draft-ietf-homenet-arch-04.txt   draft-ietf-homenet-arch-05.txt 
Network Working Group T. Chown, Ed. Network Working Group T. Chown, Ed.
Internet-Draft University of Southampton Internet-Draft University of Southampton
Intended status: Informational J. Arkko Intended status: Informational J. Arkko
Expires: January 17, 2013 Ericsson Expires: April 22, 2013 Ericsson
A. Brandt A. Brandt
Sigma Designs Sigma Designs
O. Troan O. Troan
Cisco Systems, Inc. Cisco Systems, Inc.
J. Weil J. Weil
Time Warner Cable Time Warner Cable
July 16, 2012 October 19, 2012
Home Networking Architecture for IPv6 Home Networking Architecture for IPv6
draft-ietf-homenet-arch-04 draft-ietf-homenet-arch-05
Abstract Abstract
This text describes evolving networking technology within This text describes evolving networking technology within
increasingly large residential home networks. The goal of this increasingly large residential home networks. The goal of this
document is to define an architecture for IPv6-based home networking, document is to define an architecture for IPv6-based home networking,
while describing the associated principles, considerations and while describing the associated principles, considerations and
requirements. The text briefly highlights the specific implications requirements. The text briefly highlights the specific implications
of the introduction of IPv6 for home networking, discusses the of the introduction of IPv6 for home networking, discusses the
elements of the architecture, and suggests how standard IPv6 elements of the architecture, and suggests how standard IPv6
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 17, 2013. This Internet-Draft will expire on April 22, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 32 skipping to change at page 2, line 32
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Terminology and Abbreviations . . . . . . . . . . . . . . 5 1.1. Terminology and Abbreviations . . . . . . . . . . . . . . 5
2. Effects of IPv6 on Home Networking . . . . . . . . . . . . . . 6 2. Effects of IPv6 on Home Networking . . . . . . . . . . . . . . 6
2.1. Multiple subnets and routers . . . . . . . . . . . . . . . 6 2.1. Multiple subnets and routers . . . . . . . . . . . . . . . 6
2.2. Global addressability and elimination of NAT . . . . . . . 7 2.2. Global addressability and elimination of NAT . . . . . . . 7
2.3. Multi-Addressing of devices . . . . . . . . . . . . . . . 7 2.3. Multi-Addressing of devices . . . . . . . . . . . . . . . 7
2.4. Unique Local Addresses (ULAs) . . . . . . . . . . . . . . 8 2.4. Unique Local Addresses (ULAs) . . . . . . . . . . . . . . 8
2.5. Naming, and manual configuration of IP addresses . . . . . 9 2.5. Naming, and manual configuration of IP addresses . . . . . 9
2.6. IPv6-only operation . . . . . . . . . . . . . . . . . . . 9 2.6. IPv6-only operation . . . . . . . . . . . . . . . . . . . 9
3. Homenet Architecture . . . . . . . . . . . . . . . . . . . . . 10 3. Homenet Architecture . . . . . . . . . . . . . . . . . . . . . 10
3.1. General Principles . . . . . . . . . . . . . . . . . . . . 10 3.1. General Principles . . . . . . . . . . . . . . . . . . . . 11
3.1.1. Reuse existing protocols . . . . . . . . . . . . . . . 11 3.1.1. Reuse existing protocols . . . . . . . . . . . . . . . 11
3.1.2. Minimise changes to hosts and routers . . . . . . . . 11 3.1.2. Minimise changes to hosts and routers . . . . . . . . 11
3.2. Homenet Topology . . . . . . . . . . . . . . . . . . . . . 11 3.2. Homenet Topology . . . . . . . . . . . . . . . . . . . . . 11
3.2.1. Supporting arbitrary topologies . . . . . . . . . . . 11 3.2.1. Supporting arbitrary topologies . . . . . . . . . . . 11
3.2.2. Network topology models . . . . . . . . . . . . . . . 11 3.2.2. Network topology models . . . . . . . . . . . . . . . 12
3.2.3. Dual-stack topologies . . . . . . . . . . . . . . . . 16 3.2.3. Dual-stack topologies . . . . . . . . . . . . . . . . 16
3.2.4. Multihoming . . . . . . . . . . . . . . . . . . . . . 17 3.2.4. Multihoming . . . . . . . . . . . . . . . . . . . . . 17
3.3. A Self-Organising Network . . . . . . . . . . . . . . . . 18 3.3. A Self-Organising Network . . . . . . . . . . . . . . . . 18
3.3.1. Homenet realms and borders . . . . . . . . . . . . . . 19 3.3.1. Homenet realms and borders . . . . . . . . . . . . . . 19
3.3.2. Largest possible subnets . . . . . . . . . . . . . . . 19 3.3.2. Largest practical subnets . . . . . . . . . . . . . . 20
3.3.3. Handling multiple homenets . . . . . . . . . . . . . . 20 3.3.3. Handling multiple homenets . . . . . . . . . . . . . . 20
3.3.4. Coordination of configuration information . . . . . . 20 3.3.4. Coordination of configuration information . . . . . . 20
3.4. Homenet Addressing . . . . . . . . . . . . . . . . . . . . 20 3.4. Homenet Addressing . . . . . . . . . . . . . . . . . . . . 21
3.4.1. Use of ISP-delegated IPv6 prefixes . . . . . . . . . . 20 3.4.1. Use of ISP-delegated IPv6 prefixes . . . . . . . . . . 21
3.4.2. Stable internal IP addresses . . . . . . . . . . . . . 22 3.4.2. Stable internal IP addresses . . . . . . . . . . . . . 22
3.4.3. Internal prefix delegation . . . . . . . . . . . . . . 22 3.4.3. Internal prefix delegation . . . . . . . . . . . . . . 23
3.4.4. Privacy . . . . . . . . . . . . . . . . . . . . . . . 24 3.4.4. Privacy . . . . . . . . . . . . . . . . . . . . . . . 24
3.5. Routing functionality . . . . . . . . . . . . . . . . . . 24 3.5. Routing functionality . . . . . . . . . . . . . . . . . . 24
3.6. Security . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.5.1. Multicast routing . . . . . . . . . . . . . . . . . . 26
3.6. Security . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.6.1. Addressability vs reachability . . . . . . . . . . . . 26 3.6.1. Addressability vs reachability . . . . . . . . . . . . 26
3.6.2. Filtering at borders . . . . . . . . . . . . . . . . . 27 3.6.2. Filtering at borders . . . . . . . . . . . . . . . . . 27
3.6.3. Device capabilities . . . . . . . . . . . . . . . . . 27 3.6.3. Marginal Effectiveness of NAT and Firewalls . . . . . 28
3.6.4. ULAs as a hint of connection origin . . . . . . . . . 27 3.6.4. Device capabilities . . . . . . . . . . . . . . . . . 28
3.7. Naming and Service Discovery . . . . . . . . . . . . . . . 27 3.6.5. ULAs as a hint of connection origin . . . . . . . . . 28
3.8. Other Considerations . . . . . . . . . . . . . . . . . . . 30 3.7. Naming and Service Discovery . . . . . . . . . . . . . . . 29
3.8.1. Proxy or Extend? . . . . . . . . . . . . . . . . . . . 30 3.7.1. Discovering services . . . . . . . . . . . . . . . . . 29
3.8.2. Quality of Service . . . . . . . . . . . . . . . . . . 30 3.7.2. Assigning names to devices . . . . . . . . . . . . . . 29
3.8.3. Operations and Management . . . . . . . . . . . . . . 31 3.7.3. Name spaces . . . . . . . . . . . . . . . . . . . . . 30
3.9. Implementing the Architecture on IPv6 . . . . . . . . . . 31 3.7.4. The homenet name service . . . . . . . . . . . . . . . 31
4. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.7.5. Independent operation . . . . . . . . . . . . . . . . 32
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.7.6. Considerations for LLNs . . . . . . . . . . . . . . . 33
5.1. Normative References . . . . . . . . . . . . . . . . . . . 32 3.7.7. DNS resolver discovery . . . . . . . . . . . . . . . . 33
5.2. Informative References . . . . . . . . . . . . . . . . . . 33 3.8. Other Considerations . . . . . . . . . . . . . . . . . . . 33
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 36 3.8.1. Proxy or Extend? . . . . . . . . . . . . . . . . . . . 33
Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . . 36 3.8.2. Quality of Service . . . . . . . . . . . . . . . . . . 34
B.1. Version 04 . . . . . . . . . . . . . . . . . . . . . . . . 36 3.8.3. Operations and Management . . . . . . . . . . . . . . 34
B.2. Version 03 . . . . . . . . . . . . . . . . . . . . . . . . 36 3.9. Implementing the Architecture on IPv6 . . . . . . . . . . 35
B.3. Version 02 . . . . . . . . . . . . . . . . . . . . . . . . 38 4. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 35
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 38 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.1. Normative References . . . . . . . . . . . . . . . . . . . 35
5.2. Informative References . . . . . . . . . . . . . . . . . . 36
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 39
Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . . 40
B.1. Version 05 . . . . . . . . . . . . . . . . . . . . . . . . 40
B.2. Version 04 . . . . . . . . . . . . . . . . . . . . . . . . 40
B.3. Version 03 . . . . . . . . . . . . . . . . . . . . . . . . 40
B.4. Version 02 . . . . . . . . . . . . . . . . . . . . . . . . 42
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 42
1. Introduction 1. Introduction
This document focuses on evolving networking technology within This document focuses on evolving networking technology within
increasingly large residential home networks and the associated increasingly large residential home networks and the associated
challenges with their deployment and operation. There is a growing challenges with their deployment and operation. There is a growing
trend in home networking for the proliferation of networking trend in home networking for the proliferation of networking
technology in an increasingly broad range of devices and media. This technology in an increasingly broad range of devices and media. This
evolution in scale and diversity sets requirements on IETF protocols. evolution in scale and diversity sets requirements on IETF protocols.
