INTERNET-DRAFT                                          R. Hinden, Nokia
June 23, 2004                                       B. Haberman, Caspian





                           Centrally Assigned
                  Unique Local IPv6 Unicast Addresses

                  <draft-ietf-ipv6-ula-central-00.txt>




Status of this Memo

   By submitting this Internet-Draft, we certify that any applicable
   patent or other IPR claims of which I am aware have been disclosed,
   and any of which I become aware will be disclosed, in accordance with
   RFC 3668.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than a "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

   This internet draft expires on November 28, 2004.


Abstract

   This document defines Centrally allocated IPv6 Unique Local
   addresses.  These addresses are globally unique and are intended for
   local communications, usually inside of a site.  They are not
   expected to be routable on the global Internet.




draft-ietf-ipv6-ULA-central-00.txt                              [Page 1]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


Table of Contents

   1.0 Introduction....................................................2
   2.0 Acknowledgments.................................................3
   3.0 Local IPv6 Unicast Addresses....................................3
   3.1 Format..........................................................3
   3.2 Global ID.......................................................4
   3.2.1 Centrally Assigned Global IDs.................................4
   3.2.2 Sample Code for Pseudo-Random Global ID Algorithm.............6
   4.0 Security Considerations.........................................6
   5.0 IANA Considerations.............................................6
   6.0 References......................................................7
   6.1 Normative References............................................7
   6.2 Informative References..........................................8
   7.0 Authors' Addresses..............................................8
   8.0 Change Log......................................................9


1.0 Introduction

   This document defines an Centrally allocated IPv6 unicast address
   format that is globally unique and is intended for local
   communications [IPV6].  These addresses are called Unique Local IPv6
   Unicast Addresses and are abbreviated in this document as Local IPv6
   addresses.  They are not expected to be routable on the global
   Internet.  They are routable inside of a more limited area such as a
   site.  They may also be routed between a limited set of sites.

   This document defines the characteristics and technical allocation
   requirements for centrally assigned Local IPv6 addresses in the
   framework defined in [ULA].

   Local IPv6 unicast addresses, as defined in [ULA], have the following
   characteristics:

      - Globally unique prefix.
      - Well known prefix to allow for easy filtering at site
        boundaries.
      - Allows sites to be combined or privately interconnected without
        creating any address conflicts or requiring renumbering of
        interfaces using these prefixes.
      - Internet Service Provider independent and can be used for
        communications inside of a site without having any permanent or
        intermittent Internet connectivity.
      - If accidentally leaked outside of a site via routing or DNS,
        there is no conflict with any other addresses.
      - In practice, applications may treat these addresses like global
        scoped addresses.



draft-ietf-ipv6-ULA-central-00.txt                              [Page 2]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


   This document defines the the characteristics and technical
   allocation requirements for centrally assigned Local IPv6 addresses.

   Topics that are general to all Local IPv6 address can be found in the
   following sections of [ULA]:

      3.3  Scope Definition
      4.0  Routing
      5.0  Renumbering and Site Merging
      6.0  Site Border Router and Firewall Packet Filtering
      7.0  DNS Issues
      8.0  Application and Higher Level Protocol Issues
      9.0  Use of Local IPv6 Addresses for Local Communications
      10.0 Use of Local IPv6 Addresses with VPNs
      11.0 Advantages and Disadvantages

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC 2119].


2.0 Acknowledgments

   The underlying idea of creating Local IPv6 addresses described in
   this document been proposed a number of times by a variety of people.
   The authors of this draft do not claim exclusive credit.  Credit goes
   to Brian Carpenter, Christian Huitema, Aidan Williams, Andrew White,
   Charlie Perkins, and many others.  The authors would also like to
   thank Brian Carpenter, Charlie Perkins, Harald Alvestrand, Keith
   Moore, Margaret Wasserman, Shannon Behrens, Alan Beard, Hans Kruse,
   Geoff Huston, Pekka Savola, Christian Huitema, and Tim Chown for
   their comments and suggestions on this document.


3.0 Centrally Assigned Local IPv6 Unicast Addresses

3.1 Format

   The Centrally assigned Local IPv6 addresses are created using a
   pseudo-random global ID.  They have the following format:

      | 8 bits |  40 bits   |  16 bits  |          64 bits            |
      +--------+------------+-----------+-----------------------------+
      | prefix | global ID  | subnet ID |        interface ID         |
      +--------+------------+-----------+-----------------------------+

   Where:




draft-ietf-ipv6-ULA-central-00.txt                              [Page 3]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


      prefix            FC00::/8 prefix to identify centrally assigned
                        Local IPv6 unicast addresses.

      global ID         40-bit global identifier used to create a
                        globally unique prefix. See section 3.2 for
                        additional information.

      subnet ID         16-bit subnet ID is an identifier of a subnet
                        within the site.

      interface ID      64-bit interface ID as defined in [ADDARCH].


