idnits 2.17.1 draft-ietf-dna-simple-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 10, 2010) is 5008 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'Appendix A' is mentioned on line 155, but not defined == Missing Reference: 'S' is mentioned on line 273, but not defined == Missing Reference: 'D' is mentioned on line 292, but not defined == Unused Reference: 'RFC3736' is defined on line 739, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3736 (Obsoleted by RFC 8415) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) Summary: 3 errors (**), 0 flaws (~~), 6 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Krishnan 3 Internet-Draft Ericsson 4 Intended status: Standards Track G. Daley 5 Expires: February 11, 2011 NetStar Networks 6 August 10, 2010 8 Simple procedures for Detecting Network Attachment in IPv6 9 draft-ietf-dna-simple-16 11 Abstract 13 Detecting Network Attachment allows hosts to assess if its existing 14 addressing or routing configuration is valid for a newly connected 15 network. This document provides simple procedures for detecting 16 network attachment in IPv6 hosts, and procedures for routers to 17 support such services. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on February 11, 2011. 36 Copyright Notice 38 Copyright (c) 2010 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Requirements notation . . . . . . . . . . . . . . . . . . . . 3 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2.1. Goals . . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2.2. Applicability . . . . . . . . . . . . . . . . . . . . . . 4 57 2.3. Link Identification model . . . . . . . . . . . . . . . . 4 58 2.4. DNA Overview . . . . . . . . . . . . . . . . . . . . . . . 4 59 2.5. Working Assumptions . . . . . . . . . . . . . . . . . . . 5 60 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 61 4. The Simple DNA Address Table (SDAT) . . . . . . . . . . . . . 7 62 5. Host Operations . . . . . . . . . . . . . . . . . . . . . . . 7 63 5.1. On receipt of a Router Advertisement . . . . . . . . . . . 7 64 5.2. After assignment of a DHCPv6 address . . . . . . . . . . . 8 65 5.3. Steps involved in detecting link change . . . . . . . . . 8 66 5.4. Link-Layer Indication . . . . . . . . . . . . . . . . . . 8 67 5.5. Sending Neighbor Discovery probes . . . . . . . . . . . . 9 68 5.5.1. Sending Router Solicitations . . . . . . . . . . . . . 9 69 5.5.2. Sending Neighbor Solicitations . . . . . . . . . . . . 9 70 5.5.3. Concurrent sending of RS and NS probes . . . . . . . . 9 71 5.5.4. Initiating DHCPv6 exchange . . . . . . . . . . . . . . 9 72 5.6. Contents of the Neighbor Discovery messages . . . . . . . 11 73 5.6.1. Neighbor Solicitation messages . . . . . . . . . . . . 11 74 5.6.2. Router Solicitation messages . . . . . . . . . . . . . 11 75 5.7. Response Gathering . . . . . . . . . . . . . . . . . . . . 12 76 5.7.1. Receiving Neighbor Advertisements . . . . . . . . . . 12 77 5.7.2. Receiving Router Advertisements . . . . . . . . . . . 12 78 5.7.3. Conflicting results . . . . . . . . . . . . . . . . . 12 79 5.8. Further Host Operations . . . . . . . . . . . . . . . . . 12 80 5.9. On connecting to a new point of attachment . . . . . . . . 13 81 5.10. Periodic Maintenance of the SDAT . . . . . . . . . . . . . 13 82 5.11. Recommended retransmission behavior . . . . . . . . . . . 13 83 6. Pseudocode for Simple DNA . . . . . . . . . . . . . . . . . . 15 84 7. Constants . . . . . . . . . . . . . . . . . . . . . . . . . . 16 85 8. Relationship to DNAv4 . . . . . . . . . . . . . . . . . . . . 17 86 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 87 10. Security Considerations . . . . . . . . . . . . . . . . . . . 17 88 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 18 89 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18 90 12.1. Normative References . . . . . . . . . . . . . . . . . . . 18 91 12.2. Informative References . . . . . . . . . . . . . . . . . . 19 92 Appendix A. Issues with confirming manually assigned addresses . 19 93 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 20 95 1. Requirements notation 97 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 98 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 99 document are to be interpreted as described in [RFC2119]. 