forked from xebd/accel-ppp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rfc3633.txt
1067 lines (728 loc) · 44.2 KB
/
rfc3633.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Network Working Group O. Troan
Request for Comments: 3633 R. Droms
Category: Standards Track Cisco Systems
December 2003
IPv6 Prefix Options for
Dynamic Host Configuration Protocol (DHCP) version 6
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
The Prefix Delegation options provide a mechanism for automated
delegation of IPv6 prefixes using the Dynamic Host Configuration
Protocol (DHCP). This mechanism is intended for delegating a long-
lived prefix from a delegating router to a requesting router, across
an administrative boundary, where the delegating router does not
require knowledge about the topology of the links in the network to
which the prefixes will be assigned.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. DHCPv6 specification dependency . . . . . . . . . . . . . . 3
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 3
5. Model and Applicability . . . . . . . . . . . . . . . . . . 3
5.1. Example network architecture . . . . . . . . . . . . . 4
6. Identity Association for Prefix Delegation . . . . . . . . . 5
7. Overview of DHCP with Prefix Delegation . . . . . . . . . . 6
8. Interface Selection . . . . . . . . . . . . . . . . . . . . 7
9. Identity Association for Prefix Delegation Option . . . . . 7
10. IA_PD Prefix option . . . . . . . . . . . . . . . . . . . . 9
11. Delegating Router Solicitation . . . . . . . . . . . . . . . 11
11.1. Requesting router behavior . . . . . . . . . . . . . . 11
11.2. Delegating router behavior . . . . . . . . . . . . . . 11
12. Requesting router initiated prefix delegation . . . . . . . 12
Troan & Droms Standards Track [Page 1]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
12.1. Requesting router behavior . . . . . . . . . . . . . . 12
12.2. Delegating Router behavior . . . . . . . . . . . . . . 14
13. Prefix Delegation reconfiguration . . . . . . . . . . . . . 15
13.1. Delegating Router behavior . . . . . . . . . . . . . . 15
13.2. Requesting Router behavior . . . . . . . . . . . . . . 15
14. Relay agent behavior . . . . . . . . . . . . . . . . . . . . 15
15. Security Considerations . . . . . . . . . . . . . . . . . . 16
16. IANA Considerations . . . . . . . . . . . . . . . . . . . . 16
17. Intellectual Property Statement. . . . . . . . . . . . . . . 17
18. References . . . . . . . . . . . . . . . . . . . . . . . . . 17
18.1. Normative References . . . . . . . . . . . . . . . . . 17
18.2. Informative References . . . . . . . . . . . . . . . . 17
19. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18
20. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 18
21. Full Copyright Statement . . . . . . . . . . . . . . . . . . 19
1. Introduction
This document describes new options for Dynamic Host Configuration
Protocol (DHCP) that provide a mechanism for the delegation of IPv6
prefixes [1]. Through these options, a delegating router can
delegate prefixes to authorized requesting routers.
The prefix delegation mechanism described in this document is
intended for simple delegation of prefixes from a delegating router
to requesting routers. It is appropriate for situations in which the
delegating router does not have knowledge about the topology of the
networks to which the requesting router is attached, and the
delegating router does not require other information aside from the
identity of the requesting router to choose a prefix for delegation.
For example, these options would be used by a service provider to
assign a prefix to a Customer Premise Equipment (CPE) device acting
as a router between the subscriber's internal network and the service
provider's core network.
Many applications expect stable addresses. Even though this
mechanism makes automatic renumbering easier, it is expected that
prefixes have a long lifespan. During renumbering it is expected
that the old and the new prefix co-exist for some time.
The design of this prefix delegation mechanism meets the requirements
for prefix delegation in Requirements for IPv6 prefix delegation [6].
Note that this use of DHCP is not bound to the assignment of IP
addresses or other configuration information to hosts, and that no
mechanism is currently available to communicate delegated prefixes to
a DHCP server that serves such a function. This may be an item of
future work, should usage warrant.
Troan & Droms Standards Track [Page 2]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
2. DHCPv6 specification dependency
This document describes new DHCPv6 options for IPv6 prefix
delegation. This document should be read in conjunction with the
DHCPv6 specification, RFC 3315 [2], for a complete specification of
the Prefix Delegation options and mechanism. Definitions for terms
and acronyms not specifically defined in this document are defined in
RFC 3315.
