[Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: (draft-jiang-softwire-map-radius) 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Softwire                                                   S. Jiang, Ed.
Internet-Draft                              Huawei Technologies Co., Ltd
Intended status: Standards Track                              Y. Fu, Ed.
Expires: November 15, 2019                                         CNNIC
                                                                  B. Liu
                                            Huawei Technologies Co., Ltd
                                                               P. Deacon
                                                      IEA Software, Inc.
                                                                  C. Xie
                                                           China Telecom
                                                                   T. Li
                                                     Tsinghua University
                                                       M. Boucadair, Ed.
                                                                  Orange
                                                            May 14, 2019


RADIUS Attributes for Address plus Port (A+P) based Softwire Mechanisms
                   draft-ietf-softwire-map-radius-23

Abstract

   IPv4-over-IPv6 transition mechanisms provide IPv4 connectivity
   services over IPv6 native networks during the IPv4/IPv6 co-existence
   period.  DHCPv6 options have been defined for configuring clients for
   Lightweight 4over6, Mapping of Address and Port with Encapsulation,
   and Mapping of Address and Port using Translation unicast softwire
   mechanisms, and also multicast softwires.  However, in many networks,
   configuration information is stored in an Authentication,
   Authorization, and Accounting server which utilizes the RADIUS
   protocol to provide centralized management for users.  When a new
   transition mechanism is developed, new RADIUS attributes need to be
   defined correspondingly.

   This document defines new RADIUS attributes to carry Address plus
   Port based softwire configuration parameters from an Authentication,
   Authorization, and Accounting server to a Broadband Network Gateway.
   Both unicast and multicast attributes are covered.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.



Jiang, Ed., et al.      Expires November 15, 2019               [Page 1]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on November 15, 2019.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   5
   3.  New RADIUS Attributes . . . . . . . . . . . . . . . . . . . .   6
     3.1.  Softwire46-Configuration Attribute  . . . . . . . . . . .   7
       3.1.1.  Softwire46 Attributes . . . . . . . . . . . . . . . .   8
         3.1.1.1.  Softwire46-MAP-E Attribute  . . . . . . . . . . .  10
         3.1.1.2.  Softwire46-MAP-T Attribute  . . . . . . . . . . .  10
         3.1.1.3.  Softwire46-Lightweight-4over6 Attribute . . . . .  11
       3.1.2.  Softwire46 Sub-Attributes . . . . . . . . . . . . . .  11
       3.1.3.  Specification of the Softwire46 Sub-Attributes  . . .  12
         3.1.3.1.  Softwire46-Rule Attribute . . . . . . . . . . . .  12
         3.1.3.2.  Softwire46-BR Attribute . . . . . . . . . . . . .  13
         3.1.3.3.  Softwire46-DMR Attribute  . . . . . . . . . . . .  13
         3.1.3.4.  Softwire46-V4V6Bind Attribute . . . . . . . . . .  14
         3.1.3.5.  Softwire46-PORTPARAMS Attribute . . . . . . . . .  14
       3.1.4.  Sub-Attributes for Sofwtire46-Rule  . . . . . . . . .  15
         3.1.4.1.  Rule-IPv6-Prefix Attribute  . . . . . . . . . . .  15
         3.1.4.2.  Rule-IPv4-Prefix Attribute  . . . . . . . . . . .  16
         3.1.4.3.  EA-Length Attribute . . . . . . . . . . . . . . .  16
       3.1.5.  Attributes for Softwire46-v4v6Bind  . . . . . . . . .  17
         3.1.5.1.  IPv4-address Attribute  . . . . . . . . . . . . .  17
         3.1.5.2.  Bind-IPv6-Prefix Attribute  . . . . . . . . . . .  17
       3.1.6.  Attributes for S46-PORTPARAMS . . . . . . . . . . . .  18
         3.1.6.1.  PSID-offset Attribute . . . . . . . . . . . . . .  18



Jiang, Ed., et al.      Expires November 15, 2019               [Page 2]


Internet-Draft            A+P RADIUS Attributes                 May 2019


         3.1.6.2.  PSID-len Attribute  . . . . . . . . . . . . . . .  19
         3.1.6.3.  PSID Attribute  . . . . . . . . . . . . . . . . .  19
     3.2.  Softwire46-Priority Attribute . . . . . . . . . . . . . .  20
       3.2.1.  Softwire46-Option-Code  . . . . . . . . . . . . . . .  21
     3.3.  Softwire46-Multicast Attribute  . . . . . . . . . . . . .  22
       3.3.1.  ASM-Prefix64 Attribute  . . . . . . . . . . . . . . .  23
       3.3.2.  SSM-Prefix64 Attribute  . . . . . . . . . . . . . . .  24
       3.3.3.  U-Prefix64 Attribute  . . . . . . . . . . . . . . . .  24
   4.  A Sample Configuration Process with RADIUS  . . . . . . . . .  24
   5.  Table of Attributes . . . . . . . . . . . . . . . . . . . . .  27
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  28
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  28
     7.1.  New RADIUS Attributes . . . . . . . . . . . . . . . . . .  28
     7.2.  RADIUS Softwire46 Configuration and Multicast Attributes   29
     7.3.  Softwire46 Mechanisms and Their Identifying Option Codes   30
   8.  Contributing Authors  . . . . . . . . . . . . . . . . . . . .  30
   9.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  31
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .  32
     10.1.  Normative References . . . . . . . . . . . . . . . . . .  32
     10.2.  Informative References . . . . . . . . . . . . . . . . .  33
   Appendix A.  DHCPv6 to RADIUS Field Mappings  . . . . . . . . . .  35
     A.1.  OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field
           Mappings  . . . . . . . . . . . . . . . . . . . . . . . .  35
     A.2.  OPTION_S46_BR (90) to Softwire46-BR Field Mappings  . . .  35
     A.3.  OPTION_S46_DMR (91) to Softwire46-DMR . . . . . . . . . .  35
     A.4.  OPTION_S46_V4V6BIND (92) to Softwire46-V4V6Bind . . . . .  35
     A.5.  OPTION_S46_PORTPARAMS (93) to Softwire46-PORTPARAMS Field
           Mappings  . . . . . . . . . . . . . . . . . . . . . . . .  36
     A.6.  OPTION_S46_PRIORITY (111) to Softwire46-PORTPARAMS Field
           Mappings  . . . . . . . . . . . . . . . . . . . . . . . .  36
     A.7.  OPTION_V6_PREFIX64 (113) to Softwire46-Multicast
           Attribute Field Mappings  . . . . . . . . . . . . . . . .  36
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  36

1.  Introduction

   Providers have started deploying and transitioning to IPv6.  Several
   IPv4 service continuity mechanisms based on the Address plus Port
   (A+P) [RFC6346] have been proposed for providing unicast IPv4 over
   IPv6-only infrastructure, such as Mapping of Address and Port with
   Encapsulation (MAP-E) [RFC7597], Mapping of Address and Port using
   Translation (MAP-T) [RFC7599], and Lightweight 4over6 [RFC7596].
   Also, [RFC8114] specifies a generic solution for the delivery of IPv4
   multicast services to IPv4 clients over an IPv6 multicast network.
   For each of these mechanisms, DHCPv6 options have been specified for
   client configuration.





Jiang, Ed., et al.      Expires November 15, 2019               [Page 3]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   In many networks, user configuration information is stored in an
   Authentication, Authorization, and Accounting (AAA) server.  AAA
   servers generally communicate using the Remote Authentication Dial In
   User Service (RADIUS) [RFC2865] protocol.  In a fixed broadband
   network, a Broadband Network Gateway (BNG) acts as the access gateway
   for users.  That is, the BNG acts as both an AAA client to the AAA
   server, and a DHCPv6 server for DHCPv6 messages sent by clients.
   Throughout this document, the term BNG describes a device
   implementing both the AAA client and DHCPv6 server functions.

   Since IPv4-in-IPv6 softwire configuration information is stored in an
   AAA server, and user configuration information is mainly transmitted
   through DHCPv6 protocol between the BNGs and Customer Premises
   Equipment (CEs, a.k.a., CPE), new RADIUS attributes are needed to
   propagate the information from the AAA servers to BNGs.