Some of these requirements relate to the introduction of IPv6, others Some of these requirements relate to the introduction of IPv6, others
skipping to change at page 4, line 26 skipping to change at page 4, line 26
While at the time of writing some complex home network topologies While at the time of writing some complex home network topologies
exist, most operate based on IPv4, employ solutions that we would exist, most operate based on IPv4, employ solutions that we would
like to avoid such as (cascaded) network address translation (NAT), like to avoid such as (cascaded) network address translation (NAT),
or require expert assistance to set up. In IPv6 home networks, there or require expert assistance to set up. In IPv6 home networks, there
are likely to be scenarios where internal routing is required, for are likely to be scenarios where internal routing is required, for
example to support private and guest networks, in which case such example to support private and guest networks, in which case such
networks may use increasing numbers of subnets, and require methods networks may use increasing numbers of subnets, and require methods
for IPv6 prefixes to be delegated to those subnets. The assumption for IPv6 prefixes to be delegated to those subnets. The assumption
of this document is that the homenet is as far as possible self- of this document is that the homenet is as far as possible self-
organising and self-configuring, and is thus not pro-actively managed organising and self-configuring, and is thus need not be pro-actively
by the residential user. managed by the residential user.
The architectural constructs in this document are focused on the The architectural constructs in this document are focused on the
problems to be solved when introducing IPv6 with an eye towards a problems to be solved when introducing IPv6 with an eye towards a
better result than what we have today with IPv4, as well as a better better result than what we have today with IPv4, as well as a better
result than if the IETF had not given this specific guidance. The result than if the IETF had not given this specific guidance. The
document aims to provide the basis and guiding principles for how document aims to provide the basis and guiding principles for how
standard IPv6 mechanisms and addressing [RFC2460] [RFC4291] can be standard IPv6 mechanisms and addressing [RFC2460] [RFC4291] can be
employed in home networking, while coexisting with existing IPv4 employed in home networking, while coexisting with existing IPv4
mechanisms. In emerging dual-stack home networks it is vital that mechanisms. In emerging dual-stack home networks it is vital that
introducing IPv6 does not adversely affect IPv4 operation. We assume introducing IPv6 does not adversely affect IPv4 operation. We assume
skipping to change at page 5, line 23 skipping to change at page 5, line 23
1.1. Terminology and Abbreviations 1.1. Terminology and Abbreviations
In this section we define terminology and abbreviations used In this section we define terminology and abbreviations used
throughout the text. throughout the text.
o "Advanced Security". Describes advanced security functions for a o "Advanced Security". Describes advanced security functions for a
CER, as defined in [I-D.vyncke-advanced-ipv6-security], where the CER, as defined in [I-D.vyncke-advanced-ipv6-security], where the
default inbound connection policy is generally "default allow". default inbound connection policy is generally "default allow".
o ALQDN: Ambiguous Locally Qualified Domain Name. An example would
be .sitelocal.
o CER: Customer Edge Router. A border router at the edge of the o CER: Customer Edge Router. A border router at the edge of the
homenet. homenet.
o FQDN: Fully Qualified Domain Name. A globally unique name space.
o LLN: Low-power and lossy network. o LLN: Low-power and lossy network.
o LQDN: Locally Qualified Domain Name. A name space local to the
homenet.
o NAT: Network Address Translation. Typically referring to IPv4 o NAT: Network Address Translation. Typically referring to IPv4
Network Address and Port Translation (NAPT) [RFC3022]. Network Address and Port Translation (NAPT) [RFC3022].
o NPTv6: Network Prefix Translation for IPv6 [RFC6296]. o NPTv6: Network Prefix Translation for IPv6 [RFC6296].
o PCP: Port Control Protocol [I-D.ietf-pcp-base]. o PCP: Port Control Protocol [I-D.ietf-pcp-base].
o "Simple Security". Defined in [RFC4864] and expanded further in o "Simple Security". Defined in [RFC4864] and expanded further in
[RFC6092]; describes recommended perimeter security capabilities [RFC6092]; describes recommended perimeter security capabilities
for IPv6 networks. for IPv6 networks.
o ULA: IPv6 Unique Local Addresses [RFC4193]. o ULA: IPv6 Unique Local Addresses [RFC4193].
o ULQDN: Unique Locally Qualified Domain Name. An example might be
.<UniqueString>.sitelocal.
o UPnP: Universal Plug and Play. Includes the Internet Gateway o UPnP: Universal Plug and Play. Includes the Internet Gateway
Device (IGD) function, which for IPv6 is UPnP IGD Version 2 Device (IGD) function, which for IPv6 is UPnP IGD Version 2
[IGD-2]. [IGD-2].
o VM: Virtual machine. o VM: Virtual machine.
o WPA2: Wi-Fi Protected Access, as defined by the Wi-Fi Alliance. o WPA2: Wi-Fi Protected Access, as defined by the Wi-Fi Alliance.
2. Effects of IPv6 on Home Networking 2. Effects of IPv6 on Home Networking
Service providers are deploying IPv6, content is becoming available While IPv6 resembles IPv4 in many ways, it changes address allocation
on IPv6 (accelerated recently by the World IPv6 Launch event) and principles, making multi-addressing the norm, and allowing direct IP
support for IPv6 is increasingly available in devices and software addressability of home networking devices from the Internet. This
used in the home. While IPv6 resembles IPv4 in many ways, it changes section presents an overview of some of the key implications of the
address allocation principles, making multi-addressing the norm, and introduction of IPv6 for home networking, that are simultaneously
allowing direct IP addressability of home networking devices from the both promising and problematic.
Internet. This section presents an overview of some of the key
implications of the introduction of IPv6 for home networking, that
are simultaneously both promising and problematic.
2.1. Multiple subnets and routers 2.1. Multiple subnets and routers
The introduction of IPv6 for home networking enables the potential The introduction of IPv6 for home networking enables the potential
for every home network to be delegated enough address space to for every home network to be delegated enough address space to
provision globally unique prefixes for each subnet in the home. Such provision globally unique prefixes for each subnet in the home. Such
subnetting is not common practice in existing IPv4 homenets, but is subnetting is not common practice in existing IPv4 homenets, but is
very likely to become increasingly standard in future IPv6 homenets. very likely to become increasingly standard in future IPv6 homenets.
While simple layer 3 topologies involving as few subnets as possible While simple layer 3 topologies involving as few subnets as possible
skipping to change at page 6, line 41 skipping to change at page 6, line 46
corporate extensions from the main Internet access network, or corporate extensions from the main Internet access network, or
different subnets may in general be associated with parts of the different subnets may in general be associated with parts of the
homenet that have different routing and security policies. Further, homenet that have different routing and security policies. Further,
link layer networking technology is poised to become more link layer networking technology is poised to become more
heterogeneous, as networks begin to employ both traditional Ethernet heterogeneous, as networks begin to employ both traditional Ethernet
technology and link layers designed for low-power and lossy networks technology and link layers designed for low-power and lossy networks
(LLNs), such as those used for certain types of sensor devices. (LLNs), such as those used for certain types of sensor devices.
Constraining the flow of certain traffic from Ethernet links to much Constraining the flow of certain traffic from Ethernet links to much
lower capacity links thus becomes an important topic. lower capacity links thus becomes an important topic.
Documents that provide some more specific background and depth on
this topic include: [I-D.herbst-v6ops-cpeenhancements],
[I-D.baker-fun-multi-router], and [I-D.baker-fun-routing-class].
The addition of routing between subnets raises the issue of how to The addition of routing between subnets raises the issue of how to
extend mechanisms such as service discovery which currently rely on extend mechanisms such as service discovery which currently rely on
link-local addressing to limit scope. There are two broad choices; link-local addressing to limit scope. There are two broad choices;
extend existing protocols to work across the scope of the homenet, or extend existing protocols to work across the scope of the homenet, or
introduce proxies for existing link-layer protocols. This topic is introduce proxies for existing link layer protocols. This topic is
discussed later in the document. discussed later in the document.
There will also be the need to discover which routers in the homenet There will also be the need to discover which routers in the homenet
are the border router(s) by an appropriate mechanism. Here, there are the border router(s) by an appropriate mechanism. Here, there
are a number of choices. These include an appropriate service are a number of choices, including the use of an appropriate service
discovery protocol, or the use of a well-known name, resolved by some discovery protocol. Whatever method is chosen would likely have to
local name service. Both might have to deal with handling more than deal with handling more than one router responding in multihomed
one router responding in multihomed environments. environments.
