IPv6 Group R. Droms
Internet-Draft P. Thubert
Expires: September 29, 2005 Cisco
March 28, 2005
DHCPv6 Prefix Delegation for NEMO
draft-droms-nemo-dhcpv6-pd-02.txt
Status of this Memo
This document is an Internet-Draft and is subject to all provisions
of Section 3 of RFC 3667. By submitting this Internet-Draft, each
author represents that any applicable patent or other IPR claims of
which he or she is aware have been or will be disclosed, and any of
which he or she become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 29, 2005.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
One aspect of network mobility support is the assignment of a prefix
or prefixes to a mobile router (MR) for use on the links in the
mobile network. DHCPv6 prefix delegation can be used for this
configuration task.
Droms & Thubert Expires September 29, 2005 [Page 1]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
1. Introduction
One aspect of network mobility support is the assignment of a prefix
or prefixes to a mobile router for use on the links in the mobile
network. DHCPv6 prefix delegation [1] (DHCPv6PD) can be used for
this configuration task, whether from the Home Network or locally
from an Access Network.
2. Terminology
The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL in this document are to be
interpreted as described in RFC2119 [2].
The following terms used in this document are defined in the IPv6
Addressing Architecture document [3]:
link-local unicast address
link-local scope multicast address
The following terms used in this document are defined in the mobile
IPv6 specification [4]:
home agent (HA)
home link
The following terms used in this document are defined in the mobile
network terminology document [5]:
mobile router (MR)
mobile network
mobile host (MH)
The following terms used in this document are defined in the DHCPv6
[6] and DHCPv6 prefix delegation [1] specifications:
delegating router (DR)
requesting router (RR)
DHCPv6 relay agent
3. Application of DHCPv6 prefix delegation to mobile networks
The network mobility requirements document [7] defines a solution for
mobile IPv6 networks based on the mobile IPv6 protocol [4]. In this
solution, a MR uses the mobile IPv6 protocol to establish a maintain
a session with its HA, and uses bidirectional tunneling between the
MR and HA to provide a path through which hosts attached to links in
the mobile network can maintain connectivity with nodes not in the
mobile network.
The requirements in basic network mobility support [7] include the
ability of the MR to receive delegated prefixes that can then be
Droms & Thubert Expires September 29, 2005 [Page 2]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
assigned to links in the mobile network. DHCPv6PD can be used to
meet this requirement for prefix delegation.
3.1 Delegating Home prefixes
To use DHCPv6PD for mobile networks, the HA assumes the role of the
DR and the MR assumes the role of the RR. Throughout the remainder
of this document, the HA will be assumed to be acting as a DHCPv6PD
DR and the MR will be assumed to be acting as a RR.
The HA and MR exchange DHCPv6PD protocol messages through the tunnel
connecting them. The tunnel acts as the link labeled "DSL to
subscriber premises" in figure 1 of the DHCPv6PD specification.
The HA (acting as the DR) is provisioned with prefixes to be assigned
using any of the prefix assignment mechanisms described in the
DHCPv6PD specifications. Other updates to the HA data structures
required as a side effect of prefix delegation are specified by the
particular network mobility protocol. For example, in the case of
Basic Network Mobility Support [8], the HA would add an entry in its
binding cache registering the delegated prefix to the MR to which the
prefix was delegated.
3.1.1 Use of HA-MR tunnel for DHCPv6 messages
The DHCPv6 specification requires the use of link-local unicast and
link-local scope multicast addresses in DHCPv6 messages (except in
certain cases as defined in section 22.12 of the DHCPv6
specification). Section 10.4.2 of the mobile IPv6 specification
describes forwarding of intercepted packets, and the third paragraph
of that section begins:
However, packets addressed to the mobile node's link-local address
MUST NOT be tunneled to the mobile node.
The DHCPv6 messages exchanged between the HA and the MR originate
only with the HA and the MR, and therefore are not "intercepted
packets" and may be sent between the HA and the MR through the
tunnel.
3.1.2 Exchanging DHCPv6 messages when HA and MR are on the same link
When the MR is on its home link, the HA uses the home link to
exchange DHCPv6PD messages with the MR, even if there is a tunnel
across the home link between the MR and the HA. It is the
responsibility of the implementation to determine when the MR is on
its home link and to avoid use of any existing tunnel.
Droms & Thubert Expires September 29, 2005 [Page 3]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
3.1.3 Location of DHCPv6PD Delegating Router function
Support of DHCPv6PD in a mobile network is optional. If DHCPv6PD is
used then the DHCPv6PD DR function MUST be implemented in the HA for
the MR The use of a DHCPv6 relay agent is not defined for DHCPv6PD.
