Internet Engineering Task Force                                T. Narten
Internet-Draft                                                J. Johnson
Intended status: Standards Track                                     IBM
Expires: June 18, 19, 2011                                 December 15, 16, 2010

   Definition of the UUID-based DHCPv6 Unique Identifier (DUID-UUID)
                      draft-ietf-dhc-duid-uuid-01
                      draft-ietf-dhc-duid-uuid-02

Abstract

   This document defines a new DHCPv6 Unique Identifier (DUID) type,
   called DUID-UUID.  DUID-UUIDs are derived from the already
   standardized UUID format.  DUID-UUID makes it possible for devices to
   use UUIDs to identify themselves to DHC servers and vice versa.
   UUIDs are globally unique and readily available on many systems,
   making them convenient identifiers to leverage within DHCP.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 18, 19, 2011.

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Background  . . . . . . . . . . . . . . . . . . . . . . . . . . 3
   3.  UUID Considerations . . . . . . . . . . . . . . . . . . . . . . 4
   4.  DUID-UUID Format  . . . . . . . . . . . . . . . . . . . . . . . 4
   3. 5
   5.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 5
   4.
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   5.
   7.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   6.
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 5
     6.1. 6
     8.1.  Normative References  . . . . . . . . . . . . . . . . . . . 5
     6.2. 6
     8.2.  Informative References  . . . . . . . . . . . . . . . . . . 6
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . . . 6

1.  Introduction

   DHCP Unique Identifiers (DUIDs) are used in DHCPv6 to identify
   clients and servers.  This document defines a new DHCP Unique
   Identifier (DUID) type that embeds a Universally Unique IDentifier
   (UUID) [RFC4122].  UUIDs are already in wide spread use and serve as
   an existing identifier that could be leveraged by DHCPv6.  For
   example, x86 based systems ship with an embedded UUID in firmware
   that is readily available to the software running on the device.

   Although DUIDs are new to DHCPv6, identifying clients in DHCP via a
   UUID is not.  DHCPv4 [RFC2132] defines a Client Machine Identifier
   Option (option 97) that embeds a UUID (aka GUID) [RFC4578].  This
   document extends that capability to DHCPv6.

2.  Background

   In DHCPv6, clients identify themselves to servers via DHCP Unique
   Identifiers (DUIDs) [RFC3315].  DUIDs are identifiers that DHCP
   servers treat as opaque objects with no internal structure.  DUIDs
   are intended to be globally unique, with no two devices using the
   same DUID.  Three DUIDs types have been defined previously:

   DUID-LLT -  the Link-Layer address of one of the device's network
           interfaces, concatenated with a timestamp

   DUID-EN -  an Enterprise Number plus additional information specific
           to the enterprise

   DUID-LL -  the Link-Layer address of one of the device's network
           interfaces

   The intention of

   DUIDs is that they are intended to remain constant over time, so that they can be
   used as permanent identifiers for a device.  In the case of DUID-LLTs, DUID-
   LLTs, they are intended to be generated once, and then stored in
   stable storage and reused from that point forward.

   In DHCPv4, all clients identify themselves to servers via the MAC
   address

   One issue that has arisen concerns devices that employ multi-step
   network boot loading.  An initial step (typically run out of
   firmware) loads a small image that in turn loads a second image, and
   so forth, until the interface on which actual target system is loaded.  Each step in the DHCP packet
   booting process may invoke DHCP.  In some operational environments,
   it is sent.  The MAC
   address identifier generally remains constant across machine
   restarts, installation of new operating system releases, changes important that each step in
   hardware configuration such as addition or removal of storage
   devices, etc.  While the MAC address will change if sequence use the network
   interface is replaced, this same DUID, so
   that the server knows it is a relatively uncommon event.

   In contrast, getting requests from the same device and
   can return the proper configuration information (including the
   pointer to the correct image to load).

   Unfortunately, none of the previously defined DUIDs are ideal for
   multi-step network booting.  The DUID-LLT and DUID-LL identifiers
   that a given device may use are less likely not guaranteed to remain constant on some types of devices
   and deployments.  Specifically, when a machine goes through a multi-
   step boot process, it may first load a simple boot loader, followed
   by a one or more secondary loaders before the eventual desired target
   system is loaded.  In IPv4, all steps of a multi-step boot processes
   that invoke DHCP are guaranteed to use the same MAC identifier during
   each stage.  In contrast, with DHCPv6, it is more difficult to ensure
   or arrange that
   across each boot stage uses the same identifier.  First,
   there are multiple DUID types, and different stages might choose to
   use different formats.  Second, even booting step.  Even if the different stages used DUID-LL
   or DUID-LLT, on devices with multiple interfaces, there is no way to
   guarantee that the same interface (and hence DUID) will be selected.
   Finally, in the case of DUID-LLT, even if the same interface were
   chosen, there is no guarantee it can be difficult to ensure that each stage would use the
   same timestamp value.  While a DUID-EN could be defined and used,
   such usage would be proprietary by definition.

