idnits 2.17.1 draft-ietf-softwire-map-radius-17.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 627 has weird spacing: '...-padded with ...' -- The document date (November 7, 2018) is 1996 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC 8114' is mentioned on line 1350, but not defined == Unused Reference: 'RFC7678' is defined on line 1629, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Softwire S. Jiang, Ed. 3 Internet-Draft Huawei Technologies Co., Ltd 4 Intended status: Standards Track Y. Fu, Ed. 5 Expires: May 11, 2019 CNNIC 6 B. Liu 7 Huawei Technologies Co., Ltd 8 P. Deacon 9 IEA Software, Inc. 10 C. Xie 11 China Telecom 12 T. Li 13 Tsinghua University 14 M. Boucadair, Ed. 15 Orange 16 November 7, 2018 18 RADIUS Attributes for Address plus Port (A+P) based Softwire Mechanisms 19 draft-ietf-softwire-map-radius-17 21 Abstract 23 IPv4-over-IPv6 transition mechanisms provide IPv4 connectivity 24 services over IPv6 native networks during the IPv4/IPv6 co-existence 25 period. DHCPv6 options have been defined for configuring clients for 26 Lightweight 4over6, Mapping of Address and Port with Encapsulation, 27 and Mapping of Address and Port using Translation unicast softwire 28 mechanisms, and also multicast softwires. However, in many networks, 29 configuration information is stored in an Authentication, 30 Authorization, and Accounting server which utilizes the RADIUS 31 protocol to provide centralized management for users. When a new 32 transition mechanism is developed, new RADIUS attributes need to be 33 defined correspondingly. 35 This document defines three new RADIUS attributes to carry Address 36 plus Port based softwire configuration parameters from an 37 Authentication, Authorization, and Accounting server to a Broadband 38 Network Gateway. Both unicast and multicast attributes are covered. 40 Status of This Memo 42 This Internet-Draft is submitted in full conformance with the 43 provisions of BCP 78 and BCP 79. 45 Internet-Drafts are working documents of the Internet Engineering 46 Task Force (IETF). Note that other groups may also distribute 47 working documents as Internet-Drafts. The list of current Internet- 48 Drafts is at https://datatracker.ietf.org/drafts/current/. 50 Internet-Drafts are draft documents valid for a maximum of six months 51 and may be updated, replaced, or obsoleted by other documents at any 52 time. It is inappropriate to use Internet-Drafts as reference 53 material or to cite them other than as "work in progress." 55 This Internet-Draft will expire on May 11, 2019. 57 Copyright Notice 59 Copyright (c) 2018 IETF Trust and the persons identified as the 60 document authors. All rights reserved. 62 This document is subject to BCP 78 and the IETF Trust's Legal 63 Provisions Relating to IETF Documents 64 (https://trustee.ietf.org/license-info) in effect on the date of 65 publication of this document. Please review these documents 66 carefully, as they describe your rights and restrictions with respect 67 to this document. Code Components extracted from this document must 68 include Simplified BSD License text as described in Section 4.e of 69 the Trust Legal Provisions and are provided without warranty as 70 described in the Simplified BSD License. 72 Table of Contents 74 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 75 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 76 3. Extensions of RADIUS Attributes and TLVs . . . . . . . . . . 6 77 3.1. Softwire46-Configuration Attribute . . . . . . . . . . . 6 78 3.1.1. Softwire46 TLVs . . . . . . . . . . . . . . . . . . . 8 79 3.1.1.1. S46-MAP-E TLV Format . . . . . . . . . . . . . . 10 80 3.1.1.2. S46-MAP-T TLV Format . . . . . . . . . . . . . . 11 81 3.1.1.3. S46-Lightweight-4over6 TLV Format . . . . . . . . 12 82 3.1.2. Softwire46 Sub-TLVs . . . . . . . . . . . . . . . . . 13 83 3.1.3. Format of the Softwire46 Sub-TLVs . . . . . . . . . . 14 84 3.1.3.1. S46-Rule Sub-TLV . . . . . . . . . . . . . . . . 14 85 3.1.3.2. S46-BR Sub-TLV . . . . . . . . . . . . . . . . . 15 86 3.1.3.3. S46-DMR Sub-TLV . . . . . . . . . . . . . . . . . 16 87 3.1.3.4. S46-V4V6Bind Sub-TLV . . . . . . . . . . . . . . 17 88 3.1.3.5. S46-PORTPARAMS Sub-TLV . . . . . . . . . . . . . 18 89 3.1.4. Sub-TLVs for S46-Rule Sub-TLV . . . . . . . . . . . . 19 90 3.1.4.1. Rule-IPv6-Prefix Sub-TLV . . . . . . . . . . . . 19 91 3.1.4.2. Rule-IPv4-Prefix Sub-TLV . . . . . . . . . . . . 20 92 3.1.4.3. EA-Length Sub-TLV . . . . . . . . . . . . . . . . 21 93 3.1.5. Sub-TLVs for S46-v4v6Bind Sub-TLV . . . . . . . . . . 22 94 3.1.5.1. The IPv4-address Sub-TLV . . . . . . . . . . . . 22 95 3.1.5.2. The Bind-IPv6-Prefix Sub-TLV . . . . . . . . . . 22 96 3.1.6. Sub-TLVs for S46-PORTPARAMS Sub-TLV . . . . . . . . . 23 97 3.1.6.1. The PSID-offset Sub-TLV . . . . . . . . . . . . . 23 98 3.1.6.2. The PSID-len Sub-TLV . . . . . . . . . . . . . . 24 99 3.1.6.3. The PSID Sub-TLV . . . . . . . . . . . . . . . . 25 100 3.2. Softwire46-Priority Attribute . . . . . . . . . . . . . . 25 101 3.3. Softwire46-Multicast Attribute . . . . . . . . . . . . . 26 102 3.3.1. ASM-Prefix64 TLV . . . . . . . . . . . . . . . . . . 28 103 3.3.2. SSM-Prefix64 TLV . . . . . . . . . . . . . . . . . . 29 104 3.3.3. U-Prefix64 TLV . . . . . . . . . . . . . . . . . . . 30 105 4. A Sample Configuration Process with RADIUS . . . . . . . . . 31 106 5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 34 107 6. Security Considerations . . . . . . . . . . . . . . . . . . . 35 108 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 109 7.1. New RADIUS Attributes . . . . . . . . . . . . . . . . . . 35 110 7.2. New RADIUS TLVs . . . . . . . . . . . . . . . . . . . . . 36 111 7.3. S46 Mechanisms and Their Identifying Option Codes . . . . 36 112 8. Contributing Authors . . . . . . . . . . . . . . . . . . . . 37 113 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 38 114 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 39 115 10.1. Normative References . . . . . . . . . . . . . . . . . . 39 116 10.2. Informative References . . . . . . . . . . . . . . . . . 40 117 Appendix A. DHCPv6 to RADIUS Field Mappings . . . . . . . . . . 42 118 A.1. OPTION_S46_RULE (89) to S46-Rule Sub-TLV Field Mappings . 42 119 A.2. OPTION_S46_BR (90) to S46-BR Sub-TLV Sub-TLV Field 120 Mappings . . . . . . . . . . . . . . . . . . . . . . . . 42 121 A.3. OPTION_S46_DMR (91) to S46-DMR Sub-TLV . . . . . . . . . 42 122 A.4. OPTION_S46_V4V6BIND (92) to S46-V4V6Bind Sub-TLV . . . . 42 123 A.5. OPTION_S46_PORTPARAMS (93) to S46-PORTPARAMS Sub-TLV 124 Field Mappings . . . . . . . . . . . . . . . . . . . . . 43 125 A.6. OPTION_S46_PRIORITY (111) to S46-PORTPARAMS Sub-TLV Field 126 Mappings . . . . . . . . . . . . . . . . . . . . . . . . 43 127 A.7. OPTION_V6_PREFIX64 (113) to Softwire46-Multicast 128 Attribute TLV Field Mappings . . . . . . . . . . . . . . 43 129 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 131 1. Introduction 133 Providers have started deploying and transitioning to IPv6. Several 134 IPv4 service continuity mechanisms based on the Address plus Port 135 (A+P) [RFC6346] have been proposed for providing unicast IPv4 over 136 IPv6-only infrastructure, such as Mapping of Address and Port with 137 Encapsulation (MAP-E) [RFC7597], Mapping of Address and Port using 138 Translation (MAP-T) [RFC7599], and Lightweight 4over6 [RFC7596]. 139 Also, [RFC8114] specifies a generic solution for the delivery of IPv4 140 multicast services to IPv4 clients over an IPv6 multicast network. 141 For each of these mechanisms, DHCPv6 options have been specified for 142 client configuration. 144 In many networks, user configuration information is stored in an 145 Authentication, Authorization, and Accounting (AAA) server. AAA 146 servers generally communicate using the Remote Authentication Dial In 147 User Service (RADIUS) [RFC2865] protocol. In a fixed broadband 148 network, a Broadband Network Gateway (BNG) acts as the access gateway 149 for users. That is, the BNG acts as both an AAA client to the AAA 150 server, and a DHCPv6 server for DHCPv6 messages sent by clients. 