[Docs] [txt|pdf] [Tracker] [Email] [Nits]
Versions: 00 01 02 03
draft-ietf-dhc-dhcpv6-opt-dnsdomain
Network Working Group Renxiang Yan
Internet-Draft Alcatel Shanghai Bell
Expires: November 27, 2004 May 27, 2004
DNS zone suffix option for DHCPv6
draft-yan-dhc-dhcpv6-opt-dnszone-00.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on October 25, 2004.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
The DNS Zone Suffix option provides a mechanism for automated
assignment of DNS zone suffix using DHCPv6. This mechanism is
intended to assign a DNS zone suffix from DHCPv6 server to a client.
The client then uses this suffix to configure its domain name.
Conventions used in this document
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in RFC 2119 [3].
Yan Expires October 25, 2004 [Page 1]
Internet-Draft DNS zone suffix option for DHCPv6 April 2003
1. Introduction
The introduction of 128-bit address of IPv6 makes it very difficult
for the user to identify the device by means of its IP address. The
use of DNS (Domain Name Service) becomes a necessity. With the help
of DNS, a user only needs to remember the relatively simple domain
name instead of long IPv6 address.
Currently, there exist two methods to register domain name for an
IPv6 host: (1) manually add a DNS RR (resource record) into the DNS
server database; (2) manually configure a DNS zone suffix infomation
in the router, and use the RA-based DNS auto-registration mechanism
as described in [5].
In method (1), when the number of IPv6 users is large, it will be
troublesome for network administrator to manage. Moreover, the
situation will be deteriorated when users need to change the domain
name of their devices. Method (2) will only be suitable for the
case where a router is presented in the network. Moreover, when large
number of routers need to be configured, e.g. in IPv6 access network
where CPE may work as an IPv6 router which links some IPv6 terminals
to form a home network, it will be better to define an automatic
mechanism to configure the DNS zone suffix.
This document describes a new option for DHCP, named DNS zone suffix
option. Using this option, a DHCPv6 client can get a DNS zone suffix
from DHCPv6 server.
2. DHCPv6 specification dependency
This document describes a new DHCPv6 option for DNS zone suffix
assignment. It should be read in conjunction with the DHCPv6
specification for a complete specification of the DNS zone suffix
option and mechanism. Definitions for terms and acronyms not
specifically defined in this document are defined in the DHCPv6
specification [2].
3. Terminology
This document uses the terminology defined in RFC2460 [1] and the
DHCP specification [2].
4. DNS Zone Suffix Option
The DNS zone suffix option is used to carry a DNS zone suffix to the
DHCPv6 client, which will use it to construct and register a domain
name.
Yan Expires October 25, 2004 [Page 2]
Internet-Draft DNS zone suffix option for DHCPv6 April 2003
The format of the DNS zone suffix option is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_DNS_Zone_suffix | option-length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ DNS zone suffix ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code: OPTION_DNS_Zone_suffix (TBD)
option-length: Length of the "DNS zone suffix" field in octets.
DNS zone suffix: A string of DNS zone suffix. It is comprised of a
sequence of labels, where each label consists of a length octet
followed by that number of octets. The suffix terminates with the
zero length octet for the null label of the root. This field should
be padded with zeroes to be the multiple of 8 octets.
5. Appearance of the option
The DNS zone suffix option MUST NOT appear in any other than the
following messages: Solicit, Advertise, Request, Renew, Rebind,
Information-Request, and Reply.
6. Example and applicability
+------+
| Node +--+
+------+ |
|
+------+ |
| Node +--+ +---------------
+------+ | |
: +-----+
: +---------+ | |
+--+ Router +------| ISP | Internet
: +---------+ | |
: +-----+
+------+ | |
| Node +--+ +---------------
+------+
\____________ ___________/ \____________ ___________/
\/ \/
Subscriber's network ISP network
Yan Expires October 25, 2004 [Page 3]
Internet-Draft DNS zone suffix option for DHCPv6 April 2003
The above figure shows a typical usage of the option. In this model,
ISP has the ISP level domain name suffix (e.g. shtele.com). The
procedure may follow as:
1. The router in the subscriber network initiate DHCP request with
the DNS zone suffix option to get ISP's suffix (i.e. shetele.com).
2. The router passes this suffix to the IPv6 nodes in local subnet,
throught an embedded DHCPv6 server or RA-based mechanism described in
[5]. Since nodes on different subscriber networks may produce the
same domain name, to avoid frequent uniqueness verficication, the
router is suggested to extend DNS zone suffix. For example, the DNS
zone suffix of two subscriber networks under "shtele.com" maybe
"john.shtele.com" and "smith.shtele.com".
3. An IPv6 node creates FQDN for its global address by adding a
hostname to the DNS zone suffix, and registers the IP to FQDN mapping
and FQDN to IP mapping in the domain name server. This procedure can
be realized either by itself using DNS update or through DHCPv6
server [6]. For example, an IPv6 set-top-boxes will hold a domain
name "stb.john.shtele.com" in the DNS server.
The DNS zone suffix option can be used in conjunction with other DHCP
options carrying other configuration information to the router. For
example, the router may obtain the addresses of the DNS servers and
IPv6 prefix from the ISP's DHCP server, and then passes that
configuration information on to the subscriber nodes through a DHCP
server in the router.
The use of DNS zone suffix option are not limited in access. It can
be commonly used in case that IPv6 node needs to configure its domain
name in DNS server.
7. Security Considerations
Security considerations in DHCP are described in section 23,
"Security Considerations" of RFC 3315.
A rogue DHCP server can issue bogus zone suffix to a client. This may
cause wrong domain name registration.
A malicious client may be able to mount a denial of service attach by
repeated DHCP requests for zone suffix, thus exhausts the DHCP
server's resource.
To guard against attack, both DCHP clients and servers SHOULD use
DHCP authentication as described in section 21, "Authentication of
DHCP messages" of RFC 3315.
Yan Expires October 25, 2004 [Page 4]
Internet-Draft DNS zone suffix option for DHCPv6 April 2003
8. References
8.1 Normative References
[1] Deering, S. and R. Hiden, "Internet Protocol, Version 6 (IPv6)
Specification", RFC2460, December 1998.
[2] Bound, J., Carney, M., Perkins, C., Lemon, T., Volz, B. and R.
Droms (ed.), "Dynamic Host Configuration Protocol for IPv6
(DHCPv6)", RFC 3315, May 2003.
[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[4] P. Vixie, S. Thomson, Y. Rekhter and J. Bound, "Dynamic Updates
in the Domain Name System (DNS UPDATE)", RFC2136, April 1997.
[5] Jae-Hoon, J., Byung-Yeob, K., Jung-Soo, P. and Hyong-Jun K.,
"IPv6 Router Advertisement based DNS Autocofiguration", draft-
jeong-ipv6-ra-dns-autoconf-00.txt, 17 April, 2003.
[6] M.Stapp, Y. Rekhter, "The DHCP Client FQDN Option", draft-dhc-
fqdn-option-06.txt, October, 2003.
8.2 Informative References
[7] Mockapetris, P., "Domain names - concepts and facilities", STD
13, RFC 1034, November 1987.
9. Authors' Addresses
Renxiang Yan
Alcatel Shanghai Bell Co., Ltd.
388#, NingQiao Road, Pudong Jinqiao
Shanghai 201206 P.R. China
Phone: +86 (21) 5854-1240, ext.: 7169
Emain: renxiang.yan@alcatel-sbell.com.cn
Yan Expires October 25, 2004 [Page 5]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/