Internet Draft
Jaehoon Paul Jeong
ETRI
Soohong Daniel Park
SAMSUNG Electronics
Luc Beloeil
France Telecom R&D
Syam Madanapalli
SAMSUNG ISO
draft-jeong-dnsop-ipv6-dns-discovery-01.txt
Expires: August 2004 13 February 2004
IPv6 DNS Discovery based on Router Advertisement
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026 except that the right to
produce derivative works is not granted [1].
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress".
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document specifies the steps a node takes in deciding how to
autoconfigure the address of recursive DNS server for DNS name
resolution. The way of discovering recursive DNS server is based on
Router Advertisement message.
Conventions used in this document
Jeong, et al. Expires - August 2004 [Page 1]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [2].
Table of Contents
1. Terminology.....................................................2
2. Introduction....................................................2
3. Overview........................................................3
4. Neighbor Discovery Extension....................................3
4.1 DNS Server Option...........................................3
5. Procedure of DNS Discovery......................................4
6. Autoconfiguration of DNS Information............................5
6.1 DNS Server Cache Management.................................5
6.2 Synchronization between DNS Server Cache and Resolver File..6
6.3 DNS Resolution..............................................7
7. Applicability Statements........................................7
8. Open Issues.....................................................7
9. Security Considerations.........................................8
10. Changes from Previous Version of the Draft.....................8
11. Copyright......................................................8
12. Normative References...........................................9
13. Informative References.........................................9
14. Authors' Addresses............................................10
1. Terminology
This memo uses the terminology described in [3][4]. In addition,
three new terms are defined below:
Recursive DNS Server (RDNSS)
A Recursive DNS Server is a name server that offers the recursive
service of DNS name resolution.
DNS Server Cache
DNS Server Cache is a data structure for managing DNS Server
Information existing in IPv6 protocol stack in addition to
Neighbor Cache and Destination Cache for Neighbor Discovery [3].
Resolver File
Resolver File is a configuration file which DNS resolver on the
host uses for DNS name resolution, e.g., /etc/resolv.conf in UNIX.
2. Introduction
Jeong, et al. Expires - August 2004 [Page 2]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
IPv6 stateless address autoconfiguration provides a way to
autoconfigure either fixed or mobile nodes with one or more IPv6
addresses, default routes and some other parameters [3][4].
For the support of the various services in the Internet, such as web
service, not only the configuration of IP address for network
interface, but also that of at least one recursive DNS server for DNS
name resolution is necessary.
This document defines the process of DNS discovery based on IPv6
Router Advertisement (RA) to find out the address of recursive DNS
server within the local network.
3. Overview
An IPv6 host can autoconfigure DNS information via RA message sent
periodically by router. Namely, an IPv6 host can autoconfigure the
IPv6 address of RDNSS for DNS name resolution through DNS Server
option included in RA message.
4. Neighbor Discovery Extension
The DNS discovery mechanism in this document needs a new RA option in
Neighbor Discovery, DNS Server option.
4.1 DNS Server Option
DNS Server option contains the IPv6 address of the recursive DNS
server. When advertising more than one DNS Server option, an RA
message includes as many DNS Server options as DNS servers. Figure 1
shows the format of DNS Server option.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Pref | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ IPv6 Address of DNS Server +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Jeong, et al. Expires - August 2004 [Page 3]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
Figure 1. DNS Server Option Format
Fields:
Type 8-bit identifier of the option type (TBD: IANA)
Option Name Type
DNS Server (TBD)
Length 8-bit unsigned integer. The length of the
option (including the type and length fields)
in units of 8 octets SHOULD be 0x03 (3 x 8 = 24
octets).
Pref The preference of a DNS server. A 4 bit unsigned
integer. A decimal value of 15 indicates the
highest preference. A value of zero means
unspecified. The field can be used for load
balancing of DNS queries with multiple RDNSSes
according to local policy.
Lifetime 32-bit unsigned integer. The maximum time, in
seconds, over which this DNS server is used for
name resolution. Hosts should contact the source
of this information, router, before expiry of
this time interval. A value of all one bits
(0xffffffff) represents infinity. A value of
zero means that the DNS server must not be used
any more.
IPv6 Address of DNS Server
Recursive DNS Server's address for DNS name
resolution.
5. Procedure of DNS Discovery
IPv6 Host Router
| |
(a)|(-------------------------RS------------------------->)|
(b)|<------------------RA w/ DNS option(s)-----------------|
(c)| Processing of RA |
(d)| Stateless Address Autoconfiguration |
(e)| Stateless DNS Autoconfiguration |
(f)| (Stateful Address or DNS Autoconfiguration) |
Figure 2. Procedure of DNS Discovery
Jeong, et al. Expires - August 2004 [Page 4]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
Figure 2 shows the procedure of DNS Discovery on the basis of IPv6 RA
message. The procedure consists of the following steps.