   The RADIUS attributes defined in this document provide configuration
   to populate the corresponding DHCPv6 options for unicast and
   multicast softwire configuration, specifically:

   o  "Mapping of Address and Port with Encapsulation (MAP-E)" [RFC7597]
      (DHCPv6 options defined in [RFC7598].

   o  "Mapping of Address and Port using Translation (MAP-T)" [RFC7599]
      (DHCPv6 options defined in [RFC7598].

   o  "Lightweight 4over6: An Extension to the Dual-Stack Lite
      Architecture" [RFC7596] (DHCPv6 options defined in [RFC7598].

   o  "Unified IPv4-in-IPv6 Softwire Customer Premises Equipment (CPE):
      A DHCPv6-Based Prioritization Mechanism" [RFC8026].

   o  "Delivery of IPv4 Multicast Services to IPv4 Clients over an IPv6
      Multicast Network" [RFC8114] (DHCPv6 options defined in [RFC8115].

   The contents of the attributes defined in this document have a 1:1
   mapping into the fields of the various DHCPv6 options in [RFC7598],
   [RFC8026], and [RFC8115].  Table 1 shows how the DHCPv6 options map
   to the corresponding RADIUS attribute.  For detailed mappings between
   each DHCPv6 option field and the corresponding RADIUS Attribute or
   field, see Appendix A.










Jiang, Ed., et al.      Expires November 15, 2019               [Page 4]


Internet-Draft            A+P RADIUS Attributes                 May 2019


      +----------------------------+--------------------------------+
      |        DHCPv6 Option       |        RADIUS Attribute        |
      +----------------------------+--------------------------------+
      |     OPTION_S46_RULE (89)   |        Softwire46-Rule         |
      |     OPTION_S46_BR (90)     |         Softwire46-BR          |
      |     OPTION_S46_DMR (91)    |        Softwire46-DMR          |
      |   OPTION_S46_V4V6BIND (92) |      Softwire46-v4v6Bind       |
      | OPTION_S46_PORTPARAMS (93) |     Softwire46-PORTPARAMS      |
      |  OPTION_S46_PRIORITY (111) |  Softwire46-Priority Attribute |
      |  OPTION_V6_PREFIX64 (113)  | Softwire46-Multicast Attribute |
      +----------------------------+--------------------------------+

       Table 1: Mapping between DHCPv6 Options and RADIUS Attributes

   A RADIUS attribute for Dual-Stack Lite [RFC6333] is defined in
   [RFC6519].

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   [RFC2119] [RFC8174] when, and only when, they appear in all capitals,
   as shown here.

   The reader should be familiar with the concepts and terms defined in
   [RFC7596], [RFC7597], [RFC7599], and [RFC8026].

   The terms "multicast Basic Bridging BroadBand" element (mB4) and
   "multicast Address Family Transition Router" element (mAFTR) are
   defined in [RFC8114].

   Softwire46 (S46) is used throughout to denote any of the IPv4-in-IPv6
   softwire mechanisms listed above.  Additionally, the following
   abbreviations are used within the document:

   o  BMR: Basic Mapping Rule

   o  BNG: Broadband Network Gateway

   o  BR: Border Relay

   o  CE: Customer Edge

   o  DMR: Default Mapping Rule

   o  EA: Embedded Address




Jiang, Ed., et al.      Expires November 15, 2019               [Page 5]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   o  FMR: Forwarding Mapping Rule

   o  PSID: Port Set Identifier

   o  TLV: Type, Length, Value

   o  MAP-E: Mapping of Address and Port with Encapsulation

   o  MAP-T: Mapping of Address and Port using Translation

3.  New RADIUS Attributes

   This section defines the following attributes:

   1.  Softwire46-Configuration Attribute (Section 3.1):

       This attribute carries the configuration information for MAP-E,
       MAP-T, and Lightweight 4over6.  The configuration information for
       each Softwire46 mechanism is carried in the corresponding
       Softwire46 attributes.  Different attributes are required for
       each Softwire46 mechanism.

   2.  Softwire46-Priority Attribute (Section 3.2):

       Depending on the deployment scenario, a client may support
       several different Softwire46 mechanisms and so request
       configuration for more than one Softwire46 mechanism at a time.
       The Softwire46-Priority Attribute contains information allowing
       the client to prioritize which mechanism to use, corresponding to
       OPTION_S46_PRIORITY defined in [RFC8026].

   3.  Softwire46-Multicast Attribute (Section 3.3):

       This attribute conveys the IPv6 prefixes to be used in [RFC8114]
       to synthesize IPv4-embedded IPv6 addresses.  The BNG uses the
       IPv6 prefixes returned in the RADIUS Softwire46-Multicast
       Attribute to populate the DHCPv6 PREFIX64 Option [RFC8115].

   All of these attributes are allocated from the RADIUS "Extended Type"
   code space per [RFC6929].

   All of these attribute designs follow [RFC6158] and [RFC6929].

   This document adheres to [RFC8044] for defining the new RADIUS
   attributes.






Jiang, Ed., et al.      Expires November 15, 2019               [Page 6]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.  Softwire46-Configuration Attribute

   This attribute is of type "tlv", as defined in the RADIUS Protocol
   Extensions [RFC6929].  It contains some sub-attributes, with the
   following requirements:

      The Softwire46-Configuration Attribute MUST contain one or more of
      the following attributes: Softwire46-MAP-E, Softwire46-MAP-T, and/
      or Softwire46-Lightweight-4over6.

      The Softwire46-Configuration Attribute conveys the configuration
      information for MAP-E, MAP-T, or Lightweight 4over6.  The BNG
      SHALL use the configuration information returned in the RADIUS
      attribute to populate the DHCPv6 Softwire46 Container Option
      defined in Section 5 of [RFC7598].

      The Softwire46-Configuration Attribute MAY appear in an Access-
      Accept packet.  It MAY also appear in an Access-Request packet.

      The Softwire46-Configuration Attribute MAY appear in a CoA-Request
      packet.

      The Softwire46-Configuration Attribute MAY appear in an
      Accounting-Request packet.

      The Softwire46-Configuration Attribute MUST NOT appear in any
      other RADIUS packet.

      The Softwire46-Configuration Attribute MUST only encapsulate one
      or more of the Softwire46 attributes defined in this document.

   The Softwire46-Configuration Attribute is structured as follows:



















Jiang, Ed., et al.      Expires November 15, 2019               [Page 7]


Internet-Draft            A+P RADIUS Attributes                 May 2019


    Type
      241 (To be confirmed by IANA).

    Length
      Indicates the total length, in bytes, of all fields of
      this attribute, including the Type, Length, Extended-Type,
      and the entire length of the embedded attributes.

     Extended-Type
        TBD1

     Value
        Contains one or more of the following attributes. Each attribute
        type may appear at most once:

        Softwire46-MAP-E
           For configuring MAP-E clients. For the construction of
           this attribute, refer to Section 3.1.1.1.

        Softwire46-MAP-T
           For configuring MAP-T clients. For the construction of
           this attribute, refer to Section 3.1.1.2.

        Softwire46-Lightweight-4over6
           For configuring Lightweight 4over6 clients. For the
           construction of this attribute, refer to Section 3.1.1.3.

   The Softwire46-Configuration Attribute is associated with the
   following identifier: 241.Extended-Type(TBD1).

3.1.1.  Softwire46 Attributes

   The Softwire46 attributes can only be encapsulated in the
   Softwire46-Configuration Attribute.  Depending on the deployment
   scenario, a client might request for more than one transition
   mechanism at a time.  There MUST be at least one Softwire46 attribute
   encapsulated in one Softwire46-Configuration Attribute.  There MUST
   be at most one instance of each type of Softwire46 attribute
   encapsulated in one Softwire46-Configuration Attribute.

   There are three types of Softwire46 attributes, namely:

   1.  Softwire46-MAP-E (Section 3.1.1.1)

   2.  Softwire46-MAP-T (Section 3.1.1.2)

   3.  Softwire46-Lightweight 4over6 (Section 3.1.1.3)




Jiang, Ed., et al.      Expires November 15, 2019               [Page 8]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Each type of Softwire46 attribute contains a number of sub-
   attributes, defined in Section 3.1.3.  The hierarchy of the
   Softwire46 attributes is shown in Figure 1.  Section 3.1.2 describes
   which sub-attributes are mandatory, optional, or not permitted for
   each defined Softwire46 attribute.

