RADIUS Option for the DHCPv6 Relay Agent
RFC 7037
Document | Type | RFC - Proposed Standard (October 2013; No errata) | |
---|---|---|---|
Authors | Leaf Yeh , Mohamed Boucadair | ||
Last updated | 2015-10-14 | ||
Stream | Internet Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Tomek Mrugalski | ||
Shepherd write-up | Show (last changed 2013-05-09) | ||
IESG | IESG state | RFC 7037 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Ted Lemon | ||
IESG note | Tomek Mrugalski (tomasz.mrugalski@gmail.com) is the document shepherd. | ||
Send notices to | (None) | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | RFC-Ed-Ack |
Internet Engineering Task Force (IETF) L. Yeh Request for Comments: 7037 Freelancer Technologies Category: Standards Track M. Boucadair ISSN: 2070-1721 France Telecom October 2013 RADIUS Option for the DHCPv6 Relay Agent Abstract The DHCPv6 RADIUS option provides a mechanism to exchange authorization and identification information between the DHCPv6 relay agent and DHCPv6 server. This architecture assumes that the Network Access Server (NAS) acts as both a DHCPv6 relay agent and RADIUS client. When receiving messages from the DHCPv6 clients, the NAS consults the RADIUS server and adds the RADIUS response when forwarding the DHCPv6 client's messages to the DHCPv6 server. The DHCPv6 server then uses that additional information to generate an appropriate response to the DHCPv6 client's requests. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7037. Yeh & Boucadair Standards Track [Page 1] RFC 7037 DHCPv6 RADIUS Option October 2013 Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology and Language . . . . . . . . . . . . . . . . . . 3 3. Network Scenarios . . . . . . . . . . . . . . . . . . . . . . 3 4. DHCPv6 RADIUS Option . . . . . . . . . . . . . . . . . . . . 6 4.1. RADIUS Attributes Permitted in DHCPv6 RADIUS Option . . . 7 5. DHCPv6 Relay Agent Behavior . . . . . . . . . . . . . . . . . 7 6. DHCPv6 Server Behavior . . . . . . . . . . . . . . . . . . . 7 7. DHCPv6 Client Behavior . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 11.1. Normative References . . . . . . . . . . . . . . . . . . 9 11.2. Informative References . . . . . . . . . . . . . . . . . 10 1. Introduction DHCPv6 provides a mechanism that allows the server to assign or delegate both stateful and stateless configuration parameters to clients. The stateful configuration parameters include IPv6 addresses [RFC3315] and IPv6 prefixes [RFC3633]. The stateless configuration parameters [RFC3736] include, for example, DNS [RFC3646], or a Fully Qualified Domain Name (FQDN) of an Address Family Transition Router (AFTR) [RFC6334]. In the scenarios described in this document, the DHCPv6 server is deployed in the central part of an ISP network. RADIUS [RFC2865] is widely used as the centralized authentication, authorization, and user management mechanism for service provision in a Broadband access network. [RFC3162], [RFC4818], [RFC6519], and [RFC6911] specify the attributes that support the service provision Yeh & Boucadair Standards Track [Page 2] RFC 7037 DHCPv6 RADIUS Option October 2013 for IPv6-only and IPv6-transition access. The RADIUS server authorizes the Network Access Server (NAS) to assign an IPv6 address or prefix from the indicated pool, or to assign an IPv6 address or prefix with an explicitly indicated value, and to indicate other configuration parameters as per the RADIUS attributes for the subscribers. When the NAS acts as the distributed DHCPv6 server and RADIUS client simultaneously, it communicates with the RADIUS server afterShow full document text