draft-ietf-6man-dns-options-bis-07.txt   draft-ietf-6man-dns-options-bis-08.txt 
Network Working Group J. Jeong Network Working Group J. Jeong
Internet-Draft Brocade/ETRI Internet-Draft Brocade/ETRI
Obsoletes: 5006 (if approved) S. Park Obsoletes: 5006 (if approved) S. Park
Intended status: Standards Track SAMSUNG Electronics Intended status: Standards Track SAMSUNG Electronics
Expires: January 27, 2011 L. Beloeil Expires: March 12, 2011 L. Beloeil
France Telecom R&D France Telecom R&D
S. Madanapalli S. Madanapalli
Ordyn Technologies Ordyn Technologies
July 26, 2010 September 8, 2010
IPv6 Router Advertisement Options for DNS Configuration IPv6 Router Advertisement Options for DNS Configuration
draft-ietf-6man-dns-options-bis-07 draft-ietf-6man-dns-options-bis-08
Abstract Abstract
This document specifies IPv6 Router Advertisement options to allow This document specifies IPv6 Router Advertisement options to allow
IPv6 routers to advertise a list of DNS recursive server addresses IPv6 routers to advertise a list of DNS recursive server addresses
and a DNS search list to IPv6 hosts. and a DNS search list to IPv6 hosts.
Status of This Memo Status of This Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
skipping to change at page 1, line 43 skipping to change at page 1, line 43
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 27, 2011. This Internet-Draft will expire on March 12, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 25 skipping to change at page 2, line 25
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Applicability Statements . . . . . . . . . . . . . . . . . 3 1.1. Applicability Statements . . . . . . . . . . . . . . . . . 3
1.2. Coexistence of RA Options and DHCP Options for DNS 1.2. Coexistence of RA Options and DHCP Options for DNS
Configuration . . . . . . . . . . . . . . . . . . . . . . 4 Configuration . . . . . . . . . . . . . . . . . . . . . . 4
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 4 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 4
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
5. Neighbor Discovery Extension . . . . . . . . . . . . . . . . . 5 5. Neighbor Discovery Extension . . . . . . . . . . . . . . . . . 5
5.1. Recursive DNS Server Option . . . . . . . . . . . . . . . 5 5.1. Recursive DNS Server Option . . . . . . . . . . . . . . . 6
5.2. DNS Search List Option . . . . . . . . . . . . . . . . . . 7 5.2. DNS Search List Option . . . . . . . . . . . . . . . . . . 7
5.3. Procedure of DNS Configuration . . . . . . . . . . . . . . 8 5.3. Procedure of DNS Configuration . . . . . . . . . . . . . . 8
5.3.1. Procedure in IPv6 Host . . . . . . . . . . . . . . . . 8 5.3.1. Procedure in IPv6 Host . . . . . . . . . . . . . . . . 8
5.3.2. Warnings for DNS Options Configuration . . . . . . . . 9 5.3.2. Warnings for DNS Options Configuration . . . . . . . . 10
6. Implementation Considerations . . . . . . . . . . . . . . . . 10 6. Implementation Considerations . . . . . . . . . . . . . . . . 10
6.1. DNS Repository Management . . . . . . . . . . . . . . . . 10 6.1. DNS Repository Management . . . . . . . . . . . . . . . . 10
6.2. Synchronization between DNS Server List and Resolver 6.2. Synchronization between DNS Server List and Resolver
Repository . . . . . . . . . . . . . . . . . . . . . . . . 11 Repository . . . . . . . . . . . . . . . . . . . . . . . . 11
6.3. Synchronization between DNS Search List and Resolver 6.3. Synchronization between DNS Search List and Resolver
Repository . . . . . . . . . . . . . . . . . . . . . . . . 12 Repository . . . . . . . . . . . . . . . . . . . . . . . . 12
7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13
7.1. Security Threats . . . . . . . . . . . . . . . . . . . . . 13 7.1. Security Threats . . . . . . . . . . . . . . . . . . . . . 13
7.2. Recommendations . . . . . . . . . . . . . . . . . . . . . 14 7.2. Recommendations . . . . . . . . . . . . . . . . . . . . . 14
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
