[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 RFC 3633

DHC Working Group                                               O. Troan
Internet-Draft                                                  R. Droms
Expires: April 6, 2004                                     Cisco Systems
                                                         October 7, 2003


                     IPv6 Prefix Options for DHCPv6
           draft-ietf-dhc-dhcpv6-opt-prefix-delegation-05.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on April 6, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2003). All Rights Reserved.

Abstract

   The Prefix Delegation options provide a mechanism for automated
   delegation of IPv6 prefixes using DHCP. This mechanism is intended
   for delegating a long-lived prefix from a delegating router to a
   requesting router, across an administrative boundary, where the
   delegating router does not require knowledge about the topology of
   the links in the network to which the prefixes will be assigned.









Troan & Droms            Expires April 6, 2004                  [Page 1]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


Table of Contents

   1.   Introduction . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.   DHCPv6 specification dependency  . . . . . . . . . . . . . .   3
   3.   Terminology  . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.   Requirements . . . . . . . . . . . . . . . . . . . . . . . .   4
   5.   Model and Applicability  . . . . . . . . . . . . . . . . . .   4
   5.1  Example network architecture . . . . . . . . . . . . . . . .   5
   6.   Identity Association for Prefix Delegation . . . . . . . . .   6
   7.   Overview of DHCP with Prefix Delegation  . . . . . . . . . .   7
   8.   Interface Selection  . . . . . . . . . . . . . . . . . . . .   7
   9.   Identity Association for Prefix Delegation Option  . . . . .   8
   10.  IA_PD Prefix option  . . . . . . . . . . . . . . . . . . . .  10
   11.  Delegating Router Solicitation . . . . . . . . . . . . . . .  11
   11.1 Requesting router behaviour  . . . . . . . . . . . . . . . .  11
   11.2 Delegating router behaviour  . . . . . . . . . . . . . . . .  12
   12.  Requesting router initiated prefix delegation  . . . . . . .  12
   12.1 Requesting router behaviour  . . . . . . . . . . . . . . . .  13
   12.2 Delegating Router behaviour  . . . . . . . . . . . . . . . .  14
   13.  Prefix Delegation reconfiguration  . . . . . . . . . . . . .  15
   13.1 Delegating Router behaviour  . . . . . . . . . . . . . . . .  15
   13.2 Requesting Router behaviour  . . . . . . . . . . . . . . . .  16
   14.  Relay agent behaviour  . . . . . . . . . . . . . . . . . . .  16
   15.  Security Considerations  . . . . . . . . . . . . . . . . . .  16
   16.  IANA Considerations  . . . . . . . . . . . . . . . . . . . .  17
   17.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . .  17
        Normative References . . . . . . . . . . . . . . . . . . . .  17
        Informative References . . . . . . . . . . . . . . . . . . .  18
        Authors' Addresses . . . . . . . . . . . . . . . . . . . . .  18
        Intellectual Property and Copyright Statements . . . . . . .  19





















Troan & Droms            Expires April 6, 2004                  [Page 2]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


1. Introduction

   This document describes new options for DHCP that provide a mechanism
   for the delegation of IPv6 prefixes [1]. Through these options, a
   delegating router can delegate prefixes to authorised requesting
   routers.

   The prefix delegation mechanism described in this document is
   intended for simple delegation of prefixes from a delegating router
   to requesting routers. It is appropriate for situations in which the
   delegating router does not have knowledge about the topology of the
   networks to which the requesting router is attached, and the
   delegating router does not require other information aside from the
   identity of the requesting router to choose a prefix for delegation.
   For example, these options would be used by a service provider to
   assign a prefix to a CPE device acting as a router between the
   subscriber's internal network and the service provider's core
   network.

   Many applications expect stable addresses. Even though this mechanism
   makes automatic renumbering easier, it is expected that prefixes have
   a long lifespan. During renumbering it is expected that the old and
   the new prefix co-exist for some time.

   The design of this prefix delegation mechanism meets the requirements
   for prefix delegation in Requirements for IPv6 prefix delegation [6].

