draft-ietf-dhc-problem-statement-of-mredhcpv6-04.txt   draft-ietf-dhc-problem-statement-of-mredhcpv6-05.txt 
Dynamic Host Configuration (DHC) G. Ren Dynamic Host Configuration (DHC) G. Ren
Internet-Draft L. He Internet-Draft L. He
Intended status: Informational Y. Liu Intended status: Informational Y. Liu
Expires: August 15, 2020 Tsinghua University Expires: November 12, 2020 Tsinghua University
February 12, 2020 May 11, 2020
DHCPv6 Extension Survey and Considerations DHCPv6 Extension Practices and Considerations
draft-ietf-dhc-problem-statement-of-mredhcpv6-04 draft-ietf-dhc-problem-statement-of-mredhcpv6-05
Abstract Abstract
The manageability, security, privacy protection, and traceability of The manageability, security, privacy protection, and traceability of
networks can be supported by extending the DHCPv6 protocol according networks can be supported by extending the DHCPv6 protocol according
to requirements. This document provides a survey of current to requirements. This document provides current extension practices
extension practices and typical DHCP server software on extensions, and typical DHCPv6 server softwares on extensions, defines a DHCPv6
defines a DHCPv6 general model, discusses some extension points, and general model, discusses some extension points, and presents
presents extension cases. extension cases.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 15, 2020. This Internet-Draft will expire on November 12, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 14
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Current Extension Practices . . . . . . . . . . . . . . . . . 3 3. Current Extension Practices . . . . . . . . . . . . . . . . . 3
3.1. Standardized and Non-standardized DHCPv6 Extension Cases 3 3.1. Standardized and Non-standardized DHCPv6 Extension Cases 3
3.2. Current DHCPv6 Server Software Cases . . . . . . . . . . 4 3.2. Current DHCPv6 Server Software Cases . . . . . . . . . . 4
3.2.1. Cisco Prime Network Registrar DHCP Server Extension 4. Extension Discussion . . . . . . . . . . . . . . . . . . . . 4
APIs . . . . . . . . . . . . . . . . . . . . . . . . 4 4.1. DHCPv6 General Model . . . . . . . . . . . . . . . . . . 4
3.2.2. Kea DHCP Hook Mechanisms . . . . . . . . . . . . . . 4
4. Extension Discussion . . . . . . . . . . . . . . . . . . . . 5
4.1. DHCPv6 General Model . . . . . . . . . . . . . . . . . . 5
4.2. Extension Points . . . . . . . . . . . . . . . . . . . . 5 4.2. Extension Points . . . . . . . . . . . . . . . . . . . . 5
4.2.1. Messages . . . . . . . . . . . . . . . . . . . . . . 5 4.2.1. Messages . . . . . . . . . . . . . . . . . . . . . . 5
4.2.2. Options . . . . . . . . . . . . . . . . . . . . . . . 6 4.2.2. Options . . . . . . . . . . . . . . . . . . . . . . . 6
4.2.3. Message Processing Functions . . . . . . . . . . . . 6 4.2.3. Message Processing Functions . . . . . . . . . . . . 6
4.2.4. Address Generation Mechanisms . . . . . . . . . . . . 7 4.2.4. Address Generation Mechanisms . . . . . . . . . . . . 6
5. Extension Cases . . . . . . . . . . . . . . . . . . . . . . . 7 5. Extension Cases . . . . . . . . . . . . . . . . . . . . . . . 7
6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
9.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . 8
9.2. Informative References . . . . . . . . . . . . . . . . . 9 9.2. Informative References . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
The IP address plays a significant role in the communication of the The IP address plays a significant role in the communication of the
Internet. IP address generation is also closely related to the Internet. IP address generation is also closely related to the
manageability, security, privacy protection, and traceability of manageability, security, privacy protection, and traceability of
networks. Dynamic Host Configuration Protocol for IPv6 (DHCPv6) networks. Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
[RFC8415] is a critical network protocol that can be used to [RFC8415] is a critical network protocol that can be used to
dynamically provide IPv6 addresses and other network configuration dynamically provide IPv6 addresses and other network configuration
parameters to IPv6 nodes. DHCPv6 continues to be extended and parameters to IPv6 nodes. DHCPv6 continues to be extended and
improved through new options, protocols, and message processing improved through new options, protocols, and message processing
mechanisms. mechanisms.
