draft-ietf-dhc-triggered-reconfigure-07.txt   rfc6977.txt 
DHC Working Group M. Boucadair Internet Engineering Task Force (IETF) M. Boucadair
Internet-Draft X. Pougnard Request for Comments: 6977 X. Pougnard
Intended status: Standards Track France Telecom Category: Standards Track France Telecom
Expires: November 16, 2013 May 15, 2013 ISSN: 2070-1721 July 2013
Reconfigure Triggered by DHCPv6 Relay Agents Triggering DHCPv6 Reconfiguration from Relay Agents
draft-ietf-dhc-triggered-reconfigure-07
Abstract Abstract
This document defines new DHCPv6 messages: Reconfigure-Request and This document defines two new DHCPv6 messages: Reconfigure-Request
Reconfigure-Reply. Reconfigure-Request message is sent by a DHCPv6 and Reconfigure-Reply. The Reconfigure-Request message is sent by a
relay agent to notify a DHCPv6 server about a configuration DHCPv6 relay agent to notify a DHCPv6 server about a configuration
information change, so that the DHCPv6 server can send a Reconfigure information change, so that the DHCPv6 server can send a Reconfigure
message accordingly. Reconfigure-Reply message is used by the server message accordingly. The Reconfigure-Reply message is used by the
to acknowledge the receipt of Reconfigure-Request. server to acknowledge the receipt of the Reconfigure-Request message.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on November 16, 2013. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6977.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 22 skipping to change at page 2, line 12
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3
4. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 4 4. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 4
5. Link Address Option . . . . . . . . . . . . . . . . . . . . . 6 5. Link Address Option . . . . . . . . . . . . . . . . . . . . . 6
6. Detailed Specification . . . . . . . . . . . . . . . . . . . 7 6. Detailed Specification . . . . . . . . . . . . . . . . . . . 6
6.1. Messages Format . . . . . . . . . . . . . . . . . . . . . 7 6.1. Messages Format . . . . . . . . . . . . . . . . . . . . . 6
6.2. Messages Validation . . . . . . . . . . . . . . . . . . . 7 6.2. Messages Validation . . . . . . . . . . . . . . . . . . . 7
6.2.1. RECONFIGURE-REQUEST . . . . . . . . . . . . . . . . . 7 6.2.1. Reconfigure-Request . . . . . . . . . . . . . . . . . 7
6.2.2. RECONFIGURE-REPLY . . . . . . . . . . . . . . . . . . 7 6.2.2. Reconfigure-Reply . . . . . . . . . . . . . . . . . . 7
6.3. Creation and Transmission of RECONFIGURE-REQUEST . . . . 8 6.3. Creation and Transmission of a Reconfigure-Request . . . 7
6.4. Intermediate Relay Agents Behavior . . . . . . . . . . . 9 6.4. Intermediate Relay Agents Behavior . . . . . . . . . . . 9
6.5. Server Behavior . . . . . . . . . . . . . . . . . . . . . 9 6.5. Server Behavior . . . . . . . . . . . . . . . . . . . . . 9
6.6. Receipt of RECONFIGURE-REPLY . . . . . . . . . . . . . . 10 6.6. Receipt of a Reconfigure-Reply . . . . . . . . . . . . . 10
7. Rate Limiting Considerations . . . . . . . . . . . . . . . . 11 7. Rate-Limiting Considerations . . . . . . . . . . . . . . . . 10
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
9. Security Considerations . . . . . . . . . . . . . . . . . . . 11 9. Security Considerations . . . . . . . . . . . . . . . . . . . 11
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
11.1. Normative References . . . . . . . . . . . . . . . . . . 12 11.1. Normative References . . . . . . . . . . . . . . . . . . 12
11.2. Informative References . . . . . . . . . . . . . . . . . 12 11.2. Informative References . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
This document specifies two new DHCPv6 messages [RFC3315]: This document specifies two new DHCPv6 messages [RFC3315]:
Reconfigure-Request and Reconfigure-Reply. Reconfigure-Request and Reconfigure-Reply.
Section 3 describes a typical problem encountered to trigger the Section 3 describes a typical problem scenario encountered that
DHCPv6 server to issue a Reconfigure message when the configuration triggers the DHCPv6 server to issue a Reconfigure message when the
data is supplied by the relay agent. This problem may be encountered configuration data is supplied by the relay agent. This problem may
in other contexts. It is out of scope of this document to list all be encountered in other contexts. It is out of scope of this
these cases. document to list all these cases.