   Note that this use of DHCP is not bound to the assignment of IP
   addresses or other configuration information to hosts, and that no
   mechanism is currently available to communicate delegated prefixes to
   a DHCP server that serves such a function. This may be an item of
   future work, should usage warrant.

2. DHCPv6 specification dependency

   This document describes new DHCPv6 options for IPv6 prefix
   delegation.  This document should be read in conjunction with the
   DHCPv6 specification, RFC 3315 [2], for a complete specification of
   the Prefix Delegation options and mechanism. Definitions for terms
   and acronyms not specifically defined in this document are defined in
   RFC 3315.

3. Terminology

   This document uses the terminology defined in RFC2460 [1] and
   RFC3315. In addition, this document uses the following terms:





Troan & Droms            Expires April 6, 2004                  [Page 3]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   requesting router:  The router that acts as a DHCP client and is
                       requesting prefix(es) to be assigned.

   delegating router:  The router that acts as a DHCP server, and is
                       responding to the prefix request.

   Identity Association for Prefix Delegation (IA_PD): A collection of
                       prefixes assigned to the requesting router.  Each
                       IA_PD has an associated IAID. A requesting router
                       may have more than one IA_PD assigned to it; for
                       example, one for each of its interfaces.


4. Requirements

   The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
   SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
   document, are to be interpreted as described in RFC 2119 [3].

5. Model and Applicability

   The model of operation for prefix delegation is as follows. A
   delegating router is provided IPv6 prefixes to be delegated to
   requesting routers. Examples of ways in which the delegating router
   may be provided these prefixes are given in Section 12.2. A
   requesting router requests prefix(es) from the delegating router, as
   described in Section 12.1. The delegating router chooses prefix(es)
   for delegation, and responds with prefix(es) to the requesting
   router. The requesting router is then responsible for the delegated
   prefix(es). For example, the requesting router might assign a subnet
   from a delegated prefix to one of its interfaces, and begin sending
   router advertisements for the prefix on that link.

   Each prefix has an associated valid and preferred lifetime, which
   constitutes an agreement about the length of time over which the
   requesting router is allowed to use the prefix. A requesting router
   can request an extension of the lifetimes on a delegated prefix and
   is required to terminate the use of a delegated prefix if the valid
   lifetime of the prefix expires.

   This prefix delegation mechanism would be appropriate for use by an
   ISP to delegate a prefix to a subscriber, where the delegated prefix
   would possibly be subnetted and assigned to the links within the
   subscriber's network.







Troan & Droms            Expires April 6, 2004                  [Page 4]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


5.1 Example network architecture

   Figure 1 illustrates a network architecture in which prefix
   delegation could be used.

                     ______________________                 \
                    /                      \                 \
                   |    ISP core network    |                 \
                    \__________ ___________/                   |
                               |                               |
                       +-------+-------+                       |
                       |  Aggregation  |                       | ISP
                       |    device     |                       | network
                       |  (delegating  |                       |
                       |    router)    |                       |
                       +-------+-------+                       |
                               |                              /
                               |DSL to subscriber            /
                               |premises                    /
                               |
                        +------+------+                     \
                        |     CPE     |                      \
                        | (requesting |                       \
                        |   router)   |                        |
                        +----+---+----+                        |
                             |   |                             | Subscriber
      ---+-------------+-----+- -+-----+-------------+---      | network
         |             |               |             |         |
    +----+-----+ +-----+----+     +----+-----+ +-----+----+    |
    |Subscriber| |Subscriber|     |Subscriber| |Subscriber|   /
    |    PC    | |    PC    |     |    PC    | |    PC    |  /
    +----------+ +----------+     +----------+ +----------+ /

   Figure 1: An example of prefix delegation.

                                Figure 1

   In this example the delegating router is configured with a set of
   prefixes to be used for assignment to customers at the time of each
   customer's first connection to the ISP service. The prefix delegation
   process begins when the requesting router requests configuration
   information through DHCP. The DHCP messages from the requesting
   router are received by the delegating router in the aggregation
   device. When the delegating router receives the request, it selects
   an available prefi or prefixes for delegation to the requesting
   router. The delegating router then returns the prefix or prefixes to
   the requesting router.