2.2. Global addressability and elimination of NAT 2.2. Global addressability and elimination of NAT
Current IPv4 home networks typically receive a single global IPv4 Current IPv4 home networks typically receive a single global IPv4
address from their ISP and use NAT with private [RFC1918] addresses address from their ISP and use NAT with private [RFC1918] addresses
for devices within the network. An IPv6 home network removes the for devices within the network. An IPv6 home network removes the
need to use NAT given the ISP offers a sufficiently large globally need to use NAT given the ISP offers a sufficiently large globally
unique IPv6 prefix to the homenet, allowing every device on every unique IPv6 prefix to the homenet, allowing every device on every
link to be assigned a globally unique IPv6 address. subnet to be assigned a globally unique IPv6 address.
The end-to-end communication that is potentially enabled with IPv6 is The end-to-end communication that is potentially enabled with IPv6 is
on the one hand an incredible opportunity for innovation and simpler on the one hand an incredible opportunity for innovation and simpler
network operation, but it is also a concern as it exposes nodes in network operation, but it is also a concern as it exposes nodes in
the internal networks to receipt of otherwise unwanted traffic from the internal networks to receipt of otherwise unwanted traffic from
the Internet. There may thus be an expectation of improved host the Internet. While devices and applications can potentially talk
security to compensate for this, at least in general networked directly to each other when all devices have globally unique
devices, but it must be noted that many devices may also (for addresses, there may be an expectation of improved host security to
compensate for this. It should be noted that many devices may (for
example) ship with default settings that make them readily vulnerable example) ship with default settings that make them readily vulnerable
to compromise by external attackers if globally accessible, or may to compromise by external attackers if globally accessible, or may
simply not have robustness designed-in because it was either assumed simply not have robustness designed-in because it was either assumed
such devices would only be used on private networks or the device such devices would only be used on private networks or the device
itself doesn't have the computing power to apply the necessary itself doesn't have the computing power to apply the necessary
security methods. security methods.
IPv6 networks may or may not have filters applied at their borders, IPv6 networks may or may not have filters applied at their borders,
i.e. at the homenet CER. [RFC4864], [RFC6092] and i.e. at the homenet CER. [RFC4864], [RFC6092] and
[I-D.vyncke-advanced-ipv6-security] discuss such filtering, and the [I-D.vyncke-advanced-ipv6-security] discuss such filtering, and the
skipping to change at page 8, line 8 skipping to change at page 8, line 9
In an IPv6 network, devices may acquire multiple addresses, typically In an IPv6 network, devices may acquire multiple addresses, typically
at least a link-local address and a globally unique address. They at least a link-local address and a globally unique address. They
may also have an IPv4 address if the network is dual-stack, a Unique may also have an IPv4 address if the network is dual-stack, a Unique
Local Address (ULA) [RFC4193] (see below), and one or more IPv6 Local Address (ULA) [RFC4193] (see below), and one or more IPv6
Privacy Addresses [RFC4941]. Privacy Addresses [RFC4941].
Thus it should be considered the norm for devices on IPv6 home Thus it should be considered the norm for devices on IPv6 home
networks to be multi-addressed, and to need to make appropriate networks to be multi-addressed, and to need to make appropriate
address selection decisions for the candidate source and destination address selection decisions for the candidate source and destination
address pairs. Default Address Selection for IPv6 address pairs. Default Address Selection for IPv6 [RFC6724] provides
[I-D.ietf-6man-rfc3484bis] provides a solution for this, though it a solution for this, though it may face problems in the event of
may face problems in the event of multihoming, where nodes will be multihoming, where nodes will be configured with one address from
configured with one address from each upstream ISP prefix. In such each upstream ISP prefix. In such cases the presence of upstream
cases the presence of upstream ingress filtering requires multi- ingress filtering requires multi-addressed nodes to select the
addressed nodes to select the correct source address to be used for correct source address to be used for the corresponding uplink, to
the corresponding uplink, to avoid ISP BCP 38 ingress filtering, but avoid ISP BCP 38 ingress filtering, but the node may not have the
the node may not have the information it needs to make that decision information it needs to make that decision based on addresses alone.
based on addresses alone. We discuss such challenges in the We discuss such challenges in the multihoming section later in this
multihoming section later in this document. document.
2.4. Unique Local Addresses (ULAs) 2.4. Unique Local Addresses (ULAs)
[RFC4193] defines Unique Local Addresses (ULAs) for IPv6 that may be [RFC4193] defines Unique Local Addresses (ULAs) for IPv6 that may be
used to address devices within the scope of a single site. Support used to address devices within the scope of a single site. Support
for ULAs for IPv6 CERs is described in [RFC6204]. A home network for ULAs for IPv6 CERs is described in [RFC6204]. A home network
running IPv6 may deploy ULAs for stable communication between devices running IPv6 may deploy ULAs for stable communication between devices
(on different subnets) within the network where the externally (on different subnets) within the network where the externally
allocated global prefix changes over time (e.g. due to renumbering allocated global prefix changes over time (e.g. due to renumbering
within the subscriber's ISP) or where external connectivity is within the subscriber's ISP) or where external connectivity is
skipping to change at page 9, line 40 skipping to change at page 9, line 41
"greenfield" homenet scenarios, or perhaps as one element of an "greenfield" homenet scenarios, or perhaps as one element of an
otherwise dual-stack network. Running IPv6-only adds additional otherwise dual-stack network. Running IPv6-only adds additional
requirements, e.g. for devices to get configuration information via requirements, e.g. for devices to get configuration information via
IPv6 transport (not relying on an IPv4 protocol such as IPv4 DHCP), IPv6 transport (not relying on an IPv4 protocol such as IPv4 DHCP),
and for devices to be able to initiate communications to external and for devices to be able to initiate communications to external
devices that are IPv4-only. Thus, for example, the following devices that are IPv4-only. Thus, for example, the following
requirements are amongst those that should be considered in IPv6-only requirements are amongst those that should be considered in IPv6-only
environments: environments:
o Ensuring there is a way to access content in the IPv4 Internet. o Ensuring there is a way to access content in the IPv4 Internet.
This can be arranged through incorporating NAT64 [RFC6144] and This can be arranged through appropriate use of NAT64 [RFC6144]
DNS64 [RFC6145] functionality in the home gateway router, for and DNS64 [RFC6145], for example, or via a node-based DS-Lite
instance. Such features are outside the scope of this document [RFC6333] approach.
however, being CER functions.
o DNS discovery mechanisms are enabled for IPv6. Both stateless o DNS discovery mechanisms are enabled for IPv6. Both stateless
DHCPv6 [RFC3736] [RFC3646] and Router Advertisement options DHCPv6 [RFC3736] [RFC3646] and Router Advertisement options
[RFC6106] may have to be supported and turned on by default to [RFC6106] may have to be supported and turned on by default to
ensure maximum compatibility with all types of hosts in the ensure maximum compatibility with all types of hosts in the
network. This requires, however, that a working DNS server is network. This requires, however, that a working DNS server is
known and addressable via IPv6, and that such discovery options known and addressable via IPv6, and that the automatic discovery
can operate through multiple routers in the homenet. of such a server is possible through multiple routers in the
homenet.
o All nodes in the home network support operations in IPv6-only o All nodes in the home network support operations in IPv6-only
mode. Some current devices work well with dual-stack but fail to mode. Some current devices work well with dual-stack but fail to
recognise connectivity when IPv4 DHCP fails, for instance. recognise connectivity when IPv4 DHCP fails, for instance.
The widespread availability of robust solutions to these types of The widespread availability of robust solutions to these types of
requirements will help accelerate the uptake of IPv6-only homenets. requirements will help accelerate the uptake of IPv6-only homenets.
The specifics of these are however beyond the scope of this document,
especially those functions that reside on the CPE.
3. Homenet Architecture 3. Homenet Architecture
The aim of this architecture text is to outline how to construct The aim of this architecture text is to outline how to construct
advanced IPv6-based home networks involving multiple routers and advanced IPv6-based home networks involving multiple routers and
subnets using standard IPv6 protocols and addressing [RFC2460] subnets using standard IPv6 protocols and addressing [RFC2460]
[RFC4291]. In this section, we present the elements of such a home [RFC4291]. In this section, we present the elements of such a home
networking architecture, with discussion of the associated design networking architecture, with discussion of the associated design
principles. principles.
skipping to change at page 11, line 31 skipping to change at page 11, line 36
changes are made. changes are made.
3.1.2. Minimise changes to hosts and routers 3.1.2. Minimise changes to hosts and routers
Where possible, any requirement for changes to hosts and routers Where possible, any requirement for changes to hosts and routers
should be minimised, though solutions which, for example, should be minimised, though solutions which, for example,
incrementally improve with host changes may be acceptable. incrementally improve with host changes may be acceptable.