Section 4 describes the proposed solution which relies on the use of Section 4 describes the proposed solution that relies on the use of
Reconfigure-Request and Reconfigure-Reply messages. Reconfigure- Reconfigure-Request and Reconfigure-Reply messages. The Reconfigure-
Request message is sent by a DHCPv6 relay agent to notify a DHCPv6 Request message is sent by a DHCPv6 relay agent to notify a DHCPv6
server about a configuration information change, so that the DHCPv6 server about a configuration-information change, so that the DHCPv6
server can send a Reconfigure message accordingly. Reconfigure-Reply server can send a Reconfigure message accordingly. The Reconfigure-
message is used by the server to acknowledge the receipt of Reply message is used by the server to acknowledge the receipt of
Reconfigure-Request. Reconfigure-Request.
Section 5 specifies the Link Address Option used by the relay agent
to indicate the link on which the client is located to the server.
Section 6 provides the detailed specification of the procedure to Section 6 provides the detailed specification of the procedure to
trigger Reconfigure messages by DHCPv6 relay agents. trigger Reconfigure messages by DHCPv6 relay agents.
2. Requirements Language 2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Problem Statement 3. Problem Statement
For cases where the DHCPv6 relay agent possesses some information For cases where the DHCPv6 relay agent possesses some information
that would be useful to the DHCPv6 client, [RFC6422] specifies a that would be useful to the DHCPv6 client, [RFC6422] specifies a
mechanism whereby the DHCPv6 relay agent can provide such information mechanism whereby the DHCPv6 relay agent can provide such information
to the DHCPv6 server, which can, in turn, pass this information on to to the DHCPv6 server, which can, in turn, pass this information on to
the DHCP client. This is achieved owing to the use of RSOO (Relay- the DHCP client. This is achieved by use of RSOO (Relay-Supplied
Supplied Options option) which carries configuration data to the Options option), which carries configuration data to the DHCPv6
DHCPv6 server. The data conveyed in an RSOO is then sent back by the server. The data conveyed in an RSOO is then sent back by the DHCPv6
DHCPv6 server to the requesting DHCPv6 client. server to the requesting DHCPv6 client.
An example of a RSOO context is shown in Figure 1; only a subset of An example of RSOO usage is shown in Figure 1; only a subset of
exchanged DHCPv6 and RADIUS messages is represented. Figure 1 shows exchanged DHCPv6 and RADIUS messages is represented. Figure 1 shows
a broadband network scenario in which the Network Access Server (NAS) a broadband network scenario in which the Network Access Server (NAS)
embeds a DHCPv6 relay agent. embeds a DHCPv6 relay agent.
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
|DHCPv6 | | NAS | |Radius | |DHCPv6 | | NAS | |Radius |
|Client | |(DHCPv6| |Server | |Client | |(DHCPv6| |Server |
| | | Relay)| | | | | | Relay)| | |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
| | | | | |
|---Solicit---------------->| | |---Solicit---------------->| |
| |---Access-Request---------->| | |---Access-Request---------->|
|<--Access-Accept------------| |<--Access-Accept------------|
| (e.g. DS-Lite-Tunnel-Name)| | (e.g., DS-Lite-Tunnel-Name)|
.... ....
| +-------+ | +-------+
| |DHCPv6 | | |DHCPv6 |
| |Server | | |Server |
| | | | | |
| +-------+ | +-------+
| | | |
|---Relay-Forward----------->| |---Relay-Forward----------->|
| (RSOO(OPTION_AFTR_NAME)) | | (RSOO(OPTION_AFTR_NAME)) |
| | | |
| |<--Relay-Reply--------------| | |<--Relay-Reply--------------|
|<--Advertise---------------| (e.g., OPTION_AFTR_NAME) | |<--Advertise---------------| (e.g., OPTION_AFTR_NAME) |
| (e.g., OPTION_AFTR_NAME) | | (e.g., OPTION_AFTR_NAME) |
.... ....
Figure 1: An Example of the RSOO Option Usage Figure 1: An Example of the RSOO Usage
A configuration change may result in an exchange of CoA (Change-of- A configuration change may result in an exchange of CoA (Change-of-
Authorization, [RFC5176]) messages between the NAS/DHCPv6 relay agent Authorization) [RFC5176] messages between the NAS/DHCPv6 relay agent
and Dynamic Authorization Client (DAC) server as shown in Figure 2. and Dynamic Authorization Client (DAC) server as shown in Figure 2.
In this example, the NAS answers with a CoA-Ack message to notify the In this example, the NAS answers with a CoA-Ack message to notify the
DAC the CoA-Request is successfully handled. DAC that the CoA-Request has been successfully handled.
Note the change of the configuration in the DHCPv6 relay agent can be Note that the change of the configuration in the DHCPv6 relay agent
triggered by any other out-of-band mechanism. can be triggered by any other out-of-band mechanism.