Troan & Droms            Expires April 6, 2004                  [Page 5]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   The requesting router subnets the delegated prefix and assigns the
   longer prefixes to links in the subscriber's network. In a typical
   scenario based on the network shown in Figure 1, the requesting
   router subnets a single delegated /48 prefix into /64 prefixes and
   assigns one /64 prefix to each of the links in the subscriber
   network.

   The prefix delegation options can be used in conjunction with other
   DHCP options carrying other configuration information to the
   requesting router. The requesting router may, in turn, then provide
   DHCP service to hosts attached to the internal network. For example,
   the requesting router may obtain the addresses of DNS and NTP servers
   from the ISP delegating router, and then pass that configuration
   information on to the subscriber hosts through a DHCP server in the
   requesting router.

6. Identity Association for Prefix Delegation

   An IA_PD is a construct through which a delegating router and a
   requesting router can identify, group and manage a set of related
   IPv6 prefixes. Each IA_PD consists of an IAID and associated
   configuration information. An IA_PD for prefixes is the equivalent of
   an IA (described in RFC 3315) for addresses.

   An IA_PD is different from an IA, in that it does not need to be
   associated with exactly one interface. One IA_PD can be associated
   with the requesting router, with a set of interfaces or with exactly
   one interface. A requesting router must create at least one distinct
   IA_PD. It may associate a distinct IA_PD with each of its downstream
   network interfaces and use that IA_PD to obtain a prefix for that
   interface from the delegating router.

   The IAID uniquely identifies the IA_PD and must be chosen to be
   unique among the IA_PD IAIDs on the requesting router. The IAID is
   chosen by the requesting router. For any given use of an IA_PD by the
   requesting router, the IAID for that IA_PD MUST be consistent across
   restarts of the requesting router. The requesting router may maintain
   consistency either by storing the IAID in non-volatile storage or by
   using an algorithm that will consistently produce the same IAID as
   long as the configuration of the requesting router has not changed.
   If the requesting router uses only one IAID, it can use a well-known
   value, e.g zero.

   The configuration information in an IA_PD consists of one or more
   IPv6 prefixes along with the times T1 and T2 for the IA_PD. See
   section Section 9 for the representation of an IA_PD in a DHCP
   message.




Troan & Droms            Expires April 6, 2004                  [Page 6]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


7. Overview of DHCP with Prefix Delegation

   Prefix delegation with DHCP is independent of address assignment with
   DHCP. A requesting router can use DHCP for just prefix delegation or
   for prefix delegation along with address assignment and other
   configuration information.

   A requesting router first creates an IA_PD and assigns it an IAID.
   The requesting router then transmits a Solicit message containing an
   IA_PD option describing the IA_PD. Delegating routers that can
   delegate prefixes to the IA_PD respond to the requesting router with
   an Advertise message.

   The requesting router may include prefixes in the IA_PDs as a hint to
   the delegating router about specific prefixes for which the
   requesting router has a preference.

   When the requesting router has identified a delegating router, the
   requesting router uses a Request message to populate the IA_PDs with
   prefixes. The requesting router includes one or more IA_PD options in
   the Request message. The delegating router returns prefixes and other
   information about the IA_PDs to the requesting router in IA_PD
   options in a Reply message. The requesting router records the
   lifetimes for the delegated prefix(es) and uses the prefix(es) as
   described in the previous section.

   Before the valid lifetime on each delegated prefix expires, the
   requesting router includes the prefix in an IA_PD option sent in a
   Renew message to the delegating router. The delegating router
   responds by returning the prefix with updated lifetimes to the
   requesting router.

8. Interface Selection

   Delegated prefixes are not associated with a particular interface in
   the same way as addresses are for address assignment, and the rules
   described in the section "Client Source Address and Interface
   Selection" of RFC 3315 do not apply.

