datatracker.ietf.org
Sign in
Version 5.6.0.p2, 2014-07-08
Report a bug

RADIUS Option for the DHCPv6 Relay Agent
RFC 7037

Internet Engineering Task Force (IETF)                            L. Yeh
Request for Comments: 7037                       Freelancer Technologies
Category: Standards Track                                   M. Boucadair
ISSN: 2070-1721                                           France Telecom
                                                            October 2013

                RADIUS Option for the DHCPv6 Relay Agent

Abstract

   The DHCPv6 RADIUS option provides a mechanism to exchange
   authorization and identification information between the DHCPv6 relay
   agent and DHCPv6 server.  This architecture assumes that the Network
   Access Server (NAS) acts as both a DHCPv6 relay agent and RADIUS
   client.  When receiving messages from the DHCPv6 clients, the NAS
   consults the RADIUS server and adds the RADIUS response when
   forwarding the DHCPv6 client's messages to the DHCPv6 server.  The
   DHCPv6 server then uses that additional information to generate an
   appropriate response to the DHCPv6 client's requests.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7037.

Yeh & Boucadair              Standards Track                    [Page 1]
RFC 7037                  DHCPv6 RADIUS Option              October 2013

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology and Language  . . . . . . . . . . . . . . . . . .   3
   3.  Network Scenarios . . . . . . . . . . . . . . . . . . . . . .   3
   4.  DHCPv6 RADIUS Option  . . . . . . . . . . . . . . . . . . . .   6
     4.1.  RADIUS Attributes Permitted in DHCPv6 RADIUS Option . . .   7
   5.  DHCPv6 Relay Agent Behavior . . . . . . . . . . . . . . . . .   7
   6.  DHCPv6 Server Behavior  . . . . . . . . . . . . . . . . . . .   7
   7.  DHCPv6 Client Behavior  . . . . . . . . . . . . . . . . . . .   7
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   9.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   10. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   9
   11. References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     11.1.  Normative References . . . . . . . . . . . . . . . . . .   9
     11.2.  Informative References . . . . . . . . . . . . . . . . .  10

1.  Introduction

   DHCPv6 provides a mechanism that allows the server to assign or
   delegate both stateful and stateless configuration parameters to
   clients.  The stateful configuration parameters include IPv6
   addresses [RFC3315] and IPv6 prefixes [RFC3633].  The stateless
   configuration parameters [RFC3736] include, for example, DNS
   [RFC3646], or a Fully Qualified Domain Name (FQDN) of an Address
   Family Transition Router (AFTR) [RFC6334].  In the scenarios
   described in this document, the DHCPv6 server is deployed in the
   central part of an ISP network.

   RADIUS [RFC2865] is widely used as the centralized authentication,
   authorization, and user management mechanism for service provision in
   a Broadband access network.  [RFC3162], [RFC4818], [RFC6519], and
   [RFC6911] specify the attributes that support the service provision

Yeh & Boucadair              Standards Track                    [Page 2]
RFC 7037                  DHCPv6 RADIUS Option              October 2013

   for IPv6-only and IPv6-transition access.  The RADIUS server
   authorizes the Network Access Server (NAS) to assign an IPv6 address
   or prefix from the indicated pool, or to assign an IPv6 address or
   prefix with an explicitly indicated value, and to indicate other

[include full document text]