RADIUS Option for the DHCPv6 Relay Agent
RFC 7037
|
| Document |
Type |
|
RFC - Proposed Standard
(October 2013; No errata)
|
|
Last updated |
|
2015-10-14
|
|
Stream |
|
IETF
|
|
Formats |
|
plain text
pdf
htmlized
bibtex
|
|
Reviews |
|
|
| Stream |
WG state
|
|
Submitted to IESG for Publication
|
|
Document shepherd |
|
Tomek Mrugalski
|
|
Shepherd write-up |
|
Show
(last changed 2013-05-09)
|
| IESG |
IESG state |
|
RFC 7037 (Proposed Standard)
|
|
Consensus Boilerplate |
|
Unknown
|
|
Telechat date |
|
|
|
Responsible AD |
|
Ted Lemon
|
|
IESG note |
|
Tomek Mrugalski (tomasz.mrugalski@gmail.com) is the document shepherd.
|
|
Send notices to |
|
(None)
|
| IANA |
IANA review state |
|
Version Changed - Review Needed
|
|
IANA action state |
|
RFC-Ed-Ack
|
Internet Engineering Task Force (IETF) L. Yeh
Request for Comments: 7037 Freelancer Technologies
Category: Standards Track M. Boucadair
ISSN: 2070-1721 France Telecom
October 2013
RADIUS Option for the DHCPv6 Relay Agent
Abstract
The DHCPv6 RADIUS option provides a mechanism to exchange
authorization and identification information between the DHCPv6 relay
agent and DHCPv6 server. This architecture assumes that the Network
Access Server (NAS) acts as both a DHCPv6 relay agent and RADIUS
client. When receiving messages from the DHCPv6 clients, the NAS
consults the RADIUS server and adds the RADIUS response when
forwarding the DHCPv6 client's messages to the DHCPv6 server. The
DHCPv6 server then uses that additional information to generate an
appropriate response to the DHCPv6 client's requests.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7037.
Yeh & Boucadair Standards Track [Page 1]
RFC 7037 DHCPv6 RADIUS Option October 2013
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology and Language . . . . . . . . . . . . . . . . . . 3
3. Network Scenarios . . . . . . . . . . . . . . . . . . . . . . 3
4. DHCPv6 RADIUS Option . . . . . . . . . . . . . . . . . . . . 6
4.1. RADIUS Attributes Permitted in DHCPv6 RADIUS Option . . . 7
5. DHCPv6 Relay Agent Behavior . . . . . . . . . . . . . . . . . 7
6. DHCPv6 Server Behavior . . . . . . . . . . . . . . . . . . . 7
7. DHCPv6 Client Behavior . . . . . . . . . . . . . . . . . . . 7
8. Security Considerations . . . . . . . . . . . . . . . . . . . 8
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
11.1. Normative References . . . . . . . . . . . . . . . . . . 9
11.2. Informative References . . . . . . . . . . . . . . . . . 10
1. Introduction
DHCPv6 provides a mechanism that allows the server to assign or
delegate both stateful and stateless configuration parameters to
clients. The stateful configuration parameters include IPv6
addresses [RFC3315] and IPv6 prefixes [RFC3633]. The stateless
configuration parameters [RFC3736] include, for example, DNS
[RFC3646], or a Fully Qualified Domain Name (FQDN) of an Address
Family Transition Router (AFTR) [RFC6334]. In the scenarios
described in this document, the DHCPv6 server is deployed in the
central part of an ISP network.
RADIUS [RFC2865] is widely used as the centralized authentication,
authorization, and user management mechanism for service provision in
a Broadband access network. [RFC3162], [RFC4818], [RFC6519], and
[RFC6911] specify the attributes that support the service provision
Yeh & Boucadair Standards Track [Page 2]
RFC 7037 DHCPv6 RADIUS Option October 2013
for IPv6-only and IPv6-transition access. The RADIUS server
authorizes the Network Access Server (NAS) to assign an IPv6 address
or prefix from the indicated pool, or to assign an IPv6 address or
prefix with an explicitly indicated value, and to indicate other
configuration parameters as per the RADIUS attributes for the
subscribers.
When the NAS acts as the distributed DHCPv6 server and RADIUS client
simultaneously, it communicates with the RADIUS server after
Show full document text