Step (a) : IPv6 Host sends RS (Router Solicitation) message to get RA
message. It is optional.
Step (b) : For the RS message received from IPv6 Host, Router sends
RA message, which contains Prefix Information option for
stateless address autoconfiguration and DNS Server options
for DNS server's addresses.
Step (c) : If there are not any Prefix Information option and DNS
Server option in RA message, IPv6 Host goes to Step (f).
Step (d) : If there is Prefix Information option in RA message, IPv6
Host performs stateless address autoconfiguration based on
the prefix included in the option. If the auto-
configuration fails, IPv6 Host goes to Step (f).
Step (e) : If there is DNS Server option in RA message, IPv6 Host
stores the DNS server's address in its DNS Server Cache
and resolver configuration file.
Step (f) : If M (Managed address configuration) flag is set on, IPv6
Host MUST perform stateful address autoconfiguration
Through DHCPv6 [3-5]. If O (Other stateful configuration)
flag is set on, IPv6 Host MAY perform stateful DNS auto-
configuration through DHCPv6, too [3-5].
6. Autoconfiguration of DNS Information
The addresses of DNS servers are announced by DNS Server options in
RA message. These addresses can be used for recursive DNS service
providing DNS name resolution. The newly discovered DNS information,
i.e., RDNSS's address, is stored and managed in both DNS Server Cache
and Resolver File.
6.1 DNS Server Cache Management
DNS Discovery in this document needs a new DNS Server Cache in IPv6
protocol stack in addition to Neighbor Cache and Destination Cache
for Neighbor Discovery [3]. Each entry of DNS Server Cache consists
of DNS Server's IPv6 address, Preference, Expire-time, and Onsite-
flag as follows:
- DNS Server's IPv6 address:
DNS Server's IPv6 address indicates the recursive DNS server in
the site.
Jeong, et al. Expires - August 2004 [Page 5]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
- Preference:
Preference, delivered in DNS Server option, is used to give the
usage preference to the announced DNS servers; e.g., the value of
two of preference field may indicate a primary DNS server and that
of one a secondary one. Like this, this field can be
used for load balancing of DNS queries with multiple RDNSSes
within a autonomous site.
- Expire-time:
Lifetime, delivered in DNS Server option, is used to give the time
when this entry becomes invalid. Expire-time is set to the value
of Lifetime field of DNS Server option plus the current system
time. Whenever a new DNS Server option with the same address is
received, it is updated.
- Onsite-flag:
Onsite-flag is set on while Expire-time is less than the current
system time, namely this entry is valid. When Expire-time becomes
greater than the current system time, this flag is set to off.
When Expire-time becomes less than the current system time again
through a receipt of another DNS Server option, the flag is set on.
The entry of which Onsite-flag is off is not deleted immediately,
but used for DNS resolution in the site where IPv6 host is mobile
node and recursive DNS server is not provided. In such a site,
IPv6 host MAY use the DNS server of the previous site. To limit
the storage needed for the DNS Server Cache, a node may need to
garbage-collect old entries. However, care must be taken to
insure that sufficient space is always present to hold the working
set of active entries. Any LRU-based policy that only reclaims
entries that have expired should be adequate for garbage-
collecting unused entries [3]. For example, when the replacement
is necessary, IPv6 host can choose one of which Onsite-flag is off
and of which Expire-time is the least.
6.2 Synchronization between DNS Server Cache and Resolver File
When an IPv6 host receives the information of multiple RDNSSes within
a site through an RA message with DNS Server options, it stores the
RDNSS addresses in order into both DNS Server Cache and Resolver File.
The processing of the DNS Server option included in RA message is as
follows:
Step (a) : Receive and parse DNS Server options.
Step (b) : Arrange the addresses of RDNSSes in a descending order,
starting with the biggest value of "Pref" field of the
DNS Server option and store them in both DNS Server Cache
Jeong, et al. Expires - August 2004 [Page 6]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
and Resolver File. In the case where there are several
routers advertising DNS Server option(s) in a subnet,
"Pref" field is used to arrange the information.
Step (c) : For each DNS Server option, check the following: If the
value of "Pref" and "Lifetime" fields is set to zero,
delete the corresponding RDNSS entry from both DNS Server
Cache and Resolver File in order to let the RDNSS not used
any more for certain reason in network management, e.g.,
the breakdown of the DNS server and a renumbering
situation.