3.2. Homenet Topology 3.2. Homenet Topology
In this section we consider homenet topologies, and the principles we This section considers homenet topologies, and the principles that
may apply in designing an architecture to support as wide a range as may be applied in designing an architecture to support as wide a
possible of such topologies. range as possible of such topologies.
3.2.1. Supporting arbitrary topologies 3.2.1. Supporting arbitrary topologies
There should ideally be no built-in assumptions about the topology in There should ideally be no built-in assumptions about the topology in
home networks, as users are capable of connecting their devices in home networks, as users are capable of connecting their devices in
"ingenious" ways. Thus arbitrary topologies and arbitrary routing "ingenious" ways. Thus arbitrary topologies and arbitrary routing
will need to be supported, or at least the failure mode for when the will need to be supported, or at least the failure mode for when the
user makes a mistake should be as robust as possible, e.g. de- user makes a mistake should be as robust as possible, e.g. de-
activating a certain part of the infrastructure to allow the rest to activating a certain part of the infrastructure to allow the rest to
operate. In such cases, the user should ideally have some useful operate. In such cases, the user should ideally have some useful
indication of the failure mode encountered. indication of the failure mode encountered.
There are no topology secenarios which could cause loss of
connectivity, except when the user creates a physical island within
the topology. Some potentially pathological cases that can be
created include bridging ports of a router together, however this
case can be detected and dealt with by the router. Routing cycles
within a topology are in a sense good in that they offer redundancy.
Bridging cyslces can be dangerous but are also detectable when a
switch learns the MAC of one of its interfaces on another or runs a
spanning tree or link state protocol. It is only cycles using simple
repeaters that are truly pathological.
3.2.2. Network topology models 3.2.2. Network topology models
Most IPv4 home network models at the time of writing tend to be Most IPv4 home network models at the time of writing tend to be
relatively simple, typically a single NAT router to the ISP and a relatively simple, typically a single NAT router to the ISP and a
single internal subnet but, as discussed earlier, evolution in single internal subnet but, as discussed earlier, evolution in
network architectures is driving more complex topologies, such as the network architectures is driving more complex topologies, such as the
separation of visitor and private networks. separation of guest and private networks. There may also be some
cascaded IPv4 NAT scenarios, which we mention in the next section.
In general, the models described in [RFC6204] and its successor RFC In general, the models described in [RFC6204] and its successor RFC
6204-bis [I-D.ietf-v6ops-6204bis] should be supported by the IPv6 6204-bis [I-D.ietf-v6ops-6204bis] should be supported by the IPv6
home networking architecture. The functions resident on the CER home networking architecture. The functions resident on the CER
itself are, as stated previously, out of scope of this text. itself are, as stated previously, out of scope of this text.
There are a number of properties or attributes of a home network that There are a number of properties or attributes of a home network that
we can use to describe its topology and operation. The following we can use to describe its topology and operation. The following
properties apply to any IPv6 home network: properties apply to any IPv6 home network:
o Presence of internal routers. The homenet may have one or more o Presence of internal routers. The homenet may have one or more
internal routers, or may only provide subnetting from interfaces internal routers, or may only provide subnetting from interfaces
on the CER. on the CER.
o Presence of isolated internal subnets. There may be isolated o Presence of isolated internal subnets. There may be isolated
internal subnets, with no direct connectivity between them within internal subnets, with no direct connectivity between them within
the homenet. Isolation may be physical, or implemented via IEEE the homenet. Isolation may be physical, or implemented via IEEE
802.1q VLANs. 802.1q VLANs. The latter is however not something a typical user
would be expected to configure.
o Demarcation of the CER. The CER(s) may or may not be managed by o Demarcation of the CER. The CER(s) may or may not be managed by
the ISP. If the demarcation point is such that the customer can the ISP. If the demarcation point is such that the customer can
provide or manage the CER, its configuration must be simple. Both provide or manage the CER, its configuration must be simple. Both
models must be supported. models must be supported.
Various forms of multihoming are likely to be more prevalent with Various forms of multihoming are likely to be more prevalent with
IPv6 home networks, as discussed further below. Thus the following IPv6 home networks, as discussed further below. Thus the following
properties should also be considered for such networks: properties should also be considered for such networks:
skipping to change at page 12, line 44 skipping to change at page 13, line 17
multiple ISPs, whether for resilience or provision of additional multiple ISPs, whether for resilience or provision of additional
services. Each would offer its own prefix. Some may or may not services. Each would offer its own prefix. Some may or may not
be walled gardens. be walled gardens.
o Number of CERs. The homenet may have a single CER, which might be o Number of CERs. The homenet may have a single CER, which might be
used for one or more providers, or multiple CERs. The presence of used for one or more providers, or multiple CERs. The presence of
multiple CERs adds additional complexity for multihoming multiple CERs adds additional complexity for multihoming
scenarios, and protocols like PCP that need to manage connection- scenarios, and protocols like PCP that need to manage connection-
oriented state mappings. oriented state mappings.
A separate discussion of physical infrastructures for homenets is
included in and [I-D.arkko-homenet-physical-standard].
In the following sections we give some examples of the types of In the following sections we give some examples of the types of
homenet topologies we may see in the future. This is not intended to homenet topologies we may see in the future. This is not intended to
be an exhaustive or complete list, rather an indicative one to be an exhaustive or complete list, rather an indicative one to
facilitate the discussion in this text. facilitate the discussion in this text.
3.2.2.1. A: Single ISP, Single CER, Internal routers 3.2.2.1. A: Single ISP, Single CER, Internal routers
Figure 1 shows a network with multiple local area networks. These Figure 1 shows a network with multiple local area networks. These
may be needed for reasons relating to different link layer may be needed for reasons relating to different link layer
technologies in use or for policy reasons, e.g. classic Ethernet in technologies in use or for policy reasons, e.g. classic Ethernet in
skipping to change at page 14, line 19 skipping to change at page 14, line 19
+-------+-------+ | network +-------+-------+ | network
| / | /
| Customer / | Customer /
| Internet connection | Internet connection
| |
+------+--------+ \ +------+--------+ \
| IPv6 | \ | IPv6 | \
| Customer Edge | \ | Customer Edge | \
| Router | | | Router | |
+----+-+---+----+ | +----+-+---+----+ |
Network A | | | Network B/E | Network A | | | Network B(E) |
----+-------------+----+ | +---+-------------+------+ | ----+-------------+----+ | +---+-------------+------+ |
| | | | | | | | | | | | | | |
+----+-----+ +-----+----+ | +----+-----+ +-----+----+ | | +----+-----+ +-----+----+ | +----+-----+ +-----+----+ | |
|IPv6 Host | |IPv6 Host | | | IPv6 Host| |IPv6 Host | | | |IPv6 Host | |IPv6 Host | | | IPv6 Host| |IPv6 Host | | |
| | | | | | | | | | | | H1 | | H2 | | | H3 | | H4 | | |
+----------+ +----------+ | +----------+ +----------+ | | +----------+ +----------+ | +----------+ +----------+ | |
| | | | | | | | | |
| ---+------+------+-----+ | Link F | ---+------+------+-----+ |
| | Network B/E | | | Network E(B) |
+------+--------+ | | End-User +------+--------+ | | End-User
| IPv6 | | | networks | IPv6 | | | networks
| Interior +------+ | | Interior +------+ |
| Router | | | Router | |
+---+-------+-+-+ | +---+-------+-+-+ |
Network C | | Network D | Network C | | Network D |
----+-------------+---+- --+---+-------------+--- | ----+-------------+---+ +---+-------------+--- |
| | | | | | | | | |
+----+-----+ +-----+----+ +----+-----+ +-----+----+ | +----+-----+ +-----+----+ +----+-----+ +-----+----+ |
|IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | | |IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | |
| | | | | | | | / | H5 | | H6 | | H7 | | H8 | /
+----------+ +----------+ +----------+ +----------+ / +----------+ +----------+ +----------+ +----------+ /
Figure 1 Figure 1
In this diagram there is one CER. It has a single uplink interface.
It has three additional interfaces connected to Network A, Link F,
and Network B. IPv6 Internal Router (IR) has four interfaces
connected to Link F, Network C, Network D and Network E. Network B
and Network E have been bridged, likely inadvertedly. This could be
as a result of connecting a wire between a switch for Network B and a
switch for Network E.
Any of logical Networks A through F might be wired or wireless.
Where multiple hosts are shown, this might be through one or more
physical ports on the CER or IPv6 (IR), wireless networks, or through
one or more layer-2 only ethernet switches.
