draft-ietf-6man-default-iids-02.txt   draft-ietf-6man-default-iids-03.txt 
IPv6 maintenance Working Group (6man) F. Gont IPv6 maintenance Working Group (6man) F. Gont
Internet-Draft SI6 Networks / UTN-FRH Internet-Draft SI6 Networks / UTN-FRH
Updates: 2464, 2467, 2470, 2491, 2492, A. Cooper Updates: 2464, 2467, 2470, 2491, 2492, A. Cooper
2497, 2590, 3146, 3572, 4291, Cisco 2497, 2590, 3146, 3572, 4291, Cisco
4338, 4391, 4944, 5072, 5121 D. Thaler 4338, 4391, 4944, 5072, 5121 D. Thaler
(if approved) Microsoft (if approved) Microsoft
Intended status: Standards Track W. Liu Intended status: Standards Track W. Liu
Expires: July 24, 2015 Huawei Technologies Expires: November 7, 2015 Huawei Technologies
January 20, 2015 May 6, 2015
Recommendation on Stable IPv6 Interface Identifiers Recommendation on Stable IPv6 Interface Identifiers
draft-ietf-6man-default-iids-02 draft-ietf-6man-default-iids-03
Abstract Abstract
The IPv6 addressing architecture defines Modified EUI-64 format The IPv6 addressing architecture defines Modified EUI-64 format
Interface Identifiers, and the existing IPv6 over various link-layers Interface Identifiers, and the existing IPv6 over various link-layers
specify how such identifiers are derived from the underlying link- specify how such identifiers are derived from the underlying link-
layer address (e.g., an IEEE LAN MAC address) when employing IPv6 layer address (e.g., an IEEE LAN MAC address) when employing IPv6
Stateless Address Autoconfiguration (SLAAC). The security and Stateless Address Autoconfiguration (SLAAC). The security and
privacy implications of embedding link-layer addresses in the privacy implications of embedding link-layer addresses in the
Interface Identifier have been known and understood for some time Interface Identifier have been known and understood for some time
now, and some popular IPv6 implementations have already deviated from now, and some popular IPv6 implementations have already deviated from
such schemes to mitigate these issues. This document changes the such schemes to mitigate these issues. This document changes the
recommended default Interface Identifier generation scheme to that recommended default Interface Identifier generation scheme for SLAAC
specified in RFC7217, and recommends against embedding link-layer to that specified in RFC7217, and recommends against embedding link-
addresses in IPv6 Interface Identifiers. It formally updates layer addresses in IPv6 Interface Identifiers. It formally updates
RFC2464, RFC2467, RFC2470, RFC2491, RFC2492, RFC2497, RFC2590, RFC2464, RFC2467, RFC2470, RFC2491, RFC2492, RFC2497, RFC2590,
RFC3146, RFC3572, RFC4291, RFC4338, RFC4391, RFC4944, RFC5072, and RFC3146, RFC3572, RFC4291, RFC4338, RFC4391, RFC4944, RFC5072, and
RFC5121, which require IPv6 Interface Identifiers to be derived from RFC5121, which require IPv6 Interface Identifiers to be derived from
the underlying link-layer address. the underlying link-layer address. Additionally, this document
provides advice about the generation of Interface Identifiers with
other address configuration mechanisms, such as Dynamic Host
Configuration Protocol version 6 (DHCPv6) and manual configuration.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 24, 2015.
This Internet-Draft will expire on November 7, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Generation of IPv6 Interface Identifiers . . . . . . . . . . 3 3. Generation of IPv6 Interface Identifiers with SLAAC . . . . . 4
4. Future Work . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. Generation of IPv6 Interface Identifiers with DHCPv6 . . . . 4
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 5. Generation of IPv6 Interface Identifiers with Manual
6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 Configuration . . . . . . . . . . . . . . . . . . . . . . . . 4
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 6. Future Work . . . . . . . . . . . . . . . . . . . . . . . . . 4
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
8.1. Normative References . . . . . . . . . . . . . . . . . . 5 8. Security Considerations . . . . . . . . . . . . . . . . . . . 5
8.2. Informative References . . . . . . . . . . . . . . . . . 7 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
10.1. Normative References . . . . . . . . . . . . . . . . . . 5
10.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
[RFC4862] specifies Stateless Address Autoconfiguration (SLAAC) for [RFC4862] specifies Stateless Address Autoconfiguration (SLAAC) for
IPv6 [RFC2460], which typically results in hosts configuring one or IPv6 [RFC2460], which typically results in hosts configuring one or
more "stable" addresses composed of a network prefix advertised by a more "stable" addresses composed of a network prefix advertised by a
local router, and an Interface Identifier (IID) [RFC4291] that local router, and an Interface Identifier (IID) [RFC4291] that
typically embeds a link-layer address (e.g., an IEEE LAN MAC typically embeds a link-layer address (e.g., an IEEE LAN MAC
address). address).