151 Throughout this document, the term BNG describes a device 152 implementing both the AAA client and DHCPv6 server functions. 154 Since IPv4-in-IPv6 softwire configuration information is stored in an 155 AAA server, and user configuration information is mainly transmitted 156 through DHCPv6 protocol between the BNGs and Customer Premises 157 Equipment (CEs, a.k.a., CPE), new RADIUS attributes are needed to 158 propagate the information from the AAA servers to BNGs. 160 The RADIUS attributes defined in this document provide configuration 161 to populate the corresponding DHCPv6 options for unicast and 162 multicast softwire configuration, specifically: 164 o "Mapping of Address and Port with Encapsulation (MAP-E)" [RFC7597] 165 (DHCPv6 options defined in [RFC7598]. 167 o "Mapping of Address and Port using Translation (MAP-T)" [RFC7599] 168 (DHCPv6 options defined in [RFC7598]. 170 o "Lightweight 4over6: An Extension to the Dual-Stack Lite 171 Architecture" [RFC7596] (DHCPv6 options defined in [RFC7598]. 173 o "Unified IPv4-in-IPv6 Softwire Customer Premises Equipment (CPE): 174 A DHCPv6-Based Prioritization Mechanism" [RFC8026]. 176 o "Delivery of IPv4 Multicast Services to IPv4 Clients over an IPv6 177 Multicast Network" [RFC8114] (DHCPv6 options defined in [RFC8115]. 179 The contents of the attributes/sub-TLVs defined in this document have 180 a 1:1 mapping into the fields of the various DHCPv6 options in 181 [RFC7598], [RFC8026], and [RFC8115]. Table 1 shows how the DHCPv6 182 options map to the corresponding RADIUS attribute, or Sub-TLV. For 183 detailed mappings between each DHCPv6 option field and the 184 corresponding RAIDUS Attribute, TLV, or Sub-TLV field, see 185 Appendix A. 187 +----------------------------+--------------------------------+ 188 | DHCPv6 Option | RADIUS Attribute/Sub-TLV | 189 +----------------------------+--------------------------------+ 190 | OPTION_S46_RULE (89) | S46-Rule Sub-TLV | 191 | OPTION_S46_BR (90) | S46-BR Sub-TLV | 192 | OPTION_S46_DMR (91) | S46-DMR Sub-TLV | 193 | OPTION_S46_V4V6BIND (92) | S46-v4v6Bind Sub-TLV | 194 | OPTION_S46_PORTPARAMS (93) | S46-PORTPARAMS Sub-TLV | 195 | OPTION_S46_PRIORITY (111) | Softwire46-Priority Attribute | 196 | OPTION_V6_PREFIX64 (113) | Softwire46-Multicast Attribute | 197 +----------------------------+--------------------------------+ 199 Table 1: Mapping between DHCPv6 Options and RADIUS Attributes/TLVs 201 A RADIUS attribute for Dual-Stack Lite [RFC6333] is defined in 202 [RFC6519]. 204 2. Terminology 206 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 207 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 208 "OPTIONAL" in this document are to be interpreted as described in 209 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, 210 as shown here. 212 The reader should be familiar with the concepts and terms defined in 213 [RFC7596], [RFC7597], [RFC7599], and [RFC8026]. 215 The terms "multicast Basic Bridging BroadBand" element (mB4) and 216 "multicast Address Family Transition Router" element (mAFTR) are 217 defined in [RFC8114]. 219 S46 is used throughout to denote any of the IPv4-in-IPv6 softwire 220 mechanisms listed above. Additionally, the following abbrevitiaons 221 are used within the document: 223 o BMR: Basic Mapping Rule 225 o BNG: Broadband Network Gateway 227 o BR: Border Relay 229 o CE: Customer Edge 231 o DMR: Default Mapping Rule 233 o EA: Embedded Address 234 o FMR: Forwarding Mapping Rule 236 o PSID: Port Set Identifier 238 o TLV: Type, Length, Value 240 o MAP-E: Mapping of Address and Port with Encapsulation 242 o MAP-T: Mapping of Address and Port using Translation 244 3. Extensions of RADIUS Attributes and TLVs 246 This section defines the following attributes: 248 1. Softwire46-Configuration Attribute (Section 3.1): 250 This attribute carries the configuration information for MAP-E, 251 MAP-T, and Lightweight 4over6. The configuration information for 252 each S46 mechanism is carried in the corresponding Softwire46 253 TLVs. Different Sub-TLVs are required for each type of 254 Softwire46 TLVs. 256 2. Softwire46-Priority Attribute (Section 3.2): 258 Depending on the deployment scenario, a client may support 259 several different S46 mechanisms and so request configuration for 260 more than one S46 mechanism at a time. The Softwire46-Priority 261 Attribute contains information allowing the client to prioritize 262 which mechanism to use, corresponding to OPTION_S46_PRIORITY 263 defined in [RFC8026]. 265 3. Softwire46-Multicast Attribute (Section 3.3): 267 This attribute conveys the IPv6 prefixes to be used in [RFC8114] 268 to synthesize IPv4-embedded IPv6 addresses. The BNG uses the 269 IPv6 prefixes returned in the RADIUS Softwire46-Multicast 270 Attribute to populate the DHCPv6 PREFIX64 Option [RFC8115]. 272 All of these attributes are allocated from the RADIUS "Extended Type" 273 code space per [RFC6929]. 275 All of these attribute designs follow [RFC6158] and [RFC6929]. 277 3.1. Softwire46-Configuration Attribute 279 This attribute is of type "TLV", as defined in the RADIUS Protocol 280 Extensions [RFC6929]. It contains some sub-attributes, with the 281 following requirements: 283 The Softwire46-Configuration Attribute MUST contain one or more of 284 the following: S46-MAP-E TLV, S46-MAP-T TLV, and/or S46- 285 Lightweight-4over6 TLV. 287 The Softwire46-Configuration Attribute conveys the configuration 288 information for MAP-E, MAP-T, or Lightweight 4over6. The BNG 289 SHALL use the configuration information returned in the RADIUS 290 attribute to populate the DHCPv6 Softwire46 Container Option 291 defined in Section 5 of [RFC7598]. 293 The Softwire46-Configuration Attribute MAY appear in an Access- 294 Accept packet. It MAY also appear in an Access-Request packet. 296 The Softwire46-Configuration Attribute MAY appear in a CoA-Request 297 packet. 299 The Softwire46-Configuration Attribute MAY appear in an 300 Accounting-Request packet. 302 The Softwire46-Configuration Attribute MUST NOT appear in any 303 other RADIUS packet. 305 The Softwire46-Configuration Attribute MUST only encapsulate one 306 or more of the Softwire46 TLVs defined in this document. 308 The Softwire46-Configuration Attribute is structured as follows: 310 0 1 2 3 311 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 312 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 313 | Type | Length | Extended-Type | Value ... . 314 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 316 Type 317 241 (To be confirmed by IANA). 319 Length 320 Indicates the total length, in bytes, of all fields of 321 this attribute, including the Type, Length, Extended-Type, 322 and the entire length of the embedded TLVs. 324 Extended-Type 325 TBD1 327 Value 328 Contains one or more of the following TLVs. Each TLV type 329 may appear at most once: 331 S46-MAP-E TLV 332 For configuring MAP-E clients. For the construction of 333 this TLV, Refer to Section 3.1.1.1. 335 S46-MAP-T TLV 336 For configuring MAP-T clients. For the construction of 337 this TLV, Refer to Section 3.1.1.2. 339 S46-Lightweight-4over6 TLV 340 For configuring Lightweight 4over6 clients. For the 341 construction of this TLV, Refer to Section 3.1.1.3. 343 The Softwire46-Configuration Attribute is associated with the 344 following identifier: 241.Extended-Type(TBD1). 346 3.1.1. Softwire46 TLVs 348 The Softwire46 TLVs can only be encapsulated in the 349 Softwire46-Configuration Attribute. Depending on the deployment 350 scenario, a client might request for more than one transition 351 mechanism at a time. There MUST be at least one Softwire46 TLV 352 encapsulated in one Softwire46-Configuration Attribute. There MUST 353 be at most one instance of each type of Softwire46 TLV encapsulated 354 in one Softwire46-Configuration Attribute. 