   When a requesting router sends a DHCP message, it SHOULD be sent on
   the interface associated with the upstream router (ISP network). The
   upstream interface is typically determined by configuration. This
   rule applies even in the case where a separate IA_PD is used for each
   downstream interface.

   When a requesting router sends a DHCP message directly to a
   delegating router using unicast (after receiving the Server Unicast
   option from that delegating router), the source address SHOULD be an



Troan & Droms            Expires April 6, 2004                  [Page 7]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   address from the upstream interface and which is suitable for use by
   the delegating router in responding to the requesting router.

9. Identity Association for Prefix Delegation Option

   The IA_PD option is used to carry a prefix delegation identity
   association, the parameters associated with the IA_PD and the
   prefixes associated with it.

   The format of the IA_PD option is:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |         OPTION_IA_PD          |         option-length         |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                         IAID (4 octets)                       |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                              T1                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                              T2                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    .                                                               .
    .                          IA_PD-options                        .
    .                                                               .
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


   option-code:      OPTION_IA_PD (TBD)

   option-length:    12 + length of IA_PD-options field.

   IAID:             The unique identifier for this IA_PD; the IAID must
                     be unique among the identifiers for all of this
                     requesting router's IA_PDs.

   T1:               The time at which the requesting router should
                     contact the delegating router from which the
                     prefixes in the IA_PD were obtained to extend the
                     lifetimes of the prefixes delegated to the IA_PD;
                     T1 is a time duration relative to the current time
                     expressed in units of seconds.

   T2:               The time at which the requesting router should
                     contact any available delegating router to extend
                     the lifetimes of the prefixes assigned to the
                     IA_PD; T2 is a time duration relative to the
                     current time expressed in units of seconds.



Troan & Droms            Expires April 6, 2004                  [Page 8]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   IA_PD-options:    Options associated with this IA_PD.

   The IA_PD-options field encapsulates those options that are specific
   to this IA_PD. For example, all of the IA_PD Prefix Options carrying
   the prefixes associated with this IA_PD are in the IA_PD-options
   field.

   An IA_PD option may only appear in the options area of a DHCP
   message. A DHCP message may contain multiple IA_PD options.

   The status of any operations involving this IA_PD is indicated in a
   Status Code option in the IA_PD-options field.

   Note that an IA_PD has no explicit "lifetime" or "lease length" of
   its own. When the valid lifetimes of all of the prefixes in a IA_PD
   have expired, the IA_PD can be considered as having expired. T1 and
   T2 are included to give delegating routers explicit control over when
   a requesting router should contact the delegating router about a
   specific IA_PD.

   In a message sent by a requesting router to a delegating router,
   values in the T1 and T2 fields indicate the requesting router's
   preference for those parameters. The requesting router sets T1 and T2
   to zero if it has no preference for those values. In a message sent
   by a delegating router to a requesting router, the requesting router
   MUST use the values in the T1 and T2 fields for the T1 and T2
   parameters. The values in the T1 and T2 fields are the number of
   seconds until T1 and T2.

   The delegating router selects the T1 and T2 times to allow the
   requesting router to extend the lifetimes of any prefixes in the
   IA_PD before the lifetimes expire, even if the delegating router is
   unavailable for some short period of time. Recommended values for T1
   and T2 are .5 and .8 times the shortest preferred lifetime of the
   prefixes in the IA_PD that the delegating router is willing to
   extend, respectively. If the time at which the prefixes in an IA_PD
   are to be renewed is to be left to the discretion of the requesting
   router, the delegating router sets T1 and T2 to 0.

   If a delegating router receives an IA_PD with T1 greater than T2, and
   both T1 and T2 are greater than 0, the delegating router ignores the
   invalid values of T1 and T2 and processes the IA_PD as though the
   delegating router had set T1 and T2 to 0.

   If a requesting router receives an IA_PD with T1 greater than T2, and
   both T1 and T2 are greater than 0, the client discards the IA_PD
   option and processes the remainder of the message as though the
   delegating router had not included the IA_PD option.