101 2. Introduction 103 Hosts require procedures to simply and reliably identify if they have 104 moved to a network to which they had been recently connected. In 105 order to detect reconnection to a previously visited network, router 106 and neighbor discovery messages are used to collect reachability and 107 configuration information. This information is used to detect if the 108 host has attached to a link for which it may still have valid address 109 and other configuration information, and which it can use until it 110 receives confirmation through either through the Neighbor Discovery 111 protocol or DHCPv6. 113 This document incorporates feedback from host and router operating 114 systems implementors, which seeks to make implementation and adoption 115 of IPv6 change detection procedures simple for general use. 117 2.1. Goals 119 The goal of this document is to specify a simple procedure for 120 detecting network attachment (Simple DNA) that has the following 121 characteristics. 123 o Routers do not have to be modified to support this scheme. 125 o The most common use cases are optimized. 127 o In the worst case, detection latency is equal to that of standard 128 neighbor discovery so that performance is never degraded. 130 o False positives are not acceptable. A host MUST NOT wrongly 131 conclude that it has reattached to a previouly visited network. 133 o False negatives are acceptable. A host MAY fail to identify a 134 previously visited link correctly and attempt to acquire fresh 135 addressing and configuration information. 137 2.2. Applicability 139 The Simple DNA protocol provides substantial benefits over standard 140 neighbor discovery procedures [RFC4861] in some scenarios and does 141 not provide any benefit at all in certain other scenarios. This is 142 intentional as Simple DNA was designed for simplicity rather than 143 completeness. In particular, the Simple DNA protocol provides 144 maximum benefits when a host moves between a small set of known 145 links. When a host moves to a completely new link that is previously 146 unknown, the performance of the Simple DNA protocol will be identical 147 to that using standard neighbor discovery procedures [RFC4861]. In 148 this case the main benefit of the Simple DNA protocol is to 149 immediately flush out the inoperable addresses and configuration 150 instead of timing them out. The Simple DNA procedure provides 151 support for addresses configured using either IPv6 Stateless Address 152 Autoconfiguration [RFC4862] or DHCPv6 [RFC3315]. It does not support 153 manually configured addresses since they are not widely used and can 154 cause unpredictable results and/or aggressive probing behavior 155 [Appendix A]. 157 2.3. Link Identification model 159 Earlier methods of detecting network attachment, e.g. the procedure 160 defined in [I-D.ietf-dna-protocol], relied on detecting whether the 161 host was still connected to the same link. If the host was attached 162 to the same link, all information related to the link such as the 163 routers, prefixes and configuration parameters was considered to be 164 valid. The Simple DNA protocol follows an alternate approach where 165 it relies on probing each previously known router to determine 166 whether to use information learnt from THAT router. This allows 167 simple DNA to probe routers learnt from multiple earlier attachments 168 to optimize movement between a known set of links. 170 2.4. DNA Overview 172 Detecting Network Attachment is performed by hosts after detecting a 173 link-layer "up" indication. The host uses a combination of unicast 174 Neighbor Solicitations (NSs), multicast Router Solicitations (RSs) 175 and DHCPv6 message exchanges in order to determine whether previously 176 encountered routers are present on the link, and if they are not, 177 acquire the new configuration information. 179 Hosts implementing simple DNA may also send DHCPv6 packets, as 180 described in Section 5.5.4. Since simple DNA does not modify the 181 DHCPv6 protocol or state machine, the operation of DHCPv6 is 182 unchanged. 