356 There are three types of Softwire46 TLV, namely: 358 1. S46-MAP-E TLV (Section 3.1.1.1) 360 2. S46-MAP-T TLV (Section 3.1.1.2) 362 3. S46-Lightweight 4over6 TLV (Section 3.1.1.3) 364 Each type of Softwire46 TLV contains a number of sub-TLVs, defined in 365 Section 3.1.3. The hierarchy of the Softwire46 TLVs is shown in 366 Figure 1. Section 3.1.2 describes which Sub-TLVs are mandatory, 367 optional, or not permitted for each defined Softwire46 TLV. 369 /1.Rule-IPv6-Prefix 370 S / | Sub-TLV 371 o / | 1.S46-Rule Sub-TLV ----+ 2.Rule-IPv4-Prefix 372 f | S46-MAP-E TLV-----+ | Sub-TLV 373 t | | 2.S46-BR Sub-TLV | 3.EA Length Sub- 374 w | | \ TLV 375 i | | /1.PSID-offset 376 r | | | Sub-TLV 377 e | | 5.S46-PORTPARAMS Sub-TLV ----+ 2.PSID-len 378 - | \ | Sub-TLV 379 C | | 3.PSID Sub- 380 o | \ TLV 381 n | 382 f | /1.Rule-IPv6-Prefix 383 i | / | Sub-TLV 384 g | | 1.S46-Rule Sub-TLV ----+ 2.Rule-IPv4-Prefix 385 u | S46-MAP-T TLV ----+ | Sub-TLV 386 r | | 3.S46-DMR Sub-TLV | 3.EA Length Sub- 387 a | | \ TLV 388 t | | /1.PSID-offset 389 i | | | Sub-TLV 390 o | | 5.S46-PORTPARAMS Sub-TLV ----+ 2.PSID-len 391 n | \ | Sub-TLV 392 | | 3.PSID Sub- 393 A | \ TLV 394 t | 395 t | /1.IPv4-address 396 r | / | Sub-TLV 397 i | | 4.S46-v4v6Bind Sub-TLV ----+ 2.Bind-IPv6-Prefix 398 b | S46-Lightweight | \ Sub-TLV 399 u | -4over6 TLV ------+ /1.PSID-offset 400 t \ | | Sub-TLV 401 e | 5.S46-PORTPARAMS Sub-TLV ----+ 2.PSID-len 402 \ | Sub-TLV 403 | 3.PSID Sub- 404 \ TLV 406 Figure 1: Softwire46 TLV Hierarchy 408 3.1.1.1. S46-MAP-E TLV Format 410 The format of the S46-MAP-E TLV is shown below: 412 0 1 2 3 413 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 414 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 415 | TLV-Type | TLV-Length | TLV-Value ... . 416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 418 TLV-Type 419 TBD2 421 TLV-Length 422 One octet long. Indicates the length of this TLV, including 423 the TLV-Type, TLV-Length, and TLV-Value fields. 425 TLV-Value 426 Contains a set of Sub-TLVs, with the following requirements: 428 It MUST contain the S46-Rule Sub-TLV, defined in Section 3.1.3.1. 430 It MUST contain the S46-BR Sub-TLV, defined in Section 3.1.3.2. 432 It MAY contain the S46-PORTPARAMS Sub-TLV, defined in 433 Section 3.1.3.5. 435 3.1.1.2. S46-MAP-T TLV Format 437 The format of the S46-MAP-T TLV is shown below: 439 0 1 2 3 440 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 442 | TLV-Type | TLV-Length | TLV-Value ... . 443 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 445 TLV-Type 446 TBD3 448 TLV-Length 449 One octet long. Indicates the length of this TLV, including 450 the TLV-Type, TLV-Length, and TLV-Value fields. 452 TLV-Value 453 Contains a set of Sub-TLVs, with the following requirements: 455 It MUST contain the S46-Rule Sub-TLV, defined in 456 Section 3.1.3.1. 458 It MUST contain the S46-DMR Sub-TLV, defined in 459 Section 3.1.3.3. 461 It MAY contain the S46-PORTPARAMS Sub-TLV, defined in 462 Section 3.1.3.5. 464 3.1.1.3. S46-Lightweight-4over6 TLV Format 466 The format of the S46-Lightweight-4over6 TLV is shown below: 468 0 1 2 3 469 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 470 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 471 | TLV-Type | TLV-Length | TLV-Value ... . 472 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 474 TLV-Type 475 TBD4 477 TLV-Length 478 One octet long. Indicates the length of this TLV, including 479 the TLV-Type, TLV-Length, and TLV-Value fields. 481 TLV-Value 482 Contains a set of Sub-TLVs as follows: 484 It MUST contain the S46-BR Sub-TLV, defined in 485 Section 3.1.3.2. 487 It MUST contain the S46-V4V6Bind Sub-TLV, defined in 488 Section 3.1.3.4. 490 It MAY contain the S46-PORTPARAMS Sub-TLV, defined in 491 Section 3.1.3.5. 493 3.1.2. Softwire46 Sub-TLVs 495 Table 2 shows which encapsulated Sub-TLVs are mandatory, optional, or 496 not permitted for each defined Softwire46 TLV. 498 +----------------+-------+-------+--------------------+ 499 | Sub-TLV | MAP-E | MAP-T | Lightweight 4over6 | 500 +----------------+-------+-------+--------------------+ 501 | S46-BR | M | N/P | M | 502 | S46-Rule | M | M | N/P | 503 | S46-DMR | N/P | M | N/P | 504 | S46-V4V6Bind | N/P | N/P | M | 505 | S46-PORTPARAMS | O | O | O | 506 +----------------+-------+-------+--------------------+ 508 M - Mandatory, O - Optional, N/P - Not Permitted 510 Table 2: Softwire46 Sub-TLVs 512 3.1.3. Format of the Softwire46 Sub-TLVs 514 3.1.3.1. S46-Rule Sub-TLV 516 The S46-Rule Sub-TLV can only be encapsulated in the S46-MAP-E TLV 517 (Section 3.1.1.1) or the S46-MAP-T TLV (Section 3.1.1.2). Depending 518 on the deployment scenario, one Basic Mapping Rule (BMR) and zero or 519 more Forwarding Mapping Rules (RMRs) MUST be included in one 520 S46-MAP-E TLV or S46-MAP-T TLV. 522 Each type of S46-Rule Sub-TLV also contains a number of Sub-TLVs, 523 including Rule-IPv6-Prefix Sub-TLV, Rule-IPv4-Prefix Sub-TLV, and EA- 524 Length Sub-TLV. The structure of the Sub-TLVs for the S46-Rule Sub- 525 TLV is defined in Section 3.1.4. 527 Defining multiple TLV-types achieves the same design goals as the 528 "S46 Rule Flags" defined in Section 4.1 of [RFC7598]. Using TLV-type 529 set to 2 is equivalent to setting the F-flag in the OPTION_S46_RULE 530 S46 Rule Flags field. 532 0 1 2 3 533 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 534 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 535 | TLV-Type | TLV-Length | TLV-Value ... . 536 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 538 TLV-Type 539 TBD7 Basic Mapping Rule only (not to be used for forwarding) 540 TBD8 Forwarding Premitted Mapping Rule (may be used for 541 forwarding. Can also be a Basic Mapping Rule) 543 TLV-Length 544 One octet long. Indicates the length of this TLV, including 545 the TLV-Type, TLV-Length, and TLV-Value fields. 547 TLV-Value 548 This field contains a set of TLVs as follows: 550 Rule-IPv6-Prefix Sub-TLV 551 This TLV contains the IPv6 prefix for use in the MAP rule. 552 Refer to Section 3.1.4.1. 554 Rule-IPv4-Prefix Sub-TLV 555 This TLV contains the IPv4 prefix for use in the MAP rule. 556 Refer to Section 3.1.4.2. 558 EA-Length Sub-TLV 559 This TLV contains the Embedded-Address (EA) bit length. 560 Refer to Section 3.1.4.1. 562 3.1.3.2. S46-BR Sub-TLV 564 The S46-BR Sub-TLV can only be encapsulated in the S46-MAP-E TLV 565 (Section 3.1.1.1) or S46-Lightweight-4over6 TLV (Section 3.1.1.3). 567 There MUST be at least one S46-BR Sub-TLV included in each S46-MAP-E 568 TLV or S46-Lightweight-4over6 TLV. 570 The format of the S46-BR Sub-TLV is shown below: 572 0 1 2 3 573 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 575 | TLV-Type | TLV-Length | | 576 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 577 | | 578 | br-ipv6-address | 579 | | 580 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 581 | | 582 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 584 TLV-Type 585 TBD9 587 TLV-Length 588 18 octets 590 br-ipv6-address 591 IPv6 address. A fixed-length field of 16 octets that 592 specifies the IPv6 address for the S46 Border Relay (BR). 594 3.1.3.3. S46-DMR Sub-TLV 596 The S46-DMR Sub-TLV may only appear in the S46-MAP-T TLV 597 (Section 3.1.1.2). There MUST be exactly one S46-DMR Sub-TLV 598 included in one S46-MAP-T TLV. 600 The format of the S46-DMR Sub-TLV is shown below: 602 0 1 2 3 603 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 604 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 605 | TLV-Type | TLV-Length | Reserved |dmr-prefix6-len| 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 607 | dmr-ipv6-prefix | 608 . (variable length) . 609 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 611 TLV-Type 612 TBD10 614 TLV-Length 615 4 + length of dmr-ipv6-prefix specified in octets 617 Reserved 618 This field is reserved. It should be set to all zeros. 