Although DHCPv6 provides more and more comprehensive functionalities Although DHCPv6 provides more and more comprehensive functionalities
and DHCPv6 server software also provides extension interfaces to and DHCPv6 server softwares also provide extension interfaces to
allow administrators to alter and customize the way how they handle allow administrators to alter and customize the way how they handle
and respond to DHCPv6 messages, there is still a lack of and respond to DHCPv6 messages, there is still a lack of
comprehensive insight into where and how to conduct extensions in comprehensive insight into where and how to conduct extensions in
DHCPv6 effectively. The extensions to DHCPv6 can be various DHCPv6 effectively. The extensions to DHCPv6 can be various
according to multiple and varied requirements. The goal of multi- according to multiple and varied requirements. The goal of multi-
requirement extensions for DHCPv6 is to use simple interfaces to requirement extensions for DHCPv6 is to use simple interfaces to
define and support more extensions without changing the basic design define and support more extensions without changing the basic design
of DHCPv6. Therefore, a detailed analysis is required to clarify the of DHCPv6. Therefore, a detailed analysis is required to clarify the
problems, design principles, and extract and unify the design problems, design principles, and extract and unify the design
specifications to help better solve the multi-requirement extension specifications to help better solve the multi-requirement extension
skipping to change at page 3, line 20 skipping to change at page 3, line 17
In summary, multi-requirement extensions for DHCPv6 can be conducted In summary, multi-requirement extensions for DHCPv6 can be conducted
to support the administrator's self-defined functionalities. As to support the administrator's self-defined functionalities. As
DHCPv6 is an essential and useful protocol related to IPv6 addresses DHCPv6 is an essential and useful protocol related to IPv6 addresses
generation, it can provide more extended and flexible features to generation, it can provide more extended and flexible features to
meet administrators' requirements. According to well-designed meet administrators' requirements. According to well-designed
principles, extended interfaces can be defined to support more self- principles, extended interfaces can be defined to support more self-
defined multi-requirement extensions without sacrificing the defined multi-requirement extensions without sacrificing the
stability of DHCPv6. stability of DHCPv6.
Some people would suggest administrators modify the open-source DHCP Some people would suggest administrators modify the open-source
servers to solve their problems. However, a considerable amount of DHCPv6 servers to solve their problems. However, a considerable
time will be taken to understand the open-source DHCP server codes, amount of time will be taken to understand the open-source DHCPv6
not to say the consuming time debugging the bugs, failures or system server codes, not to say the consuming time debugging the bugs,
crash caused by modifying the complicated modules. Another problem failures or system crash caused by modifying the complicated modules.
is that as the open-source software evolves, the source codes of the Another problem is that as the open-source software evolves, the
server software may change (new functionalities or fixing bugs). source codes of the server softwares may change (new functionalities
Users may need to re-write their codes once the latest version of or fixing bugs). Users may need to re-write their codes once the
open-source server software comes out latest version of open-source server softwares come out
[kea_dhcp_hook_developers_guide]. Hence, the multi-requirement [kea_dhcp_hook_developers_guide]. Hence, the multi-requirement
extensions for DHCPv6 to solve administrators' specific problems are extensions for DHCPv6 to solve administrators' specific problems are
essential and significant. essential and significant.
This document provides a survey of current extension practices and This document provides a survey of current extension practices and
typical DHCP server software on extensions and gives DHCPv6 extension typical DHCPv6 server softwares on extensions and gives DHCPv6
considerations by defining a DHCPv6 general model, discussing the extension considerations by defining a DHCPv6 general model,
extension problems, and presenting extension cases. discussing the extension problems, and presenting extension cases.
2. Terminology 2. Terminology
Familiarity with DHCPv6 and its terminology, as defined in [RFC8415], Familiarity with DHCPv6 and its terminology, as defined in [RFC8415],
is assumed. is assumed.
3. Current Extension Practices 3. Current Extension Practices
3.1. Standardized and Non-standardized DHCPv6 Extension Cases 3.1. Standardized and Non-standardized DHCPv6 Extension Cases
skipping to change at page 4, line 10 skipping to change at page 4, line 7
three categories. three categories.