10.1. Normative References . . . . . . . . . . . . . . . . . . . 15 10.1. Normative References . . . . . . . . . . . . . . . . . . . 15
10.2. Informative References . . . . . . . . . . . . . . . . . . 16 10.2. Informative References . . . . . . . . . . . . . . . . . . 16
Appendix A. Changes from RFC 5006 . . . . . . . . . . . . . . . . 17 Appendix A. Changes from RFC 5006 . . . . . . . . . . . . . . . . 17
1. Introduction 1. Introduction
The purpose of this document is to standardize IPv6 Router The purpose of this document is to standardize an IPv6 Router
Advertisement (RA) option for DNS configuration in IPv6 hosts Advertisement (RA) option for DNS Recursive Server Addresses used for
specified in an earlier experimental specification [RFC5006] and also the DNS name resolution in IPv6 hosts. This RA option was specified
to define a new RA option for Domain Name Search lists. in an earlier experimental specification [RFC5006]. This document is
also to define a new RA option for Domain Name Search Lists for an
enhanced DNS configuration. Thus, this document obsoleted [RFC5006]
defining only the RA option for DNS Recursive Server Addresses.
Neighbor Discovery (ND) for IP Version 6 and IPv6 Stateless Address Neighbor Discovery (ND) for IP Version 6 and IPv6 Stateless Address
Autoconfiguration provide ways to configure either fixed or mobile Autoconfiguration provide ways to configure either fixed or mobile
nodes with one or more IPv6 addresses, default routers and some other nodes with one or more IPv6 addresses, default routers and some other
parameters [RFC4861][RFC4862]. Most Internet services are identified parameters [RFC4861][RFC4862]. Most Internet services are identified
by using a DNS name. The two RA options defined in this document by using a DNS name. The two RA options defined in this document
provide the DNS information needed for an IPv6 host to reach Internet provide the DNS information needed for an IPv6 host to reach Internet
services. services.
It is infeasible to manually configure nomadic hosts each time they It is infeasible to manually configure nomadic hosts each time they
skipping to change at page 7, line 43 skipping to change at page 7, line 49
domain name is contained in the option. The Length domain name is contained in the option. The Length
field is set to a multiple of 8 octets to accommodate field is set to a multiple of 8 octets to accommodate
all the domain names in the field of Domain Names of all the domain names in the field of Domain Names of
DNS Search List. DNS Search List.
Lifetime 32-bit unsigned integer. The maximum time, in Lifetime 32-bit unsigned integer. The maximum time, in
seconds (relative to the time the packet is sent), seconds (relative to the time the packet is sent),
over which this DNSSL domain name MAY be used for over which this DNSSL domain name MAY be used for
name resolution. The Lifetime value has the same name resolution. The Lifetime value has the same
semantics as with RDNSS option. That is, Lifetime semantics as with RDNSS option. That is, Lifetime
SHOULD be bounded as follows: MaxRtrAdvInterval <= SHOULD be bounded as follows:
Lifetime <= 2*MaxRtrAdvInterval. A value of all one MaxRtrAdvInterval <= Lifetime <= 2*MaxRtrAdvInterval.
bits (0xffffffff) represents infinity. A value of
zero means that the DNSSL domain name MUST no longer A value of all one bits (0xffffffff) represents
be used. infinity. A value of zero means that the DNSSL
domain name MUST no longer be used.
Domain Names of DNS Search List Domain Names of DNS Search List
One or more domain names of DNS search list that MUST One or more domain names of DNS search list that MUST
be encoded using the technique described in Section be encoded using the technique described in Section
3.1 of [RFC1035]. By this technique, each domain 3.1 of [RFC1035]. By this technique, each domain
name is represented as a sequence of labels ending in name is represented as a sequence of labels ending in
a zero octet, defined as domain name representation. a zero octet, defined as domain name representation.