620 dmr-prefix6-len 621 8-bits long. Expresses the bitmask length of the IPv6 prefix 622 specified in the dmr-ipv6-prefix field. Allowed values range 623 from 0 to 96. 625 dmr-ipv6-prefix 626 IPv6 Prefix. A variable-length field specifying the IPv6 627 prefix for the BR. This field is right-padded with zeros to 628 the nearest octet boundary when dmr-prefix6-len is not 629 divisible by 8. 631 3.1.3.4. S46-V4V6Bind Sub-TLV 633 The S46-V4V6Bind Sub-TLV may only be encapsulated in the S46- 634 Lightweight-4over6 TLV (Section 3.1.1.3). There MUST be exactly one 635 S46-V4V6Bind Sub-TLV included in each S46-Lightweight-4over6 TLV. 637 The format of the S46-V4V6Bind Sub-TLV is shown below: 639 0 1 2 3 640 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 641 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 642 | TLV-Type | TLV-Length | TLV-Value ... . 643 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 645 TLV-Type 646 TBD11 648 TLV-Length 649 8-bits long. Indicates the length of this TLV, including 650 the TLV-Type, TLV-Length, and TLV-Value fields. 652 TLV-Value 653 This field contains a set of Sub-TLVs as follows: 655 IPv4-address Sub-TLV 656 This TLV contains an IPv4 address, used to specify the full 657 or shared IPv4 address of the CE. Refer to Section 3.1.5.1. 659 Bind-IPv6-Prefix Sub-TLV 660 This TLV contains an IPv6 prefix used to indicate which 661 configured prefix the S46 CE should use for constructing 662 the softwire. Refer to Section 3.1.5.2. 664 3.1.3.5. S46-PORTPARAMS Sub-TLV 666 The S46-PORTPARAMS Sub-TLV is optional. It is used to specify port 667 set information for IPv4 address sharing between clients. The 668 S46-PORTPARAMS Sub-TLV MAY be included in any of the Softwire46 TLVs. 670 The format of the S46-PORTPARAMS Sub-TLV is shown below: 672 0 1 2 3 673 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 674 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 675 | TLV-Type | TLV-Length | TLV-Value ... . 676 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 678 TLV-Type 679 TBD12 681 TLV-Length 682 8-bits long. Indicates the length of this TLV, including 683 the TLV-Type, TLV-Length, and TLV-Value fields. 685 TLV-Value 686 This field contains a set of TLVs as follows: 688 PSID-offset Sub-TLV 689 This TLV specifies the numeric value for the S46 algorithm's 690 excluded port range/offset bits (a bits). Refer to 691 Section 3.1.6.1. 693 PSID-len Sub-TLV 694 This TLV specifies the number of significant bits in the 695 PSID field (also known as 'k'). Refer to Section 3.1.6.2. 697 PSID Sub-TLV 698 This TLV specifies PSID value. Refer to Section 3.1.6.3. 700 3.1.4. Sub-TLVs for S46-Rule Sub-TLV 702 There are two types of S46-Rule: the Basic Mapping Rule and the 703 Forwarding Mapping Rule, indicated by the value in the TLV-Type field 704 of the S46-Rule Sub-TLV (see Section 3.1.3.1). 706 Each type of S46-Rule Sub-TLV also contains a number of Sub-TLVs as 707 detailed in the following sub-sections. 709 3.1.4.1. Rule-IPv6-Prefix Sub-TLV 711 The Rule-IPv6-Prefix Sub-TLV is REQUIRED for every S46-Rule Sub-TLV. 712 There MUST be exactly one Rule-IPv6-Prefix Sub-TLV encapsulated in 713 each type of S46-Rule Sub-TLV. 715 The Rule-IPv6-Prefix Sub-TLV follows the framed IPv6 prefix designed 716 in [RFC3162] and [RFC8044]. 718 The format of the Rule-IPv6-Prefix Sub-TLV is shown below: 720 0 1 2 3 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | TLV-Type | TLV-Length | Reserved |ruleprefix6-len| 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | | 726 | rule-ipv6-prefix | 727 | | 728 | | 729 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 731 TLV-Type 732 TBD13 734 TLV-Length 735 20 737 Reserved 738 This field is reserved. It is always set to zero. This field 739 is one octet in length. 741 Ruleprefix6-len 742 The length of IPv6 prefix, specified in the rule-ipv6-prefix 743 field, expressed in bits. 745 rule-ipv6-prefix 746 IPv6 Prefix. 128-bits long field that specifying an IPv6 747 prefix appearing in the MAP rule. 749 3.1.4.2. Rule-IPv4-Prefix Sub-TLV 751 This Sub-TLV is used to convey the MAP Rule IPv4 prefix. The format 752 of the Rule-IPv4-Prefix Sub-TLV is shown below: 754 0 1 2 3 755 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 756 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 757 | TLV-Type | TLV-Length | Reserved |ruleprefix4-len| 758 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 759 | rule-ipv4-prefix | 760 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 762 TLV-Type 763 TBD14 765 TLV-Length 766 8 768 Reserved 769 8-bits long. This field is reserved and is always set to 770 zero. 772 ruleprefix4-len 773 8-bits long. The length of IPv4 prefix specified in the 774 rule-ipv4-prefix field, expressed in bits. 776 rule-ipv4-prefix 777 32-bits long. Specifies the IPv4 prefix appearing in the MAP 778 rule. 780 3.1.4.3. EA-Length Sub-TLV 782 This Sub-TLV is used to convey the Embedded-Address(EA) bit length. 783 The format of the EA-Length Sub-TLV is shown below: 785 0 1 2 3 786 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 787 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 788 | TLV-Type | TLV-Length | EA-len | 789 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 791 TLV-Type 792 TBD15 794 TLV-Length 795 4 797 EA-len 798 16-bits long. Specifies the Embedded-Address(EA) bit length. 799 Allowed values range from 0 to 48. 801 3.1.5. Sub-TLVs for S46-v4v6Bind Sub-TLV 803 3.1.5.1. The IPv4-address Sub-TLV 805 The IPv4-address Sub-TLV MAY be used to specify the full or shared 806 IPv4 address of the CE. 808 The format of the IPv4-address Sub-TLV is shown below: 810 0 1 2 3 811 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 812 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 813 | TLV-Type | TLV-Length | ipv4-address . 814 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 815 . ipv4-address | 816 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 818 TLV-Type 819 TBD16 821 TLV-Length 822 6 824 ipv4-address 825 32-bits long. Specifies the IPv4 address to appear in the 826 S46-V4V6Bind Sub-TLV (Section 3.1.3.4). 828 3.1.5.2. The Bind-IPv6-Prefix Sub-TLV 830 The Bind-IPv6-Prefix Sub-TLV is used by the CE to identify the 831 correct IPv6 prefix to be used as the tunnel source. 833 The format of the Bind-IPv6-Prefix Sub-TLV is shown below: 835 0 1 2 3 836 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 837 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 838 | TLV-Type | TLV-Length | Reserved |bindprefix6-len| 839 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 840 | | 841 | bind-ipv6-prefix | 842 | (variable length) | 843 . . 844 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 846 TLV-Type 847 TBD17 849 TLV-Length 850 4 + length of bind-ipv6-prefix specified in octets 852 Reserved 853 8-bits long. This field is reserved and is always set 854 to zero. 856 bindprefix6-len 857 8-bits long. Expresses the bitmask length of the IPv6 858 prefix specified in the bind-ipv6-prefix field. Allowed 859 values range from 0 to 128. 861 bind-ipv6-prefix 862 IPv6 prefix. A variable-length field specifying the IPv6 863 prefix or address for the S46 CE. This field is 864 right-padded with zeros to the nearest octet boundary 865 when bindprefix6-len is not divisible by 8. 867 3.1.6. Sub-TLVs for S46-PORTPARAMS Sub-TLV 869 3.1.6.1. The PSID-offset Sub-TLV 871 This Sub-TLV is used to convey the Port Set Identifier offset as 872 defined in [RFC7597]. 874 The format of the PSID-offset Sub-TLV is shown below: 876 0 1 2 877 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 878 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 879 | TLV-Type | TLV-Length | PSID-Offset | 880 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 882 TLV-Type 883 TBD18 885 TLV-Length 886 3 888 PSID-Offset 889 Integer. An 8-bits long field that specifies the 890 numeric value for the S46 algorithm's excluded 891 port range/offset bits (a bits), as per Section 5.1 892 of RFC7597. Allowed values are between 0 and 15. 