Extended options Most extensions for DHCPv6 are implemented in Extended options Most extensions for DHCPv6 are implemented in
this way. New-defined options carry specific this way. New-defined options carry specific
parameters in DHCPv6 messages, which helps DHCPv6 parameters in DHCPv6 messages, which helps DHCPv6
clients or servers know the detailed situation clients or servers know the detailed situation
with each other. with each other.
Extended messages Some documents define new protocols that aim to Extended messages Some documents define new protocols that aim to
achieve specific goals, e.g., active leasequery achieve specific goals, e.g., active leasequery
[RFC7653], GAGMS [GAGMS]. [RFC7653], General Address Generation and
Management System [GAGMS].
Extended entities Some documents introduce third-party entities Extended entities Some documents introduce third-party entities
into the communications of DHCPv6 to achieve into the communications of DHCPv6 to achieve
specific goals and provide better services, e.g., specific goals and provide better services, e.g.,
authentication [RFC7037]. authentication [RFC7037].
3.2. Current DHCPv6 Server Software Cases 3.2. Current DHCPv6 Server Software Cases
A lot of commercial and open source DHCP servers exist, including A lot of commercial and open source DHCPv6 servers exist, including
Cisco Prime Network Registrar [CPNR], Microsoft DHCP Cisco Prime Network Registrar (CPNR) DHCP [CPNR], DHCP Broadband
[Microsoft_DHCP], VitalQIP [VitalQIP], Nominum DHCP [Nominum_DHCP], [DHCP_Broadband], FreeRADIUS DHCP [FreeRADIUS_DHCP], ISC DHCP
ISC DHCP [ISC_DHCP], Kea DHCP [Kea_DHCP], FreeRADIUS DHCP [ISC_DHCP], Kea DHCP [Kea_DHCP], Microsoft DHCP [Microsoft_DHCP],
[FreeRADIUS_DHCP], WIDE DHCPv6 [WIDE_DHCPv6], and DHCP Broadband Nominum DHCP [Nominum_DHCP], VitalQIP [VitalQIP], and WIDE DHCPv6
[DHCP_Broadband]. Commercial and open-source DHCPv6 software often [WIDE_DHCPv6]. Commercial and open-source DHCPv6 software often
considers the extensions of DHCPv6 servers because they cannot always considers the extensions of DHCPv6 servers because they cannot always
meet the requirements that the administrators want. In this section, meet the requirements that the administrators want. For example,
we introduce two typical DHCPv6 servers: Cisco Prime Network CPNR DHCP server provides extension APIs and allows administrators to
Registrar and Kea DHCP. write extensions and functions to alter and customize how it handles
and responds to DHCP requests. A network operator usually decides
3.2.1. Cisco Prime Network Registrar DHCP Server Extension APIs what packet process to modify, how to modify, and which extension
point to attach the extension. Then the network operator writes the
Cisco Prime Network Registrar (CPNR) [CPNR] is an appliance which extension and adds the well-written extension to the extension point
provides integrated Domain Name Server, DHCP, and IP Address of the DHCP server. Finally, the network operator reloads the DHCP
Management services for IPv4 and IPv6. At the same time, CPNR DHCP server and debugs whether the server runs as it expects. Similarly,
server provides extension APIs and allows administrators to write
extensions and functions to alter and customize how it handles and
responds to DHCP requests. A network operator usually decides what
packet process to modify, how to modify, and which extension point to
attach the extension. Then the network operator writes the extension
and adds the well-written extension to the extension point of the
DHCP server. Finally, the network operator reloads the DHCP server
and debugs whether the server runs as it expects.
3.2.2. Kea DHCP Hook Mechanisms
Kea DHCP provides hook mechanisms, a well-designed interface for Kea DHCP provides hook mechanisms, a well-designed interface for
third-party code, to solve the problem that the DHCP server does not third-party code, to solve the problem that the DHCP server does not
quite do what a network operator require. A network operator can use quite do what a network operator require.
several well-defined framework functions to load and initialize a
library and write specific callout functions to attach to the hook
points. After building and configuring the hooks library, the server
runs as the network operator requires. Additionally, Kea DHCP allows
the network operator to use logging in the hooks library.