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
|DHCPv6 | | NAS | |Radius | |DHCPv6 | | NAS | |Radius |
|Client | |(DHCPv6| |Server/| |Client | |(DHCPv6| |Server/|
| | | Relay)| | DAC | | | | Relay)| | DAC |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
| | | | | |
|<-----CoA-Request-----------| |<-----CoA-Request-----------|
| (e.g. DS-Lite-Tunnel-Name) | |(e.g., DS-Lite-Tunnel-Name) |
|------CoA-Ack-------------->| |------CoA-Ack-------------->|
.... ....
Figure 2: Change of configuration Figure 2: Change of Configuration
Whenever the configuration information sent by the DHCPv6 relay agent Whenever the configuration information sent by the DHCPv6 relay agent
to the DHCPv6 server change, the DHCPv6 server has no means to detect to the DHCPv6 server changes, the DHCPv6 server has no means of
the change so that it can send a Reconfigure message accordingly. A detecting the change so that it can send a Reconfigure message
solution is sketched in Section 4. accordingly. A solution is sketched in Section 4.
4. Solution Overview 4. Solution Overview
To solve the problem described in Section 3, this document proposes a To solve the problem described in Section 3, this document proposes a
new DHCP message called Reconfigure-Request. In the example depicted new DHCP message called Reconfigure-Request. In the example depicted
in Figure 3, a Reconfigure-Request message is sent by the DHCPv6 in Figure 3, a Reconfigure-Request message is sent by the DHCPv6
relay agent to a DHCPv6 server as soon as the configuration data relay agent to a DHCPv6 server as soon as the configuration data
conveyed in an RSOO option have changed. Upon receipt of this conveyed in an RSOO has changed. Upon receipt of this message, and
message, and if it is configured to support such mode, the DHCPv6 if it is configured to support such a mode, the DHCPv6 server must
server must build Reconfigure-Reply and Reconfigure messages. build Reconfigure-Reply and Reconfigure messages. Reconfigure-Reply
Reconfigure-Reply is used to acknowledge the receipt of Reconfigure- is used to acknowledge the receipt of Reconfigure-Request. The
Request. Reconfigure message encapsulated in Relay-Reply is sent to Reconfigure message encapsulated in Relay-Reply is sent to the DHCPv6
the DHCPv6 relay, which in turn will forward the message to the relay, which in turn will forward the message to the appropriate
appropriate DHCPv6 client. DHCPv6 client.
This setup assumes the relay has a record of the client, so that it This setup assumes the relay has a record of the client, so that it
has enough information to send the Reconfigure-Request message to the has enough information to send the Reconfigure-Request message to the
server. How the state is recorded in the relay is out of scope. For server. How the state is recorded in the relay is out of scope of
better resilience of the proposed solution, means to recover state in this document. For better resilience of the proposed solution, means
failure events (e.g., use of stable storage, DHCPv6 Bulk Leasequery to recover state in the event of failure (e.g., use of stable
[RFC5460]) need to be supported. These state recovery solutions are storage, DHCPv6 Bulk Leasequery [RFC5460]) need to be supported.
not discussed in this document. These state recovery solutions are not discussed in this document.
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
|DHCPv6 | | NAS | |Radius | |DHCPv6 | | NAS | |Radius |
|Client | |(DHCPv6| |Server/| |Client | |(DHCPv6| |Server/|
| | | Relay)| | DAC | | | | Relay)| | DAC |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
| | | | | |
|<-----CoA-Request-----------| |<-----CoA-Request-----------|
| (e.g. DS-Lite-Tunnel-Name) | |(e.g., DS-Lite-Tunnel-Name) |
| | | |
|------CoA-Ack-------------->| |------CoA-Ack-------------->|
.... ....
| +-------+ | +-------+
| |DHCPv6 | | |DHCPv6 |
| |Server | | |Server |
| | | | | |
| +-------+ | +-------+
| | | |
|---Reconfigure-Request----->| |---Reconfigure-Request----->|
|<--Reconfigure-Reply--------| |<--Reconfigure-Reply--------|
| | | |
| |<--Relay-Reply -------------| | |<--Relay-Reply -------------|
|<--Reconfigure-------------| (Reconfigure) | |<--Reconfigure-------------| (Reconfigure) |
| | | | | |
.... ....