893 Default values for this field are specific to the 894 Softwire mechanism being implemented and are defined 895 in the relevant specification document. 897 3.1.6.2. The PSID-len Sub-TLV 899 This Sub-TLV is used to convey the PSID length as defined in 900 [RFC7597]. 902 The format of the PSID-len Sub-TLV is shown below: 904 0 1 2 905 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 907 | TLV-Type | TLV-Length | PSID-len | 908 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 910 TLV-Type 911 TBD19 913 TLV-Length 914 3 916 PSID-len 917 8-bits long field specifying the number of 918 significant bits in the PSID field (also known as 919 'k'). When set to 0, the PSID field is to be ignored. 920 After the first 'a' bits, there are k bits in the 921 port number representing the value of the PSID. 922 Subsequently, the address sharing ratio would be 923 2^k. 925 3.1.6.3. The PSID Sub-TLV 927 This Sub-TLV is used to convey the PSID as defined in [RFC7597]. 929 The format of the PSID Sub-TLV is shown below: 931 0 1 2 3 932 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 933 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 934 | TLV-Type | TLV-Length | PSID | 935 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 937 TLV-Type 938 TBD20 940 TLV-Length 941 4 943 PSID (Port-set ID) 944 Integer. An explicit 16-bit (unsigned word) PSID value. 945 The PSID value algorithmically identifies a set of ports 946 assigned to a CE. The first k bits on the left of this 947 2-octet field is the PSID value. The remaining (16-k) bits 948 on the right are padding zeros. 950 3.2. Softwire46-Priority Attribute 952 The Softwire46-Priority Attribute defines a 16-bit S46-option-code 953 field to contain the information allowing the client to prioritize 954 which mechanism to use, corresponding to OPTION_S46_PRIORITY defined 955 in [RFC8026]. The following requirements apply: 957 The Softwire46-Priority Attribute MAY appear in an Access-Accept 958 packet. It MAY also appear in an Access-Request packet. 960 The Softwire46-Priority Attribute MAY appear in a CoA-Request 961 packet. 963 The Softwire46-Priority Attribute MAY appear in an Accounting- 964 Request packet. 966 The Softwire46-Priority Attribute MUST NOT appear in any other 967 RADIUS packet. 969 The S46-Priority Attribute is structured as follows: 971 0 1 2 3 972 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 973 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 974 | Type | Length | Extended-Type | ... . 975 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 976 . S46-option-code | S46-option-code | 977 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 979 Type 980 241 (To be confirmed by IANA) 982 Length 983 One octet long. Indicates the length of this TLV, including 984 the TLV-Type, TLV-Length, and TLV-Value fields. 986 Extended-Type 987 TBD5 989 S46-option-code 990 Integer. A 16-bit IANA-registered option code representing 991 an S46 mechanism. The option codes and their corresponding 992 S46 mechanisms are listed in Section 7.3. 994 S46 mechanisms are prioritized in the appearance order of the 995 S46-option-code(s) in the Softwire46-Priority Attribute. 997 A Softwire46-Priority Attribute MUST contain at least one 998 S46-option-code. 1000 The Softwire46-Priority Attribute is associated with the following 1001 identifier: 241.Extended-Type (TBD5). 1003 3.3. Softwire46-Multicast Attribute 1005 The Softwire46-Multicast Attribute conveys the IPv6 prefixes to be 1006 used to synthesize multicast and unicast IPv4-embedded IPv6 addresses 1007 as per [RFC8114]. This attribute is of type "TLV" and contains 1008 additional TLVs. The following requirements apply: 1010 The BNG SHALL use the IPv6 prefixes returned in the RADIUS 1011 Softwire46-Multicast Attribute to populate the DHCPv6 PREFIX64 1012 Option [RFC8115]. 1014 This attribute MAY be used in Access-Request packets as a hint to 1015 the RADIUS server. For example, if the BNG is pre-configured for 1016 Softwire46-Multicast, these prefixes MAY be inserted in the 1017 attribute. The RADIUS server MAY ignore the hint sent by the BNG, 1018 and it MAY assign a different Softwire46-Multicast Attribute. 1020 The Softwire46-Multicast Attribute MAY appear in an Access-Request 1021 packet. 1023 The Softwire46-Multicast Attribute MAY appear in an Access-Accept 1024 packet. 1026 The Softwire46-Multicast Attribute MAY appear in a CoA-Request 1027 packet. 1029 The Softwire46-Multicast Attribute MAY appear in an Accounting- 1030 Request packet. 1032 The Softwire46-Multicast Attribute MUST NOT appear in any other 1033 RADIUS packet. 1035 The Softwire46-Multicast Attribute MAY contain the ASM-Prefix64 1036 TLV (see Section 3.3.1). 1038 The Softwire46-Multicast Attribute MAY contain the SSM-Prefix64 1039 TLV (see Section 3.3.2). 1041 The Softwire46-Multicast Attribute MAY contain the U-Prefix64 TLV 1042 (see Section 3.3.3). 1044 The Softwire46-Multicast Attribute MUST include the ASM-Prefix64 1045 TLV or the SSM-Prefix64 TLV, and it MAY include both. 1047 The U-Prefix64 TLV MUST be present when the SSM-Prefix64 TLV is 1048 present. The U-Prefix64 TLV MAY be present when the ASM-Prefix64 1049 TLV is present. 1051 The the Softwire46-Multicast Attribute is structured as follows: 1053 0 1 2 3 1054 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1055 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1056 | Type | Length | Extended-Type | Value ... . 1057 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1059 Type 1060 241 (To be confirmed by IANA) 1062 Length 1063 This field indicates the total length in bytes of all fields of 1064 this attribute, including the Type, Length, Extended-Type, and the 1065 entire length of the embedded TLVs. 1067 Extended-Type 1068 TBD6 1070 Value 1071 This field contains a set of TLVs as follows: 1073 ASM-Prefix64 TLV 1074 This TLV contains the ASM IPv6 prefix. Refer to Section 3.3.1. 1076 SSM-Prefix64 TLV 1077 This TLV contains the SSM IPv6 prefix. Refer to Section 3.3.2. 1079 U-Prefix64 TLV 1080 This TLV contains the IPv4 prefix used for address 1081 translation. Refer to Section 3.3.3. 1083 The Softwire46-Multicast Attribute is associated with the following 1084 identifier: 241.Extended-Type(TBD6). 1086 3.3.1. ASM-Prefix64 TLV 1088 The ASM-Prefix64 TLV is structured as follows: 1090 0 1 2 3 1091 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1092 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1093 | TLV-Type | Reserved | Prefix-Length | | 1094 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1095 | | 1096 | | 1097 | ASM Prefix64 | 1098 | | 1099 | | 1100 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1102 TLV-Type 1103 TBD21 1105 Reserved 1106 This field is reserved. It is always set to zero. This field 1107 is one octet in length. 1109 Prefix-Length 1110 The length of the prefix, in bits. It MUST be set to 96 [RFC8115]. 1112 ASM Prefix64 1113 IPv6 prefix. This field specifies the IPv6 multicast prefix 1114 to be used to synthesize the IPv4-embedded IPv6 addresses of the 1115 multicast groups in the ASM mode. The conveyed multicast IPv6 1116 prefix MUST belong to the ASM range. 1118 3.3.2. SSM-Prefix64 TLV 1120 The format of SSM-Prefix64 TLV is shown below: 1122 0 1 2 3 1123 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1124 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1125 | TLV-Type | Reserved |Prefix-Length | | 1126 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1127 | | 1128 | | 1129 | SSM Prefix64 | 1130 | | 1131 | | 1132 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1134 TLV-Type 1135 TBD22 1137 Reserved 1138 This field is reserved. It is always set to zero. This field 1139 is one octet in length. 1141 Prefix-Length 1142 The length of the prefix, in bits. It MUST be set to 96 [RFC8115]. 