4. Extension Discussion 4. Extension Discussion
This section elaborates multi-requirement extensions for DHCPv6. This section elaborates multi-requirement extensions for DHCPv6.
Section 4.1 describes the general model of DHCPv6, while Section 4.2 Section 4.1 describes the general model of DHCPv6, while Section 4.2
analyzes the extension points and requirements. analyzes the extension points and requirements.
4.1. DHCPv6 General Model 4.1. DHCPv6 General Model
Figure 1 summarizes the DHCPv6 general model and its possible Figure 1 summarizes the DHCPv6 general model and its possible
extensions: messages, options, message processing functions, and extensions: messages, options, message processing functions, and
address generation mechanisms. address generation mechanisms.
+-----------------+ +----------------+ +-----------------+ +----------------+
| DHCPv6 client | DHCP messages | DHCPv6 relay | | DHCPv6 client | DHCPv6 messages | DHCPv6 relay |
| +-------------+ | with options | +------------+ | External inputs | +-------------+ | with options | +------------+ | External inputs
| | Message | |<---------------->| | Message | |<---------------- | | Message | |<---------------->| | Message | |<----------------
| | processing | | | | relaying | | e.g., RADIUS | | processing | | | | relaying | | e.g., RADIUS
| | functions | | | | functions | | option [RFC7037] | | functions | | | | functions | | option [RFC7037]
| +-------------+ | | +------------+ | | +-------------+ | | +------------+ |
+-----------------+ +----------------+ +-----------------+ +----------------+
^ ^
DHCP messages | DHCPv6 messages |
with options | with options |
| |
V V
+-----------------+ +----------------------------+ +-----------------+ +----------------------------+
| | Extended | DHCPv6 server | | | Extended | DHCPv6 server |
| | messages | +-----------+ +----------+ | | | messages | +-----------+ +----------+ |
|External entities|<------------->| | Address | | Message | | |External entities|<------------->| | Address | | Message | |
| | e.g., Active | | generation| |processing| | | | e.g., Active | | generation| |processing| |
| | leasequery | | mechanisms| |functions | | | | leasequery | | mechanisms| |functions | |
| | [RFC7653] | +-----------+ +----------+ | | | [RFC7653] | +-----------+ +----------+ |
skipping to change at page 6, line 4 skipping to change at page 5, line 37
Figure 1: DHCPv6 general model and its possible extensions. Figure 1: DHCPv6 general model and its possible extensions.
4.2. Extension Points 4.2. Extension Points
4.2.1. Messages 4.2.1. Messages
On the one hand, new messages can be designed and added to the DHCPv6 On the one hand, new messages can be designed and added to the DHCPv6
protocol to enrich its functionalities. For example, [RFC5007] protocol to enrich its functionalities. For example, [RFC5007]
defines new leasequery messages to allow a requestor to retrieve defines new leasequery messages to allow a requestor to retrieve
information on the bindings for a client from one or more servers. information on the bindings for a client from one or more servers.
[RFC5460] expands on the Leasequery protocol by defines new messages
and allowing for bulk transfer of DHCPv6 binding data via TCP.
[RFC7653] defines active leasequery messages to keep the requestor up [RFC7653] defines active leasequery messages to keep the requestor up
to date with DHCPv6 bindings. to date with DHCPv6 bindings. [RFC8156] defines failover messages to
provide a mechanism for running two servers with the capability for
either server to take over clients' leases in case of server failure
or network partition.
On the other hand, people are concerned about the security and On the other hand, people are concerned about the security and
privacy issues of the DHCP protocol. [RFC7819] and [RFC7824] privacy issues of the DHCPv6 protocol. [RFC7824] describes the
describe the privacy issues associated with the use of DHCPv4 and privacy issues associated with the use of DHCPv6, respectively.
DHCPv6, respectively. DHCPv6 does not provide privacy protection on DHCPv6 does not provide privacy protection on messages and options.
messages and options. Other nodes can see the options transmitted in Other nodes can see the options transmitted in DHCPv6 messages
DHCPv6 messages between DHCPv6 clients and servers. Extended between DHCPv6 clients and servers. Extended messages can be
messages can be designed to secure exchanges between DHCPv6 entities. designed to secure exchanges between DHCPv6 entities.