Troan & Droms            Expires April 6, 2004                  [Page 9]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


10. IA_PD Prefix option

   The IA_PD Prefix option is used to specify IPv6 address prefixes
   associated with an IA_PD. The IA_PD Prefix option must be
   encapsulated in the IA_PD-options field of an IA_PD option.

   The format of the IA_PD Prefix option is:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |        OPTION_IAPREFIX        |         option-length         |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                      preferred-lifetime                       |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                        valid-lifetime                         |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | prefix-length |                                               |
    +-+-+-+-+-+-+-+-+          IPv6 prefix                          |
    |                           (16 octets)                         |
    |                                                               |
    |                                                               |
    |                                                               |
    |               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |               |                                               .
    +-+-+-+-+-+-+-+-+                                               .
    .                       IAprefix-options                        .
    .                                                               .
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


   option-code:      OPTION_IAPREFIX (TBD)

   option-length:    25 + length of IAprefix-options field

   preferred-lifetime: The recommended preferred lifetime for the IPv6
                     prefix in the option, expressed in units of
                     seconds. A value of 0xFFFFFFFF represents infinity.

   valid-lifetime:   The valid lifetime for the IPv6 prefix in the
                     option, expressed in units of seconds. A value of
                     0xFFFFFFFF represents infinity.

   prefix-length:    Length for this prefix in bits

   IPv6-prefix:      An IPv6 prefix





Troan & Droms            Expires April 6, 2004                 [Page 10]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   IAprefix-options: Options associated with this prefix

   In a message sent by a requesting router to a delegating router, the
   values in the fields can be used to indicate the requesting router's
   preference for those values. The requesting router may send a value
   of zero to indicate no preference. A requesting router may set the
   IPv6 prefix field to zero and a given value in the prefix-length
   field to indicate a preference for the size of the prefix to be
   delegated.

   In a message sent by a delegating router the preferred and valid
   lifetimes should be set to the values of AdvPreferredLifetime and
   AdvValidLifetime as specified in section "Router Configuration
   Variables" of RFC2461 [4], unless administratively configured.

   A requesting router discards any prefixes for which the preferred
   lifetime is greater than the valid lifetime. A delegating router
   ignores the lifetimes set by the requesting router if the preferred
   lifetime is greater than the valid lifetime and ignores the values
   for T1 and T2 set by the requesting router if those values are
   greater than the preferred lifetime.

   The values in the preferred and valid lifetimes are the number of
   seconds remaining for each lifetime.

   An IA_PD Prefix option may appear only in an IA_PD option. More than
   one IA_PD Prefix Option can appear in a single IA_PD option.

   The status of any operations involving this IA_PD Prefix option is
   indicated in a Status Code option in the IAprefix-options field.

11. Delegating Router Solicitation

   The requesting router locates and selects a delegating router in the
   same way as described in section "DHCP Server Solicitation" of RFC
   3315. The details of the solicitation process are described in this
   section.

11.1 Requesting router behaviour

   The requesting router creates and transmits a Solicit message as
   described in sections "Creation of Solicit Messages" and
   "Transmission of Solicit Messages" of RFC 3315. The requesting router
   creates an IA_PD and assigns it an IAID. The requesting router MUST
   include the IA_PD option in the Solicit message.

   The requesting router processes any received Advertise messages as
   described in section "Receipt of Advertise Messages" of RFC 3315. The



Troan & Droms            Expires April 6, 2004                 [Page 11]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   requesting router MAY choose to consider the presence of advertised
   prefixes in its decision about which delegating router to respond to.

   The requesting router MUST ignore any Advertise message that includes
   a Status Code option containing the value NoPrefixAvail, with the
   exception that the requesting router MAY display the associated
   status message to the user.

11.2 Delegating router behaviour

   The delegating router processes Solicit messages from requesting
   routers in the same way as described in section "Receipt of Solicit
   messages" of RFC 3315. If the message contains an IA_PD option and
   the delegating router is configured to delegate prefix(es) to the
   requesting router, the delegating router selects the prefix(es) to be
   delegated to the requesting router. The mechanism through which the
   delegating router selects prefix(es) for delegation is not specified
   in this document. Examples of ways in which the delegating router
   might select prefix(es) for a requesting router include: static
   assignment based on subscription to an ISP; dynamic assignment from a
   pool of available prefixes; selection based on an external authority
   such as a RADIUS server using the Framed-IPv6-Prefix option as
   described in RFC 3162 [5].