1144 SSM Prefix64 1145 IPv6 prefix. This field specifies the IPv6 multicast prefix 1146 to be used to synthesize the IPv4-embedded IPv6 addresses of the 1147 multicast groups in the SSM mode. The conveyed multicast IPv6 1148 prefix MUST belong to the SSM range. 1150 3.3.3. U-Prefix64 TLV 1152 The format of the U-Prefix64 TLV is shown below: 1154 0 1 2 3 1155 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1156 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1157 | TLV-Type | Reserved | Prefix-Length | | 1158 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1159 | | 1160 | | 1161 | Unicast Prefix64 | 1162 | | 1163 | | 1164 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1166 TLV-Type 1167 TBD23 1169 Reserved 1170 This field is reserved. It is always set to zero. This field 1171 is one octet in length. 1173 Prefix-Length 1174 The length of the prefix, in bits. As specified in [RFC6052], 1175 the Unicast-prefix prefix-length MUST be set to 32, 40, 48, 1176 56, 64, or 96. 1178 Unicast Prefix64 1179 IPv6 prefix. This field identifies the IPv6 unicast prefix to 1180 be used in SSM mode for constructing the IPv4-embedded IPv6 1181 addresses representing the IPv4 multicast sources in the IPv6 1182 domain. It may also be used to extract the IPv4 address from the 1183 received multicast data flows. 1185 4. A Sample Configuration Process with RADIUS 1187 Figure 2 illustrates how the RADIUS and DHCPv6 protocols interwork to 1188 provide CE with softwire configuration information. 1190 CE BNG AAA Server 1191 | | | 1192 |-------1.DHCPv6 Solicit------->| | 1193 |(ORO with unicast and/or m'cast| | 1194 | container option code(s)) | | 1195 | | | 1196 | |-------2.Access-Request------->| 1197 | | (Softwire46-Configuration | 1198 | | Attribute and/or | 1199 | |Softwire46-Multicast Attribute)| 1200 | | | 1201 | |<------3.Access-Accept---------| 1202 | | (Softwire46-Configuration | 1203 | | Attribute and/or | 1204 | |Softwire46-Multicast Attribute)| 1205 | | | 1206 |<----4.DHCPv6 Advertisement----| | 1207 | (container option(s)) | | 1208 | | | 1209 |-------5.DHCPv6 Request------>| | 1210 | (container Option(s)) | | 1211 | | | 1212 |<--------6.DHCPv6 Reply--------| | 1213 | (container option(s)) | | 1214 | | | 1215 DHCPv6 RADIUS 1217 Figure 2: Interaction between DHCPv6 and AAA Server with RADIUS 1218 authentication 1220 1. The CE creates a DHCPv6 Solicit message. For unicast softwire 1221 configuration, the message includes an OPTION_REQUEST_OPTION (6) 1222 with the S46 Container option codes as defined in [RFC7598]. 1223 OPTION_S46_CONT_MAPE (94) should be included for MAP-E, 1224 OPTION_S46_CONT_MAPT (95) for MAP-T, and OPTION_S46_CONT_LW (96) 1225 for Lightweight 4over6. For multicast configuration, the option 1226 number for OPTION_V6_PREFIX64 (113) is included in the client's 1227 ORO. The message is sent to the BNG. 1229 2. On receipt of the Solicit message, the BNG constructs a RADIUS 1230 Access-Request message containing a User-Name Attribute (1) 1231 (containing either a CE MAC address, interface-id or both), a 1232 User-Password Attribute (2) (with a pre-configured shared 1233 password as defined in [RFC2865]. The Softwire46-Configuration 1234 Attribute and/or Softwire46-Multicast Attribute are also included 1235 (as requested by the client). The resulting message is sent to 1236 the AAA server. 1238 3. The AAA server authenticates the request. If this is successful, 1239 and suitable configuration is available, an Access-Accept message 1240 is sent to the BNG containing the requested 1241 Softwire46-Configuration Attribute or Softwire46-Multicast 1242 Attribute. 1244 4. The BNG maps the received softwire configuration into the 1245 corresponding fields in the DHCPv6 softwire configuration 1246 option(s). Theses are included in the DHCPv6 Advertise message 1247 which is sent to the CE. 1249 5. The CE send a DHCPv6 Request message. In the ORO, the option 1250 code(s) of any of the required softwire options that were 1251 received in the Advertise message are included. 1253 6. The BNG sends a Reply message to the client containing the 1254 softwire container options enumerated in the ORO. 1256 The authorization operation could also be done independently, after 1257 the authentication process. In this case, steps 1-5 are completed as 1258 above, then the following steps are performed: 1260 6a. When the BNG receives the DHCPv6 Request, it constructs a RADIUS 1261 Access-Request message, which contains a Service-Type Attribute 1262 (6) with the value "Authorize Only" (17), the corresponding 1263 Softwire46-Configuration Attribute, and a State Attribute 1264 obtained from the previous authentication process according to 1265 [RFC5080]. The resulting message is sent to the AAA server. 1267 7a. The AAA checks the authorization request. If it is approved, an 1268 Access-Accept message is returned to the BNG with the 1269 corresponding Softwire46-Configuration Attribute. 1271 8a. The BNG sends a Reply message to the client containing the 1272 softwire container options enumerated in the ORO. 1274 In addition to the above, the following points need to be considered: 1276 o In both the configuration message flows described above the 1277 Message-authenticator (type 80) [RFC2869] SHOULD be used to 1278 protect both Access-Request and Access-Accept messages. 1280 o If the BNG does not receive the corresponding 1281 Softwire46-Configuration Attribute in the Access-Accept message it 1282 MAY fallback to creating the DHCPv6 softwire configuration options 1283 using pre-configured S46 configuration, if this is present. 1285 o If the BNG receives an Access-Reject from the AAA server, then S46 1286 configuration MUST NOT be supplied to the client. 1288 o As specified in [RFC3315], Section 18.1.4, "Creation and 1289 Transmission of Rebind Messages", if the DHCPv6 server to which 1290 the DHCPv6 Renew message was sent at time T1 has not responded by 1291 time T2, the CE (DHCPv6 client) SHOULD enter the Rebind state and 1292 attempt to contact any available server. In this situation, a 1293 secondary BNG receiving the DHCPv6 message MUST initiate a new 1294 Access-Request message towards the AAA server. The secondary BNG 1295 includes the Softwire46-Configuration Attribute in this Access- 1296 Request message. 1298 o For Lightweight 4over6, the subscriber's binding state needs to be 1299 synchronized between the clients and the lwAFTR/BR. This can be 1300 achieved in two ways: static pre-configuring of the bindings on 1301 both the AAA server and lwAFTR, or on-demand whereby the AAA 1302 server updates the lwAFTR with the subscriber's binding state as 1303 it is created or deleted. 1305 5. Table of Attributes 1307 This document specifies three new RADIUS attributes, and their 1308 formats are as follows: 1310 o Softwire46-Configuration Attribute: 241.TBD1 1312 o Softwire46-Priority Attribute: 241.TBD5 1314 o Softwire46-Multicast Attribute: 241.TBD6 1316 The following table describes which attributes may be found, in which 1317 kinds of packets and in what quantity. 1319 Request Accept Reject Challenge Accounting # Attribute 1320 Request 1321 0-1 0-1 0 0 0-1 241.TBD1 Softwire46- 1322 Configuration 1323 0-1 0-1 0 0 0-1 241.TBD5 Softwire46- 1324 Priority 1325 0-1 0-1 0 0 0-1 241.TBD6 Softwire46- 1326 Multicast 1328 The following table defines the meaning of the above table entries. 1330 0 This attribute MUST NOT be present in packet. 1331 0+ Zero or more instances of this attribute MAY be present in 1332 packet. 1333 0-1 Zero or one instance of this attribute MAY be present in 1334 packet. 1335 1 Exactly one instance of this attribute MUST be present in 1336 packet. 1338 6. Security Considerations 1340 Known security vulnerabilities of the RADIUS protocol are discussed 1341 in [RFC2607], [RFC2865], and[RFC2869]. Use of IPsec [RFC4301] for 1342 providing security when RADIUS is carried in IPv6 is discussed in 1343 [RFC3162]. 