4.2.2. Options 4.2.2. Options
DHCPv6 allows defining options to transmit parameters between DHCPv6 DHCPv6 allows defining options to transmit parameters between DHCPv6
entities for common requirements, e.g., DNS [RFC3646] and SNTP entities for common requirements, e.g., DNS configurations [RFC3646],
[RFC4075]. Also, these parameters may come from external entities. NIS configurations [RFC3898], SNTP configurations [RFC4075], relay
For example, [RFC7037] defines RADIUS option to exchange agent subscriber-id [RFC4580], relay agent remote-id [RFC4649], FQDN
authorization and identification information between the DHCPv6 relay configurations [RFC4704], relay agent echo request [RFC4994], network
agent and DHCPv6 server. boot [RFC5970], Relay-Supplied Options [RFC6422], virtual subnet
selection [RFC6607], client link-layer address [RFC6939], and
softwire source binding prefix hint [RFC8539]. Also, these
parameters may come from external entities. For example, [RFC7037]
defines RADIUS option to exchange authorization and identification
information between the DHCPv6 relay agent and DHCPv6 server.
In other cases, network operators may require DHCPv6 messages to In other cases, network operators may require DHCPv6 messages to
transmit some self-defined options between clients and servers. transmit some self-defined options between clients and servers.
Currently, the vendor-specific information option allows clients and Currently, the vendor-specific information option allows clients and
servers to exchange vendor-specific information. Therefore, servers to exchange vendor-specific information. Therefore,
administrative domains can define and use the sub-options of the administrative domains can define and use the sub-options of the
vendor-specific information option to serve their private purposes. vendor-specific information option to serve their private purposes.
The content of the self-defined options may come from two sources: The content of the self-defined options may come from two sources:
devices and users. If the content of self-defined options comes from devices and users. If the content of self-defined options comes from
users, two methods can be used to solve the problem. The first one users, two methods can be used to solve the problem. The first one
is that the clients provide related interfaces to receive such is that the clients provide related interfaces to receive such
information, which is currently merely supported. The second one is information, which is currently merely supported. The second one is
that DHCPv6 relays obtain such information and add it to the clients' that DHCPv6 relays obtain such information and add it to the clients'
requests. But this always depends on other protocols to allow DHCPv6 requests. But this always depends on other protocols to allow DHCPv6
relays to get the information first. relays to get the information first.
4.2.3. Message Processing Functions 4.2.3. Message Processing Functions
Although current commercial or open-source DHCP server software Although current commercial or open-source DHCPv6 server softwares
provides comprehensive functionalities, they still cannot meet all provide comprehensive functionalities, they still cannot meet all
customers' requirements of processing DHCP requests. Therefore, they customers' requirements of processing DHCPv6 requests. Therefore,
will offer interfaces that customers can use to write their specific they will offer interfaces that customers can use to write their
extensions to affect the way how DHCP servers handle and respond to specific extensions to affect the way how DHCPv6 servers handle and
DHCP requests. For example, not all networks prefer to use DHCPv6 respond to DHCP requests. For example, a network operator may want
servers to assign the privacy-preserving random-form addresses his DHCPv6 server to communicate with external servers. Thus, he may
generated by some fixed address generation mechanism to DHCPv6 alter his DHCPv6 server through the given extensions to achieve such
clients. Thus, network operators may alter their DHCPv6 servers a goal. However, not all DHCPv6 software considers this extension.
through the given extensions to use their preferred address
generation mechanisms to assign addresses to DHCPv6 clients.
However, not all DHCP software considers this extension.
4.2.4. Address Generation Mechanisms 4.2.4. Address Generation Mechanisms
Currently, the DHCPv6 servers assign addresses, prefixes and other Currently, the DHCPv6 servers assign addresses, prefixes and other
configuration options according to their configured policies. configuration options according to their configured policies.