184 Routers that follow the standard neighbor discovery procedure 185 described in [RFC4861] will delay the router advertisement by a 186 random period between 0 and MAX_RA_DELAY_TIME (defined to be 500ms) 187 as described in Section 6.2.6 of [RFC4861]. In addition, consecutive 188 RAs sent to the all-nodes multicast address are rate limited to no 189 more than one advertisement every MIN_DELAY_BETWEEN_RAS (defined to 190 be 3 seconds). This will result in a worst-case delay of 3.5 seconds 191 in the absence of any packet loss. 193 Hosts implementing simple DNA can detect the presence of a previously 194 encountered router using unicast Neighbor Solicitations. As a 195 result, where the host with a valid configuration is returning to a 196 previously encountered link, delays in the sending of a Router 197 Advertisement (RA) will not delay configuration as long as NS probing 198 is successful. However in situations where the host is attaching to 199 a link for the first time, or where it does not have a valid IP 200 address on the link, it will be dependent on the receipt of an RA for 201 stateless auto-configuration. In these situations delays in the 202 receipt of an RA can be significant and may result in service 203 disruption. 205 2.5. Working Assumptions 207 There are a series of assumptions about the network environment which 208 underpin these procedures. 210 o The combination of the link layer address and the link local IPv6 211 address of a router is unique across links. 213 o Hosts receive indications when a link-layer comes up. Without 214 this, they would not know when to commence the DNA procedure. 216 If these assumptions do not hold, host change detection systems will 217 not function optimally. In that case, they may occasionally detect 218 change spuriously, or experience some delay in detecting network 219 attachment. The delays so experienced will be no longer than those 220 caused by following the standard neighbor discovery procedure 221 described in [RFC4861]. 223 3. Terminology 225 +---------------------+---------------------------------------------+ 226 | Term | Definition | 227 +---------------------+---------------------------------------------+ 228 | Valid IPv6 address | An IPv6 address configured on the node that | 229 | | has a valid lifetime greater than zero. | 230 | | | 231 | Operable IPv6 | An IPv6 address configured on the node that | 232 | address | can be used safely on the current link. | 233 | | | 234 | Router identifier | Identifier formed using the link-local | 235 | | address of a router along with its | 236 | | link-layer address. | 237 | | | 238 | D-Flag | Flag indicating whether the address was | 239 | | obtained using SLAAC or DHCPv6. If it is | 240 | | set to 0, then SLAAC was used to configure | 241 | | the address. If it is set to 1, then DHCPv6 | 242 | | was used to configure the address. | 243 | | | 244 | O-Flag | Flag indicating whether the address is | 245 | | operable. If it is set to 0, the address is | 246 | | inoperable. If it is set to 1, the address | 247 | | is operable. | 248 | | | 249 | S-Flag | Flag indicating whether SEND [RFC3971] was | 250 | | used in the Router Advertisement that | 251 | | resulted in the creation/modification of | 252 | | this SDAT entry. If it is set to 0, then | 253 | | SEND was not used. If it is set to 1, then | 254 | | SEND was used. | 255 | | | 256 | Candidate Router | A router address in the SDAT that is | 257 | Address | associated with at least one valid address. | 258 | | | 259 | Candidate Router | A set of router addresses that has been | 260 | Set | identified for NS based probing. | 261 +---------------------+---------------------------------------------+ 263 Table 1: Simple DNA Terminology 265 4. The Simple DNA Address Table (SDAT) 267 In order to correctly perform the procedure described in this 268 document the host needs to maintain a data structure called the 269 Simple DNA address table (SDAT). The host needs to maintain this 270 data structure for each interface on which it performs Simple DNA. 271 Each entry in the SDAT table will be indexed by the router identifier 272 (link-local + link layer address of the router) and consists of at 273 least the following parameters. Fields tagged as [S] are used for 274 addresses configured using SLAAC. Fields tagged as [D] are used for 275 addresses obtained using DHCPv6. Fields tagged as [S+D] are used in 276 both cases. 278 o [S+D]Link-local IPv6 address of the router(s) 280 o [S+D]Link-layer (MAC) address of the router(s) 282 o [S+D]Flag indicating whether the address was obtained using SLAAC 283 or DHCPv6.(The D-Flag) 285 o [S+D]IPv6 address and its related parameters like valid lifetime, 286 preferred lifetime etc. 288 o [S]Prefix from which the address was formed. 