                                                 /1.Rule-IPv6-Prefix
 S                      /                       |
 o  /                  | 1.Softwire46-Rule -----+ 2.Rule-IPv4-Prefix
 f | Softwire46-MAP-E--+                        |
 t |                   | 2.Softwire46-BR        | 3.EA Length
 w |                   |                         \
 i |                   |                               /1.PSID-offset
 r |                   |                              |
 e |                   | 5.Softwire46-PORTPARAMS -----+ 2.PSID-len
 - |                    \                             |
 C |                                                  | 3.PSID
 o |                                                   \
 n |
 f |                                             /1.Rule-IPv6-Prefix
 i |                    /                       |
 g |                   | 1.Softwire46-Rule------+ 2.Rule-IPv4-Prefix
 u | Softwire46-MAP-T--+                        |
 r |                   | 3.Softwire46-DMR       | 3.EA Length
 a |                   |                         \
 t |                   |                               /1.PSID-offset
 i |                   |                              |
 o |                   | 5.Softwire46-PORTPARAMS------+ 2.PSID-len
 n |                    \                             |
   |                                                  | 3.PSID
 A |                                                   \
 t |
 t |                                                 /1.IPv4-address
 r |                    /                           |
 i |                   | 4.Softwire46-v4v6Bind -----+ 2.Bind-IPv6-Prefix
 b | Softwire46-       |                             \
 u | Lightweight-4over6+                               /1.PSID-offset
 t  \                  |                              |
 e                     | 5.Softwire46-PORTPARAMS  ----+ 2.PSID-len
                        \                             |
                                                      | 3.PSID
                                                       \

                 Figure 1: Softwire46 Attributes Hierarchy







Jiang, Ed., et al.      Expires November 15, 2019               [Page 9]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.1.1.  Softwire46-MAP-E Attribute

   Softwire46-MAP-E attribute is designed for carrying the configuration
   information for MAP-E.  The structure of Softwire46-MAP-E is shown
   below:

    TLV-Type
      1

    TLV-Length
      Indicates the length of this attribute, including
      the TLV-Type, TLV-Length, and TLV-Value fields.

    TLV-Value
      Contains a set of sub-attributes, with the following requirements:

      It MUST contain Softwire46-Rule, defined in Section 3.1.3.1.

      It MUST contain Softwire46-BR, defined in Section 3.1.3.2.

      It MAY contain Softwire46-PORTPARAMS, defined in Section 3.1.3.5.

3.1.1.2.  Softwire46-MAP-T Attribute

   Softwire46-MAP-T attribute is designed for carrying the configuration
   information for MAP-T.  The structure of Softwire46-MAP-T is shown
   below:

   TLV-Type
      2

   TLV-Length
      Indicates the length of this attribute, including
      the TLV-Type, TLV-Length, and TLV-Value fields.

   TLV-Value
      Contains a set of sub-attributes, with the following requirements:

      It MUST contain Softwire46-Rule, defined in Section 3.1.3.1.

      It MUST contain Softwire46-DMR, defined in Section 3.1.3.3.

      It MAY contain Softwire46-PORTPARAMS, defined in Section 3.1.3.5.








Jiang, Ed., et al.      Expires November 15, 2019              [Page 10]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.1.3.  Softwire46-Lightweight-4over6 Attribute

   Softwire46-Lightweight-4over6 attribute is designed for carrying the
   configuration information for Lightweight 4over6.  The structure of
   Softwire46-Lightweight-4over6 is shown below:

    TLV-Type
       3

    TLV-Length
       Indicates the length of this attribute, including
       the TLV-Type, TLV-Length, and TLV-Value fields.

    TLV-Value
       Contains a set of sub-attributes as follows:

       It MUST contain Softwire46-BR, defined in Section 3.1.3.2.

       It MUST contain Softwire46-V4V6Bind, defined in Section 3.1.3.4.

       It MAY contain Softwire46-PORTPARAMS, defined in Section 3.1.3.5.

3.1.2.  Softwire46 Sub-Attributes

   Table 2 shows which encapsulated sub-attributes are mandatory,
   optional, or not permitted for each defined Softwire46 attribute.

   +-----------------------+-------+-------+--------------------+
   | Sub-Attributes        | MAP-E | MAP-T | Lightweight 4over6 |
   +-----------------------+-------+-------+--------------------+
   | Softwire46-BR         |   1   |   0   |          1         |
   | Softwire46-Rule       |   1   |   1   |          0         |
   | Softwire46-DMR        |   0   |   1   |          0         |
   | Softwire46-V4V6Bind   |   0   |   0   |          1         |
   | Softwire46-PORTPARAMS |  0-1  |  0-1  |         0-1        |
   +-----------------------+-------+-------+--------------------+


                    Table 2: Softwire46 Sub-Attributes

   The following table defines the meaning of Table 2 entries.

   0     Not Permitted
   0-1   Optional, zero or one instance of the attribute
         may be present.
   1     Mandatory





Jiang, Ed., et al.      Expires November 15, 2019              [Page 11]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.3.  Specification of the Softwire46 Sub-Attributes

3.1.3.1.  Softwire46-Rule Attribute

   Softwire46-Rule can only be encapsulated in Softwire46-MAP-E
   (Section 3.1.1.1) or Softwire46-MAP-T (Section 3.1.1.2).  Depending
   on the deployment scenario, one Basic Mapping Rule (BMR) and zero or
   more Forwarding Mapping Rules (FMRs) MUST be included in one
   Softwire46-MAP-E or Softwire46-MAP-T.

   Each type of Softwire46-Rule also contains a number of sub-
   attributes, including Rule-IPv6-Prefix, Rule-IPv4-Prefix, and EA-
   Length.  The structure of the sub-attributes for Softwire46-Rule is
   defined in Section 3.1.4.

   Defining multiple TLV-types achieves the same design goals as the
   "Softwire46 Rule Flags" defined in Section 4.1 of [RFC7598].  Using
   TLV-type set to 5 is equivalent to setting the F-flag in the
   OPTION_S46_RULE S46 Rule Flags field.

  TLV-Type
     4 Basic Mapping Rule only (not to be used for forwarding)
     5 Forwarding Permitted Mapping Rule

  TLV-Length
     Indicates the length of this attribute, including
     the TLV-Type, TLV-Length, and TLV-Value fields.

  Data Type
     The attribute Softwire46-Rule is of type tlv (Section 3.13 of
     [RFC8044]).

  TLV-Value
     This field contains a set of attributes as follows:

     Rule-IPv6-Prefix
        This attribute contains the IPv6 prefix for use in the MAP rule.
        Refer to Section 3.1.4.1.

     Rule-IPv4-Prefix
        This attribute contains the IPv4 prefix for use in the MAP rule.
        Refer to Section 3.1.4.2.

     EA-Length
        This attribute contains the Embedded-Address (EA) bit length.
        Refer to Section 3.1.4.1.





Jiang, Ed., et al.      Expires November 15, 2019              [Page 12]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.3.2.  Softwire46-BR Attribute

   Softwire46-BR can only be encapsulated in Softwire46-MAP-E
   (Section 3.1.1.1) or Softwire46-Lightweight-4over6 (Section 3.1.1.3).

   There MUST be at least one Softwire46-BR included in each
   Softwire46-MAP-E or Softwire46-Lightweight-4over6.

   The structure of Softwire46-BR is shown below:

     TLV-Type
        6

     TLV-Length
        18 octets

     Data Type
        The attribute Softwire46-BR is of type ip6addr (Section 3.9 of
        [RFC8044]).

     TLV-Value
        br-ipv6-address. A fixed-length field of 16 octets that
        specifies the IPv6 address for the Softwire46 Border Relay (BR).

3.1.3.3.  Softwire46-DMR Attribute

   Softwire46-DMR may only appear in Softwire46-MAP-T (Section 3.1.1.2).
   There MUST be exactly one Softwire46-DMR included in one Softwire46-
   MAP-T.

   The structure of Softwire46-DMR is shown below:

    TLV-Type
       7

    TLV-Length
       4 + length of dmr-ipv6-prefix specified in octets.

    Data Type
       The attribute Softwire46-DMR is of type ip6pref (Section 3.10 of
       [RFC8044]).

    TLV-Value
       dmr-ipv6-prefix. A variable-length (dmr-prefix6-len) field
       specifying the IPv6 prefix for the BR. This field is right-padded
       with zeros to the nearest octet boundary when dmr-prefix6-len
       is not divisible by 8. Prefixes with from 0 to 96 are allowed.




Jiang, Ed., et al.      Expires November 15, 2019              [Page 13]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.3.4.  Softwire46-V4V6Bind Attribute

   Softwire46-V4V6Bind may only be encapsulated in Softwire46-
   Lightweight-4over6 (Section 3.1.1.3).  There MUST be exactly one
   Softwire46-V4V6Bind included in each Softwire46-Lightweight-4over6.

