Network Working Group Y. Cui
Internet-Draft P. Wu
Intended status: Standards Track J. Wu
Expires: January 12, 2012 Tsinghua University
July 11, 2011
DHCPv4 Behavior over IP-IP tunnel
draft-cui-softwire-dhcp-over-tunnel-01
Abstract
This document analyzes the scenario in which DHCPv4 interaction is
performed over IP-IP tunnel, and proposes methods to keep DHCP
working under such situation. The main issue is encapsulation of
DHCP packets on server side, and there are both in-protocol and out-
of-protocol solutions for this issue. The in-protocol solution is to
have DHCP carrying the encapsulation address information, and the
out-of-protocol solution is to have the DHCP server keeping track of
the address mapping by inspecting DHCP packets.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 12, 2012.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
Cui, et al. Expires January 12, 2012 [Page 1]
Internet-Draft DHCPv4 over tunnel July 2011
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Teminology . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Problem Analysis . . . . . . . . . . . . . . . . . . . . . . . 5
4. In-protocol and Out-of-protocol Solutions . . . . . . . . . . 7
4.1. Address mapping with session id . . . . . . . . . . . . . 7
4.2. Leveraging Relay Agent Option . . . . . . . . . . . . . . 8
5. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.1. Normative References . . . . . . . . . . . . . . . . . . . 10
6.2. Informative References . . . . . . . . . . . . . . . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11
Cui, et al. Expires January 12, 2012 [Page 2]
Internet-Draft DHCPv4 over tunnel July 2011
1. Introduction
The DHC protocol[RFC2131] wasn't designed with tunnel environment
considerations. However, due to the development of tunnel-based
mechanisms, the demand to apply DHCP in tunnel environment arises,
especially in the context of IPv6 transition. A typical application
scenario is IP-IP Hub and spoke tunnel[RFC4925]. In this type of
scenario, IP-IP tunnel is used to provide non-native IP connectivity
to hosts, across a heterogenous network. If the non-native IP
addresses of the clients are provided by the concentrator side, this
address provisioning needs to cross the heterogeneous network, too.
One transition mechanism that requires DHCP over tunnel is documented
in [I-D.cui-softwire-host-4over6]. In this mechanism, users in IPv6
network get IPv4 access by IPv4-in-IPv6 tunnel with 4over6
concentrator. Every user employs a public IPv4 address to get full
bidirectional IPv4 communication. This IPv4 address is allocated by
the ISP over the IPv6 network. The document suggests to achieve this
by tunneling DHCPv4 between the 4over6 initiator(DHCPv4 client) and
4over6 concentrator(DHCPv4 server).
Two main flavours of solutions may be considered:
o Use DHCPv6 to provision IPv4-related connectivity, since IPv4
address can be embedded into IPv6 address field. To achieve this
mode, dedicated options are needed to convey IPv4-related
information, such as IPv4 address of DNS server, NTP server, etc.
o Use DHCPv4 and sustain it in the tunnel environment. Unlike the
previous approach where only DHCPv6 is used for both IPv4 and IPv6
connectivity, this approach consists in maintaining the separation
between IPv4 and IPv6 connectivity information. It allows to
maintain the IPv4 service without requiring major modification of
IPv6-related provisioning resources, and perserves DHCP as an
IPv4-related information carrier. This document focuses on this
flavour.
Cui, et al. Expires January 12, 2012 [Page 3]
Internet-Draft DHCPv4 over tunnel July 2011
2. Teminology
This document makes use of the following terms:
o DHCPv4 refers to IPv4 DHCP [RFC2131].
o DHCPv4 client (or client) denotes a node that initiates requests
to obtain configuration parameters from one or more DHCP servers
[RFC2131].
o DHCPv4 server (or server) refers to a node that responds to
requests from DHCP clients [RFC2131].
Cui, et al. Expires January 12, 2012 [Page 4]
Internet-Draft DHCPv4 over tunnel July 2011
3. Problem Analysis
The scenario of DHCPv4 over IP-IP tunnel is shown in Figure 1.