Generally, different networks may prefer different address generation Generally, different networks may prefer different address generation
mechanisms. Several address generation mechanisms for SLAAC mechanisms. Several address generation mechanisms for SLAAC
[RFC4862] (e.g., IEEE 64-bit EUI-64 [RFC2464], Constant, semantically [RFC4862] (e.g., IEEE 64-bit EUI-64 [RFC2464], Constant, semantically
opaque [Microsoft], Temporary [RFC4941], and Stable, semantically opaque [Microsoft], Temporary [RFC4941], and Stable, semantically
opaque [RFC7217]) proposed for different requirements can be utilized opaque [RFC7217]) proposed for different requirements can be utilized
in DHCPv6 protocol as well. The many types of IPv6 address in DHCPv6 protocol as well. Note that [RFC7943] is the DHCPv6
generation mechanisms available have brought about flexibility and version of Stable, semantically opaque [RFC7217]. The many types of
diversity. Therefore, corresponding interfaces could be open and IPv6 address generation mechanisms available have brought about
defined to allow other address generation mechanisms to be flexibility and diversity. Therefore, corresponding interfaces could
configured. be open and defined to allow other address generation mechanisms to
be configured.
5. Extension Cases 5. Extension Cases
Administrative domains may enforce local policies according to their Administrative domains may enforce local policies according to their
requirements, e.g., authentication, accountability. Several kinds of requirements, e.g., authentication, accountability. Several kinds of
multi-requirement extensions are presented in this section, including multi-requirement extensions are presented in this section, including
configurations in current DHCP software, option definition and server configurations in current DHCPv6 software, option definition and
modification, and message definition between DHCPv6 entities and server modification, and message definition between DHCPv6 entities
third-party entities. and third-party entities.
Currently, many DHCPv6 servers provide administrative mechanisms, Currently, many DHCPv6 servers provide administrative mechanisms,
e.g., host reservation and client classification. Host reservation e.g., host reservation and client classification. Host reservation
is often used to assign certain parameters (e.g., IP addresses) to is often used to assign certain parameters (e.g., IP addresses) to
specific devices. Client classification is often used to specific devices. Client classification is often used to
differentiate between different types of clients and treat them differentiate between different types of clients and treat them
accordingly in certain cases. accordingly in certain cases.
More complicated extensions of DHCPv6 are needed to meet specific More complicated extensions of DHCPv6 are needed to meet specific
requirements. For example, considering such a requirement that DHCP requirements. For example, considering such a requirement that
servers assign IP addresses generated by user identifiers to the DHCPv6 servers assign IPv6 addresses generated by user identifiers to
clients in a network to hold users accountable, two extensions should the clients in a network to hold users accountable, two extensions
be fulfilled to meet this requirement. The first one is that clients should be fulfilled to meet this requirement. The first one is that
send their user identifiers to servers. This can be achieved by clients send their user identifiers to servers. This can be achieved
defining and using sub-options of vendor-specific information option. by defining and using sub-options of vendor-specific information
The second one is that servers use user identifiers to generate IP option. The second one is that servers use user identifiers to
addresses. To achieve this goal, extension mechanisms provided by generate IP addresses. To achieve this goal, extension mechanisms
the server software such as extension points in CPNR [CPNR] and hook provided by the server software such as extension points in CPNR
mechanisms in Kea DHCP [Kea_DHCP] can be used. [CPNR] and hook mechanisms in Kea DHCP [Kea_DHCP] can be used.
Some extensions for DHCPv6 may need the support of third-party Some extensions for DHCPv6 may need the support of third-party
entities. For example, [RFC7037] introduces RADIUS entities into the entities. For example, [RFC7037] introduces RADIUS entities into the
message exchanges between DHCPv6 entities for better service message exchanges between DHCPv6 entities for better service
provision. The authentication in [RFC7037] can also be used to meet provision. The authentication in [RFC7037] can also be used to meet
the accountability requirement mentioned above because it is the accountability requirement mentioned above because it is
important to authenticate users first before assigning IP addresses important to authenticate users first before assigning IP addresses
generated from user identifiers. Usually, this kind of extension generated from user identifiers. Usually, this kind of extension
requires the definition of messages communicated between DHCP requires the definition of messages communicated between DHCPv6
entities and third-party entities, e.g., active leasequery [RFC7653]. entities and third-party entities, e.g., active leasequery [RFC7653].
IPv6 addresses are related to manageability, security, traceability, IPv6 addresses are related to manageability, security, traceability,
and accountability of networks. As DHCPv6 assigns IPv6 addresses to and accountability of networks. As DHCPv6 assigns IPv6 addresses to
IPv6 nodes, it is important that DHCPv6 provides interfaces to allow IPv6 nodes, it is important that DHCPv6 provides interfaces to allow
administrative domains to conduct extensions to meet their multi- administrative domains to conduct extensions to meet their multi-
requirements. requirements.