290 o [S]Flag indicating whether SEND was used.(The S-Flag) 292 o [D]DHCP specific information in case DHCPv6 [RFC3315] was used to 293 acquire the address. This information includes DUID, IA_ID, a 294 flag indicating IA_NA/IA_TA, configuration information such as DNS 295 server address, NTP server address etc. 297 o [S+D]Flag indicating whether the address is operable.(The O-Flag) 299 5. Host Operations 301 On connecting to a new point of attachment, the host performs the 302 detecting network attachment procedure in order to determine whether 303 the existing addressing and configuration information are still 304 valid. 306 5.1. On receipt of a Router Advertisement 308 When the host receives a Router Advertisement and the router 309 identifier of the sending router is not present in the SDAT, the host 310 processes the Router Advertisement as specified in Section 6.3.4. of 311 [RFC4861]. Additionally, the host performs the following operations. 313 If the Router Advertisement is protected by SEND the S-Flag MUST be 314 set to 1 in the SDAT entries created/modified by this RA. 316 o The host configures addresses out of the autoconfigurable prefixes 317 advertised in the RA, as specified in [RFC4862]. The host MUST 318 add an SDAT entry (indexed by this router identifier) for each 319 such address the host configures. 321 o The host might have already configured addresses out of the 322 autoconfigurable prefixes advertised in the RA. This could be a 323 result of receiving the prefix in an RA from another router on the 324 same link. The host MUST add an SDAT entry (indexed by this 325 router identifier) for each such address the host had already 326 configured. 328 o The host might have DHCPv6 assigned addresses that are known to be 329 operable on the link. The host MUST add an SDAT entry (indexed by 330 this router identifier) for each such DHCPv6 address. 332 5.2. After assignment of a DHCPv6 address 334 After the host is assigned an address by a DHCPv6 server, it needs to 335 associate the address with the routers on link. The host MUST create 336 one SDAT entry for each of the on-link routers associated with the 337 DHCPv6 assigned address. 339 5.3. Steps involved in detecting link change 341 The steps involved in basic detection of network attachment are: 343 o Link-Layer Indication 345 o Sending of neighbor discovery and/or DHCPv6 probes 347 o Response gathering and assessment 349 These steps are described below. 351 5.4. Link-Layer Indication 353 In order to start Detection of network attachment procedures, a host 354 typically requires a link-layer indication that the medium has become 355 available [RFC4957]. 357 After the indication is received, the host MUST mark all currently 358 configured (non-tentative) IP addresses as inoperable until the 359 change detection process completes. It MUST also set all Neighbor 360 Cache entries for the routers on its Default Router List to STALE. 362 This is done to speed up the acquisition of a new default router in 363 case the host attaches to a previously unvisited link. 365 5.5. Sending Neighbor Discovery probes 367 5.5.1. Sending Router Solicitations 369 When a host receives a link-layer "up" indication, it SHOULD 370 immediately send a Router Solicitation (as specified in as specified 371 in section 6.3.7 of [RFC4861]). The Router Solicitation is sent to 372 the All-routers multicast address using a link-local address as the 373 source address [RFC4861]. Even if the host is in possession of more 374 than one valid IPv6 address, it MUST send only one router 375 solicitation using a valid link-local address as the source address. 377 5.5.2. Sending Neighbor Solicitations 379 The host iterates through the SDAT to identify a set of candidate 380 routers for NS based probing. Each router in the SDAT that is 381 associated with at least one valid address is added to the candidate 382 router set exactly once. For each router in the candidate router set 383 the host MUST send an unicast Neighbor Solicitation to the router's 384 link-local address it obtained from the lookup on the SDAT. The host 385 MUST set link-layer destination address in each of these neighbor 386 solicitations to the link-layer address of the router stored in the 387 SDAT. The host MUST NOT send unicast Neighbor Solicitations to a 388 router that is not associated to a valid address in the SDAT. If at 389 least one entry in the SDAT for a given router had the S-Flag set, 390 the host SHOULD use SEND to secure the NS probe being sent to the 391 router. 