In some network technologies and adaptation layers, the use of an In some network technologies and adaptation layers, the use of an IID
Interface-ID based on a link-layer address may offer some advantages. based on a link-layer address may offer some advantages. For
For example, the IP-over-IEEE802.15.4 standard in [RFC6775] allows example, the IP-over-IEEE802.15.4 standard in [RFC6775] allows for
for compression of IPv6 addresses when the Interface-ID is based on compression of IPv6 addresses when the IID is based on the underlying
the underlying link-layer address. link-layer address.
The security and privacy implications of embedding a link-layer The security and privacy implications of embedding a link-layer
address in an IPv6 Interface ID have been known for some time now, address in an IPv6 IID have been known for some time now, and are
and are discussed in great detail in discussed in great detail in
[I-D.ietf-6man-ipv6-address-generation-privacy]; they include: [I-D.ietf-6man-ipv6-address-generation-privacy]; they include:
o Network activity correlation o Network activity correlation
o Location tracking o Location tracking
o Address scanning o Address scanning
o Device-specific vulnerability exploitation o Device-specific vulnerability exploitation
Some popular IPv6 implementations have already deviated from the Some popular IPv6 implementations have already deviated from the
traditional stable IID generation scheme to mitigate the traditional stable IID generation scheme to mitigate the
aforementioned security and privacy implications [Microsoft]. aforementioned security and privacy implications [Microsoft].
As a result of the aforementioned issues, this document recommends As a result of the aforementioned issues, this document recommends
the implementation of an alternative scheme ([RFC7217]) as the the implementation of an alternative scheme ([RFC7217]) as the
default stable Interface-ID generation scheme, such that the default stable IID generation scheme for SLAAC, such that the
aforementioned issues are mitigated. aforementioned issues are mitigated.
NOTE: [RFC4291] defines the "Modified EUI-64 format" for Interface NOTE: [RFC4291] defines the "Modified EUI-64 format" for IIDs.
identifiers. Appendix A of [RFC4291] then describes how to transform Appendix A of [RFC4291] then describes how to transform an IEEE
an IEEE EUI-64 identifier, or an IEEE 802 48-bit MAC address from EUI-64 identifier, or an IEEE 802 48-bit MAC address from which an
which an EUI-64 identifier is derived, into an interface identifier EUI-64 identifier is derived, into an IID in the Modified EUI-64
in the Modified EUI-64 format. format.
Finally this document provides advice about the generation of
Interface Identifiers with other address configuration mechanisms,
such as Dynamic Host Configuration Protocol version 6 (DHCPv6) and
manual configuration.
2. Terminology 2. Terminology
Stable address: Stable address:
An address that does not vary over time within the same network An address that does not vary over time within the same network
(as defined in [I-D.ietf-6man-ipv6-address-generation-privacy]. (as defined in [I-D.ietf-6man-ipv6-address-generation-privacy]).
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
3. Generation of IPv6 Interface Identifiers 3. Generation of IPv6 Interface Identifiers with SLAAC
Nodes SHOULD implement and employ [RFC7217] as the default scheme for Link layers MUST define a mechanism that provides mitigation of the
generating stable IPv6 addresses with SLAAC. Link layers MUST define security and privacy implications discussed in Section 1. Nodes
a mechanism that provides that mitigates the security and privacy SHOULD implement and employ [RFC7217] as the default scheme for
implications discussed in Section 1. A link layer MAY also define a generating stable IPv6 addresses with SLAAC. A link layer MAY also
mechanism that is more efficient and does not address the security define a mechanism that is more efficient and does not address the
and privacy considerations discussed in Section 1. The choice of security and privacy considerations discussed in Section 1. The
whether to enable privacy or not SHOULD be configurable in such a choice of whether to enable privacy or not SHOULD be configurable in
case. such a case.
Nodes SHOULD NOT employ IPv6 address generation schemes that embed By default, nodes SHOULD NOT employ IPv6 address generation schemes
the underlying link-layer address in the Interface Identifier. In that embed the underlying link-layer address in the IID. In
particular, this document RECOMMENDS that nodes do not generate particular, this document RECOMMENDS that nodes do not generate IIDs
Interface Identifiers with the schemes specified in [RFC2464], with the schemes specified in [RFC2464], [RFC2467], [RFC2470],
[RFC2467], [RFC2470], [RFC2491], [RFC2492], [RFC2497], [RFC2590], [RFC2491], [RFC2492], [RFC2497], [RFC2590], [RFC3146], [RFC3572],
[RFC3146], [RFC3572], [RFC4338], [RFC4391], [RFC4944], [RFC5121], and [RFC4338], [RFC4391], [RFC4944], [RFC5121], and [RFC5072], and
[RFC5072], and updates these documents with this recommendation. updates these documents with this recommendation.