3. Terminology
This document uses the terminology defined in RFC 2460 [1] and RFC
3315. In addition, this document uses the following terms:
requesting router: The router that acts as a DHCP client and is
requesting prefix(es) to be assigned.
delegating router: The router that acts as a DHCP server, and is
responding to the prefix request.
Identity Association for Prefix Delegation (IA_PD): A collection of
prefixes assigned to the requesting router. Each
IA_PD has an associated IAID. A requesting
router may have more than one IA_PD assigned to
it; for example, one for each of its interfaces.
4. Requirements
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in BCP 14, RFC 2119 [3].
5. Model and Applicability
The model of operation for prefix delegation is as follows. A
delegating router is provided IPv6 prefixes to be delegated to
requesting routers. Examples of ways in which the delegating router
may be provided these prefixes are given in Section 12.2. A
requesting router requests prefix(es) from the delegating router, as
described in Section 12.1. The delegating router chooses prefix(es)
for delegation, and responds with prefix(es) to the requesting
router. The requesting router is then responsible for the delegated
prefix(es). For example, the requesting router might assign a subnet
from a delegated prefix to one of its interfaces, and begin sending
router advertisements for the prefix on that link.
Troan & Droms Standards Track [Page 3]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
Each prefix has an associated valid and preferred lifetime, which
constitutes an agreement about the length of time over which the
requesting router is allowed to use the prefix. A requesting router
can request an extension of the lifetimes on a delegated prefix and
is required to terminate the use of a delegated prefix if the valid
lifetime of the prefix expires.
This prefix delegation mechanism would be appropriate for use by an
ISP to delegate a prefix to a subscriber, where the delegated prefix
would possibly be subnetted and assigned to the links within the
subscriber's network.
5.1. Example network architecture
Figure 1 illustrates a network architecture in which prefix
delegation could be used.
______________________ \
/ \ \
| ISP core network | \
\__________ ___________/ |
| |
+-------+-------+ |
| Aggregation | | ISP
| device | | network
| (delegating | |
| router) | |
+-------+-------+ |
| /
|DSL to subscriber /
|premises /
|
+------+------+ \
| CPE | \
| (requesting | \
| router) | |
+----+---+----+ |
| | | Subscriber
---+-------------+-----+- -+-----+-------------+--- | network
| | | | |
+----+-----+ +-----+----+ +----+-----+ +-----+----+ |
|Subscriber| |Subscriber| |Subscriber| |Subscriber| /
| PC | | PC | | PC | | PC | /
+----------+ +----------+ +----------+ +----------+ /
Figure 1: An example of prefix delegation.
Troan & Droms Standards Track [Page 4]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
In this example, the delegating router is configured with a set of
prefixes to be used for assignment to customers at the time of each
customer's first connection to the ISP service. The prefix
delegation process begins when the requesting router requests
configuration information through DHCP. The DHCP messages from the
requesting router are received by the delegating router in the
aggregation device. When the delegating router receives the request,
it selects an available prefix or prefixes for delegation to the
requesting router. The delegating router then returns the prefix or
prefixes to the requesting router.
The requesting router subnets the delegated prefix and assigns the
longer prefixes to links in the subscriber's network. In a typical
scenario based on the network shown in Figure 1, the requesting
router subnets a single delegated /48 prefix into /64 prefixes and
assigns one /64 prefix to each of the links in the subscriber
network.
The prefix delegation options can be used in conjunction with other
DHCP options carrying other configuration information to the
requesting router. The requesting router may, in turn, then provide
DHCP service to hosts attached to the internal network. For example,
the requesting router may obtain the addresses of DNS and NTP servers
from the ISP delegating router, and then pass that configuration
information on to the subscriber hosts through a DHCP server in the
requesting router.
6. Identity Association for Prefix Delegation
An IA_PD is a construct through which a delegating router and a
requesting router can identify, group and manage a set of related
IPv6 prefixes. Each IA_PD consists of an IAID and associated
configuration information. An IA_PD for prefixes is the equivalent
of an IA (described in RFC 3315) for addresses.