   If the requesting router includes an IA_PD Prefix option in the IA_PD
   option in its Solicit message, the delegating router MAY choose to
   use the information in that option to select the prefix(es) or prefix
   size to be delegated to the requesting router.

   The delegating router sends an Advertise message to the requesting
   router in the same way as described in section "Creation and
   transmission of Advertise messages" of RFC 3315. The delegating
   router MUST include an IA_PD option, identifying any prefix(es) that
   the delegating router will delegate to the requesting router.

   If the delegating router will not assign any prefixes to any IA_PDs
   in a subsequent Request from the requesting router, the delegating
   router MUST send an Advertise message to the requesting router that
   includes the IA_PD with no prefixes in the IA_PD and a Status Code
   option in the IA_PD containing status code NoPrefixAvail and a status
   message for the user, a Server Identifier option with the delegating
   router's DUID and a Client Identifier option with the requesting
   router's DUID.

12. Requesting router initiated prefix delegation

   A requesting router uses the same message exchanges as described in
   section "DHCP Client-Initiated Configuration Exchange" of RFC 3315 to



Troan & Droms            Expires April 6, 2004                 [Page 12]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   obtain or update prefix(es) from a delegating router. The requesting
   router and the delegating router use the IA_PD Prefix option to
   exchange information about prefix(es) in much the same way IA Address
   options are used for assigned addresses.

12.1 Requesting router behaviour

   The requesting router uses a Request message to populate IA_PDs with
   prefixes. The requesting router includes one or more IA_PD options in
   the Request message. The delegating router then returns the prefixes
   for the IA_PDs to the requesting router in IA_PD options in a Reply
   message.

   The requesting router includes IA_PD options in any Renew, or Rebind
   messages sent by the requesting router. The IA_PD option includes all
   of the prefixes the requesting router currently has associated with
   that IA_PD.

   In some circumstances the requesting router may need verification
   that the delegating router still has a valid binding for the
   requesting router. Examples of times when a requesting router may ask
   for such verification include:

   o  The requesting router reboots.

   o  The requesting router's upstream link flaps.

   o  The requesting router is physically disconnected from a wired
      connection.

   If such verification is needed the requesting router MUST initiate a
   Rebind/Reply message exchange as described in the section "Creation
   and Transmission of Rebind Messages" of RFC 3315, with the exception
   that the retransmission parameters should be set as for the Confirm
   message, described in the section "Creation and Transmission of
   Confirm Messages" of RFC 3315. The requesting router includes any
   IA_PDs, along with prefixes associated with those IA_PDs in its
   Rebind message.

   Each prefix has valid and preferred lifetimes whose durations are
   specified in the IA_PD Prefix option for that prefix. The requesting
   router uses Renew and Rebind messages to request the extension of the
   lifetimes of a delegated prefix.

   The requesting router uses a Release message to return a delegated
   prefix to a delegating router. The prefixes to be released MUST be
   included in the IA_PDs.




Troan & Droms            Expires April 6, 2004                 [Page 13]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   The Confirm and Decline message types are not used with Prefix
   Delegation.

   Upon the receipt of a valid Reply message, for each IA_PD the
   requesting router assigns a subnet from each of the delegated
   prefixes to each of the links to which the associated interfaces are
   attached, with the following exception: the requesting router MUST
   NOT assign any delegated prefixes or subnets from the delegated
   prefix(es) to the link through which it received the DHCP message
   from the delegating router.

