datatracker.ietf.org
Sign in
Version 5.9.0, 2014-12-18
Report a bug

SAVI Requirements and Solutions for ISP IPv6 Access Network
draft-shi-savi-access-06

Document type: Active Internet-Draft (individual)
Document stream: No stream defined
Last updated: 2014-11-10
Intended RFC status: Unknown
Other versions: plain text, pdf, html

Stream State:No stream defined
Document shepherd: No shepherd assigned

IESG State: I-D Exists
Responsible AD: (None)
Send notices to: No addresses provided

SAVI                                                             F.Shi
Internet Draft                                           China Telecom
Intended status: Standard Tracks                     K.Xu, L.Zhu, G.Hu
Expires: May 2015                                        Tsinghua Univ
                                                                  Y.Bo
                                                     Huawei Technology
                                                     November 10, 2014

        SAVI Requirements and Solutions for ISP IPv6 Access Network
                       draft-shi-savi-access-06.txt

Abstract

   Internet is always confronted with many security threats based on IP
   address spoofing which can enable impersonation and malicious traffic
   redirection. Unfortunately, the Internet architecture fails to
   provide the defense mechanism. Source Address Validation Improvement
   (SAVI) was developed to prevent IP source address spoofing.
   Especially, the mechanism is essential for ISPs. However, due to the
   diversity of address assignment methods, SAVI solution is also
   different accordingly. This document describes five scenarios of
   ISPs'IPv6 access network, and moreover, states its SAVI requirements
   and tentative solutions accordingly.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts. The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 10, 2015.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors. All rights reserved.

Shi, et al.              Expires May 10,2015                  [Page 1]
Internet-Draft               SAVI Access                      Nov 2014

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents carefully,
   as they describe your rights and restrictions with respect to this
   document. Code Components extracted from this document must include
   Simplified BSD License text as described in Section 4.e of the Trust
   Legal Provisions and are provided without warranty as described in
   the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November 10
   2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Table of Contents

   1. Introduction ................................................ 3
   2. Conventions used in this document ........................... 4
   3. Terminology ................................................. 4
   4. Scenarios for ISPs'IPv6 Access Network ...................... 4
      4.1. Scenario 1: HRG acts as DHCPv6 proxy ................... 5
      4.2. Scenario 2: STB gets IP address via DHCPv6 ............. 7
      4.3. Scenario 3: PC gets IP address via PPPoE & RA .......... 8
      4.4. Scenario 4: Laptop accesses Internet via WLAN .......... 9
      4.5. Scenario 5: Laptop accesses Internet via C+W .......... 10
   5. Conclusions ................................................ 12
   6. References ................................................. 13
      6.1. Normative References .................................. 13
   7. Acknowledgments ............................................ 14

Shi, et al.             Expires May 10, 2015                  [Page 2]
Internet-Draft               SAVI Access                      Nov 2014

1. Introduction

   Spoofing of IP source addresses can jeopardize people's privacy,
   enable malicious traffic redirection which causes the network

[include full document text]