6. Security Considerations 6. Security Considerations
skipping to change at page 10, line 20 skipping to change at page 10, line 10
[RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet
Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998, Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998,
<https://www.rfc-editor.org/info/rfc2464>. <https://www.rfc-editor.org/info/rfc2464>.
[RFC3646] Droms, R., Ed., "DNS Configuration options for Dynamic [RFC3646] Droms, R., Ed., "DNS Configuration options for Dynamic
Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646,
DOI 10.17487/RFC3646, December 2003, DOI 10.17487/RFC3646, December 2003,
<https://www.rfc-editor.org/info/rfc3646>. <https://www.rfc-editor.org/info/rfc3646>.
[RFC3898] Kalusivalingam, V., "Network Information Service (NIS)
Configuration Options for Dynamic Host Configuration
Protocol for IPv6 (DHCPv6)", RFC 3898,
DOI 10.17487/RFC3898, October 2004,
<https://www.rfc-editor.org/info/rfc3898>.
[RFC4075] Kalusivalingam, V., "Simple Network Time Protocol (SNTP) [RFC4075] Kalusivalingam, V., "Simple Network Time Protocol (SNTP)
Configuration Option for DHCPv6", RFC 4075, Configuration Option for DHCPv6", RFC 4075,
DOI 10.17487/RFC4075, May 2005, DOI 10.17487/RFC4075, May 2005,
<https://www.rfc-editor.org/info/rfc4075>. <https://www.rfc-editor.org/info/rfc4075>.
[RFC4580] Volz, B., "Dynamic Host Configuration Protocol for IPv6
(DHCPv6) Relay Agent Subscriber-ID Option", RFC 4580,
DOI 10.17487/RFC4580, June 2006,
<https://www.rfc-editor.org/info/rfc4580>.
[RFC4649] Volz, B., "Dynamic Host Configuration Protocol for IPv6
(DHCPv6) Relay Agent Remote-ID Option", RFC 4649,
DOI 10.17487/RFC4649, August 2006,
<https://www.rfc-editor.org/info/rfc4649>.
[RFC4704] Volz, B., "The Dynamic Host Configuration Protocol for
IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN)
Option", RFC 4704, DOI 10.17487/RFC4704, October 2006,
<https://www.rfc-editor.org/info/rfc4704>.
[RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy
Extensions for Stateless Address Autoconfiguration in Extensions for Stateless Address Autoconfiguration in
IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007,
<https://www.rfc-editor.org/info/rfc4941>. <https://www.rfc-editor.org/info/rfc4941>.
[RFC4994] Zeng, S., Volz, B., Kinnear, K., and J. Brzozowski,
"DHCPv6 Relay Agent Echo Request Option", RFC 4994,
DOI 10.17487/RFC4994, September 2007,
<https://www.rfc-editor.org/info/rfc4994>.
[RFC5007] Brzozowski, J., Kinnear, K., Volz, B., and S. Zeng, [RFC5007] Brzozowski, J., Kinnear, K., Volz, B., and S. Zeng,
"DHCPv6 Leasequery", RFC 5007, DOI 10.17487/RFC5007, "DHCPv6 Leasequery", RFC 5007, DOI 10.17487/RFC5007,
September 2007, <https://www.rfc-editor.org/info/rfc5007>. September 2007, <https://www.rfc-editor.org/info/rfc5007>.
[RFC5460] Stapp, M., "DHCPv6 Bulk Leasequery", RFC 5460,
DOI 10.17487/RFC5460, February 2009,
<https://www.rfc-editor.org/info/rfc5460>.
[RFC5970] Huth, T., Freimann, J., Zimmer, V., and D. Thaler, "DHCPv6
Options for Network Boot", RFC 5970, DOI 10.17487/RFC5970,
September 2010, <https://www.rfc-editor.org/info/rfc5970>.
[RFC6422] Lemon, T. and Q. Wu, "Relay-Supplied DHCP Options",
RFC 6422, DOI 10.17487/RFC6422, December 2011,
<https://www.rfc-editor.org/info/rfc6422>.
