[Docs] [txt|pdf] [Tracker] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01 02 03 04 05 06 07 08
6man Working Group S. Krishnan
Internet-Draft A. Kavanagh
Intended status: Standards Track Ericsson
Expires: January 14, 2010 S. Ooghe
Alcatel-Lucent
B. Varga
Magyar Telekom
July 13, 2009
Line identification in IPv6 Router Solicitation messages
draft-krishnan-6man-rs-mark-03
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 14, 2010.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Krishnan, et al. Expires January 14, 2010 [Page 1]
Internet-Draft Line Identification in RS July 2009
Abstract
In ethernet and PON based aggregation networks, several subscriber
premises may be connected to the same interface of an edge router.
This document proposes a method for the edge router to identify the
subscriber premises using the contents of the received router
solicitation messages.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Conventions used in this document . . . . . . . . . . . . 3
2. Issues with identifying the subscriber in an n:1 vlan model . 4
3. Access Node Behavior . . . . . . . . . . . . . . . . . . . . . 5
3.1. On receiving a router solicitation from the subscriber . . 5
3.2. On receiving a router advertisement from the edge
router . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Edge Router Behavior . . . . . . . . . . . . . . . . . . . . . 6
4.1. On receiving a router solicitation from the subscriber . . 6
4.2. On sending a router advertisement towards the
subscriber . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Line Identification Neighbor Discovery Option . . . . . . . . 7
6. Interactions with SEND . . . . . . . . . . . . . . . . . . . . 8
6.1. Edge Router Behavior . . . . . . . . . . . . . . . . . . . 8
6.1.1. On receiving a router solicitation from the
subscriber . . . . . . . . . . . . . . . . . . . . . . 8
6.1.2. On sending a router advertisement towards the
subscriber . . . . . . . . . . . . . . . . . . . . . . 8
6.2. Access Node Behavior . . . . . . . . . . . . . . . . . . . 8
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . 10
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
10. Normative References . . . . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13
Krishnan, et al. Expires January 14, 2010 [Page 2]
Internet-Draft Line Identification in RS July 2009
1. Introduction
DSL is a widely deployed access technology for Broadband Access for
Next Generation Networks. While traditionally DSL access networks
were PPP based some networks are migrating from the traditional PPP
access model into a pure IP-based ethernet aggregated access
environment.Architectural and topological models of an Ethernet
aggregation network in context of DSL aggregation are described in
[TR101]. One of the ethernet and PON aggregation models specified in
this document bridges sessions from multiple subscribers behind a DSL
Access Node (AN), also referred to as a DSLAM, into a single VLAN in
the aggregation network. This is called the N:1 VLAN allocation
model.
+---+ +----+ +----------+
|CPE|---| RG |----| |
+---+ +----+ | |
| AN |\
+---+ +----+ | | \
|CPE|---| RG |----| | \
+---+ +----+ +----------+ \ +----------+
\ | |
+-------------+ | |
| Aggregation | | Edge |
| Node |-------| Router |
+-------------+ | |
/ | |
+----------+ / +----------+
| | /
+---+ +----+ | | /
|CPE|---| RG |----| AN |/
+---+ +----+ | |
| |
+----------+
Figure 1: Broadband Forum Network Architecture
1.1. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Krishnan, et al. Expires January 14, 2010 [Page 3]
Internet-Draft Line Identification in RS July 2009
2. Issues with identifying the subscriber in an n:1 vlan model
In a fixed Broadband Network, IPv6 hosts are connected to an Access
Node (AN). These hosts today will typically send a Route
Solicitation Message to the Edge Router, to which the Edge Router
responds with a Router Advertisement message. The router
advertisement typically contains a prefix that the host will use to
automatically configure an IPv6 Address. Upon sending the Route
Solicitation message the node connecting the host on the access
circuit, typically an Access Node (AN), would forward the RS to the
Edge Router upstream over a switched network. However, in such
ethernet based aggregation networks, several subscriber premises may
be connected to the same interface of an edge router (e.g. on the
same VLAN). However, the edge router requires some information to
identify the host on the circuit line the host is connected on. To
accomplish this, the AN needs to add line identification information
to the Route Solicitation message and forward this to the Edge
Router. This document proposes a method for the edge router to
identify the subscriber premises using the contents of the received
router solicitation messages.
Krishnan, et al. Expires January 14, 2010 [Page 4]
Internet-Draft Line Identification in RS July 2009
3. Access Node Behavior
3.1. On receiving a router solicitation from the subscriber
When a host sends out a router solicitation, it is received by the
access node. First, the access node needs to verify if there are no
LIO options present in the router solicitation. If there are any LIO
options present, the AN MUST drop the router solicitation. If there
are no LIO options present, the AN SHOULD insert a new LIO option
into the router solicitation message. The AN MUST set the line
identification data of the LIO option to contain the subscriber agent
circuit identifier corresponding to the logical access loop port of
the Access Node from which the RS was initiated. After inserting the
LIO, the AN MUST recalculate the ICMPv6 checksum of the RS packet.
3.2. On receiving a router advertisement from the edge router
When the edge router sends out a router advertisement in response to
the RS, it is received by the access node. If there is an LIO option
present, the AN MUST use the line identification data of the LIO
option to identify the subscriber agent circuit identifier
corresponding to the logical access loop port of the Access Node on
which the RA should be sent. If the LIO option was present in the
received RA, the AN MUST remove the option before forwarding the RA
to the subscriber premise. After removing the LIO, the AN MUST
recalculate the ICMPv6 checksum of the RS packet.