An IA_PD is different from an IA, in that it does not need to be
associated with exactly one interface. One IA_PD can be associated
with the requesting router, with a set of interfaces or with exactly
one interface. A requesting router must create at least one distinct
IA_PD. It may associate a distinct IA_PD with each of its downstream
network interfaces and use that IA_PD to obtain a prefix for that
interface from the delegating router.
The IAID uniquely identifies the IA_PD and must be chosen to be
unique among the IA_PD IAIDs on the requesting router. The IAID is
chosen by the requesting router. For any given use of an IA_PD by
the requesting router, the IAID for that IA_PD MUST be consistent
across restarts of the requesting router. The requesting router may
Troan & Droms Standards Track [Page 5]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
maintain consistency either by storing the IAID in non-volatile
storage or by using an algorithm that will consistently produce the
same IAID as long as the configuration of the requesting router has
not changed. If the requesting router uses only one IAID, it can use
a well-known value, e.g., zero.
The configuration information in an IA_PD consists of one or more
IPv6 prefixes along with the times T1 and T2 for the IA_PD. See
section 9 for the representation of an IA_PD in a DHCP message.
7. Overview of DHCP with Prefix Delegation
Prefix delegation with DHCP is independent of address assignment with
DHCP. A requesting router can use DHCP for just prefix delegation or
for prefix delegation along with address assignment and other
configuration information.
A requesting router first creates an IA_PD and assigns it an IAID.
The requesting router then transmits a Solicit message containing an
IA_PD option describing the IA_PD. Delegating routers that can
delegate prefixes to the IA_PD respond to the requesting router with
an Advertise message.
The requesting router may include prefixes in the IA_PDs as a hint to
the delegating router about specific prefixes for which the
requesting router has a preference.
When the requesting router has identified a delegating router, the
requesting router uses a Request message to populate the IA_PDs with
prefixes. The requesting router includes one or more IA_PD options
in the Request message. The delegating router returns prefixes and
other information about the IA_PDs to the requesting router in IA_PD
options in a Reply message. The requesting router records the
lifetimes for the delegated prefix(es) and uses the prefix(es) as
described in the previous section.
Before the valid lifetime on each delegated prefix expires, the
requesting router includes the prefix in an IA_PD option sent in a
Renew message to the delegating router. The delegating router
responds by returning the prefix with updated lifetimes to the
requesting router.
Troan & Droms Standards Track [Page 6]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
8. Interface Selection
Delegated prefixes are not associated with a particular interface in
the same way as addresses are for address assignment, and the rules
described in section 16, "Client Source Address and Interface
Selection" of RFC 3315 do not apply.
When a requesting router sends a DHCP message, it SHOULD be sent on
the interface associated with the upstream router (ISP network). The
upstream interface is typically determined by configuration. This
rule applies even in the case where a separate IA_PD is used for each
downstream interface.
When a requesting router sends a DHCP message directly to a
delegating router using unicast (after receiving the Server Unicast
option from that delegating router), the source address SHOULD be an
address from the upstream interface and which is suitable for use by
the delegating router in responding to the requesting router.
9. Identity Association for Prefix Delegation Option
The IA_PD option is used to carry a prefix delegation identity
association, the parameters associated with the IA_PD and the
prefixes associated with it.
The format of the IA_PD option is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_IA_PD | option-length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IAID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| T1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| T2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. IA_PD-options .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code: OPTION_IA_PD (25)
option-length: 12 + length of IA_PD-options field.
Troan & Droms Standards Track [Page 7]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
IAID: The unique identifier for this IA_PD; the IAID must
be unique among the identifiers for all of this
requesting router's IA_PDs.
T1: The time at which the requesting router should
contact the delegating router from which the
prefixes in the IA_PD were obtained to extend the
lifetimes of the prefixes delegated to the IA_PD;
T1 is a time duration relative to the current time
expressed in units of seconds.
T2: The time at which the requesting router should
contact any available delegating router to extend
the lifetimes of the prefixes assigned to the
IA_PD; T2 is a time duration relative to the
current time expressed in units of seconds.
IA_PD-options: Options associated with this IA_PD.
The IA_PD-options field encapsulates those options that are specific
to this IA_PD. For example, all of the IA_PD Prefix Options carrying
the prefixes associated with this IA_PD are in the IA_PD-options
field.
