 Email: tjc@ecs.soton.ac.uk