Figure 3: Flow Example with Reconfigure-Request Figure 3: Flow Example with Reconfigure-Request
The support of Reconfigure-Reply simplifies the retransmission The support of Reconfigure-Reply messages simplifies the
procedure of the relay as it provides an explicit indication from the retransmission procedure of the relay as it provides an explicit
server (see Section 6.3 for more details). An alternative approach indication from the server (see Section 6.3 for more details). An
is the relay monitors Reconfigure messages received from the server alternative approach is the relay monitors' Reconfigure messages
to conclude whether Reconfigure-Request was successfully handled or received from the server to conclude whether or not the Reconfigure-
not. Nevertheless, this implicit approach may fail to achieve its Request was successfully handled. Nevertheless, this implicit
goals in some cases: e.g., the server accepts the request but it approach may fail to achieve its goals in some cases: for example,
delays to generate the corresponding Reconfigure messages due to its the server accepts the request but it delays generating the
rate-limiting policies, the request was partially failed for some corresponding Reconfigure messages due to its rate-limiting policies,
clients, etc. To avoid useless reconfigure cycles (e.g., due to the the request was partially failed for some clients, etc. To avoid
loss of Reconfigure-Reply), the approach adopted in this document useless reconfigure cycles (e.g., due to the loss of Reconfigure-
allows the relay to correct the content of a re-transmitted Reply messages), the approach adopted in this document allows the
Reconfigure-Request based on some observed events (e.g., the client relay to correct the content of a retransmitted Reconfigure-Request
has retrieved the updated configuration). If the relay has no client based on some observed events (e.g., the client has retrieved the
to be reconfigured, it stops sending Reconfigure-Request messages. updated configuration). If the relay has no client to be
reconfigured, it stops sending Reconfigure-Request messages.
The Reconfigure-Request message can also be used in other scenarios The Reconfigure-Request message can also be used in scenarios other
than those that assume the use of RSOO. It is out of scope of this than those that assume the use of RSOO. It is out of scope of this
document to describe all these scenarios. document to describe all these scenarios.
5. Link Address Option 5. Link Address Option
Figure 4 shows the format of the Link Address Option. Figure 4 shows the format of the Link Address Option.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_LINK_ADDRESS | option-len | | OPTION_LINK_ADDRESS | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| link-address (IPv6 address) | | link-address (IPv6 address) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Message Format of Link Address Option Figure 4: Message Format of Link Address Option
The description of the fields are as follows: The description of the fields are as follows:
option-code: OPTION_LINK_ADDRESS (To be assigned by IANA, see option-code: OPTION_LINK_ADDRESS (80)
Section 8).
option-len: 16 (octets). option-len: 16 (octets)
link-address: An IPv6 address used by the server to identify the link-address: An IPv6 address used by the server to identify the
link on which the client is located. link on which the client is located.
The Link Address Option is used by the relay agent to indicate to the The Link Address Option is used by the relay agent to indicate to the
server the link on which the client is located. The relay agent MUST server the link on which the client is located. The relay agent MUST
use a link-address value that is equivalent to the value used when use a link-address value that is equivalent to the value used when
relaying messages from the client to the server. Two link-address relaying messages from the client to the server. Two link-address
values are said to be equivalent if both values are IPv6 addresses values are said to be equivalent if both values are IPv6 addresses
that are on-link for the network link to which the client is that are on-link for the network link to which the client is
skipping to change at page 7, line 13 skipping to change at page 6, line 50
equivalence, the relay agent SHOULD use the same value that was sent equivalence, the relay agent SHOULD use the same value that was sent
to the DHCPv6 server when relaying messages from the client to the to the DHCPv6 server when relaying messages from the client to the
server, as in Section 20.1.1 of [RFC3315]. server, as in Section 20.1.1 of [RFC3315].
6. Detailed Specification 6. Detailed Specification
6.1. Messages Format 6.1. Messages Format
Two new message type codes are defined: Two new message type codes are defined:
o RECONFIGURE-REQUEST (To be assigned by IANA, see Section 8). o RECONFIGURE-REQUEST (18)
o RECONFIGURE-REPLY (To be assigned by IANA, see Section 8).
RECONFIGURE-REQUEST and RECONFIGURE-REPLY use the same format as o RECONFIGURE-REPLY (19)
Reconfigure-Request and Reconfigure-Reply use the same format as
defined in Section 6 of [RFC3315]. defined in Section 6 of [RFC3315].
6.2. Messages Validation 6.2. Messages Validation
6.2.1. RECONFIGURE-REQUEST 6.2.1. Reconfigure-Request
Clients MUST silently discard any received RECONFIGURE-REQUEST Clients MUST silently discard any received Reconfigure-Request
messages. messages.
Servers MUST discard any received RECONFIGURE-REQUEST messages that Servers MUST discard any received Reconfigure-Request messages that
meet any of the following conditions: meet any of the following conditions:
o the message does not include a Client Identifier Option [RFC3315]. o the message does not include a Client Identifier Option [RFC3315].
o the message does not include a Link Address Option (Section 5). o the message does not include a Link Address Option (Section 5).
o the message includes a Server Identifier Option [RFC3315] but the o the message includes a Server Identifier Option [RFC3315] but the
contents of the Server Identifier Option does not match the contents of the Server Identifier Option do not match the server's
server's identifier. identifier.