It is RECOMMENDED by this document that future specifications do not It is RECOMMENDED by this document that future specifications do not
specify IPv6 address generation schemes that embed the underlying specify IPv6 address generation schemes that embed the underlying
link-layer address in the Interface Identifier. Future link-layer address in the IID. Future specifications MAY use an IID
specifications MAY use a an IID based on a node's link-layer address based on a node's link-layer address if design and engineering
if design and engineering considerations warrant. considerations warrant.
4. Future Work 4. Generation of IPv6 Interface Identifiers with DHCPv6
By default, DHCPv6 server implementations SHOULD NOT generate
predictable IPv6 addresses (such as IPv6 addresses where the IIDs are
consecutive small numbers). [I-D.ietf-dhc-stable-privacy-addresses]
specifies one possible algorithm that could be employed to comply
with this requirement. Another possible algorithm would be to select
a pseudo-random value chosen from a discrete uniform distribution,
while avoiding the reserved IPv6 Interface Identifiers [RFC5453]
[IANA-RESERVED-IID].
5. Generation of IPv6 Interface Identifiers with Manual Configuration
Network administrators should be aware of the security implications
of predictable Interface Identifiers
[I-D.ietf-6man-ipv6-address-generation-privacy], and avoid the use of
predictable addresses when the aforementioned issues are of concern.
6. Future Work
At the time of this writing, the mechanisms specified in the At the time of this writing, the mechanisms specified in the
following documents are not compatible with the recommendations in following documents might require updates to be fully compatible with
this document: the recommendations in this document:
o RFC 6282 [RFC6282] o RFC 6282 [RFC6282]
o RFC 4944 [RFC4944] o RFC 4944 [RFC4944]
o RFC 6755 [RFC6775] o RFC 6755 [RFC6775]
Future revisions or updates of these documents should take the issues Future revisions or updates of these documents should take the issues
of privacy and security mentioned in Section 1 1 and explain any of privacy and security mentioned in Section 1 and explain any design
design and engineering considerations that lead to the use of IIDs and engineering considerations that lead to the use of IIDs based on
based on a node's link-layer address. a node's link-layer address.
5. IANA Considerations 7. IANA Considerations
There are no IANA registries within this document. The RFC-Editor There are no IANA registries within this document. The RFC-Editor
can remove this section before publication of this document as an can remove this section before publication of this document as an
RFC. RFC.
6. Security Considerations 8. Security Considerations
This document recommends [RFC7217] as the default scheme for This document recommends [RFC7217] as the default scheme for
generating IPv6 stable addresses with SLAAC, such that the security generating IPv6 stable addresses with SLAAC, such that the security
and privacy issues of Interface IDs that embed link-layer addresses and privacy issues of IIDs that embed link-layer addresses are
are mitigated. mitigated.
7. Acknowledgements 9. Acknowledgements
The authors would like to thank Erik Nordmark and Ray Hunter for The authors would like to thank Erik Nordmark and Ray Hunter for
providing a detailed review of this document. providing a detailed review of this document.
The authors would like to thank (in alphabetical order) Fred Baker, The authors would like to thank (in alphabetical order) Fred Baker,
Carsten Bormann, Scott Brim, Brian Carpenter, Samita Chakrabarti, Tim Carsten Bormann, Scott Brim, Brian Carpenter, Samita Chakrabarti, Tim
Chown, Lorenzo Colitti, Jean-Michel Combes, Greg Daley, Esko Dijk, Chown, Lorenzo Colitti, Jean-Michel Combes, Greg Daley, Esko Dijk,
Ralph Droms, David Farmer, Brian Haberman, Ulrich Herberg, Bob Ralph Droms, David Farmer, Brian Haberman, Ulrich Herberg, Bob
Hinden, Jahangir Hossain, Jonathan Hui, Ray Hunter, Sheng Jiang, Hinden, Jahangir Hossain, Jonathan Hui, Ray Hunter, Sheng Jiang,
Roger Jorgensen, Dan Luedtke, Kerry Lynn, George Mitchel, Erik Roger Jorgensen, Dan Luedtke, Kerry Lynn, George Mitchel, Erik
Nordmark, Simon Perreault, Tom Petch, Alexandru Petrescu, Michael Nordmark, Simon Perreault, Tom Petch, Alexandru Petrescu, Michael
Richardson, Arturo Servin, Mark Smith, Tom Taylor, Ole Troan, Tina Richardson, Arturo Servin, Mark Smith, Tom Taylor, Ole Troan, Tina
Tsou, Glen Turner, and Randy Turner, for providing valuable comments Tsou, Glen Turner, Randy Turner, and James Woodyatt, for providing
on earlier versions of this document. valuable comments on earlier versions of this document.