   When a requesting router subnets a delegated prefix, it must assign
   additional bits to the prefix to generate unique, longer prefixes.
   For example, if the requesting router in Figure 1 were delegated
   3FFE:FFFF:0::/48, it might generate 3FFE:FFFF:0:1::/64 and
   3FFE:FFFF:0:2::/64 for assignment to the two links in the subscriber
   network.  If the requesting router were delegated 3FFE:FFFF:0::/48
   and 3FFE:FFFF:5::/48, it might assign 3FFE:FFFF:0:1::/64 and
   3FFE:FFFF:5:1::/64 to one of the links, and 3FFE:FFFF:0:2::/64 and
   3FFE:FFFF:5:2::/64 for assignment to the other link.

   If the requesting router assigns a delegated prefix to a link to
   which the router is attached, and begins to send router
   advertisements for the prefix on the link, the requesting router MUST
   set the valid lifetime in those advertisements to be no later than
   the valid lifetime specified in the IA_PD Prefix option. A requesting
   router MAY use the preferred lifetime specified in the IA_PD Prefix
   option.

   Handling of Status Codes options in received Reply messages is
   described in "Receipt of Reply Messages" of RFC 3315. The
   NoPrefixAvail Status Code is handled in the same manner as the
   NoAddrsAvail Status Code.

12.2 Delegating Router behaviour

   When a delegating router receives a Request message from a requesting
   router that contains an IA_PD option, and the delegating router is
   authorised to delegate prefix(es) to the requesting router, the
   delegating router selects the prefix(es) to be delegated to the
   requesting router. The mechanism through which the delegating router
   selects prefix(es) for delegation is not specified in this document.
   Section 11.2 gives examples of ways in which a delegating router
   might select the prefix(es) to be delegated to a requesting router.

   A delegating router examines the prefix(es) identified in IA_PD
   Prefix options (in an IA_PD option) in Renew and Rebind messages and
   responds according to the current status of the prefix(es). The



Troan & Droms            Expires April 6, 2004                 [Page 14]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   delegating router returns IA_PD Prefix options (within an IA_PD
   option) with updated lifetimes for each valid prefix in the message
   from the requesting router. If the delegating router finds that any
   of the prefixes are not in the requesting router's binding entry, the
   delegating router returns the prefix to the requesting router with
   lifetimes of 0.

   Behaviour in the case where the delegating router cannot find a
   binding for the requesting router's IA_PD:

   Renew message:      If the delegating router cannot find a binding
                       for the requesting router's IA_PD the delegating
                       router returns the IA_PD containing no prefixes
                       with a Status Code option set to NoBinding in the
                       Reply message.

   Rebind message:     If the delegating router cannot find a binding
                       for the requesting router's IA_PD and the
                       delegating router determines that the prefixes in
                       the IA_PD are not appropriate for the link to
                       which the requesting router's interface is
                       attached according to the delegating routers
                       explicit configuration, the delegating router MAY
                       send a Reply message to the requesting router
                       containing the IA_PD with the lifetimes of the
                       prefixes in the IA_PD set to zero. This Reply
                       constitutes an explicit notification to the
                       requesting router that the prefixes in the IA_PD
                       are no longer valid. If the delegating router is
                       unable to determine if the prefix is not
                       appropriate for the link, the Rebind message is
                       discarded.

   A delegating router may mark any prefix(es) in IA_PD Prefix options
   in a Release message from a requesting router as "available",
   dependent on the mechanism used to acquire the prefix, e.g in the
   case of a dynamic pool.

   The delegating router MUST include an IA_PD Prefix option or options
   (in an IA_PD option) in Reply messages sent to a requesting router.

13. Prefix Delegation reconfiguration

   This section describes prefix delegation in Reconfigure message
   exchanges.

13.1 Delegating Router behaviour




Troan & Droms            Expires April 6, 2004                 [Page 15]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   The delegating router initiates a configuration message exchange with
   a requesting router, as described in the section "DHCP
   Server-Initiated Configuration Exchange" of RFC 3315. The delegating
   router specifies the IA_PD option in the Option Request option to
   cause the requesting router to include an IA_PD option to obtain new
   information about delegated prefix(es).