6.2.2. RECONFIGURE-REPLY 6.2.2. Reconfigure-Reply
Clients and Servers MUST silently discard any received RECONFIGURE- Clients and servers MUST silently discard any received Reconfigure-
REPLY messages. Reply messages.
The relay MUST silently discard any received RECONFIGURE-REPLY The relay MUST silently discard any received Reconfigure-Reply
messages that meet any of the following conditions: messages that meet any of the following conditions:
o the "transaction-id" field in the message does not match the value o the "transaction-id" field in the message does not match the value
used in the original message. used in the original message.
o the message does not include a Server Identifier Option. o the message does not include a Server Identifier Option.
o the message does not include a Status Code Option [RFC3315]. o the message does not include a Status Code Option [RFC3315].
6.3. Creation and Transmission of RECONFIGURE-REQUEST 6.3. Creation and Transmission of a Reconfigure-Request
For any event (e.g., modification of the configuration information) For any event (e.g., modification of the configuration information)
that requires the server to issue a Reconfigure message, the relay that requires the server to issue a Reconfigure message, the relay
agent determines the client(s) affected by the change and then builds agent determines the client(s) affected by the change and then builds
a Reconfigure-Request message: the relay agent sets the "msg-type" a Reconfigure-Request message: the relay agent sets the "msg-type"
field to RECONFIGURE-REQUEST, generates a transaction ID and inserts field to RECONFIGURE-REQUEST, generates a transaction ID, and inserts
it in the "transaction-id" field. it in the "transaction-id" field.
The relay agent MUST include one or more Client Identifier Options The relay agent MUST include one or more Client Identifier Options
[RFC3315] and a Link Address Option (Section 5) so that the DHCPv6 [RFC3315] and a Link Address Option (Section 5) so that the DHCPv6
server can identify the corresponding client and the link on which server can identify the corresponding client and the link on which
the client is located. the client is located.
The relay agent MAY include a Relay Identifier Option [RFC5460]. The relay agent MAY include a Relay Identifier Option [RFC5460].
The relay agent MAY supply the updated configuration in the RSOO The relay agent MAY supply the updated configuration in the RSOO
[RFC6422]. The relay agent MAY supply a Reconfigure Message Option [RFC6422]. The relay agent MAY supply a Reconfigure Message Option
to indicate which form of Reconfigure to use. The relay agent MAY to indicate which form of Reconfigure to use. The relay agent MAY
include any option (e.g., Interface Identifier [RFC3315]) which it include any option (e.g., Interface Identifier [RFC3315]) that it
might insert when relaying a message received from a client. might insert when relaying a message received from a client.
When several clients on the same link are affected by a configuration When several clients on the same link are affected by a configuration
change, the relay MUST include several Client Identifier Options, change, the relay MUST include several Client Identifier Options;
each of them identifies a specific client. If including Client each of these options identifies a specific client. If including the
Identifier Options of all impacted clients exceeds the maximum Client Identifier Options of all impacted clients exceeds the maximum
message size (see Section 7), the relay MUST generate several message size (see Section 7), the relay MUST generate several
RECONFIGURE-REQUEST messages required to carry all Client Identifier Reconfigure-Request messages required to carry all Client Identifier
Options. Rate-limit considerations are discussed in Section 7. Options. Rate-limit considerations are discussed in Section 7.
The relay sets the destination address of the RECONFIGURE-REQUEST The relay sets the destination address of the Reconfigure-Request
message to the IP address it would have sent a Relay-Forw message message to the IP address it would have sent a Relay-Forward message
(see Section 20 of [RFC3315]). (see Section 20 of [RFC3315]).
In case multiple servers are configured to the relay agent, several In case multiple servers are configured to the relay agent, several
RECONFIGURE-REQUEST messages are to be built. The behavior of the Reconfigure-Request messages are to be built. The behavior of the
relay agent to disambiguate responses when multiple servers are relay agent to disambiguate responses when multiple servers are
configured is implementation-specific. For example, an configured is implementation specific. For example, an
implementation may generate distinct "transaction-id"s per server implementation may generate a distinct "transaction-id" per server
while another implementation may use the content of the "transaction- while another implementation may use the content of the "transaction-
id" field and the Server Identifier Option to disambiguate the id" field and the Server Identifier Option to disambiguate the
responses. responses.