3.2.2.2. B: Two ISPs, Two CERs, Shared subnet 3.2.2.2. B: Two ISPs, Two CERs, Shared subnet
+-------+-------+ +-------+-------+ \ +-------+-------+ +-------+-------+ \
| Service | | Service | \ | Service | | Service | \
| Provider A | | Provider B | | Service | Provider A | | Provider B | | Service
| Router | | Router | | Provider | Router | | Router | | Provider
+------+--------+ +-------+-------+ | network +------+--------+ +-------+-------+ | network
| | / | | /
| Customer | / | Customer | /
| Internet connections | / | Internet connections | /
skipping to change at page 15, line 27 skipping to change at page 15, line 31
| IPv6 | | IPv6 | \ | IPv6 | | IPv6 | \
| Customer Edge | | Customer Edge | \ | Customer Edge | | Customer Edge | \
| Router 1 | | Router 2 | / | Router 1 | | Router 2 | /
+------+--------+ +-------+-------+ / +------+--------+ +-------+-------+ /
| | / | | /
| | | End-User | | | End-User
---+---------+---+---------------+--+----------+--- | network(s) ---+---------+---+---------------+--+----------+--- | network(s)
| | | | \ | | | | \
+----+-----+ +-----+----+ +----+-----+ +-----+----+ \ +----+-----+ +-----+----+ +----+-----+ +-----+----+ \
|IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | / |IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | /
| | | | | | | | / | H1 | | H2 | | H3 | | H4 | /
+----------+ +----------+ +----------+ +----------+ +----------+ +----------+ +----------+ +----------+
Figure 2 Figure 2
Figure 2 illustrates a multihomed homenet model, where the customer Figure 2 illustrates a multihomed homenet model, where the customer
has connectivity via CER1 to ISP A and via CER2 to ISP B. This has connectivity via CER1 to ISP A and via CER2 to ISP B. This
example shows one shared subnet where IPv6 nodes would potentially be example shows one shared subnet where IPv6 nodes would potentially be
multihomed and receive multiple IPv6 global addresses, one per ISP. multihomed and receive multiple IPv6 global addresses, one per ISP.
This model may also be combined with that shown in Figure 1 to create This model may also be combined with that shown in Figure 1 to create
a more complex scenario with multiple internal routers. Or the above a more complex scenario with multiple internal routers. Or the above
skipping to change at page 16, line 27 skipping to change at page 16, line 27
| IPv6 | \ | IPv6 | \
| Customer Edge | \ | Customer Edge | \
| Router | / | Router | /
+---------+---------+ / +---------+---------+ /
| / | /
| | End-User | | End-User
---+------------+-------+--------+-------------+--- | network(s) ---+------------+-------+--------+-------------+--- | network(s)
| | | | \ | | | | \
+----+-----+ +----+-----+ +----+-----+ +-----+----+ \ +----+-----+ +----+-----+ +----+-----+ +-----+----+ \
|IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | / |IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | /
| | | | | | | | / | H1 | | H2 | | H3 | | H4 | /
+----------+ +----------+ +----------+ +----------+ +----------+ +----------+ +----------+ +----------+
Figure 3 Figure 3
Figure 3 illustrates a model where a home network may have multiple Figure 3 illustrates a model where a home network may have multiple
connections to multiple providers or multiple logical connections to connections to multiple providers or multiple logical connections to
the same provider, with shared internal subnets. the same provider, with shared internal subnets.
In general, while the architecture may focus on likely common In general, while the architecture may focus on likely common
topologies, it should not preclude any arbitrary topology from being topologies, it should not preclude any arbitrary topology from being
skipping to change at page 17, line 4 skipping to change at page 17, line 4
It is expected that most homenet deployments will for the immediate It is expected that most homenet deployments will for the immediate
future be dual-stack IPv4/IPv6. In such networks it is important not future be dual-stack IPv4/IPv6. In such networks it is important not
to introduce new IPv6 capabilities that would cause a failure if used to introduce new IPv6 capabilities that would cause a failure if used
alongside IPv4+NAT, given that such dual-stack homenets will be alongside IPv4+NAT, given that such dual-stack homenets will be
commonplace for some time. That said, it is desirable that IPv6 commonplace for some time. That said, it is desirable that IPv6
works better than IPv4 in as many scenarios as possible. Further, works better than IPv4 in as many scenarios as possible. Further,
the homenet architecture must operate in the absence of IPv4. the homenet architecture must operate in the absence of IPv4.
A general recommendation is to follow the same topology for IPv6 as A general recommendation is to follow the same topology for IPv6 as
is used for IPv4, but not to use NAT. Thus there should be routed is used for IPv4, but not to use NAT. Thus there should be routed
IPv6 where an IPv4 NAT is used, and where there is no NAT there IPv6 where an IPv4 NAT is used, and where there is no NAT routing or
should be bridging if the link layer allows this. bridging may be used. Routing may have advantages when compared to
bridging together high speed and lower speed shared media, and in
addition bridging may not be suitable for some media, such as ad-hoc
mobile networks.
In some cases IPv4 NAT home networks may feature cascaded NATs, which In some cases IPv4 NAT home networks may feature cascaded NATs, which
may include cases where NAT routers are included within VMs, or where may include cases where NAT routers are included within VMs, or where
Internet connection sharing services are used. IPv6 routed versions Internet connection sharing services are used. IPv6 routed versions
of such cases will be required. We should thus note that routers in of such cases will be required. We should thus note that routers in
the homenet may not be separate physical devices; they may be the homenet may not be separate physical devices; they may be
embedded within other devices. embedded within other devices.
3.2.4. Multihoming 3.2.4. Multihoming
skipping to change at page 17, line 48 skipping to change at page 17, line 51
[RFC6296] at the CER, with ULAs then typically used internally, but [RFC6296] at the CER, with ULAs then typically used internally, but
this mode is not considered by this text. If NPTv6 is used, the this mode is not considered by this text. If NPTv6 is used, the
internal part of the homenet (which is the scope of this text) simply internal part of the homenet (which is the scope of this text) simply
sees only the one (ULA) prefix in use. It should be noted that sees only the one (ULA) prefix in use. It should be noted that
running NPTv6 has an architectural cost, due to the prefix running NPTv6 has an architectural cost, due to the prefix
translation used. translation used.
When multi-addressing is in use, hosts need some way to pick source When multi-addressing is in use, hosts need some way to pick source
and destination address pairs for connections. A host may choose a and destination address pairs for connections. A host may choose a
source address to use by various methods, which would typically source address to use by various methods, which would typically
include [I-D.ietf-6man-rfc3484bis]. Applications may of course do include [RFC6724]. Applications may of course do different things,
different things, and this should not be precluded. and this should not be precluded.
For the single CER Network Model C, multihoming may be offered by For the single CER Network Model C, multihoming may be offered by
source routing at the CER. With multiple exit routers, the source routing at the CER. With multiple exit routers, the
complexity rises. Given a packet with a source address on the complexity rises. Given a packet with a source address on the
network, the packet must be routed to the proper egress to avoid BCP network, the packet must be routed to the proper egress to avoid BCP
38 filtering at an ISP that did not delegate the prefix the address 38 [RFC2827] filtering at an ISP that did not delegate the prefix the
is chosen from. While the packet might not take an optimal path to address is chosen from. While the packet might not take an optimal
the correct exit CER, the minimum requirement is that the packet is path to the correct exit CER, the minimum requirement is that the
not dropped. It is of course highly desirable that the packet is packet is not dropped. It is of course highly desirable that the
routed in the most efficient manner to the correct exit. packet is routed in the most efficient manner to the correct exit.
There are various potential approaches to this problem, one example There are various potential approaches to this problem, one example
being described in [I-D.v6ops-multihoming-without-ipv6nat]. Another being described in [I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat].
is discussed in [I-D.baker-fun-multi-router], which explores support Another is discussed in [I-D.baker-fun-multi-router], which explores
for source routing throughout the homenet. This approach would support for source routing throughout the homenet. This approach
however likely require relatively significant routing changes to would however likely require relatively significant routing changes
route the packet to the correct exit given the source address. Such to route the packet to the correct exit given the source address.
changes should preferably be minimised. Such changes should preferably be minimised.
There are some other multihoming considerations for homenet There are some other multihoming considerations for homenet
scenarios. First, it may be the case that multihoming applies due to scenarios. First, it may be the case that multihoming applies due to
an ISP migration from a transition method to a native deployment, an ISP migration from a transition method to a native deployment,
e.g. a 6rd [RFC5969] sunset scenario, as discussed in e.g. a 6rd [RFC5969] sunset scenario. Second, one upstream may be a
[I-D.townsley-troan-ipv6-ce-transitioning]. Second, one upstream may "walled garden", and thus only appropriate to be used for
be a "walled garden", and thus only appropriate to be used for
connectivity to the services of that provider; an example may be a connectivity to the services of that provider; an example may be a
VPN service that only routes back to the enterprise business network VPN service that only routes back to the enterprise business network
of a user in the homenet. While we should not specifically target of a user in the homenet. While we should not specifically target
walled garden multihoming as a principal goal, it should not be walled garden multihoming as a principal goal, it should not be
precluded. precluded.