An IA_PD option may only appear in the options area of a DHCP
message. A DHCP message may contain multiple IA_PD options.
The status of any operations involving this IA_PD is indicated in a
Status Code option in the IA_PD-options field.
Note that an IA_PD has no explicit "lifetime" or "lease length" of
its own. When the valid lifetimes of all of the prefixes in a IA_PD
have expired, the IA_PD can be considered as having expired. T1 and
T2 are included to give delegating routers explicit control over when
a requesting router should contact the delegating router about a
specific IA_PD.
In a message sent by a requesting router to a delegating router,
values in the T1 and T2 fields indicate the requesting router's
preference for those parameters. The requesting router sets T1 and
T2 to zero if it has no preference for those values. In a message
sent by a delegating router to a requesting router, the requesting
router MUST use the values in the T1 and T2 fields for the T1 and T2
parameters. The values in the T1 and T2 fields are the number of
seconds until T1 and T2.
The delegating router selects the T1 and T2 times to allow the
requesting router to extend the lifetimes of any prefixes in the
Troan & Droms Standards Track [Page 8]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
IA_PD before the lifetimes expire, even if the delegating router is
unavailable for some short period of time. Recommended values for T1
and T2 are .5 and .8 times the shortest preferred lifetime of the
prefixes in the IA_PD that the delegating router is willing to
extend, respectively. If the time at which the prefixes in an IA_PD
are to be renewed is to be left to the discretion of the requesting
router, the delegating router sets T1 and T2 to 0.
If a delegating router receives an IA_PD with T1 greater than T2, and
both T1 and T2 are greater than 0, the delegating router ignores the
invalid values of T1 and T2 and processes the IA_PD as though the
delegating router had set T1 and T2 to 0.
If a requesting router receives an IA_PD with T1 greater than T2, and
both T1 and T2 are greater than 0, the client discards the IA_PD
option and processes the remainder of the message as though the
delegating router had not included the IA_PD option.
10. IA_PD Prefix option
The IA_PD Prefix option is used to specify IPv6 address prefixes
associated with an IA_PD. The IA_PD Prefix option must be
encapsulated in the IA_PD-options field of an IA_PD option.
The format of the IA_PD Prefix option is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_IAPREFIX | option-length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| preferred-lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| valid-lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| prefix-length | |
+-+-+-+-+-+-+-+-+ IPv6 prefix |
| (16 octets) |
| |
| |
| |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | .
+-+-+-+-+-+-+-+-+ .
. IAprefix-options .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Troan & Droms Standards Track [Page 9]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
option-code: OPTION_IAPREFIX (26)
option-length: 25 + length of IAprefix-options field
preferred-lifetime: The recommended preferred lifetime for the IPv6
prefix in the option, expressed in units of
seconds. A value of 0xFFFFFFFF represents
infinity.
valid-lifetime: The valid lifetime for the IPv6 prefix in the
option, expressed in units of seconds. A value of
0xFFFFFFFF represents infinity.
prefix-length: Length for this prefix in bits
IPv6-prefix: An IPv6 prefix
IAprefix-options: Options associated with this prefix
In a message sent by a requesting router to a delegating router, the
values in the fields can be used to indicate the requesting router's
preference for those values. The requesting router may send a value
of zero to indicate no preference. A requesting router may set the
IPv6 prefix field to zero and a given value in the prefix-length
field to indicate a preference for the size of the prefix to be
delegated.
In a message sent by a delegating router the preferred and valid
lifetimes should be set to the values of AdvPreferredLifetime and
AdvValidLifetime as specified in section 6.2.1, "Router Configuration
Variables" of RFC 2461 [4], unless administratively configured.
A requesting router discards any prefixes for which the preferred
lifetime is greater than the valid lifetime. A delegating router
ignores the lifetimes set by the requesting router if the preferred
lifetime is greater than the valid lifetime and ignores the values
for T1 and T2 set by the requesting router if those values are
greater than the preferred lifetime.
The values in the preferred and valid lifetimes are the number of
seconds remaining for each lifetime.
An IA_PD Prefix option may appear only in an IA_PD option. More than
one IA_PD Prefix Option can appear in a single IA_PD option.