13.2 Requesting Router behaviour

   The requesting router responds to a Reconfigure message received from
   a delegating router as described in RFC 3315. The requesting router
   MUST include the IA_PD Prefix option(s) (in an IA_PD option) for
   prefix(es) that have been delegated to the requesting router by the
   delegating router from which the Reconfigure message was received.

14. Relay agent behaviour

   A relay agent forwards messages containing Prefix Delegation options
   in the same way as described in section "Relay Behaviour" of RFC
   3315.

   If a delegating router communicates with a requesting router through
   a relay agent, the delegating router may need a protocol or other
   out-of-band communication to add routing information for delegated
   prefixes into the provider edge router.

15. Security Considerations

   Security considerations in DHCP are described in the section
   "Security Considerations" of RFC 3315.

   A rogue delegating router can issue bogus prefixes to a requesting
   router. This may cause denial of service due to unreachability.

   A malicious requesting router may be able to mount a denial of
   service attack by repeated requests for delegated prefixes that
   exhaust the delegating router's available prefixes.

   To guard against attacks through prefix delegation, requesting
   routers and delegating routers SHOULD use DHCP authentication as
   described in section "Authentication of DHCP messages" of RFC 3315.
   For point to point links, where one trusts that there is no man in
   the middle, or one trusts layer two authentication, DHCP
   authentication or IPsec may not be necessary. Because a requesting
   router and delegating routers must each have at least one assigned
   IPv6 address, the routers may be able to use IPsec for authentication
   of DHCPv6 messages. The details of using IPsec for DHCPv6 are under
   development.



Troan & Droms            Expires April 6, 2004                 [Page 16]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   Networks configured with delegated prefixes should be configured to
   preclude intentional or inadvertent inappropriate advertisement of
   these prefixes.

16. IANA Considerations

   IANA is requested to assign option codes to:

   OPTION_IA_PD

   OPTION_IAPREFIX

   from the option-code space as defined in section "DHCPv6 Options" of
   RFC 3315.

   IANA is requested to assign a status code:

   NoPrefixAvail:      Delegating router has no prefixes available to
                       assign to the IAPD(s)

   from the status-code space as defined in section "Status Codes" of
   RFC 3315.

17. Acknowledgements

   Thanks for the input and review by (in alphabetical order) Steve
   Deering, Dave Forster, Brian Haberman, Tatuya Jinmei, Shin Miyakawa,
   Pekka Savola, Bernie Volz, Trevor Warwick and Toshi Yamasaki.

Normative References

   [1]  Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6)
        Specification", RFC 2460, December 1998.

   [2]  Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M.
        Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
        RFC 3315, July 2003.

   [3]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [4]  Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for
        IP Version 6 (IPv6)", RFC 2461, December 1998.

   [5]  Aboba, B., Zorn, G. and D. Mitton, "RADIUS and IPv6", RFC 3162,
        August 2001.

Informative References



Troan & Droms            Expires April 6, 2004                 [Page 17]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   [6]  Miyakawa, S. and R. Droms, "Requirements for IPv6 prefix
        delegation", draft-ietf-ipv6-prefix-delegation-requirement-03
        (work in progress), August 2003.


Authors' Addresses

   Ole Troan
   Cisco Systems
   250 Longwater Avenue
   Reading  RG2 6GB
   United Kingdom

   Phone: +44 20 8824 8666
   EMail: ot@cisco.com


   Ralph Droms
   Cisco Systems
   1414 Massachusetts Avenue
   Boxborough, MA  01719
   USA

   Phone: +1 978 936-1674
   EMail: rdroms@cisco.com


























Troan & Droms            Expires April 6, 2004                 [Page 18]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights. Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11. Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard. Please address the information to the IETF Executive
   Director.


Full Copyright Statement

   Copyright (C) The Internet Society (2003). All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION



Troan & Droms            Expires April 6, 2004                 [Page 19]


Internet-Draft       IPv6 Prefix Options for DHCPv6         October 2003


   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.











































Troan & Droms            Expires April 6, 2004                 [Page 20]


Html markup produced by rfcmarkup 1.126, available from https://tools.ietf.org/tools/rfcmarkup/