Step (d) : Delete each entry of which Onsite-flag is set off from DNS
Server Cache and the address of DNS server corresponding
to the entry from Resolver File. In mobile environments,
in order that a mobile node still uses a DNS server of the
previous site when the node moves into another site and no
DNS server is available there, it MAY be allowed to
maintain the entry of which Onsite-flag is off, not to
delete it from both DNS Server Cache and Resolver File.
The actual synchronization between the above two storages is
performed through a DNS API dependent on operating system. Whenever
DNS resolver should resolve a DNS name which is not cached in its
local DNS cache, it can use DNS servers listed in Resolver File,
which is synchronized with DNS Server Cache.
6.3 DNS Resolution
Whenever the resolver on the host performs the name resolution, it
refers to the address of RDNSS in order from the first RDNSS stored
in Resolver File.
7. Applicability Statements
RA-based DNS discovery is efficient in many kinds of wireless
networks where IPv6 address is autoconfigured by IPv6 stateless
address autoconfiguration, such as SOHO, home network, MIPv6
(especially, HMIPv6), NEMO and MANET connected to the Internet.
8. Open Issues
There might be some issues regarding RA-based DNS discovery as
follows:
o How to optimize bandwidth on the link?
o How to implement RA-based DNS discovery?
Jeong, et al. Expires - August 2004 [Page 7]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
o What about the use of "Pref" or "Lifetime" field?
o What about several routers on the same link advertising
distinct parameters, such as Prefix Information options and DNS
Server options? (Multihoming considerations)
o What about advertising DHCPv6 Server's address through RA message
as indirect DNS discovery? DHCP-lite or Stateless DHCP can be
considered together [6].
9. Security Considerations
This security is essentially related to Neighbor Discovery protocol
security [3].
If someone wants to hijack correct RS message, they could send an RA
message with incorrect DNS Server options to the host and they would
take incorrect RA message through the above mechanism, which is
unsafe processing. As described in [3], an IPv6 host can check the
validity of NDP messages. If the NDP message includes an IP
Authentication Header, the message can be authenticated. Security
issues regarding the Neighbor Discovery protocol are being discussed
in IETF SEND (Securing Neighbor Discovery) working group [7].
10. Changes from Previous Version of the Draft
This section briefly lists some of the major changes in this
draft relative to the previous version of this same draft,
draft-jeong-dnsop-ipv6-dns-discovery-00.txt:
- excluded DNS Zone Suffix Option.
- introduced DNS Server Cache in order to store the list of DNS
Server addresses in part of IPv6 Neighbor Discovery.
- clarified the use of M and O flag in RA message to explain the
cooperation between Stateless and Stateful Autoconfigurations.
11. Copyright
The following copyright notice is copied from RFC 2026 [Bradner,
1996], Section 10.4, and describes the applicable copyright for this
document.
Copyright (C) The Internet Society July 12, 2001. All Rights
Reserved.
Jeong, et al. Expires - August 2004 [Page 8]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assignees.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
12. Normative References
[1] Bradner, S., "The Internet Standards Process -- Revision 3", BCP
9, RFC 2026, October 1996.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[3] T. Narten, E. Nordmark and W. Simpson, "Neighbor Discovery for IP
version 6 (IPv6)", RFC 2461, December 1998.
[4] S. Thomson and T. Narten, "IPv6 Stateless Address
Autoconfiguration", RFC 2462, December 1998.
13. Informative References
[5] R. Droms et al., "Dynamic Host Configuration Protocol for IPv6
(DHCPv6)", RFC 3315, July 2003.
[6] R. Droms, "Stateless DHCP Service for IPv6", draft-ietf-dhc-
dhcpv6-stateless-04.txt, January 2004.
[7] J. Arkko et al., "SEcure Neighbor Discovery (SEND)", draft-ietf-
send-ndopt-03.txt, January 2004.
Jeong, et al. Expires - August 2004 [Page 9]
Internet-Draft IPv6 DNS Discovery based on RA February 2004
14. Authors' Addresses
Jaehoon Paul Jeong
ETRI / PEC
161 Gajong-Dong, Yusong-Gu
Daejon 305-350
Korea
Phone: +82-42-860-1664
EMail: paul@etri.re.kr
Soohong Daniel Park
Mobile Platform Laboratory,
SAMSUNG Electronics
Korea
Phone: +82-31-200-3728
EMail: soohong.park@samsung.com
Luc Beloeil
France Telecom R&D
42, rue des coutures
BP 6243
14066 CAEN Cedex 4
France
Phone: +33-02-3175-9391
EMail: luc.beloeil@francetelecom.com
Syam Madanapalli
Network Systems Division,
SAMSUNG India Software Operations
India
Phone: +91-80-555-0555
EMail: syam@samsung.com
Jeong, et al. Expires - August 2004 [Page 10]