The status of any operations involving this IA_PD Prefix option is
indicated in a Status Code option in the IAprefix-options field.
Troan & Droms Standards Track [Page 10]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
11. Delegating Router Solicitation
The requesting router locates and selects a delegating router in the
same way as described in section 17, "DHCP Server Solicitation" of
RFC 3315. The details of the solicitation process are described in
this section.
11.1. Requesting router behavior
The requesting router creates and transmits a Solicit message as
described in sections 17.1.1, "Creation of Solicit Messages" and
17.1.2, "Transmission of Solicit Messages" of RFC 3315. The
requesting router creates an IA_PD and assigns it an IAID. The
requesting router MUST include the IA_PD option in the Solicit
message.
The requesting router processes any received Advertise messages as
described in section 17.1.3, "Receipt of Advertise Messages" of RFC
3315. The requesting router MAY choose to consider the presence of
advertised prefixes in its decision about which delegating router to
respond to.
The requesting router MUST ignore any Advertise message that includes
a Status Code option containing the value NoPrefixAvail, with the
exception that the requesting router MAY display the associated
status message to the user.
11.2. Delegating router behavior
The delegating router sends an Advertise message to the requesting
router in the same way as described in section 17.2.2, "Creation and
transmission of Advertise messages" of RFC 3315. If the message
contains an IA_PD option and the delegating router is configured to
delegate prefix(es) to the requesting router, the delegating router
selects the prefix(es) to be delegated to the requesting router. The
mechanism through which the delegating router selects prefix(es) for
delegation is not specified in this document. Examples of ways in
which the delegating router might select prefix(es) for a requesting
router include: static assignment based on subscription to an ISP;
dynamic assignment from a pool of available prefixes; selection based
on an external authority such as a RADIUS server using the Framed-
IPv6-Prefix option as described in RFC 3162 [5].
If the requesting router includes an IA_PD Prefix option in the IA_PD
option in its Solicit message, the delegating router MAY choose to
use the information in that option to select the prefix(es) or prefix
size to be delegated to the requesting router.
Troan & Droms Standards Track [Page 11]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
The delegating router sends an Advertise message to the requesting
router in the same way as described in section, "Creation and
transmission of Advertise messages" of RFC 3315. The delegating
router MUST include an IA_PD option, identifying any prefix(es) that
the delegating router will delegate to the requesting router.
If the delegating router will not assign any prefixes to any IA_PDs
in a subsequent Request from the requesting router, the delegating
router MUST send an Advertise message to the requesting router that
includes the IA_PD with no prefixes in the IA_PD and a Status Code
option in the IA_PD containing status code NoPrefixAvail and a status
message for the user, a Server Identifier option with the delegating
router's DUID and a Client Identifier option with the requesting
router's DUID.
12. Requesting router initiated prefix delegation
A requesting router uses the same message exchanges as described in
section 18, "DHCP Client-Initiated Configuration Exchange" of RFC
3315 to obtain or update prefix(es) from a delegating router. The
requesting router and the delegating router use the IA_PD Prefix
option to exchange information about prefix(es) in much the same way
IA Address options are used for assigned addresses.
12.1. Requesting router behavior
The requesting router uses a Request message to populate IA_PDs with
prefixes. The requesting router includes one or more IA_PD options
in the Request message. The delegating router then returns the
prefixes for the IA_PDs to the requesting router in IA_PD options in
a Reply message.
The requesting router includes IA_PD options in any Renew, or Rebind
messages sent by the requesting router. The IA_PD option includes
all of the prefixes the requesting router currently has associated
with that IA_PD.
In some circumstances the requesting router may need verification
that the delegating router still has a valid binding for the
requesting router. Examples of times when a requesting router may
ask for such verification include:
o The requesting router reboots.
o The requesting router's upstream link flaps.
o The requesting router is physically disconnected from a wired
connection.
Troan & Droms Standards Track [Page 12]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
If such verification is needed the requesting router MUST initiate a
Rebind/Reply message exchange as described in section 18.1.4,
"Creation and Transmission of Rebind Messages" of RFC 3315, with the
exception that the retransmission parameters should be set as for the
Confirm message, described in section 18.1.2, "Creation and
Transmission of Confirm Messages" of RFC 3315. The requesting router
includes any IA_PDs, along with prefixes associated with those IA_PDs
in its Rebind message.