   The structure of Softwire46-V4V6Bind is shown below:

   TLV-Type
      8

   TLV-Length
      Indicates the length of this attribute, including
      the TLV-Type, TLV-Length, and TLV-Value fields.

   Data Type
      The attribute Softwire46-V4V6Bind is of type tlv (Section 3.13 of
      [RFC8044]).

   TLV-Value
      This field contains a set of attributes as follows:

      IPv4-address
         This attribute contains an IPv4 address, used to specify
         the full or shared IPv4 address of the CE. Refer to
         Section 3.1.5.1.

      Bind-IPv6-Prefix
         This attribute contains an IPv6 prefix used to indicate which
         configured prefix the Softwire46 CE should use for constructing
         the softwire. Refer to Section 3.1.5.2.

3.1.3.5.  Softwire46-PORTPARAMS Attribute

   Softwire46-PORTPARAMS is optional.  It is used to specify port set
   information for IPv4 address sharing between clients.
   Softwire46-PORTPARAMS MAY be included in any of the Softwire46
   attributes.

   The structure of Softwire46-PORTPARAMS is shown below:











Jiang, Ed., et al.      Expires November 15, 2019              [Page 14]


Internet-Draft            A+P RADIUS Attributes                 May 2019


    TLV-Type
       9

    TLV-Length
       Indicates the length of this attribute, including
       the TLV-Type, TLV-Length, and TLV-Value fields.

    Data Type
       The attribute Softwire46-PORTPARAMS is of type tlv (Section 3.13
       of [RFC8044]).

    TLV-Value
       This field contains a set of attributes as follows:

       PSID-offset
          This attribute specifies the numeric value for the Softwire46
          algorithm's excluded port range/offset bits (a bits). Refer to
          Section 3.1.6.1.

       PSID-len
          This attribute specifies the number of significant bits in the
          PSID field (also known as 'k'). Refer to Section 3.1.6.2.

       PSID
          This attribute specifies PSID value. Refer to Section 3.1.6.3.

3.1.4.  Sub-Attributes for Sofwtire46-Rule

   There are two types of Softwire46-Rule: the Basic Mapping Rule and
   the Forwarding Mapping Rule, indicated by the value in the TLV-Type
   field of Softwire46-Rule (Section 3.1.3.1).

   Each type of Softwire46-Rule also contains a number of Sub-attributes
   as detailed in the following sub-sections.

3.1.4.1.  Rule-IPv6-Prefix Attribute

   Rule-IPv6-Prefix is REQUIRED for every Softwire46-Rule.  There MUST
   be exactly one Rule-IPv6-Prefix encapsulated in each type of
   Softwire46-Rule.

   Rule-IPv6-Prefix follows the framed IPv6 prefix designed in [RFC3162]
   and [RFC8044].

   The structure of Rule-IPv6-Prefix is shown below:






Jiang, Ed., et al.      Expires November 15, 2019              [Page 15]


Internet-Draft            A+P RADIUS Attributes                 May 2019


     TLV-Type
        10

     TLV-Length
        20 octets

     Data Type
        The attribute Rule-IPv6-Prefix is of type ipv6pref (Section 3.10
        of [RFC8044]).

     TLV-Value
        rule-ipv6-prefix. 128-bits long field that specifies an IPv6
        prefix appearing in the MAP rule.

3.1.4.2.  Rule-IPv4-Prefix Attribute

   This attribute is used to convey the MAP Rule IPv4 prefix.  The
   structure of Rule-IPv4-Prefix is shown below:

     TLV-Type
        11

     TLV-Length
        8 octets

     Data Type
        The attribute Rule-IPv4-Prefix is of type ipv4pref (Section 3.11
        of [RFC8044]).

     TLV-Value
        rule-ipv4-prefix. 32-bits long. Specifies the IPv4 prefix
        appearing in the MAP rule.

3.1.4.3.  EA-Length Attribute

   This attribute is used to convey the Embedded-Address(EA) bit length.
   The structure of EA-Length is shown below:














Jiang, Ed., et al.      Expires November 15, 2019              [Page 16]


Internet-Draft            A+P RADIUS Attributes                 May 2019


      TLV-Type
         12

      TLV-Length
         6 octets

      Data Type
         The attribute EA-Length is of type integer (Section 3.1 of
         [RFC8044]).

     TLV-Value
         EA-len; 32-bits long. Specifies the Embedded-Address(EA) bit
         length. Allowed values range from 0 to 48.

3.1.5.  Attributes for Softwire46-v4v6Bind

3.1.5.1.  IPv4-address Attribute

   The IPv4-address MAY be used to specify the full or shared IPv4
   address of the CE.

   The structure of IPv4-address is shown below:

      TLV-Type
         13

      TLV-Length
         6 octets

      Data Type
         The attribute IPv4-address is of type ipv4addr (Section 3.8
         of [RFC8044]).

      TLV-Value
         32-bits long. Specifies the IPv4 address (ipv4-address) to
         appear in Softwire46-V4V6Bind (Section 3.1.3.4).

3.1.5.2.  Bind-IPv6-Prefix Attribute

   The Bind-IPv6-Prefix is used by the CE to identify the correct IPv6
   prefix to be used as the tunnel source.

   The structure of Bind-IPv6-Prefix is shown below:








Jiang, Ed., et al.      Expires November 15, 2019              [Page 17]


Internet-Draft            A+P RADIUS Attributes                 May 2019


     TLV-Type
        14

     TLV-Length
        4 + length of bind-ipv6-prefix specified in octets.

     Data Type
        The attribute Bind-IPv6-Prefix is of type ipv6pref (Section 3.10
        of [RFC8044]).

     TLV-Value
        bind-ipv6-prefix. A variable-length field specifying the IPv6
        prefix or address for the Softwire46 CE. This field is
        right-padded with zeros to the nearest octet boundary
        when bindprefix6-len is not divisible by 8.

3.1.6.  Attributes for S46-PORTPARAMS

3.1.6.1.  PSID-offset Attribute

   This attribute is used to convey the Port Set Identifier offset as
   defined in [RFC7597].  This attribute is encoded 32 bits as per the
   recommendation in Appendix A.2.1 of [RFC6158].

   The structure of PSID-offset is shown below:

      TLV-Type
         15

      TLV-Length
         6 octets

      Data Type
         The attribute PSID-offset is of type integer (Section 3.1
         of [RFC8044]).

      TLV-Value
         Contains the PSID-Offset (8-bits) right
         justified, and the unused bits in this field MUST
         be set to zero. This field that specifies the
         numeric value for the Softwire46 algorithm's excluded
         port range/offset bits (a bits), as per Section 5.1
         of RFC7597. Allowed values are between 0 and 15.
         Default values for this field are specific to the
         Softwire mechanism being implemented and are defined
         in the relevant specification document.





Jiang, Ed., et al.      Expires November 15, 2019              [Page 18]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.1.6.2.  PSID-len Attribute

   This attribute is used to convey the PSID length as defined in
   [RFC7597].  This attribute is encoded 32 bits as per the
   recommendation in Appendix A.2.1 of [RFC6158].

   The structure of PSID-len is shown below:

      TLV-Type
         16

      TLV-Length
         6 octets

      Data Type
         The attribute PSID-len is of type integer (Section 3.1
         of [RFC8044]).

      TLV-Value
         Contains the PSID-len (8-bits) right
         justified, and the unused bits in this field MUST
         be set to zero. This field specifies the number of
         significant bits in the PSID field (also known as
         'k'). When set to 0, the PSID field is to be ignored.
         After the first 'a' bits, there are k bits in the
         port number representing the value of the PSID.
         Subsequently, the address sharing ratio would be
         2^k.

3.1.6.3.  PSID Attribute

   This attribute is used to convey the PSID as defined in [RFC7597].
   This attribute is encoded 32 bits as per the recommendation in
   Appendix A.2.1 of [RFC6158].

   The structure of PSID is shown below:















Jiang, Ed., et al.      Expires November 15, 2019              [Page 19]


Internet-Draft            A+P RADIUS Attributes                 May 2019


     TLV-Type
        17

     TLV-Length
        6 octets

     Data Type
        The attribute Bind-IPv6-Prefix is of type integer (Section 3.1
        of [RFC8044]).

     TLV-Value
        Contains the PSID (16-bits) right justified, and the unused bits
        in this field MUST be set to zero.
        The PSID value algorithmically identifies a set of ports
        assigned to a CE. The first k bits on the left of this
        2-octet field is the PSID value. The remaining (16-k) bits
        on the right are padding zeros.