3.1.4 Other DHCPv6 functions
The DHCPv6 messages exchanged between the MR and the HA may also be
used for other DHCPv6 functions in addition to DHCPv6PD. For
example, the HA may assign global addresses to the MR and may pass
other configuration information such as a list of available DNS
recursive resolvers to the MR using the same DHCPv6 messages as used
for DHCPV6PD.
The HA may act as a DHCPv6 relay agent for MHs while it acts as a DR
for MRs.
3.2 Delegating Access Prefixes
A Mobile Router may also obtain a temporary delegated prefix from its
Access Router (acting as a DHCPv6PD DR) while the MR is roaming
within the AR space.
This is used for instance if the MR opens a network for anonymous
visitors to roam in. In that model, the delegated network is
advertised in the clear, as opposed to the MR's own Mobile Network
Prefixes, which can stay private, over secured media.
As a result, the CareOf Addresses of the visitors in a nested
structure are all aggregated by a larger prefix owned, subdelegated,
and advertised to the infrastructure by the Access Router itself.
It is possible to protect the privacy of both parties between a VMN
that implements RFC 3041 [9] and a visited MR that advertises only
the delegated prefixes in the clear.
In the case of a nested structure, it is expected that the AR and the
MR maintain a tunnel and that the connectivity between the two is
maintained somehow; this can be achieved by:
o Performing a routing protocol such as a MANET within the nested
topology.
o performing some L3 bridging technique between AR and MRs.
o placing a Nemo Home Agent at the AR so that the MR registers the
mobility of the delegated prefix while it is roaming inside or
outside the nested structure below the AR.
Droms & Thubert Expires September 29, 2005 [Page 4]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
It may be beneficial for the Mobile Router to use its address within
its delegated prefix as CareOf to register to its Home Agent. As a
result, the MR gets some advantages similar to those obtained with
HMIP.
4. Security Considerations
This document describes the use of DHCPv6 for prefix delegation in
mobile networks. It does not introduce any additional security
considerations beyond those described in the "Security
Considerations" section of the DHCPv6 base specification [6] and the
"Security Considerations" of the DHCPv6 Prefix Delegation
specification [1].
Following the DHCPv6 Prefix Delegation specification, HAs and MRs
SHOULD use DHCPv6 authentication as described in section
"Authentication of DHCP messages" of the DHCPv6 specification [6], to
guard against attacks mounted through prefix delegation.
5. IANA Considerations
This document describes the use of DHCPv6 for prefix delegation in
mobile networks. It does not introduce any additional IANA
considerations.
6. Normative References
[1] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host
Configuration Protocol (DHCP) version 6", RFC 3633, December
2003.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[3] Hinden, R. and S. Deering, "Internet Protocol Version 6 (IPv6)
Addressing Architecture", RFC 3513, April 2003.
[4] Johnson, D., Perkins, C. and J. Arkko, "Mobility Support in
IPv6", RFC 3775, June 2004.
[5] Ernst, T. and H. Lach, "Network Mobility Support Terminology",
Internet-Draft draft-ietf-nemo-terminology-03, February 2005.
[6] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M.
Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
RFC 3315, July 2003.
[7] Ernst, T., "Network Mobility Support Goals and Requirements",
Droms & Thubert Expires September 29, 2005 [Page 5]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
Internet-Draft draft-ietf-nemo-requirements-04, February 2005.
[8] Devarapalli, V., Wakikawa, R., Petrescu, A. and P. Thubert,
"Network Mobility (NEMO) Basic Support Protocol", RFC 3963,
January 2005.
[9] Narten, T. and R. Draves, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6", RFC 3041, January 2001.
Authors' Addresses
Ralph Droms
Cisco
1414 Massachusetts Avenue
Boxborough, MA 01719
USA
Phone: +1 978.936.1674
Email: rdroms@cisco.com
Pascal Thubert
Cisco
Village d'Entreprises Green Side
400, Avenue Roumanille
Biot - Sophia Antipolis 06410
FRANCE
Email: pthubert@cisco.com
Appendix A. Changes Log
Rev -01: The section on access prefix delegation was added. That
section provides a mechanism that is very close to HMIP but purely
based on standard DHCP-PD. It is limited to Nemo applications, but
it provides additional features, including the privacy of the mobile
access router.
Rev -02: The section on optimization of access prefix delegation was
removed.
Droms & Thubert Expires September 29, 2005 [Page 6]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Droms & Thubert Expires September 29, 2005 [Page 7]
Internet-Draft DHCPv6 Prefix Delegation for NEMO March 2005
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Droms & Thubert Expires September 29, 2005 [Page 8]