393 5.5.3. Concurrent sending of RS and NS probes 395 The host SHOULD send the Neighbor Solicitation based unicast probes 396 in parallel with the multicast Router Solicitation. Since sending 397 NSs is just an optimization, doing the NSs and the RS in parallel 398 ensures that the procedure does not run slower than it would if it 399 only used an Router Solicitation. 401 NOTE: A Simple DNA implementation SHOULD limit its NS based probing 402 to at most six previously seen routers 404 5.5.4. Initiating DHCPv6 exchange 406 On receiving a link-layer "up" indication, the host will initiate a 407 DHCPv6 exchange when and as specified in [RFC3315] in order to verify 408 whether the addresses and configuration obtained using DHCPv6 are 409 still usable on the link. Note that DHCPv6, as specified today, only 410 attempts to confirm addresses obtained on the most recently attached 411 link. 413 5.6. Contents of the Neighbor Discovery messages 415 5.6.1. Neighbor Solicitation messages 417 This section describes the contents of the neighbor solicitation 418 probe messages sent during the probing procedure. 420 Source Address: A link-local address assigned to the 421 probing host. 423 Destination Address: The link-local address of the router being 424 probed as learned from the SDAT. 426 Hop Limit: 255 428 ND Options: 430 Target Address: The link-local address of the router being 431 probed as learnt from the SDAT. 433 Link Layer Header: 435 Destination Address: The link-layer (MAC) address of the router 436 being probed as learnt from the SDAT. 438 The probing node SHOULD include the Source link-layer address option 439 in the probe messages. 441 5.6.2. Router Solicitation messages 443 This section describes the contents of the router solicitation probe 444 message sent during the probing procedure. 446 Source Address: A link-local address assigned to the 447 probing host. 449 Destination Address: The all-routers multicast address. 451 Hop Limit: 255 453 The probing node SHOULD NOT include the Source link-layer address 454 option in the probe messages. 456 5.7. Response Gathering 458 5.7.1. Receiving Neighbor Advertisements 460 When a Neighbor Advertisement is received from a router in response 461 to a NS probe, the host MUST verify that both the IPv6 and link layer 462 (MAC) addresses of the router match the expected values before 463 utilizing the configuration associated with the detected network 464 (prefixes, MTU etc.). The host MUST then go through the SDAT and 465 mark the addresses (both SLAAC and DHCPv6 acquired) associated with 466 the router as operable. 468 5.7.2. Receiving Router Advertisements 470 On reception of a Router Advertisement the host MUST go through the 471 SDAT and mark all the addresses associated with the router (both 472 SLAAC and DHCPv6 acquired) as inoperable. The host MUST then process 473 the Router Advertisement as specified in Section 6.3.4. of [RFC4861]. 475 5.7.3. Conflicting results 477 5.7.3.1. Conflicting results between RS and NS probes 479 Where the conclusions obtained from the Neighbor Solicitation/ 480 Advertisement from a given router and the RS/RA exchange with the 481 same router differ, the results obtained from the RS/RA will be 482 considered definitive. In case the Neighbor Advertisement was 483 secured using SEND and the Router Advertisement was not, the host 484 MUST wait for SEND_NA_GRACE_TIME to see if a SEND-secured RA is 485 received. If a SEND-secured RA is not received, the conclusions 486 obtained from the NS/NA exchange will be considered definitive. 488 5.7.3.2. Conflicting results between DHCPv6 and NS probes 490 Where the conclusions obtained from the Neighbor Solicitation/ 491 Advertisement for a given DHCPv6-assigned address and the conclusions 492 obtained from the DHCPv6 exchange differ, the results obtained from 493 the DHCPv6 exchange will be considered definitive. 495 5.8. Further Host Operations 497 Operations subsequent to detecting network attachment depend upon 498 whether or not the host has reconnected to a previously visited 499 network. 501 After confirming the reachability of the associated router using an 502 NS/NA pair, the host performs the following steps. 