3.2 Global ID

   The allocation of global IDs should be pseudo-random [RANDOM].  They
   should not be assigned sequentially or with well known numbers.  This
   is to ensure that there is not any relationship between allocations
   and to help clarify that these prefixes are not intended to be routed
   globally.  Specifically, these prefixes are designed to not
   aggregate.

   The major difference between the locally assigned Unique local
   addresses as defined in [ULA] and the centrally assigned local
   addresses defined in this document is that they are uniquely assigned
   and the assignments can be escrowed to resolve any disputes regarding
   duplicate assignments.

   It is expected that large managed sites will prefer central
   assignments and small or disconnected sites will prefer local
   assignments.  It is recommended that sites planning to use Local IPv6
   addresses for extensive inter-site communication, initially or as a
   future possibility, use a centrally assigned prefix as there is no
   possibility of assignment conflicts.  Sites are free to choose either
   approach.


3.2.1 Centrally Assigned Global IDs

   Centrally assigned global IDs MUST be generated with a pseudo-random
   algorithm consistent with [RANDOM].  They should not be assigned
   sequentially or by locality.  This is to ensure that there is no
   relationship between allocations and to help clarify that these
   prefixes are not intended to be routed globally by eliminating the
   possibility of aggregation.  Specifically, these prefixes are
   designed to not aggregate.

   Global IDs should be assigned under the authority of a single



draft-ietf-ipv6-ULA-central-00.txt                              [Page 4]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


   allocation organization because they are pseudo-random and without
   any structure.  This is easiest to accomplish if there is a single
   authority for the assignments.

   The requirements for centrally assigned global ID allocations are:

      - Available to anyone in an unbiased manner.
      - Permanent with no periodic fees.
      - Allocation on a permanent basis, without any need for renewal
        and without any procedure for de-allocation.
      - Provide mechanisms that prevent hoarding of these allocations.
      - The ownership of each individual allocation should be private,
        but should be escrowed.

   The allocation authority should permit allocations to be obtained
   without having any sort of Internet connectivity.  For example in
   addition to web based registration they should support some methods
   like telephone, postal mail, fax, etc.

   The allocation service should include sufficient provisions to avoid
   hoarding of numbers.  This can be accomplished by various ways, for
   example, requiring an exchange of documents, a verbal contact, or a
   proof that the request is on behalf of a human rather than a machine.
   The service may charge a small fee in order to cover its costs, but
   the fee should be low enough to not create a barrier to anyone
   needing one.  The precise mechanisms should be decided by the
   registration authority.

   The ownership of the allocations is not needed to be public since the
   resulting addresses are intended to be used for local communication.
   It is escrowed to ensure there are no duplicate allocations and in
   case it is needed in the future (e.g., to resolve duplicate
   allocation disputes, or to support a change of the central allocation
   authority).

   Note, there are many possible ways of of creating an allocation
   authority.  It is important to keep in mind when reviewing
   alternatives that the goal is to pick one that can do the job.  It
   doesn't have to be perfect, only good enough to do the job at hand.

   This document directs the IANA, in section 5.0, to delegate the
   FC00::/8 prefix to an allocation authority to allocate centrally
   assigned /48 prefixes consistent with the requirements defined in
   this section.







draft-ietf-ipv6-ULA-central-00.txt                              [Page 5]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


3.2.2  Sample Code for Pseudo-Random Global ID Algorithm

   The algorithm described below is intended to be used for centrally
   assigned Global IDs.  In each case the resulting global ID will be
   used in the appropriate prefix as defined in section 3.2.

     1) Obtain the current time of day in 64-bit NTP format [NTP].
     2) Obtain an EUI-64 identifier from the system running this
        algorithm.  If an EUI-64 does not exist, one can be created from
        a 48-bit MAC address as specified in [ADDARCH].  If an EUI-64
        cannot be obtained or created, a suitably unique identifier,
        local to the node, should be used (e.g. system serial number).
     3) Concatenate the time of day with the system-specific identifier
        creating a key.
     4) Compute an MD5 digest on the key as specified in [MD5DIG].
     5) Use the least significant 40 bits as the Global ID.
     6) Verify that the computed global ID is not in the escrow.  If it
        is, discard the value and rerun the algorithm.