3.2.  Softwire46-Priority Attribute

   The Softwire46-Priority Attribute includes an ordered list of
   Softwire64 mechanisms allowing the client to prioritize which
   mechanism to use, corresponding to OPTION_S46_PRIORITY defined in
   [RFC8026].  The following requirements apply:

      The Softwire46-Priority Attribute MAY appear in an Access-Accept
      packet.  It MAY also appear in an Access-Request packet.

      The Softwire46-Priority Attribute MAY appear in a CoA-Request
      packet.

      The Softwire46-Priority Attribute MAY appear in an Accounting-
      Request packet.

      The Softwire46-Priority Attribute MUST NOT appear in any other
      RADIUS packet.

   The Softwrie46-Priority Attribute is structured as follows:













Jiang, Ed., et al.      Expires November 15, 2019              [Page 20]


Internet-Draft            A+P RADIUS Attributes                 May 2019


      Type
        241 (To be confirmed by IANA)

      Length
        Indicates the length of this attribute,
        including the Type, Length, Extended-Type and Value fields.

      Extended-Type
        TBD5

      TLV-Value
       The attribute includes one or more Softwire46-Option-Code TLVs:
          A Softwire46-Priority Attribute MUST contain at least one
          Softwire46-Option-Code TLV (Section 3.2.1).

          Softwire46 mechanisms are prioritized in the appearance order
          of the in the Softwire46-Priority Attribute.

   The Softwire46-Priority Attribute is associated with the following
   identifier: 241.Extended-Type (TBD5).

3.2.1.  Softwire46-Option-Code

   This attribute is used to convey an option code assigned to a
   Softwire64 mechanism [RFC8026].  This attribute is encoded 32 bits as
   per the recommendation in Appendix A.2.1 of [RFC6158].

   The structure of Softwire46-Option-Code is shown below:

      TLV-Type
         18

      TLV-Length
         6 octets

      Data Type
         The attribute Softwire46-Option-Code is of type integer
        (Section 3.1 of [RFC8044]).

      TLV-Value
         A 32-bit IANA-registered option code representing a Softwire46
         mechanism (Softwire46-option-code). The codes and their
         corresponding Softwire46 mechanisms are listed in Section 7.3.








Jiang, Ed., et al.      Expires November 15, 2019              [Page 21]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.3.  Softwire46-Multicast Attribute

   The Softwire46-Multicast Attribute conveys the IPv6 prefixes to be
   used to synthesize multicast and unicast IPv4-embedded IPv6 addresses
   as per [RFC8114].  This attribute is of type "tlv" and contains
   additional TLVs.  The following requirements apply:

      The BNG SHALL use the IPv6 prefixes returned in the RADIUS
      Softwire46-Multicast Attribute to populate the DHCPv6 PREFIX64
      Option [RFC8115].

      This attribute MAY be used in Access-Request packets as a hint to
      the RADIUS server.  For example, if the BNG is pre-configured for
      Softwire46-Multicast, these prefixes MAY be inserted in the
      attribute.  The RADIUS server MAY ignore the hint sent by the BNG,
      and it MAY assign a different Softwire46-Multicast Attribute.

      The Softwire46-Multicast Attribute MAY appear in an Access-
      Request, Access-Accept, CoA-Request, and Accounting-Request
      packet.

      The Softwire46-Multicast Attribute MUST NOT appear in any other
      RADIUS packet.

      The Softwire46-Multicast Attribute MAY contain ASM-Prefix64
      (Section 3.3.1), SSM-Prefix64 (Section 3.3.2), and U-Prefix64
      (Section 3.3.3).

      The Softwire46-Multicast Attribute MUST include ASM-Prefix64 or
      SSM-Prefix64, and it MAY include both.

      The U-Prefix64 MUST be present when SSM-Prefix64 is present.
      U-Prefix64 MAY be present when ASM-Prefix64 is present.

   The Softwire46-Multicast Attribute is structured as follows:
















Jiang, Ed., et al.      Expires November 15, 2019              [Page 22]


Internet-Draft            A+P RADIUS Attributes                 May 2019


    Type
      241 (To be confirmed by IANA)

    Length
      This field indicates the total length in bytes of all fields of
      this attribute, including the Type, Length, Extended-Type, and the
      entire length of the embedded attributes.

    Extended-Type
      TBD6

    Value
      This field contains a set of attributes as follows:

      ASM-Prefix64
        This attribute contains the ASM IPv6 prefix. Refer to
        Section 3.3.1.

      SSM-Prefix64
        This attribute contains the SSM IPv6 prefix. Refer to
        Section 3.3.2.

      U-Prefix64
        This attribute contains the IPv4 prefix used for address
        translation. Refer to Section 3.3.3.

   The Softwire46-Multicast Attribute is associated with the following
   identifier: 241.Extended-Type(TBD6).

3.3.1.  ASM-Prefix64 Attribute

   The ASM-Prefix64 attribute is structured as follows:

    TLV-Type
       19

    TLV-Length
       16 octets. The length of ssm-prefix64 must be to 96 [RFC8115].

    Data Type
       The attribute ASM-Prefix64 is of type ipv6prefix (Section 3.10 of
       [RFC8044]).

    TLV-Value
       This field specifies the IPv6 multicast prefix (asm-prefix64)
       to be used to synthesize the IPv4-embedded IPv6 addresses of the
       multicast groups in the ASM mode. The conveyed multicast IPv6
       prefix MUST belong to the ASM range.



Jiang, Ed., et al.      Expires November 15, 2019              [Page 23]


Internet-Draft            A+P RADIUS Attributes                 May 2019


3.3.2.  SSM-Prefix64 Attribute

   The SSM-Prefix64 attribute is structured as follows:

    Type
      20

    TLV-Length
       16 octets. The length of ssm-prefix64 must be to 96 [RFC8115].

    Data Type
       The attribute SSM-Prefix64 is of type ipv6prefix (Section 3.10 of
       [RFC8044]).

    TLV-Type
       This field specifies the IPv6 multicast prefix (ssm-prefix64)
       to be used to synthesize the IPv4-embedded IPv6 addresses of the
       multicast groups in the SSM mode. The conveyed multicast IPv6
       prefix MUST belong to the SSM range.

3.3.3.  U-Prefix64 Attribute

   The structure of U-Prefix64 is shown below:

     TLV-Type
        21

     TLV-Length
        4 + length of unicast-prefix. As specified in [RFC6052],
        the unicast-prefix prefix-length MUST be set to 32, 40, 48,
        56, 64, or 96.

     Data Type
        The attribute U-Prefix64 is of type ipv6prefix (Section 3.10 of
        [RFC8044]).

     TLV-Value
        This field identifies the IPv6 unicast prefix (u-prefix64) to
        be used in SSM mode for constructing the IPv4-embedded IPv6
        addresses representing the IPv4 multicast sources in the IPv6
        domain. It may also be used to extract the IPv4 address from the
        received multicast data flows.

4.  A Sample Configuration Process with RADIUS

   Figure 2 illustrates how the RADIUS and DHCPv6 protocols interwork to
   provide CE with softwire configuration information.




Jiang, Ed., et al.      Expires November 15, 2019              [Page 24]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   CE                             BNG                         AAA Server
   |                               |                               |
   |-------1.DHCPv6 Solicit------->|                               |
   |(ORO with unicast and/or m'cast|                               |
   |    container option code(s))  |                               |
   |                               |                               |
   |                               |-------2.Access-Request------->|
   |                               |   (Softwire46-Configuration   |
   |                               |       Attribute and/or        |
   |                               |Softwire46-Multicast Attribute)|
   |                               |                               |
   |                               |<------3.Access-Accept---------|
   |                               |   (Softwire46-Configuration   |
   |                               |       Attribute and/or        |
   |                               |Softwire46-Multicast Attribute)|
   |                               |                               |
   |<----4.DHCPv6 Advertisement----|                               |
   |     (container option(s))     |                               |
   |                               |                               |
   |-------5.DHCPv6  Request------>|                               |
   |     (container Option(s))     |                               |
   |                               |                               |
   |<--------6.DHCPv6 Reply--------|                               |
   |     (container option(s))     |                               |
   |                               |                               |
                DHCPv6                         RADIUS


      Figure 2: Interaction between DHCPv6 and AAA Server with RADIUS
                              authentication

   1.  The CE creates a DHCPv6 Solicit message.  For unicast softwire
       configuration, the message includes an OPTION_REQUEST_OPTION (6)
       with the Softwire46 Container option codes as defined in
       [RFC7598].  OPTION_S46_CONT_MAPE (94) should be included for MAP-
       E, OPTION_S46_CONT_MAPT (95) for MAP-T, and OPTION_S46_CONT_LW
       (96) for Lightweight 4over6.  For multicast configuration, the
       option number for OPTION_V6_PREFIX64 (113) is included in the
       client's ORO.  The message is sent to the BNG.