504 o The host SHOULD rejoin any solicited nodes' multicast groups for 505 addresses it continues to use. 507 o The host SHOULD select a default router as described in Section 508 6.3.6 of [RFC4861]. 510 If the host has determined that it has reattached to a previously 511 visited link, it SHOULD NOT perform duplicate address detection on 512 the addresses that have been confirmed to be operable. 514 If the NS based probe with a router did not complete or if the RS 515 based probe on the same router completed with different prefixes than 516 the ones in the SDAT the host MUST begin address configuration 517 techniques, as indicated in a received Router Advertisement 518 [RFC4861][RFC4862]. 520 5.9. On connecting to a new point of attachment 522 A host usually maintains SDAT entries from some number of previously 523 visited networks. When the host attaches to a previously unknown 524 network it MAY need to discard some older SDAT entries. 526 5.10. Periodic Maintenance of the SDAT 528 The host SHOULD maintain the SDAT table by removing entries when the 529 valid lifetime for the prefix and address expires, that is, at the 530 same as as the prefix is removed from the Prefix List in [RFC4861]. 531 The host SHOULD also remove a router from a SDAT entry when that 532 router stops advertising a particular prefix. When three consequtive 533 RAs from a particular router have not included a prefix, then the 534 router should be removed from the corresponding SDAT entry. 535 Likewise, if a router starts advertising a prefix for which there 536 already exists a SDAT entry then that router should be added to the 537 SDAT entry. 539 5.11. Recommended retransmission behavior 541 Where the NS probe does not complete successfully, it usually implies 542 that the host is not attached to the network whose configuration is 543 being tested. In such circumstances, there is typically little value 544 in aggressively retransmitting unicast neighbor solicitations that do 545 not elicit a response. 547 Where unicast Neighbor Solicitations and Router Solicitations are 548 sent in parallel, one strategy is to forsake retransmission of 549 Neighbor Solicitations and to allow retransmission only of Router 550 Solicitations or DHCPv6. In order to reduce competition between 551 unicast Neighbor Solicitations and Router Solicitations and DHCPv6 552 retransmissions, a DNAv6 implementation that retransmits may utilize 553 the retransmission strategy described in the DHCPv6 specification 554 [RFC3315], scheduling DNAv6 retransmissions between Router 555 Solicitations or DHCPv6 retransmissions. 557 If a response is received to any unicast Neighbor Solicitation or 558 Router Solicitation message, pending retransmissions MUST be 559 canceled. A Simple DNA implementation SHOULD NOT retransmit a 560 Neighbor Solicitation more than twice. To provide damping in the 561 case of spurious Link Up indications, the host SHOULD NOT perform the 562 Simple DNA procedure more than once a second. 564 6. Pseudocode for Simple DNA 566 /* Link up indication received on INTERFACE */ 567 /* Start Simple DNA process */ 569 /* Mark All Addresses as inoperable */ 570 Configured_Address_List=Get_Address_List(INTERFACE); 571 foreach Configured_Address in Configured_Address_List 572 { 573 if (Get_Address_State(Configured_Address)!=AS_TENTATIVE) 574 { 575 Set_Address_State(Configured_Address,AS_INOPERABLE); 576 } 577 } 579 /* Mark all routers' NC entries as STALE to speed up */ 580 /* acquisition of new router if link change has occurred */ 581 foreach Router_Address in DEFAULT_ROUTER_LIST 582 { 583 NCEntry=Get_Neighbor_Cache_Entry(Router_Address); 584 Set_Neighbor_Cache_Entry_State(NCEntry,NCS_STALE); 585 } 587 /* Thread A : Send Router Solicitation */ 588 RS_Target_Address=FF02::2; 589 RS_Source_Address=Get_Any_Link_Local_Address(INTERFACE); 590 Send_Router_Solicitation(RS_Source_Address,RS_Target_Address); 592 /* Thread B : Send Neighbor Solicitation(s) */ 593 Previously_Known_Router_List=Get_Router_List_from_SDAT(); 594 NS_Source_Address=Get_Any_Link_Local_Address(INTERFACE); 596 foreach Router_Address in Previously_Known_Router_List 597 { 598 if (Get_Any_Valid_Address_from_SDAT(Router_Address)) 599 { 600 Send_Neighbor_Solicitation(NS_Source_Address,Router_Address.L3_Address, 601 Router_Address.L2_Address); 602 } 603 } 605 /* Thread C : Response collection of RAs */ 607 /* Received Router Advertisement processing */ 608 /* Only for RAs received