datatracker.ietf.org
Sign In
Version 4.45, 2013-05-14
Report a bug

SAVI Requirements and Solutions for ISP IPv6 Access Network
draft-shi-savi-access-03

Active Internet-Draft (None)
Document Stream: No stream defined
Last updated: 2013-05-07
Intended RFC status: (None)
Other versions: plain text, pdf, html
Document shepherd:(None)
Shepherd writeup
IESG State: I-D Exists
Responsible AD: (None)
Send notices to: No addresses provided 
SAVI                                                             F.Shi
Internet Draft                                           China Telecom
Intended status: Standard Tracks                     K.Xu, L.Zhu, G.Hu
Expires: Nov 2013                                       Tsinghua Univ.
                                                           May 7, 2013

        SAVI Requirements and Solutions for ISP IPv6 Access Network
                     draft-shi-savi-access-03.txt

Abstract

   Internet is always confronted with many security threats based on IP
   address spoofing which can enable impersonation and malicious traffic
   redirection. Unfortunately, the Internet architecture fails to
   provide the defense mechanism. Source Address Validation Improvement
   (SAVI) was developed to prevent IP source address spoofing.
   Especially, the mechanism is essential for ISPs. However, due to the
   diversity of address assignment methods, SAVI solution is also
   different accordingly. This document describes five scenarios of
   ISPs'IPv6 access network, and moreover, states its SAVI requirements
   and tentative solutions accordingly.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts. The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on Nov 7, 2013.

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors. All rights reserved.

Shi, et al.              Expires Nov 7,2013                   [Page 1]
Internet-Draft               SAVI Access                      May 2013

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents carefully,
   as they describe your rights and restrictions with respect to this
   document. Code Components extracted from this document must include
   Simplified BSD License text as described in Section 4.e of the Trust
   Legal Provisions and are provided without warranty as described in
   the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November 10
   2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Table of Contents

   1. Introduction ................................................. 3
   2. Conventions used in this document ............................ 4
   3. Terminology .................................................. 4
   4. Scenarios for ISPs'IPv6 Access Network ....................... 4
      4.1. Scenario 1: HRG acts as DHCPv6 proxy .................... 5
      4.2. Scenario 2: STB gets IP address via DHCPv6 .............. 7
      4.3. Scenario 3: PC gets IP address via PPPoE & RA ........... 8
      4.4. Scenario 4: Laptop accesses Internet via WLAN ........... 9
      4.5. Scenario 5: Laptop accesses Internet via C+W ........... 10
   5. Conclusions ................................................. 12
   6. References .................................................. 13
      6.1. Normative References ................................... 13
   7. Acknowledgments ............................................. 14

Shi, et al.              Expires Nov 7, 2013                  [Page 2]
Internet-Draft               SAVI Access                      May 2013

1. Introduction

   Spoofing of IP source addresses can jeopardize people's privacy,
   enable malicious traffic redirection which causes the network
   topology and traffic information to be leaked out. Further, it will
   be difficult to trace the source host which has forged the packet.