8. References 10. References
8.1. Normative References 10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998. (IPv6) Specification", RFC 2460, December 1998.
[RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet
Networks", RFC 2464, December 1998. Networks", RFC 2464, December 1998.
[RFC2467] Crawford, M., "Transmission of IPv6 Packets over FDDI [RFC2467] Crawford, M., "Transmission of IPv6 Packets over FDDI
Networks", RFC 2467, December 1998. Networks", RFC 2467, December 1998.
[RFC2470] Crawford, M., Narten, T., and S. Thomas, "Transmission of [RFC2470] Crawford, M., Narten, T., and S. Thomas, "Transmission of
IPv6 Packets over Token Ring Networks", RFC 2470, December IPv6 Packets over Token Ring Networks", RFC 2470, December
1998. 1998.
[RFC2492] Armitage, G., Schulter, P., and M. Jork, "IPv6 over ATM [RFC2492] Armitage, G., Schulter, P., and M. Jork, "IPv6 over ATM
Networks", RFC 2492, January 1999. Networks", RFC 2492, January 1999.
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, February 2006.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862, September 2007. Address Autoconfiguration", RFC 4862, September 2007.
[RFC7217] Gont, F., "A Method for Generating Semantically Opaque [RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)", RFC 7217, April 2014. Autoconfiguration (SLAAC)", RFC 7217, April 2014.
skipping to change at page 6, line 42 skipping to change at page 7, line 24
Networks", RFC 4944, September 2007. Networks", RFC 4944, September 2007.
[RFC5121] Patil, B., Xia, F., Sarikaya, B., Choi, JH., and S. [RFC5121] Patil, B., Xia, F., Sarikaya, B., Choi, JH., and S.
Madanapalli, "Transmission of IPv6 via the IPv6 Madanapalli, "Transmission of IPv6 via the IPv6
Convergence Sublayer over IEEE 802.16 Networks", RFC 5121, Convergence Sublayer over IEEE 802.16 Networks", RFC 5121,
February 2008. February 2008.
[RFC5072] Varada, S., Haskins, D., and E. Allen, "IP Version 6 over [RFC5072] Varada, S., Haskins, D., and E. Allen, "IP Version 6 over
PPP", RFC 5072, September 2007. PPP", RFC 5072, September 2007.
[RFC5453] Krishnan, S., "Reserved IPv6 Interface Identifiers", RFC
5453, February 2009.
[RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6 [RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6
Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, Datagrams over IEEE 802.15.4-Based Networks", RFC 6282,
September 2011. September 2011.
[RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E., and C. Bormann, [RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E., and C. Bormann,
"Neighbor Discovery Optimization for IPv6 over Low-Power "Neighbor Discovery Optimization for IPv6 over Low-Power
Wireless Personal Area Networks (6LoWPANs)", RFC 6775, Wireless Personal Area Networks (6LoWPANs)", RFC 6775,
November 2012. November 2012.
8.2. Informative References 10.2. Informative References
[IANA-RESERVED-IID]
IANA, "Reserved IPv6 Interface Identifiers",
<http://www.iana.org/assignments/ipv6-interface-ids>.
[I-D.ietf-6man-ipv6-address-generation-privacy] [I-D.ietf-6man-ipv6-address-generation-privacy]
Cooper, A., Gont, F., and D. Thaler, "Privacy Cooper, A., Gont, F., and D. Thaler, "Privacy
Considerations for IPv6 Address Generation Mechanisms", Considerations for IPv6 Address Generation Mechanisms",
draft-ietf-6man-ipv6-address-generation-privacy-03 (work draft-ietf-6man-ipv6-address-generation-privacy-05 (work
in progress), January 2015. in progress), April 2015.
[I-D.ietf-dhc-stable-privacy-addresses]
Gont, F. and W. Will, "A Method for Generating
Semantically Opaque Interface Identifiers with Dynamic
Host Configuration Protocol for IPv6 (DHCPv6)", draft-
ietf-dhc-stable-privacy-addresses-02 (work in progress),
April 2015.
[Microsoft] [Microsoft]
Davies, J., "Understanding IPv6, 3rd. ed", page 83, Davies, J., "Understanding IPv6, 3rd. ed", page 83,
Microsoft Press, 2012, <http://it-ebooks.info/book/1022/>. Microsoft Press, 2012, <http://it-ebooks.info/book/1022/>.
Authors' Addresses Authors' Addresses
Fernando Gont Fernando Gont
SI6 Networks / UTN-FRH SI6 Networks / UTN-FRH
Evaristo Carriego 2644 Evaristo Carriego 2644
 End of changes. 29 change blocks. 
68 lines changed or deleted 116 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/