   This document defines a new DUID type, based on the Universally
   Unique IDentifier (UUID) [RFC4122].  UUIDs are already used in
   practice and serve as an existing identifier that could be leveraged
   by DHCP.  For example, x86 based systems ship with an embedded UUID
   in firmware that could  In some environments, a UUID-based DUID would be accessed for this purpose.

   Although DUIDs are new preferable
   to DHCPv6, the idea other existing DUID types.

   It should be noted that use of a DUID-UUID will not by itself solve
   all the network boot problems described in this document.  Given the
   availablility of identifying clients via a suitable DUID-UUID, implementations will still
   need to take steps to ensure that all boot stages use the same DUID-
   UUID is not.  DHCPv4 defines as appropriate.  Given that DHCP has already defined multiple
   DUID types, the question of which of several DUIDs to select from
   already exists -- and defining a Client Machine Identifier Option
   (option 97) new DUID type doesn't by itself
   help.  It is believed, however, that network boot services can contain be
   configured to use a DUID-UUID and that other software can do so as
   well.  Ensuring this happens in general is beyond the scope of this
   document.

3.  UUID [RFC4578]. Considerations

   Although many UUIDs are in use today, not all UUIDs meet the
   requirements of the DHCP protocol (see Section 9 of [RFC3315]).  DHCP
   UUIDs should be persistant across system restarts, across system
   reconfiguration events, system software and operating system upgrades
   or reinstallation, and be easily available to any part of the boot
   process that requires access to the DHCP UUID.  For example, UUIDs
   used in Microsoft's Component Object Module (COM), and for labeling
   partitions in filesystems, are likely not appropriate as they may not
   be accessible to firmware boot loaders, and can change over time.

   Implementations of this specification using DUID-UUID must use select a DUID
   UUID that is persistent across system restart and reconfiguration
   events, and that is available to all DHCP protocol agents that may
   need to identify themselves.  For instance, a DUID UUID that is part of
   the system firmware, or managed by the system firmware, would satisfy
   this requirement.

   It should be noted that use of a DUID-UUID will not by itself solve
   all the problems motivating this document.  Given the availablility
   of a suitable DUID-UUID, implementations will still need to take
   steps to ensure that all boot stages use the same DUID-UUID as
   appropriate.  Given that DHCP has already defined multiple DUID
   types, the question of which of several DUIDs to select from already
   exists and is not a new problem.

2.

4.  DUID-UUID Format

   The DUID-UUID is carried within Client Identifier or Server
   Identifier options.  It has the following format:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |          DUID-Type (4)        |    UUID (128 bits)            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
   |                                                               |
   |                                                               |
   |                                -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

                            DUID-UUID format. .

                                 Figure 1

   DUID-Type -  DUID-UUID (4) - (16 bits)

   UUID -  An RFC4122 UUID (128 bits)

3.

5.  Acknowledgements

   This document was inspired by a discussion on the DHC mailing list in
   November, 2009 on the topic of netboot for IPv6.  Specifically, some
   scenarios were described where it was difficult to do something in
   DHCPv6 that had worked well in DHCPv4.

4.

   We would like to thank the following individuals in particular for
   their specific comments and suggestions on this draft: Andre Kostur,
   Suresh Krishnan, Ted Lemon, Bernie Volz & Vincent Zimmer.

6.  IANA Considerations

   IANA has assigned the value 4 for use by the DHCPv6 DUID-UUID type.
   [TO BE REMOVED UPON PUBLICATION: IANA should update the registry
   entry for the DUID-UUID DUID-Type and mark the assignment permanent.]

5.

7.  Security Considerations

   DHCP traffic between a client and server is sent in the clear.  An
   eavesdroppper residing on the path between the client and server
   could see DHCP traffic and obtain the UUID for a particular machine.
   This may raise some privacy issues.

6.

8.  References

6.1.

8.1.  Normative References

   [RFC2132]  Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor
              Extensions", RFC 2132, March 1997.

   [RFC3315]  Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
              and M. Carney, "Dynamic Host Configuration Protocol for
              IPv6 (DHCPv6)", RFC 3315, July 2003.

   [RFC4122]  Leach, P., Mealling, M., and R. Salz, "A Universally
              Unique IDentifier (UUID) URN Namespace", RFC 4122,
              July 2005.

6.2.

8.2.  Informative References

   [RFC4578]  Johnston, M. and S. Venaas, "Dynamic Host Configuration
              Protocol (DHCP) Options for the Intel Preboot eXecution
              Environment (PXE)", RFC 4578, November 2006.

Authors' Addresses

   Thomas Narten
   IBM

   Email: narten@us.ibm.com

   Jarrod B. Johnson
   IBM

   Email: jarrod.b.johnson@gmail.com