from routers in the SDAT */ 610 L3_Source=Get_L3_Source(RECEIVED_MESSAGE); 611 L2_Source=Get_L2_Source(RECEIVED_MESSAGE); 612 SDAT_Entry_List=Get_Entries_from_SDAT_L2L3(L3_Source,L2_Source)); 614 /* Mark all the addresses associated with the router as inoperable */ 615 foreach SDAT_Entry in SDAT_Entry_List 616 { 617 Set_Address_State(SDAT_Entry,AS_INOPERABLE); 618 } 620 /* Ignore further NAs from this router */ 621 /* after delaying for x milliseconds */ 622 Add_Router_to_NA_Ignore_List(L3_Source,SEND_NA_GRACE_PERIOD); 624 /* Perform Standard RA processing as per RFC4861/RFC4862 */ 626 /* Thread D : Response collection of NAs */ 628 /* Received Neighbor Advertisement processing */ 629 /* Only for NAs received as response to DNA NSs */ 631 L3_Source=Get_L3_Source(RECEIVED_MESSAGE); 632 L2_Source=Get_L2_Source(RECEIVED_MESSAGE); 634 if (Is_Router_on_NA_Ignore_List(L3_Source)) { 635 /* Ignore message and wait for next message */ 636 continue; 637 } 639 SDAT_Entry_List=Get_Entries_from_SDAT_L2L3(L3_Source,L2_Source)); 641 foreach SDAT_Entry in SDAT_Entry_List 642 { 643 /* Address is operable. */ 644 Set_Address_State(SDAT_Entry,AS_OPERABLE); 645 /* Configure on Interface */ 646 } 648 Figure 1: Pseudocode for Simple DNA 650 NOTE: This section does not include any pseudo-code for sending of 651 the DHCPv6 packets since the DHCPv6 exchange is orthogonal to the 652 simple DNA process. 654 7. Constants 655 SEND_NA_GRACE_TIME 657 Definition: An optional period to wait after Neighbor 658 Solicitation before adopting a non-SEND RA's link change 659 information. 661 Value: 40 milliseconds 663 8. Relationship to DNAv4 665 DNAv4 [RFC4436] specifies a set of steps that optimize the (common) 666 case of re-attachment to an IPv4 network that one has been connected 667 to previously by attempting to re-use a previous (but still valid) 668 configuration. This document shares the same goal as DNAv4 (that of 669 minimizing the handover latency in moving between points of 670 attachment) but differs in the steps it performs to achieve this 671 goal. Another difference is that this document also supports 672 stateless autoconfiguration of addresses in addition to addresses 673 configured using DHCPv6. 675 9. IANA Considerations 677 There are no changes to IANA registries required in this document. 679 10. Security Considerations 681 A host may receive Router Advertisements from non-SEND devices, after 682 receiving a link-layer indications. While it is necessary to assess 683 quickly whether a host has moved to another network, it is important 684 that the host's current secured SEND [RFC3971] router information is 685 not replaced by an attacker which spoofs an RA and purports to change 686 the link. 688 As such, the host SHOULD send a Neighbor Solicitation to the existing 689 SEND router upon link-up indication as described above in 690 Section 5.4. The host SHOULD then ensure that unsecured router 691 information does not cause deletion of existing SEND state, within 692 MIN_DELAY_BETWEEN_RAS, in order to allow for a present SEND router to 693 respond. 695 If the current default router is a SEND-secured router, the host 696 SHOULD wait SEND_NA_GRACE_TIME after transmission before adopting a 697 new default router. 699 Even if SEND signatures on RAs are used, it may not be immediately 700 clear if the router is authorized to make such advertisements. As 701 such, a host SHOULD NOT treat such devices as secure until and unless 702 authorization delegation discovery is successful. 704 Unless SEND or other form of secure address configuration is used, 705 the DNA procedure does not in itself provide positive, secure 706 authentication of the router(s) on the network, or authentication of 707 the network itself, as e.g. would be provided by mutual 708 authentication at the link layer. Therefore when such assurance is 709 not available, the host MUST NOT make any security-sensitive 710 decisions based on the DNA procedure alone. In particular, it MUST 711 NOT decide that it has moved from an untrusted to a trusted network, 712 and MUST NOT make any security decisions that depend on the 713 determination that such a transition has occurred. 