   This algorithm will result in a global ID that is unique and can be
   used as a Global ID.


4.0 Security Considerations

   Local IPv6 addresses do not provide any inherent security to the
   nodes that use them.  They may be used with filters at site
   boundaries to keep Local IPv6 traffic inside of the site, but this is
   no more or less secure than filtering any other type of global IPv6
   unicast addresses.

   Local IPv6 addresses do allow for address-based security mechanisms,
   including IPSEC, across end to end VPN connections.


5.0 IANA Considerations

   The IANA is instructed to assign the FC00::/8 prefix for Centrally
   assigned Unique Local IPv6 unicast addresses.

   The IANA is instructed to delegate, within a reasonable time, the
   prefix FC00::/8 to an allocation authority for Unique Local IPv6
   Unicast prefixes of length /48.  This allocation authority shall
   comply with the requirements described in section 3.2 of this
   document, including in particular allocation on a permanent basis and
   with sufficient provisions to avoid hoarding of numbers.  If deemed
   appropriate, the authority may also consist of multiple organizations
   performing the authority duties.



draft-ietf-ipv6-ULA-central-00.txt                              [Page 6]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


6.0 References

6.1 Normative References

   [ADDARCH] Hinden, R., S. Deering, S., "IP Version 6 Addressing
             Architecture", RFC 3515, April 2003.

   [GLOBAL]  Hinden, R., S. Deering, E. Nordmark, "IPv6 Global Unicast
             Address Format", RFC 3587, August 2003.

   [ICMPV6]  Conta, A., S. Deering, "Internet Control Message Protocol
             (ICMPv6) for the Internet Protocol Version 6 (IPv6)
             Specification", RFC2463, December 1998.

   [IPV6]    Deering, S., R. Hinden, "Internet Protocol, Version 6
             (IPv6) Specification", RFC 2460, December 1998.

   [MD5DIG]  Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
             April 1992.

   [NTP]     Mills, David L., "Network Time Protocol (Version 3)
             Specification, Implementation and Analysis", RFC 1305,
             March 1992.

   [POPUL]   Population Reference Bureau, "World Population Data Sheet
             of the Population Reference Bureau 2002",  August 2002.

   [RANDOM]  Eastlake, D. 3rd, S. Crocker, J. Schiller, "Randomness
             Recommendations for Security", RFC 1750, December 1994.

   [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
             Requirement Levels", RFC 2119, BCP14, March 1997.

   [ULA]     Hinden, R., B. Haberman, "Unique Local IPv6 Unicast
             Addresses", Internet Draft <draft-ietf-ipv6-unique-local-
             addr-05.txt>, June  2004.


6.2 Informative References

   [ADDAUTO] Thomson, S., T. Narten, "IPv6 Stateless Address
             Autoconfiguration", RFC 2462, December 1998.

   [ADDSEL]  Draves, R., "Default Address Selection for Internet
             Protocol version 6 (IPv6)", RFC 3484, February 2003.






draft-ietf-ipv6-ULA-central-00.txt                              [Page 7]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


   [DHCP6]   Droms, R., et. al., "Dynamic Host Configuration Protocol
             for IPv6 (DHCPv6)", RFC3315, July 2003.

   [RTP]     Schulzrinne, H., S. Casner, R. Frederick, V. Jacobson,
             "RTP: A Transport Protocol for Real-Time Applications"
             RFC3550, July 2003.


7.0 Authors' Addresses

   Robert M. Hinden
   Nokia
   313 Fairchild Drive
   Mountain View, CA 94043
   USA

   phone: +1 650 625-2004
   email: bob.hinden@nokia.com


   Brian Haberman
   Caspian Networks
   1 Park Drive, Suite 300
   Research Triangle Park, NC  27709
   USA

   phone: +1-929-949-4828
   email: brian@innovationslab.net























draft-ietf-ipv6-ULA-central-00.txt                              [Page 8]


INTERNET-DRAFT   Centrally Assigned Local IPv6 Addresses       June 2004


8.0 Change Log

   Draft <draft-hinden-ipv6-global-local-addr-00.txt>

      o Initial Draft created from [ULA].  This draft defines the
        centrally assigned Local IPv6 addresses.













































draft-ietf-ipv6-ULA-central-00.txt                              [Page 9]