The relay transmits RECONFIGURE-REQUEST messages according to The relay transmits Reconfigure-Request messages according to
Section 14 of [RFC3315], using the following parameters: Section 14 of [RFC3315], using the following parameters:
IRT 1 sec IRT (Initial retransmission time): 1 sec
MRT 10 secs MRT (Maximum retransmission time): 10 secs
MRC 5 MRC (Maximum retransmission count): 5
MRD 0 MRD (Maximum retransmission duration): 0
The relay MAY remove clients from the client identifier list in The relay MAY remove clients from the client identifier list in
subsequent retransmissions, but MUST NOT add clients to the client subsequent retransmissions, but MUST NOT add clients to the client
identifier list. This decision is local to the relay (e.g., it may identifier list. This decision is local to the relay (e.g., it may
be based on observed events such as one or more clients were be based on observed events such as one or more clients were
reconfigured on their own). reconfigured on their own).
The relay may receive Reconfigure encapsulated in Relay-Reply before The relay may receive Reconfigure encapsulated in Relay-Reply before
Reconfigure-Reply. The relay SHOULD NOT interpret it as if the Reconfigure-Reply. The relay SHOULD NOT interpret it as if the
Reconfigure-Request was successfully handled by the Server. The Reconfigure-Request was successfully handled by the server. The
relay SHOULD use Reconfigure-Reply, not the Reconfigure message, to relay SHOULD use Reconfigure-Reply, not the Reconfigure message, to
determine if the request was successful (see the discussion in determine if the request was successful (see the discussion in
Section 4) . Section 4).
6.4. Intermediate Relay Agents Behavior 6.4. Intermediate Relay Agents Behavior
The relay agent MUST be configurable to accept or reject RECONFIGURE- The relay agent MUST be configurable to accept or reject Reconfigure-
REQUEST messages received from other relay agents. If no indication Request messages received from other relay agents. If no indication
is explicitly configured to the relay, the default behavior is to is explicitly configured to the relay, the default behavior is to
accept RECONFIGURE-REQUEST messages. accept Reconfigure-Request messages.
If the relay is configured not to allow RECONFIGURE-REQUEST messages, If the relay is configured not to allow Reconfigure-Request messages,
the relay MUST silently discard any RECONFIGURE-REQUEST message it the relay MUST silently discard any Reconfigure-Request message it
receives. If the relay is configured to accept RECONFIGURE-REQUEST receives. If the relay is configured to accept Reconfigure-Request
messages, these messages are relayed as specified in Section 20.1.1 messages, these messages are relayed as specified in Section 20.1.1
of [RFC3315]. of [RFC3315].
6.5. Server Behavior 6.5. Server Behavior
The server MUST be configurable to accept or reject RECONFIGURE- The server MUST be configurable to accept or reject Reconfigure-
REQUEST messages. If no indication is explicitly configured to the Request messages. If no indication is explicitly configured to the
server, the default behavior is to reject RECONFIGURE-REQUEST server, the default behavior is to reject Reconfigure-Request
messages. messages.
Upon receipt of a valid RECONFIGURE-REQUEST message from a DHCPv6 Upon receipt of a valid Reconfigure-Request message from a DHCPv6
relay agent (see Section 6.2), the server determines the client(s) relay agent (see Section 6.2), the server determines the client(s)
for which a Reconfigure message is to be sent. for which a Reconfigure message is to be sent.
The server constructs a Reconfigure-Reply message by setting the The server constructs a Reconfigure-Reply message by setting the
"msg-type" field to RECONFIGURE-REPLY, and copying the transaction ID "msg-type" field to RECONFIGURE-REPLY and copying the transaction ID
from the RECONFIGURE-REQUEST message into the "transaction-id" field. from the Reconfigure-Request message into the "transaction-id" field.
The server includes its server identifier in a Server Identifier The server includes its server identifier in a Server Identifier
Option. The server MUST include a Status Code Option [RFC3315] Option. The server MUST include a Status Code Option [RFC3315]
indicating whether the request is successfully processed, failed or indicating whether the request has been successfully processed,
partially failed. failed, or partially failed.
o If the server fails to process the request, the server MUST set o If the server fails to process the request, the server MUST set
the Status Code Option to the appropriate status code (e.g., the Status Code Option to the appropriate status code (e.g.,
UnspecFail, NotAllowed, etc.). In particular, UnspecFail, NotAllowed, etc.). In particular,
* UnspecFail MUST be returned if Reconfigure-Request message is * UnspecFail MUST be returned if the Reconfigure-Request message
malformed. is malformed.
* NotAllowed MUST be returned if the server is not configured to * NotAllowed MUST be returned if the server is not configured to
allow Reconfigure-Request. allow Reconfigure-Request.