715 11. Acknowledgments 717 This document is the product of a discussion the authors had with 718 Bernard Aboba, Thomas Narten, Erik Nordmark and Dave Thaler at IETF 719 69. The authors would like to thank them for clearly detailing the 720 requirements of the solution and the goals it needed to meet and for 721 helping to explore the solution space. The authors would like to 722 thank the authors and editors of the complete DNA specification for 723 detailing the overall problem space and solutions. The authors would 724 like to thank Jari Arkko for driving the evolution of a simple and 725 probabilistic DNA solution. The authors would like to thank Bernard 726 Aboba, Thomas Narten, Jari Arkko, Sathya Narayan, Julien Laganier, 727 Domagoj Premec, Jin Hyeock-Choi, Alfred Hoenes, Frederic Rossi, Ralph 728 Droms, Ted Lemon, Erik Nordmark, Lars Eggert, Brian Carpenter and 729 Yaron Sheffer for performing reviews on the document and providing 730 valuable comments to drive the document forward. 732 12. References 734 12.1. Normative References 736 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 737 Requirement Levels", BCP 14, RFC 2119, March 1997. 739 [RFC3736] Droms, R., "Stateless Dynamic Host Configuration Protocol 740 (DHCP) Service for IPv6", RFC 3736, April 2004. 742 [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., 743 and M. Carney, "Dynamic Host Configuration Protocol for 744 IPv6 (DHCPv6)", RFC 3315, July 2003. 746 [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure 747 Neighbor Discovery (SEND)", RFC 3971, March 2005. 749 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 750 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 751 September 2007. 753 12.2. Informative References 755 [I-D.ietf-dna-protocol] 756 Narayanan, S., "Detecting Network Attachment in IPv6 757 Networks (DNAv6)", draft-ietf-dna-protocol (work in 758 progress), June 2007. 760 [RFC4957] Krishnan, S., Montavont, N., Njedjou, E., Veerepalli, S., 761 and A. Yegin, "Link-Layer Event Notifications for 762 Detecting Network Attachments", RFC 4957, August 2007. 764 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 765 Address Autoconfiguration", RFC 4862, September 2007. 767 [RFC4436] Aboba, B., Carlson, J., and S. Cheshire, "Detecting 768 Network Attachment in IPv4 (DNAv4)", RFC 4436, March 2006. 770 Appendix A. Issues with confirming manually assigned addresses 772 Even though DNAv4 [RFC4436] supports verification of manually 773 assigned addresses this feature of DNAv4 has not been widely 774 implemented or used. There are two major issues that come up with 775 confirming manually assigned addresses using Simple DNA. 777 o When DHCPv6 or SLAAC addresses are used for probing, there is no 778 need to aggressively retransmit lost probes. This is because the 779 address configuration falls back to vanilla DHCPv6 or SLAAC and 780 the host will eventually obtain an address. This is not the case 781 with manually assigned addresses. If the probes are lost, the 782 host runs the risk of ending up with no addresses at all. Hence 783 agressive retransmissions are necessary. 785 o Another issue comes up when the host moves between two networks, 786 one where manual addressing is being used (say NET1)and the other 787 where dynamic addressing (stateless autoconfig or DHCPv6) is being 788 used (say NET2). Since the host can obtain a dynamic address in 789 some situations, it will need to send simple DNA probes and may 790 also engage in a DHCPv6 exchange. In a situation where the host 791 moves to NET1 and the NS probes are lost and in addition an RA is 792 not received, the host will not be able to confirm that it 793 attached to NET1, and therefore that it should use the manual 794 configuration for that network. As a result, if DHCPv6 is enabled 795 on NET1, then the host could mistakenly obtain a dynamic address 796 and configuration instead of using the manual configuration. To 797 prevent this problem, simple DNA probing needs to continue even 798 after the DHCPv6 exchange has completed, and DNA probes need to 799 take precedence over DHCPv6, contrary to the advice provided in 800 Section 5.7.3 802 Given these issues, it is NOT RECOMMENDED to use manual addressing 803 with Simple DNA. 805 Authors' Addresses 807 Suresh Krishnan 808 Ericsson 809 8400 Decarie Blvd. 810 Town of Mount Royal, QC 811 Canada 813 Phone: +1 514 345 7900 x42871 814 Email: suresh.krishnan@ericsson.com 816 Greg Daley 817 NetStar Networks 818 Level 9/636 St Kilda Rd 819 Melbourne, Victoria 3004 820 Australia 822 Phone: +61 3 8532 4042 823 Email: gdaley@netstarnetworks.com