Network Working Group F. Templin, Ed.
Internet-Draft Boeing Research & Technology
Intended status: Standards Track January 11, 2021
Expires: July 15, 2021
The IPv6 Address-based DHCPv6 Unique Identifier (DUID-V6ADDR)
draft-templin-duid-ipv6-01
Abstract
This document defines a new DHCPv6 Unique Identifier (DUID) type
called DUID-V6ADDR that contains a single 128 bit IPv6 address.
DUID-V6ADDR makes it possible for devices to use suitably-derived
unique IPv6 addresses to identify themselves to DHCPv6 servers and/or
other network nodes.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 15, 2021.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Templin Expires July 15, 2021 [Page 1]
Internet-Draft DUID-V6ADDR January 2021
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. DUID-V6ADDR Format . . . . . . . . . . . . . . . . . . . . . 3
5. DUID-V6ADDR Uses . . . . . . . . . . . . . . . . . . . . . . 4
6. Relation to Other DUID Types . . . . . . . . . . . . . . . . 4
7. IPv6 Address Generation Method-Specific DUID Types . . . . . 5
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
9. Security Considerations . . . . . . . . . . . . . . . . . . . 5
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
11.1. Normative References . . . . . . . . . . . . . . . . . . 6
11.2. Informative References . . . . . . . . . . . . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction
DHCP Unique Identifiers (DUIDs) are used in DHCPv6 control messages
[RFC8415] to identify clients and servers (they may also be used in
other protocol messages that import the format such as IPv6 Neighbor
Discovery (IPv6 ND) [RFC4861]). This document defines a new DUID
type containing a single valid IPv6 address [RFC8200] that has been
suitably derived through some means to ensure uniqueness. The new
DUID type is termed DUID-V6ADDR.
Some methods of producing unique identifiers take care to ensure that
the identifier is included in a well-formed IPv6 address. For
example, the Host Identity Tag (HIT) [RFC7401][I-D.ietf-drip-rid] is
a valid IPv6 address and therefore occupies the same 128-bit space as
for any IPv6 address (in network byte order). Other IPv6 address
generation methods [RFC7721] also assert uniqueness. The only
distinction needed within the DUID space is therefore a new DUID type
value indicating the presence of a single IPv6 address.
DUID-V6ADDR allows devices to use suitably-derived IPv6 addresses to
identify themselves to DHCPv6 servers and vice versa. The DUID-
V6ADDR format makes no statement about the method used for generating
the IPv6 address, but its use in control messages asserts that the
address has been ensured unique through some unspecified means.
Valid IPv6 address types include any unicast/anycast Global Unicast
(GUA), Link-Local (LLA) or Unique-Local (ULA) address, with the
specific address type identified by the subnet prefix per the IPv6
addressing architecture [RFC4193][RFC4291]. The following sections
present the DUID-V6ADDR format and type designation.
Templin Expires July 15, 2021 [Page 2]
Internet-Draft DUID-V6ADDR January 2021
2. Terminology
IETF keywords appear in [RFC2119][RFC8174].
3. Background
In DHCPv6, clients identify themselves to servers via DHCP Unique
Identifiers (DUIDs) [RFC8415]. DUIDs are identifiers that DHCP
servers treat as opaque objects with no internal structure. DUIDs
are intended to be globally unique, with no two devices using the
same DUID.
Four DUIDs types have been defined previously:
DUID-LLT the Link-Layer address of one of the device's network
interfaces, concatenated with a timestamp.
DUID-EN an Enterprise Number plus additional information specific to
the enterprise.
DUID-LL the Link-Layer address of one of the device's network
interfaces.
DUID-UUID used in situations where there is a Universally Unique
IDentifier (UUID) stored in a device's firmware settings
[RFC6355].
This document specifies a fifth DUID type, known as DUID-V6ADDR and
identified by DUID-Type value TBD which distinguishes it from all
other types. (Note: The DUID Type value allocation policy per IANA
is "Standards Action".)
4. DUID-V6ADDR Format
The DUID-V6ADDR is carried within control messages. It has the
following format:
Templin Expires July 15, 2021 [Page 3]
Internet-Draft DUID-V6ADDR January 2021
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| DUID-Type (TBD) | IPv6 Address (128 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| |
| |
| -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Figure 1: DUID-V6ADDR Format
DUID-Type - DUID-V6ADDR (TBD) - (16 bits)
IPv6 Address - An IPv6 Address (128 bits)
5. DUID-V6ADDR Uses
The DUID-V6ADDR may appear in DHCPv6 and/or other protocol control
messages (such as IPv6 ND) within a service domain when a unique ID
based on an IPv6 address is required. Clients and servers include a
unique GUA/LLA/ULA as the IPv6 address according to the domain
service model, where GUAs are assumed globally unique while LLAs and
ULAs are assumed unique within the service domain but not necessarily
globally unique. If multiple nodes within the service domain include
the same GUA/LLA/ULA, the address assumes the properties of an
anycast address.