Host-based methods such as Shim6 [RFC5533] have been defined, but of Host-based methods such as Shim6 [RFC5533] have been defined, but of
course require support in the hosts. There are also application- course require support in the hosts. There are also application-
oriented approaches such as Happy Eyeballs [RFC6555]; simplified oriented approaches such as Happy Eyeballs [RFC6555]; simplified
versions of this are for example already implemented in some versions of this are for example already implemented in some
skipping to change at page 19, line 20 skipping to change at page 19, line 22
The homenet will need to be aware of the extent of its own "site", The homenet will need to be aware of the extent of its own "site",
which will define the borders for ULAs, site scope multicast, service which will define the borders for ULAs, site scope multicast, service
discovery and security policies. The homenet will have one or more discovery and security policies. The homenet will have one or more
borders with external connectivity providers and potentially also borders with external connectivity providers and potentially also
have borders within the internal network (e.g. for policy-based have borders within the internal network (e.g. for policy-based
reasons). It should be possible to automatically perform border reasons). It should be possible to automatically perform border
discovery for the different borders. Such borders determine for discovery for the different borders. Such borders determine for
example the scope of where prefixes, routing information, network example the scope of where prefixes, routing information, network
traffic, service discovery and naming may be shared. The default traffic, service discovery and naming may be shared. The default
internally should be to share everything. mode internally should be to share everything.
It is expected that a realm would span at least an entire subnet, and
thus be associated to one delegated prefix within the homenet. It is
also desirable for a richer security model that hosts, which may be
running in a transparent communication mode, are able to make
decisions based on available realm and associated prefix information
in the same way that routers at realm borders can.
A simple homenet model may just consider three types of realm and the A simple homenet model may just consider three types of realm and the
borders between them. For example if the realms are the homenet, the borders between them. For example if the realms are the homenet, the
ISP and the visitor network, then the borders will include that from ISP and the guest network, then the borders will include that from
the homenet to the ISP, and that from the homenet to a guest network. the homenet to the ISP, and that from the homenet to a guest network.
Regardless, it should be possible for additional types of realms and Regardless, it should be possible for additional types of realms and
borders to be defined, e.g. for some specific Grid or LLN-based borders to be defined, e.g. for some specific Grid or LLN-based
network, and for these to be detected automatically, and for an network, and for these to be detected automatically, and for an
appropriate default policy to be applied as to what type of traffic/ appropriate default policy to be applied as to what type of traffic/
data can flow across such borders. data can flow across such borders.
It is desirable to classify the external border of the home network It is desirable to classify the external border of the home network
as a unique logical interface separating the home network from as a unique logical interface separating the home network from
service provider network/s. This border interface may be a single service provider network/s. This border interface may be a single
skipping to change at page 19, line 46 skipping to change at page 20, line 7
sub-interfaces to a single service provider, or multiple connections sub-interfaces to a single service provider, or multiple connections
to a single or multiple providers. This border makes it possible to to a single or multiple providers. This border makes it possible to
describe edge operations and interface requirements across multiple describe edge operations and interface requirements across multiple
functional areas including security, routing, service discovery, and functional areas including security, routing, service discovery, and
router discovery. router discovery.
It should be possible for the homenet user to override any It should be possible for the homenet user to override any
automatically determined borders and the default policies applied automatically determined borders and the default policies applied
between them. between them.
3.3.2. Largest possible subnets Some initial proposals towards border discovery are presented in
[I-D.kline-default-perimeter].
3.3.2. Largest practical subnets
Today's IPv4 home networks generally have a single subnet, and early Today's IPv4 home networks generally have a single subnet, and early
dual-stack deployments have a single congruent IPv6 subnet, possibly dual-stack deployments have a single congruent IPv6 subnet, possibly
with some bridging functionality. More recently, some vendors have with some bridging functionality. More recently, some vendors have
started to introduce "home" and "guest" functions, which in IPv6 started to introduce "home" and "guest" functions, which in IPv6
would be implemented as two subnets. would be implemented as two subnets.
Future home networks are highly likely to have one or more internal Future home networks are highly likely to have one or more internal
routers and thus need multiple subnets, for the reasons described routers and thus need multiple subnets, for the reasons described
earlier. As part of the self-organisation of the network, the earlier. As part of the self-organisation of the network, the
homenet should subdivide itself to the largest possible subnets that homenet should subdivide itself to the largest practical subnets that
can be constructed within the constraints of link layer mechanisms, can be constructed within the constraints of link layer mechanisms,
bridging, physical connectivity, and policy. bridging, physical connectivity, and policy, and where applicable
performance or other criteria. For example, bridging a busy Gigabit
Ethernet subnet and a wireless subnet together may impact wireless
performance.
While it may be desirable to maximise the chance of link-local While it may be desirable to maximise the chance of link-local
protocols operating across a homenet by maximising the size of a protocols operating across a homenet by maximising the size of a
subnet, multi-subnet home networks are inevitable, so their support subnet, multi-subnet home networks are inevitable, so their support
must be included. must be included.
3.3.3. Handling multiple homenets 3.3.3. Handling multiple homenets
It is important that self-configuration with "unintended" devices is It is important that self-configuration with "unintended" devices is
avoided. Methods are needed for devices to know whether they are avoided. Methods are needed for devices to know whether they are
skipping to change at page 20, line 51 skipping to change at page 21, line 20
delegation method used by its upstream ISP. delegation method used by its upstream ISP.
3.4.1. Use of ISP-delegated IPv6 prefixes 3.4.1. Use of ISP-delegated IPv6 prefixes
A homenet may receive an arbitrary length IPv6 prefix from its A homenet may receive an arbitrary length IPv6 prefix from its
provider, e.g. /60, /56 or /48. The offered prefix may be stable or provider, e.g. /60, /56 or /48. The offered prefix may be stable or
change from time to time. Some ISPs may offer relatively stable change from time to time. Some ISPs may offer relatively stable
prefixes, while others may change the prefix whenever the CER is prefixes, while others may change the prefix whenever the CER is
reset. Some discussion of IPv6 prefix allocation policies is reset. Some discussion of IPv6 prefix allocation policies is
included in [RFC6177] which discusses why, for example, a one-size- included in [RFC6177] which discusses why, for example, a one-size-
fits-all /48 allocation is not desirable. The home network needs to fits-all /48 allocation is not desirable.
be adaptable to such ISP policies, and thus make no assumptions about
the stability of the prefix received from an ISP, or the length of The home network needs to be adaptable to such ISP policies, and thus
the prefix that may be offered. However, if only a /64 is offered by make no assumptions about the stability of the prefix received from
the ISP, the homenet may be severely constrained, or even unable to an ISP, or the length of the prefix that may be offered. However, if
function. only a /64 is offered by the ISP, the homenet may be severely
constrained (with IPv6 not reaching all devices in the home, or use
of some form of IPv6 NAT being forced), or even unable to function.
While it may be possible to operate a DHCPv6-only network with
prefixes longer than /64, doing so would break SLAAC, and is thus not
recommended.
A DHCPv6-PD capable router should "hint" that it would like a /48
prefix from its ISP, i.e. the CPE asks the ISP for the maximum size
prefix it might expect to be offered, but in practice it may
typically only be offered a /56 or /60.
The internal operation of the home network should also not depend on The internal operation of the home network should also not depend on
the availability of the ISP network at any given time, other than for the availability of the ISP network at any given time, other than for
connectivity to services or systems off the home network. This connectivity to services or systems off the home network. This
implies the use of ULAs for stable internal communication, as implies the use of ULAs for stable internal communication, as
described in the next section. described in the next section.
In practice, it is expected that ISPs will deliver a relatively In practice, it is expected that ISPs will deliver a relatively
stable home prefix to customers. The norm for residential customers stable home prefix to customers. The norm for residential customers
of large ISPs may be similar to their single IPv4 address provision; of large ISPs may be similar to their single IPv4 address provision;
skipping to change at page 21, line 34 skipping to change at page 22, line 12
When an ISP needs to restructure and in doing so renumber its When an ISP needs to restructure and in doing so renumber its
customer homenets, "flash" renumbering is likely to be imposed. This customer homenets, "flash" renumbering is likely to be imposed. This
implies a need for the homenet to be able to handle a sudden implies a need for the homenet to be able to handle a sudden
renumbering event which, unlike the process described in [RFC4192], renumbering event which, unlike the process described in [RFC4192],
would be a "flag day" event, which means that a graceful renumbering would be a "flag day" event, which means that a graceful renumbering
process moving through a state with two active prefixes in use would process moving through a state with two active prefixes in use would
not be possible. While renumbering is an extended version of an not be possible. While renumbering is an extended version of an
initial numbering process, the difference between flash renumbering initial numbering process, the difference between flash renumbering
and an initial "cold start" is the need to provide service and an initial "cold start" is the need to provide service
continuity. continuity. The deprecated addresses may remain usable for a short
period of time within the homenet.
There may be cases where local law means some ISPs are required to There may be cases where local law means some ISPs are required to
change IPv6 prefixes (current IPv4 addresses) for privacy reasons for change IPv6 prefixes (current IPv4 addresses) for privacy reasons for
their customers. In such cases it may be possible to avoid an their customers. In such cases it may be possible to avoid an
instant "flash" renumbering and plan a non-flag day renumbering as instant "flash" renumbering and plan a non-flag day renumbering as
per RFC 4192. per RFC 4192.