Krishnan, et al. Expires January 14, 2010 [Page 5]
Internet-Draft Line Identification in RS July 2009
4. Edge Router Behavior
4.1. On receiving a router solicitation from the subscriber
When the edge router receives a router solicitation forwarded by the
access node, it needs to check if there is an LIO option present in
the router solicitation. If an LIO option is present, the edge
router MAY use the contents of the line identification field to
lookup the addressing information and policy that need to be applied
to the subscriber.
4.2. On sending a router advertisement towards the subscriber
When the edge router sends out a router advertisement in response to
an RS that contained an LIO option, it MUST unicast the RA back to
the sender of the RS.Whenever the edge router needs to send out a
multicast router advertisement message (e.g. because the unicast MAC
address has aged out in the Neighbor Cache), it SHOULD insert an LIO
option in the RA. If the LIO option is included, the line
identification data field of the LIO option MUST be set to the same
value as was received in the LIO option of the RS.
Krishnan, et al. Expires January 14, 2010 [Page 6]
Internet-Draft Line Identification in RS July 2009
5. Line Identification Neighbor Discovery Option
The Line Identification Option (LIO) can be included in Router
Solicitation and Router Advertisement messages. Multiple Line
Identification options MUST NOT be present in a Neighbor Discovery
message. The LIO has an alignment requirement of 4n.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Line Identification...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Line Identification Option Layout
Type
8-bit identifier of the type of option. The option identifier
for the line identification option will be allocated by the IANA.
Length
8-bit unsigned integer. The length of the option (including
the type and length fields) in units of 8 octets. The value
0 is considered invalid.
Line Identification
In a Router Solicitation:
Variable length data inserted by the Access Node describing the
subscriber agent circuit identifier corresponding to the logical
access loop port of the Access Node from which the RS was
initiated.
In a Router Advertisement:
Variable length data inserted by the Edge Router describing the
subscriber agent circuit identifier corresponding to the logical
access loop port of the Access Node on which the RA needs to be
sent out.
Krishnan, et al. Expires January 14, 2010 [Page 7]
Internet-Draft Line Identification in RS July 2009
6. Interactions with SEND
The LIO is compatible with SEND but it cannot be protected by SEND.
Since the LIO option is inserted into the neighbor discovery message
without the knowledge of the sender, it cannot be included in the
SEND verification process.
6.1. Edge Router Behavior
6.1.1. On receiving a router solicitation from the subscriber
The edge router MUST first verify the ICMPv6 checksum of the router
solicitation packet with the LIO option present. If the checksum is
verified to be valid, the LIO option MUST be removed from the packet
and the ICMPv6 checksum MUST be recalculated, before proceeding with
the SEND verification.
6.1.2. On sending a router advertisement towards the subscriber
When the edge router needs to send out a SEND protected router
advertisement with the LIO option included, it MUST first create the
RA message without the LIO option included. It MUST calculate the
ICMPv6 checksum on this message and then append the RSA signature
option as the last option in this message. This signature will also
protect the ICMPv6 checksum of the RA message. It MUST then add the
LIO option after the RSA signature option and then recalculate the
ICMPv6 checksum to include the LIO.
6.2. Access Node Behavior
The access node does not need to perform any specific operations in
order to support SEND protected messages
Krishnan, et al. Expires January 14, 2010 [Page 8]
Internet-Draft Line Identification in RS July 2009
7. Acknowledgements
The author would like to thank Margaret Wasserman, Mark Townsley,
David Miles, John Kaippallimalil, and Eric Levy-Abegnoli for
reviewing this document and suggesting changes.
Krishnan, et al. Expires January 14, 2010 [Page 9]
Internet-Draft Line Identification in RS July 2009
8. Security Considerations
The line identification information inserted by the access node or
the edge router is not protected. This means that this option may be
modifed, inserted, or deleted without being detected. In order to
ensure validity of the contents of the line identification field, the
network between the access node and the edge router needs to be
trusted.
Krishnan, et al. Expires January 14, 2010 [Page 10]
Internet-Draft Line Identification in RS July 2009
9. IANA Considerations
This document defines a new IPv6 neighbor discovery option for
carrying line identification. IANA is requested to assign a new
neighbor discovery option type in the registry maintained at
http://www.iana.org/assignments/icmpv6-parameters
<TBA> Line Identification Option [RFCXXXX]
Krishnan, et al. Expires January 14, 2010 [Page 11]
Internet-Draft Line Identification in RS July 2009
10. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
Neighbor Discovery (SEND)", RFC 3971, March 2005.
[TR101] Broadband Forum, "Migration to Ethernet-based DSL
aggregation", <http://www.broadband-forum.org/technical/
download/TR-101.pdf>.
Krishnan, et al. Expires January 14, 2010 [Page 12]
Internet-Draft Line Identification in RS July 2009
Authors' Addresses
Suresh Krishnan
Ericsson
8400 Blvd Decarie
Town of Mount Royal, Quebec
Canada
Email: suresh.krishnan@ericsson.com
Alan Kavanagh
Ericsson
8400 Blvd Decarie
Town of Mount Royal, Quebec
Canada
Email: alan.kavanagh@ericsson.com
Sven Ooghe
Alcatel-Lucent
Copernicuslaan 50
2018 Antwerp,
Belgium
Phone:
Email: sven.ooghe@alcatel-lucent.com
Balazs Varga
Magyar Telekom
Email: varga.balazs@telekom.hu
Krishnan, et al. Expires January 14, 2010 [Page 13]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/