DUID-V6ADDR uses for IPv6 address types other than GUA/LLA/ULA are
out of scope.
6. Relation to Other DUID Types
DUID-V6ADDR differs in size, format and contents from DUID-LLT, DUID-
EN and DUID-LL. DUID-V6ADDR shares the same size and format as DUID-
UUID, however DUID-UUID includes a UUID which is by definition not an
IPv6 address. (A case could be considered for allowing the existing
DUID-UUID format to also include an IPv6 address (i.e., instead of a
UUID), however this would require a domain-wide observation of the
alternate use. It would further not be possible for software to
distinguish a UUID from an IPv6 address, since UUIDs by definition do
not honor the IPv6 addressing architecture.)
Templin Expires July 15, 2021 [Page 4]
Internet-Draft DUID-V6ADDR January 2021
7. IPv6 Address Generation Method-Specific DUID Types
An alternative to defining a generic DUID-V6ADDR type for all manners
of IPv6 addresses would be to define a specific DUID type for each
IPv6 address generation method. This would result in the assignment
of additional DUID type values as more and more IPv6 address
generation methods become standards.
While the DUID type value assigned number space is not a scarce
commodity, assigning a new DUID type value for each new IPv6 address
generation method as they become standards would require updates to
widely-deployed legacy systems that only care that a valid IPv6
address is included and do not need to know the address generation
method used.
It should also be noted that different unique IPv6 address generation
methods must presumably use a distinct IPv6 subnet prefix not shared
by other address generation methods in order to avoid duplication.
Hence, implementations that need to know the address generation
method used can examine the IPv6 address subnet prefix in the DUID-
V6ADDR in order to determine the address generation method.
8. IANA Considerations
IANA is requested to assign a value TBD in the 'dhcpv6-parameters'
registry for DUID-V6ADDR.
9. Security Considerations
DHCP and other control message traffic such as IPv6 ND are sent in
the clear. An eavesdropper residing on the path could therefore
examine the traffic and obtain the unique IPv6 address asserted by a
particular machine. This may raise some privacy issues but is not a
new issue brought on by the use of the DUID type defined in this
document.
10. Acknowledgements
This work is aligned with the NASA Safe Autonomous Systems Operation
(SASO) program under NASA contract number NNA16BD84C.
This work is aligned with the FAA as per the SE2025 contract number
DTFAWA-15-D-00030.
This work is aligned with the Boeing Commercial Airplanes (BCA)
Internet of Things (IoT) and autonomy programs.
Templin Expires July 15, 2021 [Page 5]
Internet-Draft DUID-V6ADDR January 2021
This work is aligned with the Boeing Information Technology (BIT)
MobileNet program.
11. References
11.1. Normative References
[I-D.ietf-drip-rid]
Moskowitz, R., Card, S., Wiethuechter, A., and A. Gurtov,
"UAS Remote ID", draft-ietf-drip-rid-06 (work in
progress), December 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005,
<https://www.rfc-editor.org/info/rfc4193>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, DOI 10.17487/RFC4291, February
2006, <https://www.rfc-editor.org/info/rfc4291>.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
DOI 10.17487/RFC4861, September 2007,
<https://www.rfc-editor.org/info/rfc4861>.
[RFC7401] Moskowitz, R., Ed., Heer, T., Jokela, P., and T.
Henderson, "Host Identity Protocol Version 2 (HIPv2)",
RFC 7401, DOI 10.17487/RFC7401, April 2015,
<https://www.rfc-editor.org/info/rfc7401>.
[RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy
Considerations for IPv6 Address Generation Mechanisms",
RFC 7721, DOI 10.17487/RFC7721, March 2016,
<https://www.rfc-editor.org/info/rfc7721>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", STD 86, RFC 8200,
DOI 10.17487/RFC8200, July 2017,
<https://www.rfc-editor.org/info/rfc8200>.
Templin Expires July 15, 2021 [Page 6]
Internet-Draft DUID-V6ADDR January 2021
[RFC8415] Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A.,
Richardson, M., Jiang, S., Lemon, T., and T. Winters,
"Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
RFC 8415, DOI 10.17487/RFC8415, November 2018,
<https://www.rfc-editor.org/info/rfc8415>.
11.2. Informative References
[RFC6355] Narten, T. and J. Johnson, "Definition of the UUID-Based
DHCPv6 Unique Identifier (DUID-UUID)", RFC 6355,
DOI 10.17487/RFC6355, August 2011,
<https://www.rfc-editor.org/info/rfc6355>.
Author's Address
Fred L. Templin (editor)
Boeing Research & Technology
P.O. Box 3707
Seattle, WA 98124
USA
Email: fltemplin@acm.org
Templin Expires July 15, 2021 [Page 7]