The customer may of course also choose to move to a new ISP, and thus The customer may of course also choose to move to a new ISP, and thus
begin using a new prefix. In such cases the customer should expect a begin using a new prefix. In such cases the customer should expect a
discontinuity, and not only may the prefix change, but potentially discontinuity, and not only may the prefix change, but potentially
also the prefix length, if the new ISP offers a different default also the prefix length, if the new ISP offers a different default
size prefix, e.g. a /60 rather than a /56. Regardless, it's size prefix, e.g. a /60 rather than a /56. Regardless, it's
desirable that homenet protocols support rapid renumbering and that desirable that homenet protocols support rapid renumbering and that
operational processes don't add unnecessary complexity for the operational processes don't add unnecessary complexity for the
renumbering process. renumbering process.
The 6renum WG is studying IPv6 renumbering for enterprise networks. The 6renum WG has studied IPv6 renumbering for enterprise networks.
It has not as yet targetted homenets, but may produce outputs that
It is not currently targetting homenets, but may produce outputs that
are relevant. The introduction of any new homenet protocols should are relevant. The introduction of any new homenet protocols should
not make any form of renumbering any more complex than it already is. not make any form of renumbering any more complex than it already is.
3.4.2. Stable internal IP addresses 3.4.2. Stable internal IP addresses
The network should by default attempt to provide IP-layer The network should by default attempt to provide IP-layer
connectivity between all internal parts of the homenet as well as to connectivity between all internal parts of the homenet as well as to
and from the external Internet, subject to the filtering policies or and from the external Internet, subject to the filtering policies or
other policy constraints discussed later in the security section. other policy constraints discussed later in the security section.
skipping to change at page 23, line 26 skipping to change at page 24, line 5
prefixes from each ISP they communicate with/through. prefixes from each ISP they communicate with/through.
Where ULAs are used, most likely but not necessarily in parallel with Where ULAs are used, most likely but not necessarily in parallel with
global prefixes, one router should be elected to offer ULA prefixes global prefixes, one router should be elected to offer ULA prefixes
for the homenet. The router should generate a /48 ULA for the site, for the homenet. The router should generate a /48 ULA for the site,
and then delegate /64's from that ULA prefix to subnets. In the and then delegate /64's from that ULA prefix to subnets. In the
normal state, a single /48 ULA should be used within the homenet. In normal state, a single /48 ULA should be used within the homenet. In
cases where two /48 ULAs are generated within a homenet, the network cases where two /48 ULAs are generated within a homenet, the network
should still continue to function. should still continue to function.
Delegation within the homenet should give each link a prefix that is Delegation within the homenet should give each subnet a prefix that
persistent across reboots, power outages and similar short-term is persistent across reboots, power outages and similar short-term
outages. Addition of a new routing device should not affect existing outages. Addition of a new routing device should not affect existing
persistent prefixes, but persistence may not be expected in the face persistent prefixes, but persistence may not be expected in the face
of significant "replumbing" of the homenet. Persistent prefixes of significant "replumbing" of the homenet. Persistent prefixes
should not depend on router boot order. Such persistent prefixes may should not depend on router boot order. Such persistent prefixes may
imply the need for stable storage on routing devices, and also a imply the need for stable storage on routing devices, and also a
method for a home user to "reset" the stored prefix should a method for a home user to "reset" the stored prefix should a
significant reconfiguration be required (though ideally the home user significant reconfiguration be required (though ideally the home user
should not be involved at all). should not be involved at all).
The delegation method should support renumbering, which would The delegation method should support renumbering, which would
skipping to change at page 23, line 51 skipping to change at page 24, line 30
prefixes within the homenet should remain persistent through an ISP- prefixes within the homenet should remain persistent through an ISP-
driven renumbering event. driven renumbering event.
Several proposals have been made for prefix delegation within a Several proposals have been made for prefix delegation within a
homenet. One group of proposals is based on DHCPv6 PD, as described homenet. One group of proposals is based on DHCPv6 PD, as described
in [I-D.baker-homenet-prefix-assignment], in [I-D.baker-homenet-prefix-assignment],
[I-D.chakrabarti-homenet-prefix-alloc], [RFC3315] and [RFC3633]. The [I-D.chakrabarti-homenet-prefix-alloc], [RFC3315] and [RFC3633]. The
other uses OSPFv3, as described in other uses OSPFv3, as described in
[I-D.arkko-homenet-prefix-assignment]. More detailed analysis of [I-D.arkko-homenet-prefix-assignment]. More detailed analysis of
these approaches needs to be made against the requirements/principles these approaches needs to be made against the requirements/principles
described above. described above. For example, DHCPv6 solutions may have problems in
multihomed scenarios with loops in the topology.
3.4.4. Privacy 3.4.4. Privacy
There are no specific privacy concerns discussed in this text. It There are no specific privacy concerns discussed in this text. It
should be noted as above that many ISPs are expected to offer should be noted as above that many ISPs are expected to offer
relatively stable IPv6 prefixes to customers, and thus the network relatively stable IPv6 prefixes to customers, and thus the network
prefix associated with the host addresses they use may not change prefix associated with the host addresses they use may not change
over a reasonably long period of time. This exposure is similar to over a reasonably long period of time. This exposure is similar to
IPv4 networks that expose the same IPv4 global address via use of IPv4 networks that expose the same IPv4 global address via use of
NAT, where the IPv4 address received from the ISP may change over NAT, where the IPv4 address received from the ISP may change over
skipping to change at page 24, line 27 skipping to change at page 25, line 6
regardless, e.g. through Privacy Addresses [RFC4941]. regardless, e.g. through Privacy Addresses [RFC4941].
3.5. Routing functionality 3.5. Routing functionality
Routing functionality is required when there are multiple routers Routing functionality is required when there are multiple routers
deployed within the internal home network. This functionality could deployed within the internal home network. This functionality could
be as simple as the current "default route is up" model of IPv4 NAT, be as simple as the current "default route is up" model of IPv4 NAT,
or, more likely, it would involve running an appropriate routing or, more likely, it would involve running an appropriate routing
protocol. protocol.
The homenet routing protocol should preferably be an existing The homenet unicast routing protocol should preferably be an existing
deployed protocol that has been shown to be reliable and robust, and deployed protocol that has been shown to be reliable and robust, and
it is preferable that the protocol is "lightweight". It is desirable it is preferable that the protocol is "lightweight". It is desirable
that the routing protocol has knowledge of the homenet topology, that the routing protocol has knowledge of the homenet topology,
which implies a link-state protocol is preferable. If so, it is also which implies a link-state protocol is preferable. If so, it is also
desirable that the announcements and use of LSAs and RAs are desirable that the announcements and use of LSAs and RAs are
appropriately coordinated. This would mean the routing protocol appropriately coordinated. This would mean the routing protocol
gives a consistent view of the network, and that it can pass around gives a consistent view of the network, and that it can pass around
more than just routing information. more than just routing information.
Multiple interface PHYs must be accounted for in the homenet routed Multiple interface PHYs must be accounted for in the homenet routed
skipping to change at page 25, line 17 skipping to change at page 25, line 45
The routing environment should be self-configuring, as discussed The routing environment should be self-configuring, as discussed
previously. An example of how OSPFv3 can be self-configuring in a previously. An example of how OSPFv3 can be self-configuring in a
homenet is described in [I-D.acee-ospf-ospfv3-autoconfig]. homenet is described in [I-D.acee-ospf-ospfv3-autoconfig].
Minimising convergence time should be a goal in any routed Minimising convergence time should be a goal in any routed
environment, but as a guideline a maximum convergence time of around environment, but as a guideline a maximum convergence time of around
30 seconds should be the target. 30 seconds should be the target.
Any routed solution will require a means for determining the Any routed solution will require a means for determining the
boundaries of the homenet. Borders may include but are not limited boundaries of the homenet. Borders may include but are not limited
to the interface to the upstream ISP, or a gateway device to a to the interface to the upstream ISP, or a gateway device to a
separate home network such as a SmartGrid or similar LLN network. In separate home network such as a LLN network. In some cases there may
some cases there may be no border such as occurs before an upstream be no border present, which may for example occur before an upstream
connection has been established. The border discovery functionality connection has been established. The border discovery functionality
may be integrated into the routing protocol itself, but may also be may be integrated into the routing protocol itself, but may also be
imported via a separate discovery mechanism. imported via a separate discovery mechanism.
In general, LLN or other networks should be able to attach and In general, LLN or other networks should be able to attach and
participate the same way as the main homenet, or alternatively map/be participate the same way as the main homenet, or alternatively map/be
gatewayed to the main homenet. Current home deployments use largely gatewayed to the main homenet. Current home deployments use largely
different mechanisms in sensor and basic Internet connectivity different mechanisms in sensor and basic Internet connectivity
networks. IPv6 VM solutions may also add additional routing networks. IPv6 VM solutions may also add additional routing
requirements. requirements.
[I-D.howard-homenet-routing-comparison] contains evaluations of 3.5.1. Multicast routing
common routing protocols made against the type of requirements
described above. It is also desirable that multicast routing is supported across the
homenet. The natural scopes for multicast would be link-local or
site-local, with the latter constrained within the homenet, but other
policy borders, e.g. to a guest subnet, may also affect where
specific multicast traffic is routed.
Where multicast is routed cross a homenet an appropriate multicast
routing protocol is required, one that as per the unicast routing
protocol should be self-configuring. The multicast environment
should support the ability for applications to pick a unique
multicast group to use.