   2.  On receipt of the Solicit message, the BNG constructs a RADIUS
       Access-Request message containing a User-Name Attribute (1)
       (containing either a CE MAC address, interface-id or both), a
       User-Password Attribute (2) (with a pre-configured shared
       password as defined in [RFC2865].  The Softwire46-Configuration
       Attribute and/or Softwire46-Multicast Attribute are also included
       (as requested by the client).  The resulting message is sent to
       the AAA server.



Jiang, Ed., et al.      Expires November 15, 2019              [Page 25]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   3.  The AAA server authenticates the request.  If this is successful,
       and suitable configuration is available, an Access-Accept message
       is sent to the BNG containing the requested
       Softwire46-Configuration Attribute or Softwire46-Multicast
       Attribute.  It is the responsibility of the AAA server to ensure
       the consistency of the provided configuration.

   4.  The BNG maps the received softwire configuration into the
       corresponding fields in the DHCPv6 softwire configuration
       option(s).  These are included in the DHCPv6 Advertise message
       which is sent to the CE.

   5.  The CE sends a DHCPv6 Request message.  In the ORO, the option
       code(s) of any of the required softwire options that were
       received in the Advertise message are included.

   6.  The BNG sends a Reply message to the client containing the
       softwire container options enumerated in the ORO.

   The authorization operation could also be done independently, after
   the authentication process.  In this case, steps 1-5 are completed as
   above, then the following steps are performed:

   6a. When the BNG receives the DHCPv6 Request, it constructs a RADIUS
       Access-Request message, which contains a Service-Type Attribute
       (6) with the value "Authorize Only" (17), the corresponding
       Softwire46-Configuration Attribute, and a State Attribute
       obtained from the previous authentication process according to
       [RFC5080].  The resulting message is sent to the AAA server.

   7a. The AAA checks the authorization request.  If it is approved, an
       Access-Accept message is returned to the BNG with the
       corresponding Softwire46-Configuration Attribute.

   8a. The BNG sends a Reply message to the client containing the
       softwire container options enumerated in the ORO.

   In addition to the above, the following points need to be considered:

   o  In both the configuration message flows described above the
      Message-authenticator (type 80) [RFC2869] SHOULD be used to
      protect both Access-Request and Access-Accept messages.

   o  If the BNG does not receive the corresponding
      Softwire46-Configuration Attribute in the Access-Accept message it
      MAY fall back to creating the DHCPv6 softwire configuration
      options using pre-configured Softwire46 configuration, if this is
      present.



Jiang, Ed., et al.      Expires November 15, 2019              [Page 26]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   o  If the BNG receives an Access-Reject from the AAA server, then
      Softwire46 configuration MUST NOT be supplied to the client.

   o  As specified in [RFC8415], Section 18.2.5, "Creation and
      Transmission of Rebind Messages", if the DHCPv6 server to which
      the DHCPv6 Renew message was sent at time T1 has not responded by
      time T2, the CE (DHCPv6 client) SHOULD enter the Rebind state and
      attempt to contact any available server.  In this situation, a
      secondary BNG receiving the DHCPv6 message MUST initiate a new
      Access-Request message towards the AAA server.  The secondary BNG
      includes the Softwire46-Configuration Attribute in this Access-
      Request message.

   o  For Lightweight 4over6, the subscriber's binding state needs to be
      synchronized between the clients and the lwAFTR/BR.  This can be
      achieved in two ways: static pre-configuration of the bindings on
      both the AAA server and lwAFTR, or on-demand whereby the AAA
      server updates the lwAFTR with the subscriber's binding state as
      it is created or deleted.

   In some deployments, the DHCP server may use the Accounting-Request
   to report to a AAA server the softwire configuration returned to a
   requesting host.  It is the responsibility of the DHCP server to
   ensure the consistency of the configuration provided to requesting
   hosts.  Reported data to a AAA server may be required for various
   operational purposes (e.g., regulatory).

5.  Table of Attributes

   This document specifies three new RADIUS attributes, and their
   formats are as follows:

   o  Softwire46-Configuration Attribute: 241.TBD1

   o  Softwire46-Priority Attribute: 241.TBD5

   o  Softwire46-Multicast Attribute: 241.TBD6

   Table 3 describes which attributes may be found, in which kinds of
   packets and in what quantity.











Jiang, Ed., et al.      Expires November 15, 2019              [Page 27]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Request Accept Reject Challenge Acct CoA-  #       Attribute
                                   Req  Req
    0-1     0-1     0      0       0-1  0-1  241.TBD1 Softwire46-
                                                      Configuration
    0-1     0-1     0      0       0-1  0-1  241.TBD5 Softwire46-
                                                      Priority
    0-1     0-1     0      0       0-1  0-1  241.TBD6 Softwire46-
                                                      Multicast

                       Table 3: Table of Attributes

6.  Security Considerations

   Known security vulnerabilities of the RADIUS protocol are discussed
   in [RFC2607], [RFC2865], and[RFC2869].  Use of IPsec [RFC4301] for
   providing security when RADIUS is carried in IPv6 is discussed in
   [RFC3162].

   Specific security considerations for interactions between the MAP CE
   and the BNG are discussed in [RFC7597] and [RFC7599].  Security
   considerations for Lightweight 4over6 are discussed in [RFC7596].
   Security considerations for DHCPv6-Based Softwire46 Prioritization
   Mechanism are discussed in [RFC8026].  Security considerations for
   multicast scenarios are discussed in [RFC8114].  Furthermore, generic
   DHCPv6 security mechanisms can be applied to DHCPv6
   intercommunication between the CE and the BNG.

7.  IANA Considerations

   IANA is requested to make new code point assignments for RADIUS
   attributes as described in the following subsections.

7.1.  New RADIUS Attributes

   This document requests IANA to assign the Attribute Types defined in
   this document from the RADIUS namespace as described in the "IANA
   Considerations" section of [RFC3575], in accordance with BCP 26
   [RFC8126].

   This document requests that IANA register three new RADIUS
   attributes, from the "Short Extended Space" of [RFC6929].  The
   attributes are: Softwire46-Configuration Attribute,
   Softwire46-Priority Attribute, and Softwire46-Multicast Attribute:








Jiang, Ed., et al.      Expires November 15, 2019              [Page 28]


Internet-Draft            A+P RADIUS Attributes                 May 2019


      Type        Description                Data Type   Reference
      ----        -----------                ---------   ---------
      241.TBD1     Softwire46-Configuration   tlv         Section 3.1
      241.TBD5     Softwire46-Priority        tlv         Section 3.2
      241.TBD6     Softwire46-Multicast       tlv         Section 3.3

7.2.  RADIUS Softwire46 Configuration and Multicast Attributes

   IANA is requested to create a new registry called "RADIUS Softwire46
   Configuration and Multicast Attributes".

   All attributes in this registry have one or more parent RADIUS
   attributes in nesting (refer to [RFC6929]).

   This registry must be initially populated with the following values:

   Value  Description                     Data Type    Reference
   -----  -----------                     ---------    ---------
   0      Reserved
   1      Softwire46-MAP-E                tlv          Section 3.1.1.1
   2      Softwire46-MAP-T                tlv          Section 3.1.1.2
   3      Softwire46-Lightweight-4over6   tlv          Section 3.1.1.3
   4      Softwire46-Rule                 tlv          Section 3.1.3.1
   5      Softwire46-Rule                 tlv          Section 3.1.3.1
   6      Softwire46-BR                   ipv6addr     Section 3.1.3.2
   7      Softwire46-DMR                  ipv6prefix   Section 3.1.3.3
   8      Softwire46-V4V6Bind             tlv          Section 3.1.3.4
   9      Softwire46-PORTPARAMS           tlv          Section 3.1.3.5
   10     Rule-IPv6-Prefix                ipv6prefix   Section 3.1.4.1
   11     Rule-IPv4-Prefix                ipv4prefix   Section 3.1.4.2
   12     EA-Length                       integer      Section 3.1.4.3
   13     IPv4-address                    ipv4addr     Section 3.1.5.1
   14     Bind-IPv6-Prefix                ipv6prefix   Section 3.1.5.2
   15     PSID-offset                     integer      Section 3.1.6.1
   16     PSID-len                        integer      Section 3.1.6.2
   17     PSID                            integer      Section 3.1.6.3
   18     Softwire64-Option-Code          integer      Section 3.2.1
   19     ASM-Prefix64                    ipv6prefix   Section 3.3.1
   20     SSM-Prefix64                    ipv6prefix   Section 3.3.2
   21     U-Prefix64                      ipv6prefix   Section 3.3.3
   22-255 Unassigned

   The registration procedure for this registry is Standards Action as
   defined in [RFC8126].