DHCPv4 client and DHCPv4 server(could be a relay) are separated by an
IPv6 or IPv4 network, with no DHCP relay in the middle. DHCP
DISCOVER and DHCP REQUEST packets cannot reach the other end since
they are broadcast packets; DHCP OFFER and DHCP ACK/NAK packets
cannot reach the other end either, when they are broadcast packets or
unicast packets forwarded by MAC address. Therefore a tunnel between
the client and server is required to build a virtual link. Besides,
when the middle network is IPv6-only, all DHCPv4 packets can not go
through the network.
+-------------------------+
| IPv6/IPv4 Network |
+------+ |
|DHCPv4| |
|client| +-------+ +-----------+
+------+=================|DHCPv4 | | IPv4 |
| IP-IP tunnel |server |---| domain |
+------+=================| | | |
|DHCPv4| +-------+ +-----------+
|client| |
+------+ |
| |
+-------------------------+
Figure 1 Scenario of DHCPv4 over tunnel
For the above reasons, we need to build the whole DHCP procedure on
an IP-IP tunnel. The client(tunnel initiator) and server(tunnel
concentrator) will encapsulate the E-IP(External-IP, IPv4) DHCP
packets into I-IP(Internal-IP, could be IPv4 or IPv6) before sending
them to remote end; the remote end(server or client) will decapsulate
the packets to get the original E-IP DHCP packet before handing them
to the DHCP process. The encapsulation on the client is natural: the
client will use the server's I-IP address as encapsulation
destination address, which is usually known beforehand. The problem
is the encapsulation on the server. The server serves more than one
clients, and it must send every DHCP packet to the right client, each
with different I-IP address.
We can see that regular data packet encapsulation on the concentrator
faces a similar problem. The solution is to have the concentrator
maintaining the mapping between each initiator's E-IP address and
I-IP address. When the concentrator performs encapsulation, it will
Cui, et al. Expires January 12, 2012 [Page 5]
Internet-Draft DHCPv4 over tunnel July 2011
use the packet's E-IP destination address to look up the I-IP
encapsulation destination address. However, this solution doesn't
apply to DHCP packets, because the address mapping can only be
established after the DHCP address allocation, and also because the
destination address of DHCP packets can be broadcast address. So we
need some extra effort to make the encapsulation of DHCP packets
work, i.e., make the concentrator encapsulate each DHCP packet with
the I-IP address of the right initiator and hence send it to the
right initiator.
Cui, et al. Expires January 12, 2012 [Page 6]
Internet-Draft DHCPv4 over tunnel July 2011
4. In-protocol and Out-of-protocol Solutions
So far we've come to two solutions for this problem, one is an in-
protocol solution and the other is an out-of-protocol solution. In
this version of draft, we describe both of them for further
discussion.
4.1. Address mapping with session id
This is an out-of-protocol solution. The basic idea is that the
concentrator(server) inspects the incoming DHCP packets, keeps track
of the mapping between the DHCP session id and the I-IP address of
the packet. When sending out a DHCP packet, the concentrator will
use the session id in the packet to look up corresponding I-IP
address for encapsulation. Here the session id could be any field in
the DHCP packet that can be used to distinguish different clients,
such as MAC address, transaction-id, etc. The mapping needs to last
for only the lifetime of two-time handshake.
Figure 2 provides an example using MAC as session id. When receiving
a DHCPDISCOVER message, the concentrator stores the mapping between
the MAC address and I-IP address in encapsulation header. Then the
concentrator decapsulates the packet and hands the packet to upper
layer. When the upper layer passes down the corresponding DHCPOFFER
packet, the concentrator will look up the I-IP address in the mapping
table, using the MAC address in the DHCPOFFER packet. This I-IP
address will be used as encapsulation destination address. Then the
mapping can expire. Similar procedure happens when the concentrator
receives a DHCPREQUEST and sends out a DHCPACK.