For more than one domain name, the corresponding For more than one domain name, the corresponding
domain name representations are concatenated as they domain name representations are concatenated as they
are. Note that for the simple decoding, the domain are. Note that for the simple decoding, the domain
skipping to change at page 10, line 12 skipping to change at page 10, line 20
(e.g., RA and DHCP), an IPv6 host can configure its IP addresses from (e.g., RA and DHCP), an IPv6 host can configure its IP addresses from
these sources. In this case, it is not possible to control how the these sources. In this case, it is not possible to control how the
host uses DNS information and what source addresses it uses to send host uses DNS information and what source addresses it uses to send
DNS queries. As a result, configurations where different information DNS queries. As a result, configurations where different information
is provided by different sources may lead to problems. Therefore, is provided by different sources may lead to problems. Therefore,
the network administrator needs to configure DNS options in multiple the network administrator needs to configure DNS options in multiple
sources in order to prevent such problems from happening. sources in order to prevent such problems from happening.
Second, if different DNS information is provided on different network Second, if different DNS information is provided on different network
interfaces, this can lead to inconsistent behavior. The IETF is interfaces, this can lead to inconsistent behavior. The IETF is
working on solving this problem for both DNS and other information in working on solving this problem for both DNS and other information
Multiple Interfaces (MIF) working group. obtained by multiple interfaces [ID-mif-problem][ID-mif-practice].
6. Implementation Considerations 6. Implementation Considerations
Note: This non-normative section gives some hints for implementing Note: This non-normative section gives some hints for implementing
the processing of the RDNSS and DNSSL options in an IPv6 host. the processing of the RDNSS and DNSSL options in an IPv6 host.
For the configuration and management of DNS information, the For the configuration and management of DNS information, the
advertised DNS configuration information can be stored and managed in advertised DNS configuration information can be stored and managed in
both the DNS Repository and the Resolver Repository. both the DNS Repository and the Resolver Repository.
skipping to change at page 16, line 49 skipping to change at page 17, line 7
RFC 2827, May 2000. RFC 2827, May 2000.
[RFC1535] Gavron, E., "A Security Problem and Proposed [RFC1535] Gavron, E., "A Security Problem and Proposed
Correction With Widely Deployed DNS Software", Correction With Widely Deployed DNS Software",
RFC 1535, October 1993. RFC 1535, October 1993.
[RFC1536] Kumar, A., Postel, J., Neuman, C., Danzig, P., [RFC1536] Kumar, A., Postel, J., Neuman, C., Danzig, P.,
and S. Miller, "Common DNS Implementation Errors and S. Miller, "Common DNS Implementation Errors
and Suggested Fixes", RFC 1536, October 1993. and Suggested Fixes", RFC 1536, October 1993.
[ID-mif-problem] Blanchet, M. and P. Seite, "Multiple Interfaces
Problem Statement", Work in Progress,
August 2010.
[ID-mif-practice] Wasserman, M. and P. Seite, "Current Practices
for Multiple Interface Hosts", Work in Progress,
August 2010.
[ID-csi-send-cert] Gagliano, R., Krishnan, S., and A. Kukec, [ID-csi-send-cert] Gagliano, R., Krishnan, S., and A. Kukec,
"Certificate profile and certificate management "Certificate profile and certificate management
for SEND", Work in Progress, June 2010. for SEND", Work in Progress, June 2010.
Appendix A. Changes from RFC 5006 Appendix A. Changes from RFC 5006
The following changes were made from RFC 5006 "IPv6 Router The following changes were made from RFC 5006 "IPv6 Router
Advertisement Option for DNS Configuration": Advertisement Option for DNS Configuration":
o Added DNS Search List (DNSSL) Option to support the advertisement o Added DNS Search List (DNSSL) Option to support the advertisement
 End of changes. 10 change blocks. 
17 lines changed or deleted 29 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/