[RFC6607] Kinnear, K., Johnson, R., and M. Stapp, "Virtual Subnet
Selection Options for DHCPv4 and DHCPv6", RFC 6607,
DOI 10.17487/RFC6607, April 2012,
<https://www.rfc-editor.org/info/rfc6607>.
[RFC6939] Halwasia, G., Bhandari, S., and W. Dec, "Client Link-Layer
Address Option in DHCPv6", RFC 6939, DOI 10.17487/RFC6939,
May 2013, <https://www.rfc-editor.org/info/rfc6939>.
[RFC7037] Yeh, L. and M. Boucadair, "RADIUS Option for the DHCPv6 [RFC7037] Yeh, L. and M. Boucadair, "RADIUS Option for the DHCPv6
Relay Agent", RFC 7037, DOI 10.17487/RFC7037, October Relay Agent", RFC 7037, DOI 10.17487/RFC7037, October
2013, <https://www.rfc-editor.org/info/rfc7037>. 2013, <https://www.rfc-editor.org/info/rfc7037>.
[RFC7217] Gont, F., "A Method for Generating Semantically Opaque [RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)", RFC 7217, Autoconfiguration (SLAAC)", RFC 7217,
DOI 10.17487/RFC7217, April 2014, DOI 10.17487/RFC7217, April 2014,
<https://www.rfc-editor.org/info/rfc7217>. <https://www.rfc-editor.org/info/rfc7217>.
[RFC7653] Raghuvanshi, D., Kinnear, K., and D. Kukrety, "DHCPv6 [RFC7653] Raghuvanshi, D., Kinnear, K., and D. Kukrety, "DHCPv6
Active Leasequery", RFC 7653, DOI 10.17487/RFC7653, Active Leasequery", RFC 7653, DOI 10.17487/RFC7653,
October 2015, <https://www.rfc-editor.org/info/rfc7653>. October 2015, <https://www.rfc-editor.org/info/rfc7653>.
[RFC7819] Jiang, S., Krishnan, S., and T. Mrugalski, "Privacy
Considerations for DHCP", RFC 7819, DOI 10.17487/RFC7819,
April 2016, <https://www.rfc-editor.org/info/rfc7819>.
[RFC7824] Krishnan, S., Mrugalski, T., and S. Jiang, "Privacy [RFC7824] Krishnan, S., Mrugalski, T., and S. Jiang, "Privacy
Considerations for DHCPv6", RFC 7824, Considerations for DHCPv6", RFC 7824,
DOI 10.17487/RFC7824, May 2016, DOI 10.17487/RFC7824, May 2016,
<https://www.rfc-editor.org/info/rfc7824>. <https://www.rfc-editor.org/info/rfc7824>.
[RFC7943] Gont, F. and W. Liu, "A Method for Generating Semantically
Opaque Interface Identifiers (IIDs) with the Dynamic Host
Configuration Protocol for IPv6 (DHCPv6)", RFC 7943,
DOI 10.17487/RFC7943, September 2016,
<https://www.rfc-editor.org/info/rfc7943>.
[RFC8156] Mrugalski, T. and K. Kinnear, "DHCPv6 Failover Protocol",
RFC 8156, DOI 10.17487/RFC8156, June 2017,
<https://www.rfc-editor.org/info/rfc8156>.
[RFC8539] Farrer, I., Sun, Q., Cui, Y., and L. Sun, "Softwire
Provisioning Using DHCPv4 over DHCPv6", RFC 8539,
DOI 10.17487/RFC8539, March 2019,
<https://www.rfc-editor.org/info/rfc8539>.
[VitalQIP] [VitalQIP]
Nokia, "Nokia VitalQIP", 2017, Nokia, "Nokia VitalQIP", 2017,
<https://networks.nokia.com/products/vitalqip-ip-address- <https://networks.nokia.com/products/vitalqip-ip-address-
management>. management>.
[WIDE_DHCPv6] [WIDE_DHCPv6]
KAME project, "WIDE DHCPv6", 2008, KAME project, "WIDE DHCPv6", 2008,
<http://ipv6int.net/software/wide_dhcpv6.html>. <http://ipv6int.net/software/wide_dhcpv6.html>.
Authors' Addresses Authors' Addresses
 End of changes. 31 change blocks. 
113 lines changed or deleted 160 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/