This method is transparent to the DHCP process. There's no protocol
extension required. However, the concentrator need to inspect every
encapsulated packet to filter out DHCP packets.
DHCP EVENT initi- concen- BEHAVIOR
ator trator
allocating a new |---DHCPDISCOVER-->| store I-IP-MAC mapping
network address |<-----DHCPOFFER---| look up I-IP using MAC
| | mapping expires
|---DHCPREQUEST--->| store I-IP-MAC mapping
|<-----DHCPACK-----| look up I-IP using MAC
| : | mapping expires
| : |
address renewal |---DHCPREQUEST--->| store IPv6-MAC mapping
|<-----DHCPACK-----| look up I-IP using MAC
| : | mapping expires
| : |
Cui, et al. Expires January 12, 2012 [Page 7]
Internet-Draft DHCPv4 over tunnel July 2011
Figure 2 4over6 concentrator: DHCP behavior
4.2. Leveraging Relay Agent Option
Unlike the first solution, the second solution is an in-protocol
solution. We can see that what is actually needed to solve this
problem is an I-IP encapsulation address for every DHCP packet. We
can have the DHCP client to include this information in every DHCP
packet it sends out. This document suggests to use the Agent Circuit
ID Sub-option in DHCP Relay Agent Information Option (Option 82)
[RFC3046] to carry the I-IP address information.
Having the client doing this, the operations on the concentrator can
be significantly simplified. The receiving and decapsulating
procedure of the DHCP packet can be identical to regular data packet.
The DHCP server process will not modify Option 82 in a DHCP packet,
and this option will be included in the DHCP reply packet. When the
upper layer passes down the DHCP reply packet, the concentrator will
look into the packet and find the encapsulation address in Option 82.
Then the encapsulation can be done easily.
This method doesn't need per-packet inspecting when decapsulating
packet, and doesn't need address mapping maintenance, either.
However, it's a " misuse" of Option 82 in some level, since there's
actually no DHCP relay involved. Another possibility is that we can
define a new DHCP option for this specific usage if it is necessary.
Cui, et al. Expires January 12, 2012 [Page 8]
Internet-Draft DHCPv4 over tunnel July 2011
5. Acknowledgement
The authors would like to thank Alain Durand, Yiu L. Lee, Ted Lemmon
and Mohamed Boucadair for their valuable comments on this draft.
Cui, et al. Expires January 12, 2012 [Page 9]
Internet-Draft DHCPv4 over tunnel July 2011
6. References
6.1. Normative References
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol",
RFC 2131, March 1997.
[RFC3046] Patrick, M., "DHCP Relay Agent Information Option",
RFC 3046, January 2001.
[RFC4925] Li, X., Dawkins, S., Ward, D., and A. Durand, "Softwire
Problem Statement", RFC 4925, July 2007.
6.2. Informative References
[I-D.boucadair-dhcpv6-shared-address-option]
Boucadair, M., Levis, P., Grimault, J., Savolainen, T.,
and G. Bajko, "Dynamic Host Configuration Protocol
(DHCPv6) Options for Shared IP Addresses Solutions",
draft-boucadair-dhcpv6-shared-address-option-01 (work in
progress), December 2009.
[I-D.cui-softwire-host-4over6]
Cui, Y., Wu, J., Wu, P., Metz, C., Vautrin, O., and Y.
Lee, "Public IPv4 over Access IPv6 Network",
draft-cui-softwire-host-4over6-06 (work in progress),
July 2011.
Cui, et al. Expires January 12, 2012 [Page 10]
Internet-Draft DHCPv4 over tunnel July 2011
Authors' Addresses
Yong Cui
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R.China
Phone: +86-10-6260-3059
Email: yong@csnet1.cs.tsinghua.edu.cn
Peng Wu
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R.China
Phone: +86-10-6278-5822
Email: weapon@csnet1.cs.tsinghua.edu.cn
Jianping Wu
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R.China
Phone: +86-10-6278-5983
Email: jianping@cernet.edu.cn
Cui, et al. Expires January 12, 2012 [Page 11]