1345 Specific security considerations for interactions between the MAP CE 1346 and the BNG are discussed in [RFC7597] and [RFC7599]. Security 1347 considerations for Lightweight 4over6 are discussed in [RFC7596]. 1348 Security considerations for DHCPv6-Based S46 Prioritization Mechanism 1349 are discussed in [RFC8026]. Security considerations for multicast 1350 scenarios are discussed in [RFC 8114]. Furthermore, generic DHCPv6 1351 security mechanisms can be applied to DHCPv6 intercommunication 1352 between the CE and the BNG. 1354 7. IANA Considerations 1356 IANA is requested to make new code point assignments for RADIUS 1357 attributes as described in the following subsections. 1359 7.1. New RADIUS Attributes 1361 This document requests IANA to assign the Attribute Types defined in 1362 this document from the RADIUS namespace as described in the "IANA 1363 Considerations" section of [RFC3575], in accordance with BCP 26 1364 [RFC5226]. 1366 This document requests that IANA register three new RADIUS 1367 attributes, from the "Short Extended Space" of [RFC6929]. The 1368 attributes are: Softwire46-Configuration Attribute, 1369 Softwire46-Priority Attribute, and Softwire46-Multicast Attribute: 1371 Type Description Data Type Reference 1372 ---- ----------- --------- --------- 1373 241.TBD1 Softwire46-Configuration TLV Section 4.1 1374 241.TBD5 Softwire46-Priority integer Section 4.2 1375 241.TBD6 Softwire46-Multicast TLV Section 4.3 1377 7.2. New RADIUS TLVs 1379 IANA is requested to create a new registry called "RADIUS Softwire46 1380 Configuration and Multicast TLVs". 1382 All TLVs in this registry have one or more parent RADIUS attributes 1383 in nesting (refer to [RFC6929]). 1385 This registry must be initially populated with the following values: 1387 Value Description Data Type Reference 1388 ----- ----------- --------- --------- 1389 0 Reserved 1390 TBD2 S46-MAP-E TLV Section 3.1.1.1 1391 TBD3 S46-MAP-T TLV Section 3.1.1.2 1392 TBD4 S46-Lightweight-4over6 TLV Section 3.1.1.3 1393 TBD7 S46-Rule TLV Section 3.1.3.1 1394 TBD8 S46-Rule TLV Section 3.1.3.1 1395 TBD9 S46-BR ipv6addr Section 3.1.3.2 1396 TBD10 S46-DMR ipv6prefix Section 3.1.3.3 1397 TBD11 S46-V4V6Bind TLV Section 3.1.3.4 1398 TBD12 S46-PORTPARAMS TLV Section 3.1.3.5 1399 TBD13 Rule-IPv6-Prefix ipv6prefix Section 3.1.4.1 1400 TBD14 Rule-IPv4-Prefix ipv4prefix Section 3.1.4.2 1401 TBD15 EA-Length integer Section 3.1.4.3 1402 TBD16 IPv4-address ipv4addr Section 3.1.5.1 1403 TBD17 Bind-IPv6-Prefix ipv6prefix Section 3.1.5.2 1404 TBD18 PSID-offset integer Section 3.1.6.1 1405 TBD19 PSID-len integer Section 3.1.6.2 1406 TBD20 PSID integer Section 3.1.6.3 1407 TBD21 ASM-Prefix64 ipv6prefix Section 3.3.1 1408 TBD22 SSM-Prefix64 ipv6prefix Section 3.3.2 1409 TBD23 U-Prefix64 ipv6prefix Section 3.3.3 1410 21-255 Unassigned, TBD2,TBD3,TBD4 will be assigned by IANA 1412 The registration procedure for this registry is Standards Action as 1413 defined in [RFC5226]. The registry may be added to using the IETF 1414 Review process described in Section 4.1 of [RFC5226]. 1416 7.3. S46 Mechanisms and Their Identifying Option Codes 1418 The Softwire46-Priority Attribute defines a 16-bit S46-option-code 1419 field, for which IANA is requested to create and maintain a new 1420 registry entitled "Option Codes Permitted in the Softwire46-Priority 1421 Attribute". The registration procedure for this registry is 1422 Standards Action as defined in [RFC5226]. 1424 This document requires IANA to register the three option codes of the 1425 Softwire46 mechanisms permitted to be included in the 1426 Softwire46-Priority Attribute. The value of option code corresponds 1427 to the TLV-Type defined in the Section 3.1.1. Additional options may 1428 be added to this list in the future using the IETF Review process 1429 described in Section 4.1 of [RFC5226]. 1431 Table 3. shows the option codes required, and the S46 mechanisms that 1432 they represent. The option code for DS-Lite is derived from the IANA 1433 allocated RADIUS Attribute Type value for DS-Lite [RFC6519]. The 1434 option codes for MAP-E, MAP-T, and Lightweight 4over6 need to be 1435 assigned. The option codes for MAP-E, MAP-T, and Lightweight 4over6 1436 should also be used as the TLV-Type values for the MAP-E, MAP-T, and 1437 Lightweight 4over6 TLV defined in Section 3.1.1. 1439 +-------------+------------------+-----------+ 1440 | Option Code | S46 Mechanism | Reference | 1441 +-------------+------------------+-----------+ 1442 | TBD2 | MAP-E | RFC7597 | 1443 | TBD3 | MAP-T | RFC7599 | 1444 | TBD4 |Lightweight 4over6| RFC7596 | 1445 | 144 | DS-Lite | RFC6519 | 1446 +--------------------------------+-----------+ 1448 Table 3: Option Codes to S46 Mechanisms 1450 8. Contributing Authors 1451 Qiong Sun 1452 China Telecom 1453 Beijing China 1454 Email: sunqiong@ctbri.com.cn 1456 Qi Sun 1457 Tsinghua University 1458 Department of Computer Science, Tsinghua University 1459 Beijing 100084 1460 P.R.China 1461 Phone: +86-10-6278-5822 1462 Email: sunqibupt@gmail.com 1464 Cathy Zhou 1465 Huawei Technologies 1466 Bantian, Longgang District 1467 Shenzhen 518129 1468 Email: cathy.zhou@huawei.com 1470 Tina Tsou 1471 Huawei Technologies(USA) 1472 2330 Central Expressway 1473 Santa Clara, CA 95050 1474 USA 1475 Email: Tina.Tsou.Zouting@huawei.com 1477 ZiLong Liu 1478 Tsinghua University 1479 Beijing 100084 1480 P.R.China 1481 Phone: +86-10-6278-5822 1482 Email: liuzilong8266@126.com 1484 Yong Cui 1485 Tsinghua University 1486 Beijing 100084 1487 P.R.China 1488 Phone: +86-10-62603059 1489 Email: yong@csnet1.cs.tsinghua.edu.cn 1491 9. Acknowledgements 1493 The authors would like to thank the valuable comments made by Peter 1494 Lothberg, Wojciech Dec, Ian Farrer, Suresh Krishnan, Qian Wang, Wei 1495 Meng and Cui Wang for this document. This document was merged with 1496 draft-sun-softwire-lw4over6-radext-01 and draft-wang-radext- 1497 multicast-radius-ext-00, thanks to everyone who contributed to this 1498 document. 1500 This document was produced using the xml2rfc tool [RFC7991]. 1502 10. References 1504 10.1. Normative References 1506 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1507 Requirement Levels", BCP 14, RFC 2119, 1508 DOI 10.17487/RFC2119, March 1997, 1509 . 1511 [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, 1512 "Remote Authentication Dial In User Service (RADIUS)", 1513 RFC 2865, DOI 10.17487/RFC2865, June 2000, 1514 . 1516 [RFC3162] Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6", 1517 RFC 3162, DOI 10.17487/RFC3162, August 2001, 1518 . 1520 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1521 C., and M. Carney, "Dynamic Host Configuration Protocol 1522 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1523 2003, . 1525 [RFC3575] Aboba, B., "IANA Considerations for RADIUS (Remote 1526 Authentication Dial In User Service)", RFC 3575, 1527 DOI 10.17487/RFC3575, July 2003, 1528 . 1530 [RFC5080] Nelson, D. and A. DeKok, "Common Remote Authentication 1531 Dial In User Service (RADIUS) Implementation Issues and 1532 Suggested Fixes", RFC 5080, DOI 10.17487/RFC5080, December 1533 2007, . 1535 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 1536 IANA Considerations Section in RFCs", RFC 5226, 1537 DOI 10.17487/RFC5226, May 2008, 1538 . 1540 [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. 1541 Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, 1542 DOI 10.17487/RFC6052, October 2010, 1543 . 1545 [RFC6158] DeKok, A., Ed. and G. Weber, "RADIUS Design Guidelines", 1546 BCP 158, RFC 6158, DOI 10.17487/RFC6158, March 2011, 1547 . 1549 [RFC6929] DeKok, A. and A. Lior, "Remote Authentication Dial In User 1550 Service (RADIUS) Protocol Extensions", RFC 6929, 1551 DOI 10.17487/RFC6929, April 2013, 1552 . 