Jiang, Ed., et al.      Expires November 15, 2019              [Page 29]


Internet-Draft            A+P RADIUS Attributes                 May 2019


7.3.  Softwire46 Mechanisms and Their Identifying Option Codes

   The Softwire46-Priority Attribute defines a 16-bit Softwire46-option-
   code field, for which IANA is requested to create and maintain a new
   registry entitled "Option Codes Permitted in the Softwire46-Priority
   Attribute".  The registration procedure for this registry is
   Standards Action as defined in [RFC8126].

   This document requests IANA to register the three option codes of the
   Softwire46 mechanisms permitted to be included in the
   Softwire46-Priority Attribute.  The value of option code corresponds
   to the TLV-Type defined in Section 3.1.1.  Additional options may be
   added to this list in the future using the IETF Review process
   described in Section 4.8 of [RFC8126].

   Table 4 shows the option codes required, and the Softwire46
   mechanisms that they represent.  The option code for DS-Lite is
   derived from the IANA allocated RADIUS Attribute Type value for DS-
   Lite [RFC6519].  The option codes for MAP-E, MAP-T, and Lightweight
   4over6 need to be assigned.  The option codes for MAP-E, MAP-T, and
   Lightweight 4over6 should also be used as the TLV-Type values for the
   MAP-E, MAP-T, and Lightweight 4over6 attributes defined in
   Section 3.1.1.

             +-----------+--------------------+-----------+
             |Option Code|Softwire46 Mechanism| Reference |
             +-----------+--------------------+-----------+
             |    TBD2   |        MAP-E       |  RFC7597  |
             |    TBD3   |        MAP-T       |  RFC7599  |
             |    TBD4   | Lightweight 4over6 |  RFC7596  |
             |    144    |      DS-Lite       |  RFC6519  |
             +--------------------------------+-----------+

                  Table 4: Option Codes to S46 Mechanisms

8.  Contributing Authors















Jiang, Ed., et al.      Expires November 15, 2019              [Page 30]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Qiong Sun
   China Telecom
   Beijing  China
   Email: sunqiong@ctbri.com.cn

   Qi Sun
   Tsinghua University
   Department of Computer Science, Tsinghua University
   Beijing 100084
   P.R.China
   Phone: +86-10-6278-5822
   Email: sunqibupt@gmail.com

   Cathy Zhou
   Huawei Technologies
   Bantian, Longgang District
   Shenzhen 518129
   Email: cathy.zhou@huawei.com

   Tina Tsou
   Huawei Technologies(USA)
   2330 Central Expressway
   Santa Clara, CA 95050
   USA
   Email: Tina.Tsou.Zouting@huawei.com

   ZiLong Liu
   Tsinghua University
   Beijing 100084
   P.R.China
   Phone: +86-10-6278-5822
   Email: liuzilong8266@126.com

   Yong Cui
   Tsinghua University
   Beijing 100084
   P.R.China
   Phone: +86-10-62603059
   Email: yong@csnet1.cs.tsinghua.edu.cn


9.  Acknowledgements

   The authors would like to thank the valuable comments made by Peter
   Lothberg, Wojciech Dec, Ian Farrer, Suresh Krishnan, Qian Wang, Wei
   Meng, Cui Wang, Alan Dekok, Stefan Winter, and Yu Tianpeng to this
   document.




Jiang, Ed., et al.      Expires November 15, 2019              [Page 31]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   This document was merged with draft-sun-softwire-lw4over6-radext-01
   and draft-wang-radext-multicast-radius-ext-00, thanks to everyone who
   contributed to this document.

   This document was produced using the xml2rfc tool [RFC7991].

   Many thanks to Al Morton and Bernie Volz for the review.

10.  References

10.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC2865]  Rigney, C., Willens, S., Rubens, A., and W. Simpson,
              "Remote Authentication Dial In User Service (RADIUS)",
              RFC 2865, DOI 10.17487/RFC2865, June 2000,
              <https://www.rfc-editor.org/info/rfc2865>.

   [RFC3162]  Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6",
              RFC 3162, DOI 10.17487/RFC3162, August 2001,
              <https://www.rfc-editor.org/info/rfc3162>.

   [RFC3575]  Aboba, B., "IANA Considerations for RADIUS (Remote
              Authentication Dial In User Service)", RFC 3575,
              DOI 10.17487/RFC3575, July 2003,
              <https://www.rfc-editor.org/info/rfc3575>.

   [RFC5080]  Nelson, D. and A. DeKok, "Common Remote Authentication
              Dial In User Service (RADIUS) Implementation Issues and
              Suggested Fixes", RFC 5080, DOI 10.17487/RFC5080, December
              2007, <https://www.rfc-editor.org/info/rfc5080>.

   [RFC6052]  Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X.
              Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052,
              DOI 10.17487/RFC6052, October 2010,
              <https://www.rfc-editor.org/info/rfc6052>.

   [RFC6158]  DeKok, A., Ed. and G. Weber, "RADIUS Design Guidelines",
              BCP 158, RFC 6158, DOI 10.17487/RFC6158, March 2011,
              <https://www.rfc-editor.org/info/rfc6158>.







Jiang, Ed., et al.      Expires November 15, 2019              [Page 32]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   [RFC6929]  DeKok, A. and A. Lior, "Remote Authentication Dial In User
              Service (RADIUS) Protocol Extensions", RFC 6929,
              DOI 10.17487/RFC6929, April 2013,
              <https://www.rfc-editor.org/info/rfc6929>.

   [RFC8026]  Boucadair, M. and I. Farrer, "Unified IPv4-in-IPv6
              Softwire Customer Premises Equipment (CPE): A DHCPv6-Based
              Prioritization Mechanism", RFC 8026, DOI 10.17487/RFC8026,
              November 2016, <https://www.rfc-editor.org/info/rfc8026>.

   [RFC8044]  DeKok, A., "Data Types in RADIUS", RFC 8044,
              DOI 10.17487/RFC8044, January 2017,
              <https://www.rfc-editor.org/info/rfc8044>.

   [RFC8114]  Boucadair, M., Qin, C., Jacquenet, C., Lee, Y., and Q.
              Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients
              over an IPv6 Multicast Network", RFC 8114,
              DOI 10.17487/RFC8114, March 2017,
              <https://www.rfc-editor.org/info/rfc8114>.

   [RFC8115]  Boucadair, M., Qin, J., Tsou, T., and X. Deng, "DHCPv6
              Option for IPv4-Embedded Multicast and Unicast IPv6
              Prefixes", RFC 8115, DOI 10.17487/RFC8115, March 2017,
              <https://www.rfc-editor.org/info/rfc8115>.

   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
              Writing an IANA Considerations Section in RFCs", BCP 26,
              RFC 8126, DOI 10.17487/RFC8126, June 2017,
              <https://www.rfc-editor.org/info/rfc8126>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8415]  Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A.,
              Richardson, M., Jiang, S., Lemon, T., and T. Winters,
              "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
              RFC 8415, DOI 10.17487/RFC8415, November 2018,
              <https://www.rfc-editor.org/info/rfc8415>.

10.2.  Informative References

   [RFC2607]  Aboba, B. and J. Vollbrecht, "Proxy Chaining and Policy
              Implementation in Roaming", RFC 2607,
              DOI 10.17487/RFC2607, June 1999,
              <https://www.rfc-editor.org/info/rfc2607>.





Jiang, Ed., et al.      Expires November 15, 2019              [Page 33]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   [RFC2869]  Rigney, C., Willats, W., and P. Calhoun, "RADIUS
              Extensions", RFC 2869, DOI 10.17487/RFC2869, June 2000,
              <https://www.rfc-editor.org/info/rfc2869>.

   [RFC4301]  Kent, S. and K. Seo, "Security Architecture for the
              Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
              December 2005, <https://www.rfc-editor.org/info/rfc4301>.