Each prefix has valid and preferred lifetimes whose durations are
specified in the IA_PD Prefix option for that prefix. The requesting
router uses Renew and Rebind messages to request the extension of the
lifetimes of a delegated prefix.
The requesting router uses a Release message to return a delegated
prefix to a delegating router. The prefixes to be released MUST be
included in the IA_PDs.
The Confirm and Decline message types are not used with Prefix
Delegation.
Upon the receipt of a valid Reply message, for each IA_PD the
requesting router assigns a subnet from each of the delegated
prefixes to each of the links to which the associated interfaces are
attached, with the following exception: the requesting router MUST
NOT assign any delegated prefixes or subnets from the delegated
prefix(es) to the link through which it received the DHCP message
from the delegating router.
When a requesting router subnets a delegated prefix, it must assign
additional bits to the prefix to generate unique, longer prefixes.
For example, if the requesting router in Figure 1 were delegated
3FFE:FFFF:0::/48, it might generate 3FFE:FFFF:0:1::/64 and
3FFE:FFFF:0:2::/64 for assignment to the two links in the subscriber
network. If the requesting router were delegated 3FFE:FFFF:0::/48
and 3FFE:FFFF:5::/48, it might assign 3FFE:FFFF:0:1::/64 and
3FFE:FFFF:5:1::/64 to one of the links, and 3FFE:FFFF:0:2::/64 and
3FFE:FFFF:5:2::/64 for assignment to the other link.
If the requesting router assigns a delegated prefix to a link to
which the router is attached, and begins to send router
advertisements for the prefix on the link, the requesting router MUST
set the valid lifetime in those advertisements to be no later than
the valid lifetime specified in the IA_PD Prefix option. A
requesting router MAY use the preferred lifetime specified in the
IA_PD Prefix option.
Troan & Droms Standards Track [Page 13]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
Handling of Status Codes options in received Reply messages is
described in section 18.1.8, "Receipt of Reply Messages" of RFC 3315.
The NoPrefixAvail Status Code is handled in the same manner as the
NoAddrsAvail Status Code.
12.2. Delegating Router behavior
When a delegating router receives a Request message from a requesting
router that contains an IA_PD option, and the delegating router is
authorized to delegate prefix(es) to the requesting router, the
delegating router selects the prefix(es) to be delegated to the
requesting router. The mechanism through which the delegating router
selects prefix(es) for delegation is not specified in this document.
Section 11.2 gives examples of ways in which a delegating router
might select the prefix(es) to be delegated to a requesting router.
A delegating router examines the prefix(es) identified in IA_PD
Prefix options (in an IA_PD option) in Renew and Rebind messages and
responds according to the current status of the prefix(es). The
delegating router returns IA_PD Prefix options (within an IA_PD
option) with updated lifetimes for each valid prefix in the message
from the requesting router. If the delegating router finds that any
of the prefixes are not in the requesting router's binding entry, the
delegating router returns the prefix to the requesting router with
lifetimes of 0.
The delegating router behaves as follows when it cannot find a
binding for the requesting router's IA_PD:
Renew message: If the delegating router cannot find a binding
for the requesting router's IA_PD the delegating
router returns the IA_PD containing no prefixes
with a Status Code option set to NoBinding in the
Reply message.
Rebind message: If the delegating router cannot find a binding
for the requesting router's IA_PD and the
delegating router determines that the prefixes in
the IA_PD are not appropriate for the link to
which the requesting router's interface is
attached according to the delegating routers
explicit configuration, the delegating router MAY
send a Reply message to the requesting router
containing the IA_PD with the lifetimes of the
prefixes in the IA_PD set to zero. This Reply
constitutes an explicit notification to the
requesting router that the prefixes in the IA_PD
are no longer valid. If the delegating router is
Troan & Droms Standards Track [Page 14]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
unable to determine if the prefix is not
appropriate for the link, the Rebind message is
discarded.
A delegating router may mark any prefix(es) in IA_PD Prefix options
in a Release message from a requesting router as "available",
dependent on the mechanism used to acquire the prefix, e.g., in the
case of a dynamic pool.