* NotConfigured MUST be returned if the server has no record of * NotConfigured MUST be returned if the server has no record of
the link [RFC5007]. the link [RFC5007].
o If the RECONFIGURE-REQUEST is successfully validated, the server o If the Reconfigure-Request is successfully validated, the server
MUST return a Status Code Option indicating "Success". In MUST return a Status Code Option indicating "Success". In
addition, the server MUST include a list of all the Client addition, the server MUST include a list of all the Client
Identifier Options of the clients to which Reconfigure messages Identifier Options of the clients to which Reconfigure messages
will not be sent (e.g., the server has no record of the client or will not be sent (e.g., the server has no record of the client or
the client did not negotiate for Reconfigure support). Note that the client did not negotiate for Reconfigure support). Note that
this means that "Success" will be returned even if Reconfigure this means that "Success" will be returned even if Reconfigure
messages will not be sent to any of the clients. messages will not be sent to any of the clients.
If RSOO is supplied, the server might use its content to double check If RSOO is supplied, the server might use its content to double check
whether a Reconfigure is required to be sent to the client. This whether a Reconfigure is required to be sent to the client. This
assumes the server stored the content of RSOO it used to generate assumes the server stored the content of RSOO it used to generate the
configuration data sent to requesting clients. configuration data sent to requesting clients.
The server might use the content of the Reconfigure Message Option The server might use the content of the Reconfigure Message Option
supplied by the relay agent to determine which form of Reconfigure to supplied by the relay agent to determine which form of Reconfigure to
use. use.
Then, the server MUST follow the procedure defined in Section 19.1 of Then, the server MUST follow the procedure defined in Section 19.1 of
[RFC3315] to construct a Reconfigure message. [RFC3315] to construct a Reconfigure message.
Rate-limit considerations are discussed in Section 7. Rate-limit considerations are discussed in Section 7.
6.6. Receipt of RECONFIGURE-REPLY 6.6. Receipt of a Reconfigure-Reply
Depending on the status code enclosed in a received RECONFIGURE-REPLY Depending on the status code enclosed in a received Reconfigure-Reply
message, the relay may decide to terminate the request (e.g., message, the relay may decide to terminate the request (e.g.,
NotAllowed, NotConfigured, and Success) or try a different corrected NotAllowed, NotConfigured, and Success) or try a different corrected
RECONFIGURE-REQUEST (e.g., UnspecFail). Reconfigure-Request (e.g., UnspecFail).
When multiple servers are configured, the relay should expect to When multiple servers are configured, the relay should expect to
receive several RECONFIGURE-REPLY messages. As mentioned in receive several Reconfigure-Reply messages. As mentioned in
Section 6.3, the relay should be able to disambiguate these responses Section 6.3, the relay should be able to disambiguate these responses
and associate them with a given server. The relay agent assumes the and associate them with a given server. The relay agent assumes the
request is successfully handled for a client if there is at least one request is successfully handled for a client if there is at least one
Reconfigure-Reply message in which the corresponding Client Reconfigure-Reply message in which the corresponding Client
Identifier Option does not appear. Identifier Option does not appear.
7. Rate Limiting Considerations 7. Rate-Limiting Considerations
The relay MUST rate-limit RECONFIGURE-REQUEST messages to be sent to The relay MUST rate-limit Reconfigure-Request messages to be sent to
the server. The relay MUST be configured with required rate-limit the server. The relay MUST be configured with required rate-limit
parameters. The maximum RECONFIGURE-REQUEST packet size SHOULD be parameters. The maximum Reconfigure-Request packet size SHOULD be
configurable and the default value MUST be 1280 octets. configurable and the default value MUST be 1280 octets.
The server MUST rate-limit Reconfigure messages triggered by The server MUST rate-limit Reconfigure messages triggered by
RECONFIGURE-REQUEST messages. The server MUST be configured with Reconfigure-Request messages. The server MUST be configured with
required rate-limit parameters. required rate-limit parameters.
8. IANA Considerations 8. IANA Considerations
IANA is requested to assign the following new DHCPv6 Message type in IANA has assigned the following new DHCPv6 Message types in the
the registry maintained in http://www.iana.org/assignments/ registry maintained in
dhcpv6-parameters: http://www.iana.org/assignments/dhcpv6-parameters:
RECONFIGURE-REQUEST RECONFIGURE-REQUEST
RECONFIGURE-REPLY RECONFIGURE-REPLY
IANA is requested to assign the following new DHCPv6 Option Codes in IANA has assigned the following new DHCPv6 Option Codes in the
the registry maintained in http://www.iana.org/assignments/ registry maintained in
dhcpv6-parameters: http://www.iana.org/assignments/dhcpv6-parameters:
OPTION_LINK_ADDRESS OPTION_LINK_ADDRESS
9. Security Considerations 9. Security Considerations
Security considerations elaborated in [RFC3315] (in particular Security considerations elaborated in [RFC3315] (in particular
Section 21.1) and [RFC6422] must be taken into account. In addition, Section 21.1) and [RFC6422] must be taken into account. In addition,
DHCPv6 servers MAY be configured to reject relayed RECONFIGURE- DHCPv6 servers MAY be configured to reject relayed Reconfigure-
REQUEST messages or restrict relay chaining (see [RFC5007] for more Request messages or restrict relay chaining (see [RFC5007] for more
discussion about the rationale of this recommended behavior). discussion about the rationale of this recommended behavior).