   [RFC6333]  Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
              Stack Lite Broadband Deployments Following IPv4
              Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011,
              <https://www.rfc-editor.org/info/rfc6333>.

   [RFC6346]  Bush, R., Ed., "The Address plus Port (A+P) Approach to
              the IPv4 Address Shortage", RFC 6346,
              DOI 10.17487/RFC6346, August 2011,
              <https://www.rfc-editor.org/info/rfc6346>.

   [RFC6519]  Maglione, R. and A. Durand, "RADIUS Extensions for Dual-
              Stack Lite", RFC 6519, DOI 10.17487/RFC6519, February
              2012, <https://www.rfc-editor.org/info/rfc6519>.

   [RFC7596]  Cui, Y., Sun, Q., Boucadair, M., Tsou, T., Lee, Y., and I.
              Farrer, "Lightweight 4over6: An Extension to the Dual-
              Stack Lite Architecture", RFC 7596, DOI 10.17487/RFC7596,
              July 2015, <https://www.rfc-editor.org/info/rfc7596>.

   [RFC7597]  Troan, O., Ed., Dec, W., Li, X., Bao, C., Matsushima, S.,
              Murakami, T., and T. Taylor, Ed., "Mapping of Address and
              Port with Encapsulation (MAP-E)", RFC 7597,
              DOI 10.17487/RFC7597, July 2015,
              <https://www.rfc-editor.org/info/rfc7597>.

   [RFC7598]  Mrugalski, T., Troan, O., Farrer, I., Perreault, S., Dec,
              W., Bao, C., Yeh, L., and X. Deng, "DHCPv6 Options for
              Configuration of Softwire Address and Port-Mapped
              Clients", RFC 7598, DOI 10.17487/RFC7598, July 2015,
              <https://www.rfc-editor.org/info/rfc7598>.

   [RFC7599]  Li, X., Bao, C., Dec, W., Ed., Troan, O., Matsushima, S.,
              and T. Murakami, "Mapping of Address and Port using
              Translation (MAP-T)", RFC 7599, DOI 10.17487/RFC7599, July
              2015, <https://www.rfc-editor.org/info/rfc7599>.

   [RFC7991]  Hoffman, P., "The "xml2rfc" Version 3 Vocabulary",
              RFC 7991, DOI 10.17487/RFC7991, December 2016,
              <https://www.rfc-editor.org/info/rfc7991>.




Jiang, Ed., et al.      Expires November 15, 2019              [Page 34]


Internet-Draft            A+P RADIUS Attributes                 May 2019


Appendix A.  DHCPv6 to RADIUS Field Mappings

   The following sections detail the mappings between the softwire
   DHCPv6 option fields and the relevant RADIUS attributes as defined in
   this document.

A.1.  OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field Mappings

   +---------------------+----------------------+----------------------+
   |   OPTION_S46_RULE   | Softwire46-Rule Name |     TLV Subfield     |
   |        Field        |                      |                      |
   +---------------------+----------------------+----------------------+
   |        flags        |         N/A          |   TLV-type (TBD7,    |
   |                     |                      |        TBD8)         |
   |        ea-len       |      EA-Length       |        EA-len        |
   |     prefix4-len     |   Rule-IPv4-Prefix   |    Prefix-Length     |
   |     ipv4-prefix     |   Rule-IPv4-Prefix   |   rule-ipv4-prefix   |
   |     prefix6-len     |   Rule-IPv6-Prefix   |    Prefix-Length     |
   |     ipv6-prefix     |   Rule-IPv6-Prefix   |   rule-ipv6-prefix   |
   +---------------------+----------------------+----------------------+

A.2.  OPTION_S46_BR (90) to Softwire46-BR Field Mappings

             +---------------------+------------------------+
             | OPTION_S46_BR Field | Softwire46-BR Subfield |
             +---------------------+------------------------+
             |   br-ipv6-address   |    br-ipv6-address     |
             +---------------------+------------------------+

A.3.  OPTION_S46_DMR (91) to Softwire46-DMR

             +---------------------+-------------------------+
             | OPTION_S46_BR Field | Softwire46-DMR Subfield |
             +---------------------+-------------------------+
             |   dmr-prefix6-len   |     dmr-prefix6-len     |
             |   dmr-ipv6-prefix   |     dmr-ipv6-prefix     |
             +---------------------+-------------------------+

A.4.  OPTION_S46_V4V6BIND (92) to Softwire46-V4V6Bind

   +-----------------------+------------------------+------------------+
   |  OPTION_S46_V4V6BIND  |  Softwire46-V4V6Bind   |   TLV Subfield   |
   |         Field         |          Name          |                  |
   +-----------------------+------------------------+------------------+
   |      ipv4-address     |      IPv4-address      |   ipv4-address   |
   |    bindprefix6-len    |    Bind-IPv6-Prefix    |  Prefix-Length   |
   |    bind-ipv6-prefix   |    Bind-IPv6-Prefix    | bind-ipv6-prefix |
   +-----------------------+------------------------+------------------+



Jiang, Ed., et al.      Expires November 15, 2019              [Page 35]


Internet-Draft            A+P RADIUS Attributes                 May 2019


A.5.  OPTION_S46_PORTPARAMS (93) to Softwire46-PORTPARAMS Field Mappings

   +--------------------------+--------------------------+-------------+
   |  OPTION_S46_PORTPARAMS   |  Softwire46-PORTPARAMS   |     TLV     |
   |          Field           |           Name           |   Subfield  |
   +--------------------------+--------------------------+-------------+
   |          offset          |       PSID-offset        | PSID-Offset |
   |         PSID-len         |         PSID-len         |   PSID-len  |
   |           PSID           |           PSID           |     PSID    |
   +--------------------------+--------------------------+-------------+

A.6.  OPTION_S46_PRIORITY (111) to Softwire46-PORTPARAMS Field Mappings

   +---------------------------+---------------------------------------+
   | OPTION_S46_PRIORITY Field |     Softwire46-Priority Attribute     |
   |                           |                Subfield               |
   +---------------------------+---------------------------------------+
   |      s46-option-code      |         Softwire46-option-code        |
   +---------------------------+---------------------------------------+

A.7.  OPTION_V6_PREFIX64 (113) to Softwire46-Multicast Attribute Field
      Mappings

   +--------------------+------------------------------+---------------+
   | OPTION_V6_PREFIX64 |     Softwire46-Multicast     |  TLV Subfield |
   |       Field        |      Attribute TLV Name      |               |
   +--------------------+------------------------------+---------------+
   |     asm-length     |         ASM-Prefix64         | Prefix-Length |
   |   ASM_mPrefix64    |         ASM-Prefix64         |  asm-prefix64 |
   |     ssm-length     |         SSM-Prefix64         | Prefix-Length |
   |   SSM_mPrefix64    |         SSM-Prefix64         |  ssm-prefix64 |
   |   unicast-length   |          U-Prefix64          | Prefix-Length |
   |     uPrefix64      |          U-Prefix64          |   u-prefix64  |
   +--------------------+------------------------------+---------------+

Authors' Addresses

   Sheng Jiang
   Huawei Technologies Co., Ltd
   Q14, Huawei Campus, No.156 Beiqing Road
   Hai-Dian District, Beijing, 100095
   P.R. China

   Email: jiangsheng@huawei.com







Jiang, Ed., et al.      Expires November 15, 2019              [Page 36]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Yu Fu
   CNNIC
   No.4 South 4th Street, Zhongguancun
   Hai-Dian District, Beijing, 100190
   P.R. China

   Email: eleven711711@foxmail.com


   Bing Liu
   Huawei Technologies Co., Ltd
   Q14, Huawei Campus, No.156 Beiqing Road
   Hai-Dian District, Beijing, 100095
   P.R. China

   Email: leo.liubing@huawei.com


   Peter Deacon
   IEA Software, Inc.
   P.O. Box 1170
   Veradale, WA  99037
   USA

   Email: peterd@iea-software.com


   Chongfeng Xie
   China Telecom
   Beijing
   P.R. China

   Email: xiechf.bri@chinatelecom.cn


   Tianxiang Li
   Tsinghua University
   Beijing  100084
   P.R.China

   Email: peter416733@gmail.com










Jiang, Ed., et al.      Expires November 15, 2019              [Page 37]


Internet-Draft            A+P RADIUS Attributes                 May 2019


   Mohamed Boucadair (editor)
   Orange
   Rennes, 35000
   France

   Email: mohamed.boucadair@orange.com













































Jiang, Ed., et al.      Expires November 15, 2019              [Page 38]


Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/