The delegating router MUST include an IA_PD Prefix option or options
(in an IA_PD option) in Reply messages sent to a requesting router.
13. Prefix Delegation reconfiguration
This section describes prefix delegation in Reconfigure message
exchanges.
13.1. Delegating Router behavior
The delegating router initiates a configuration message exchange with
a requesting router, as described in section 19, "DHCP Server-
Initiated Configuration Exchange" of RFC 3315, by sending a
Reconfigure message (acting as a DHCP server) to the requesting
router, as described in section 19.1, "Server Behavior" of RFC 3315.
The delegating router specifies the IA_PD option in the Option
Request option to cause the requesting router to include an IA_PD
option to obtain new information about delegated prefix(es).
13.2. Requesting Router behavior
The requesting router responds to a Reconfigure message, acting as a
DHCP client, received from a delegating router as described in
section 19.4, "Client Behavior" of RFC 3315. The requesting router
MUST include the IA_PD Prefix option(s) (in an IA_PD option) for
prefix(es) that have been delegated to the requesting router by the
delegating router from which the Reconfigure message was received.
14. Relay agent behavior
A relay agent forwards messages containing Prefix Delegation options
in the same way as described in section 20, "Relay Agent Behavior" of
RFC 3315.
If a delegating router communicates with a requesting router through
a relay agent, the delegating router may need a protocol or other
out-of-band communication to add routing information for delegated
prefixes into the provider edge router.
Troan & Droms Standards Track [Page 15]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
15. Security Considerations
Security considerations in DHCP are described in section 23,
"Security Considerations" of RFC 3315.
A rogue delegating router can issue bogus prefixes to a requesting
router. This may cause denial of service due to unreachability.
A malicious requesting router may be able to mount a denial of
service attack by repeated requests for delegated prefixes that
exhaust the delegating router's available prefixes.
To guard against attacks through prefix delegation, requesting
routers and delegating routers SHOULD use DHCP authentication as
described in section 21, "Authentication of DHCP messages" of RFC
3315. For point to point links, where one trusts that there is no
man in the middle, or one trusts layer two authentication, DHCP
authentication or IPsec may not be necessary. Because a requesting
router and delegating routers must each have at least one assigned
IPv6 address, the routers may be able to use IPsec for authentication
of DHCPv6 messages. The details of using IPsec for DHCPv6 are under
development.
Networks configured with delegated prefixes should be configured to
preclude intentional or inadvertent inappropriate advertisement of
these prefixes.
16. IANA Considerations
IANA has assigned option codes to:
OPTION_IA_PD (25)
OPTION_IAPREFIX (26)
from the option-code space as defined in section 24.3, "DHCP Options"
of RFC 3315.
IANA has assigned status code 6 to:
NoPrefixAvail: Delegating router has no prefixes available to
assign to the IAPD(s)
from the status-code space as defined in section 24.4, "Status Codes"
of RFC 3315.
Troan & Droms Standards Track [Page 16]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
17. Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
18. References
18.1. Normative References
[1] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6)
Specification", RFC 2460, December 1998.
[2] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M.
Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
RFC 3315, July 2003.
[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[4] Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for
IP Version 6 (IPv6)", RFC 2461, December 1998.
[5] Aboba, B., Zorn, G. and D. Mitton, "RADIUS and IPv6", RFC 3162,
August 2001.
18.2. Informative References
[6] Miyakawa, S. and R. Droms, "Requirements for IPv6 prefix
delegation", Work in Progress, August 2003.
Troan & Droms Standards Track [Page 17]
RFC 3633 IPv6 Prefix Options for DHCPv6 December 2003
19. Acknowledgements
Thanks for the input and review by (in alphabetical order) Steve
Deering, Dave Forster, Brian Haberman, Tatuya Jinmei, Shin Miyakawa,
Pekka Savola, Bernie Volz, Trevor Warwick and Toshi Yamasaki.
20. Authors' Addresses
Ole Troan
Cisco Systems
250 Longwater Avenue
Reading RG2 6GB
United Kingdom
Phone: +44 20 8824 8666
EMail: [email protected]
Ralph Droms
Cisco Systems
1414 Massachusetts Avenue
Boxborough, MA 01719
USA
Phone: +1 978 936 1674
EMail: [email protected]