1554 [RFC8026] Boucadair, M. and I. Farrer, "Unified IPv4-in-IPv6 1555 Softwire Customer Premises Equipment (CPE): A DHCPv6-Based 1556 Prioritization Mechanism", RFC 8026, DOI 10.17487/RFC8026, 1557 November 2016, . 1559 [RFC8044] DeKok, A., "Data Types in RADIUS", RFC 8044, 1560 DOI 10.17487/RFC8044, January 2017, 1561 . 1563 [RFC8114] Boucadair, M., Qin, C., Jacquenet, C., Lee, Y., and Q. 1564 Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients 1565 over an IPv6 Multicast Network", RFC 8114, 1566 DOI 10.17487/RFC8114, March 2017, 1567 . 1569 [RFC8115] Boucadair, M., Qin, J., Tsou, T., and X. Deng, "DHCPv6 1570 Option for IPv4-Embedded Multicast and Unicast IPv6 1571 Prefixes", RFC 8115, DOI 10.17487/RFC8115, March 2017, 1572 . 1574 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1575 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1576 May 2017, . 1578 10.2. Informative References 1580 [RFC2607] Aboba, B. and J. Vollbrecht, "Proxy Chaining and Policy 1581 Implementation in Roaming", RFC 2607, 1582 DOI 10.17487/RFC2607, June 1999, 1583 . 1585 [RFC2869] Rigney, C., Willats, W., and P. Calhoun, "RADIUS 1586 Extensions", RFC 2869, DOI 10.17487/RFC2869, June 2000, 1587 . 1589 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1590 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1591 December 2005, . 1593 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 1594 Stack Lite Broadband Deployments Following IPv4 1595 Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011, 1596 . 1598 [RFC6346] Bush, R., Ed., "The Address plus Port (A+P) Approach to 1599 the IPv4 Address Shortage", RFC 6346, 1600 DOI 10.17487/RFC6346, August 2011, 1601 . 1603 [RFC6519] Maglione, R. and A. Durand, "RADIUS Extensions for Dual- 1604 Stack Lite", RFC 6519, DOI 10.17487/RFC6519, February 1605 2012, . 1607 [RFC7596] Cui, Y., Sun, Q., Boucadair, M., Tsou, T., Lee, Y., and I. 1608 Farrer, "Lightweight 4over6: An Extension to the Dual- 1609 Stack Lite Architecture", RFC 7596, DOI 10.17487/RFC7596, 1610 July 2015, . 1612 [RFC7597] Troan, O., Ed., Dec, W., Li, X., Bao, C., Matsushima, S., 1613 Murakami, T., and T. Taylor, Ed., "Mapping of Address and 1614 Port with Encapsulation (MAP-E)", RFC 7597, 1615 DOI 10.17487/RFC7597, July 2015, 1616 . 1618 [RFC7598] Mrugalski, T., Troan, O., Farrer, I., Perreault, S., Dec, 1619 W., Bao, C., Yeh, L., and X. Deng, "DHCPv6 Options for 1620 Configuration of Softwire Address and Port-Mapped 1621 Clients", RFC 7598, DOI 10.17487/RFC7598, July 2015, 1622 . 1624 [RFC7599] Li, X., Bao, C., Dec, W., Ed., Troan, O., Matsushima, S., 1625 and T. Murakami, "Mapping of Address and Port using 1626 Translation (MAP-T)", RFC 7599, DOI 10.17487/RFC7599, July 1627 2015, . 1629 [RFC7678] Zhou, C., Taylor, T., Sun, Q., and M. Boucadair, 1630 "Attribute-Value Pairs for Provisioning Customer Equipment 1631 Supporting IPv4-Over-IPv6 Transitional Solutions", 1632 RFC 7678, DOI 10.17487/RFC7678, October 2015, 1633 . 1635 [RFC7991] Hoffman, P., "The "xml2rfc" Version 3 Vocabulary", 1636 RFC 7991, DOI 10.17487/RFC7991, December 2016, 1637 . 1639 Appendix A. DHCPv6 to RADIUS Field Mappings 1641 The following sections detail the mappings between the softwire 1642 DHCPv6 option fields and the relevant RADIUS attributes, TLVs and 1643 Sub-TLVs as defined in this document. 1645 A.1. OPTION_S46_RULE (89) to S46-Rule Sub-TLV Field Mappings 1647 +---------------------+----------------------+----------------------+ 1648 | OPTION_S46_RULE | S46-Rule Sub-TLV | TLV Field | 1649 | Field | Name | | 1650 +---------------------+----------------------+----------------------+ 1651 | flags | N/A | TLV-type (TBD7, | 1652 | | | TBD8) | 1653 | ea-len | EA-Length | EA-len | 1654 | prefix4-len | Rule-IPv4-Prefix | ruleprefix4-len | 1655 | ipv4-prefix | Rule-IPv4-Prefix | rule-ipv4-prefix | 1656 | prefix6-len | Rule-IPv6-Prefix | ruleprefix6-len | 1657 | ipv6-prefix | Rule-IPv6-Prefix | rule-ipv6-prefix | 1658 +---------------------+----------------------+----------------------+ 1660 A.2. OPTION_S46_BR (90) to S46-BR Sub-TLV Sub-TLV Field Mappings 1662 +---------------------+----------------------+ 1663 | OPTION_S46_BR Field | S46-BR Sub-TLV Field | 1664 +---------------------+----------------------+ 1665 | br-ipv6-address | br-ipv6-address | 1666 +---------------------+----------------------+ 1668 A.3. OPTION_S46_DMR (91) to S46-DMR Sub-TLV 1670 +---------------------+-----------------------+ 1671 | OPTION_S46_BR Field | S46-DMR Sub-TLV Field | 1672 +---------------------+-----------------------+ 1673 | dmr-prefix6-len | dmr-prefix6-len | 1674 | dmr-ipv6-prefix | dmr-ipv6-prefix | 1675 +---------------------+-----------------------+ 1677 A.4. OPTION_S46_V4V6BIND (92) to S46-V4V6Bind Sub-TLV 1679 +------------------------+-----------------------+------------------+ 1680 | OPTION_S46_V4V6BIND | S46-V4V6Bind Sub-TLV | TLV Field | 1681 | Field | Name | | 1682 +------------------------+-----------------------+------------------+ 1683 | ipv4-address | IPv4-address | ipv4-address | 1684 | bindprefix6-len | Bind-IPv6-Prefix | bind6prefix-len | 1685 | bind-ipv6-prefix | Bind-IPv6-Prefix | bind-ipv6-prefix | 1686 +------------------------+-----------------------+------------------+ 1688 A.5. OPTION_S46_PORTPARAMS (93) to S46-PORTPARAMS Sub-TLV Field 1689 Mappings 1691 +---------------------------+-------------------------+-------------+ 1692 | OPTION_S46_PORTPARAMS | S46-PORTPARAMS Sub-TLV | TLV Field | 1693 | Field | Name | | 1694 +---------------------------+-------------------------+-------------+ 1695 | offset | PSID-offset | PSID-Offset | 1696 | PSID-len | PSID-len | PSID-len | 1697 | PSID | PSID | PSID | 1698 +---------------------------+-------------------------+-------------+ 1700 A.6. OPTION_S46_PRIORITY (111) to S46-PORTPARAMS Sub-TLV Field Mappings 1702 +---------------------------+-------------------------------------+ 1703 | OPTION_S46_PRIORITY Field | Softwire46-Priority Attribute Field | 1704 +---------------------------+-------------------------------------+ 1705 | s46-option-code | S46-option-code | 1706 +---------------------------+-------------------------------------+ 1708 A.7. OPTION_V6_PREFIX64 (113) to Softwire46-Multicast Attribute TLV 1709 Field Mappings 1711 +--------------------+------------------------------+---------------+ 1712 | OPTION_V6_PREFIX64 | Softwire46-Multicast | TLV Field | 1713 | Field | Attribute TLV Name | | 1714 +--------------------+------------------------------+---------------+ 1715 | asm-length | ASM-Prefix64 | Prefix-Length | 1716 | ASM_mPrefix64 | ASM-Prefix64 | ASM Prefix64 | 1717 | ssm-length | SSM-Prefix64 | Prefix-Length | 1718 | SSM_mPrefix64 | SSM-Prefix64 | SSM Prefix64 | 1719 | unicast-length | U-Prefix64 | Prefix-Length | 1720 | uPrefix64 | U-Prefix64 | Unicast | 1721 | | | Prefix64 | 1722 +--------------------+------------------------------+---------------+ 1724 Authors' Addresses 1726 Sheng Jiang 1727 Huawei Technologies Co., Ltd 1728 Q14, Huawei Campus, No.156 Beiqing Road 1729 Hai-Dian District, Beijing, 100095 1730 P.R. China 1732 Email: jiangsheng@huawei.com 1733 Yu Fu 1734 CNNIC 1735 No.4 South 4th Street, Zhongguancun 1736 Hai-Dian District, Beijing, 100190 1737 P.R. China 1739 Email: eleven711711@foxmail.com 1741 Bing Liu 1742 Huawei Technologies Co., Ltd 1743 Q14, Huawei Campus, No.156 Beiqing Road 1744 Hai-Dian District, Beijing, 100095 1745 P.R. China 1747 Email: leo.liubing@huawei.com 1749 Peter Deacon 1750 IEA Software, Inc. 1751 P.O. Box 1170 1752 Veradale, WA 99037 1753 USA 1755 Email: peterd@iea-software.com 1757 Chongfeng Xie 1758 China Telecom 1759 China Telecom Beijing Information Sci.&Tech. Park, 1760 Beiqijia Town, Changping District, Beijing 102209 1761 P.R. China 1763 Email: xiechf.bri@chinatelecom.cn 1765 Tianxiang Li 1766 Tsinghua University 1767 Beijing 100084 1768 P.R.China 1770 Email: peter416733@gmail.com 1771 Mohamed Boucadair (editor) 1772 Orange 1773 Rennes, 35000 1774 France 1776 Email: mohamed.boucadair@orange.com