Section 6.5 specifies the error code to return when the server is Section 6.5 specifies the error code to return when the server is
configured to reject RECONFIGURE-REQUEST messages. configured to reject Reconfigure-Request messages.
Relay agents SHOULD implement appropriate means to prevent using Relay agents SHOULD implement appropriate means to prevent using
RECONFIGURE-REQUEST messages as a denial-of-service attack on the Reconfigure-Request messages as a denial-of-service attack on the
DHCPv6 servers. DHCPv6 servers.
Because RECONFIGURE-REQUEST message provides a mechanism for Because the Reconfigure-Request message provides a mechanism for
triggering the DHCPv6 Reconfigure message, and the DHCPv6 Reconfigure triggering the DHCPv6 Reconfigure message, and the DHCPv6 Reconfigure
message can raise security threats (e.g., to control the timing of a message can raise security threats (e.g., to control the timing of a
DHCPv6 renewal), the DHCPv6 server MUST have some mechanism for DHCPv6 renewal), the DHCPv6 server MUST have some mechanism for
determining that the relay agent is a trusted entity. DHCPv6 servers determining that the relay agent is a trusted entity. DHCPv6 servers
and relay agents MUST implement relay message authentication as and relay agents MUST implement relay message authentication as
described in Section 21.1 of [RFC3315]. DHCPv6 servers MAY also described in Section 21.1 of [RFC3315]. DHCPv6 servers MAY also
implement a control policy based on the content of received Relay implement a control policy based on the content of a received Relay
Identifier Option [RFC5460]. Administrators are strongly advised to Identifier Option [RFC5460]. Administrators are strongly advised to
configure one of these security mechanisms. configure one of these security mechanisms.
In an environment where the network connecting the relay agent to the In an environment where the network connecting the relay agent to the
DHCPv6 server is physically secure and does not contain devices not DHCPv6 server is physically secure and does not contain devices not
controlled by the server administrator, it may be sufficient to trust controlled by the server administrator, it may be sufficient to trust
the Relay Agent Identifier provided by the relay agent. In networks the Relay Agent Identifier provided by the relay agent. In networks
where the security of the machines with access to the data path is where the security of the machines with access to the data path is
not under the control of the server administrator, IPsec [RFC4301] is not under the control of the server administrator, IPsec [RFC4301] is
necessary to prevent spoofing of RECONFIGURE-REQUEST messages. necessary to prevent spoofing of Reconfigure-Request messages.
DHCPv6 servers MUST silently discard RECONFIGURE-REQUEST messages DHCPv6 servers MUST silently discard Reconfigure-Request messages
originating from unknown relay agents. originating from unknown relay agents.
10. Acknowledgements 10. Acknowledgements
Many thanks to R. Maglione, A. Kostur, G. Halwasia, C. Jacquenet, Many thanks to R. Maglione, A. Kostur, G. Halwasia, C. Jacquenet, B.
B. Leiba, R. Sparks, A. Farrel, B. Claise, J. Jaeggli, and P. Leiba, R. Sparks, A. Farrel, B. Claise, J. Jaeggli, and P. Resnick
Resnick for the comments and review. for the comments and review.
Special thanks to T. Lemon, B. Volz and T. Mrugalski who provided Special thanks to T. Lemon, B. Volz, and T. Mrugalski who provided a
a detailed review. detailed review.
11. References 11. References
11.1. Normative References 11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for and M. Carney, "Dynamic Host Configuration Protocol for
skipping to change at page 13, line 20 skipping to change at page 13, line 12
[RFC5460] Stapp, M., "DHCPv6 Bulk Leasequery", RFC 5460, February [RFC5460] Stapp, M., "DHCPv6 Bulk Leasequery", RFC 5460, February
2009. 2009.
Authors' Addresses Authors' Addresses
Mohamed Boucadair Mohamed Boucadair
France Telecom France Telecom
Rennes 35000 Rennes 35000
France France
Email: mohamed.boucadair@orange.com EMail: mohamed.boucadair@orange.com
Xavier Pougnard Xavier Pougnard
France Telecom France Telecom
Lannion Lannion
France France
Email: xavier.pougnard@orange.com EMail: xavier.pougnard@orange.com
 End of changes. 84 change blocks. 
177 lines changed or deleted 174 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/