3.6. Security 3.6. Security
The security of an IPv6 homenet is an important consideration. The The security of an IPv6 homenet is an important consideration. The
most notable difference to the IPv4 operational model is the removal most notable difference to the IPv4 operational model is the removal
of NAT, the introduction of global addressability of devices, and of NAT, the introduction of global addressability of devices, and
thus a need to consider whether devices should have global thus a need to consider whether devices should have global
reachability. However, there are other challenges introduced, e.g. reachability. However, there are other challenges introduced, e.g.
default filtering policies at the borders between other homenet default filtering policies at the borders between other homenet
realms. realms.
There is no defined "threat model" as such for the type of IPv6 There is no defined "threat model" as such for the type of IPv6
homenet described in this text. Such a document may be very useful. homenet described in this text. Such a document may be very useful.
It may include a variety of perspectives, from probing for specific It may include a variety of perspectives, from probing for specific
types of home appliance being present, to potential denial of service types of home appliance being present, to potential denial of service
attacks. Hosts need to be able to operate securely, end-to-end where attacks. Hosts need to be able to operate securely, end-to-end where
required, but also be robust against malicious traffic direct towards required, but also be robust against malicious traffic direct towards
them. We simply note at this point that software on home devices them. We simply note at this point that software on home devices are
will have an increase in security if it allows its software to be likely to have an increase in security if it allows its software to
updated regularly. be updated regularly.
3.6.1. Addressability vs reachability 3.6.1. Addressability vs reachability
An IPv6-based home network architecture should embrace and naturally An IPv6-based home network architecture should embrace and naturally
offer a transparent end-to-end communications model as described in offer a transparent end-to-end communications model as described in
[RFC2775]. Each device should be addressable by a globally unique [RFC2775]. Each device should be addressable by a globally unique
address, and those addresses must not be altered in transit. address, and those addresses must not be altered in transit.
Security perimeters can (via policy) restrict end-to-end Security perimeters can (via policy) restrict end-to-end
communications, and thus while a host may be globally addressable it communications, and thus while a host may be globally addressable it
may not be globally reachable. may not be globally reachable.
skipping to change at page 26, line 34 skipping to change at page 27, line 24
be opened. Thus to support applications wanting to accept be opened. Thus to support applications wanting to accept
connections initiated into home networks where a "default deny" connections initiated into home networks where a "default deny"
policy is in place support for a signalling protocol such as UPnP or policy is in place support for a signalling protocol such as UPnP or
PCP [I-D.ietf-pcp-base] is required. In networks with multiple CERs, PCP [I-D.ietf-pcp-base] is required. In networks with multiple CERs,
the signalling would need to handle the cases of flows that may use the signalling would need to handle the cases of flows that may use
one or more exit routers. CERs would need to be able to advertise one or more exit routers. CERs would need to be able to advertise
their existence for such protocols. their existence for such protocols.
[RFC6092] expands on RFC 4864, giving a more detailed discussion of [RFC6092] expands on RFC 4864, giving a more detailed discussion of
IPv6 perimeter security recommendations, without mandating a "default IPv6 perimeter security recommendations, without mandating a "default
deny" approach. Indeed, RFC 6092 does not proscribe a particular deny" approach. Indeed, RFC 6092 does not prescribe a particular
mode of operation, instead stating that CERs must provide an easily mode of operation, instead stating that CERs must provide an easily
selected configuration option that permits a "transparent" mode of selected configuration option that permits a "transparent" mode of
operation, thus ensuring a "default allow" model is available. The operation, thus ensuring a "default allow" model is available. The
homenet architecture text makes no recommendation on the default homenet architecture text makes no recommendation on the default
setting, and refers the reader to RFC 6092, which in turn simply setting, and refers the reader to RFC 6092.
states that a CER should provide functionality sufficient to support
the recommendations in that RFC.
Advanced Security for IPv6 CPEs [I-D.vyncke-advanced-ipv6-security] Advanced Security for IPv6 CPEs [I-D.vyncke-advanced-ipv6-security]
takes the approach that in order to provide the greatest end-to-end takes the approach that in order to provide the greatest end-to-end
transparency as well as security, security policies must be updated transparency as well as security, security policies must be updated
by a trusted party which can provide intrusion signatures and other by a trusted party which can provide intrusion signatures and other
"active" information on security threats. This might for example "active" information on security threats. This might for example
allow different malware detection profiles to be configured on a CER. allow different malware detection profiles to be configured on a CER.
Such methods should be able to be automatically updating. Such methods should be able to be automatically updating.
3.6.2. Filtering at borders 3.6.2. Filtering at borders
It is desirable that there are mechanisms to detect different types It is desirable that there are mechanisms to detect different types
of borders within the homenet, as discussed previously, and then the of borders within the homenet, as discussed previously, and then the
means to apply different types of filtering policies at those means to apply different types of filtering policies at those
borders, e.g. whether naming and service discovery should pass a borders, e.g. whether naming and service discovery should pass a
given border. Any such policies should be able to be easily applied given border. Any such policies should be able to be easily applied
by typical home users, e.g. to give a visitor in a "guest" network by typical home users, e.g. to give a user in a guest network access
access to media services in the home, or access to a printer in the to media services in the home, or access to a printer. Simple
residence. Simple mechanisms to apply policy changes, or mechanisms to apply policy changes, or associations between devices,
associations between devices, will be required. will be required.
There are cases where full internal connectivity may not be There are cases where full internal connectivity may not be
desirable, e.g. in certain utility networking scenarios, or where desirable, e.g. in certain utility networking scenarios, or where
filtering is required for policy reasons against guest network filtering is required for policy reasons against guest network
subnet(s). Some scenarios/models may as a result involve running subnet(s). Some scenarios/models may as a result involve running
isolated subnet(s) with their own CERs. In such cases connectivity isolated subnet(s) with their own CERs. In such cases connectivity
would only be expected within each isolated network (though traffic would only be expected within each isolated network (though traffic
may potentially pass between them via external providers). may potentially pass between them via external providers).
LLNs provide an another example of where there may be secure LLNs provide an another example of where there may be secure
perimeters inside the homenet. Constrained LLN nodes may implement perimeters inside the homenet. Constrained LLN nodes may implement
WPA2-style network key security but may depend on access policies WPA2-style network key security but may depend on access policies
enforced by the LLN border router. enforced by the LLN border router.
3.6.3. Device capabilities 3.6.3. Marginal Effectiveness of NAT and Firewalls
Security by way of obscurity (address translation) or through
firewalls (filtering) is at best marginally effective. The very poor
security track record of home computer, home networking and business
PC computers and networking is testomony to its ineffectiveness. A
compromise behind the firewall of any device exposes all others,
making an entire network that relies on obscurity or a firewall as
vulnerable as the most insecure device on the private side of the
network.
However, given home network products with very poor security, putting
a firewall in place does provide some protection, even if only
marginally effective. IPv6 global reachability may increase the need
to solve the underlying problem of certain insecure home and business
computer and network products. The use of firewalls today, whether a
good practice or not, is common practice and whatever protection
afforded, even if marginally effective, must not be lost.
3.6.4. Device capabilities
In terms of the devices, homenet hosts should implement their own In terms of the devices, homenet hosts should implement their own
security policies in accordance to their computing capabilities. security policies in accordance to their computing capabilities.
They should have the means to request transparent communications to They should have the means to request transparent communications to
be initiated to them, either for all ports or for specific services. be initiated to them, either for all ports or for specific services.
Users should have simple methods to associate devices to services Users should have simple methods to associate devices to services
that they wish to operate transparently through (CER) borders. that they wish to operate transparently through (CER) borders.
3.6.4. ULAs as a hint of connection origin 3.6.5. ULAs as a hint of connection origin
It has been suggested that using ULAs would provide an indication to It has been suggested that using ULAs would provide an indication to
applications that received traffic is locally sourced. This could applications that received traffic is locally sourced. This could
then be used with security settings to designate where a particular then be used with security settings to designate where a particular
application is allowed to connect to or receive traffic from. application is allowed to connect to or receive traffic from.
3.7. Naming and Service Discovery 3.7. Naming and Service Discovery
Naming and service discovery must be supported in the homenet. The Naming and service discovery must be supported in the homenet, and
service(s) providing this function must support unmanaged operation. the service(s) providing this function must support unmanaged
operation.
The most natural way to think about such naming and service discovery The naming system will be required to work internally or externally,
is to enable it to work across the entire homenet residence (site), be the user within the homenet or outside it. The most natural way
disregarding technical borders such as subnets but potentially to think about such naming and service discovery is to enable it to
respecting policy borders such as those between visitor and internal work across the entire homenet residence (site), disregarding
network realms. technical borders such as subnets but respecting policy borders such
as those between guest and other internal network realms.
Users will want simple ways to name devices, or be provided with 3.7.1. Discovering services
appropriate ways for devices to generate unique names within the
homenet. Users may typically perform device (re)naming and discovery
through GUI interfaces that hide the local domain name element from
them. Users may also wish to associated named devices to Internet
domains, so that devices in their homenet can be accessed remotely.
Thus from the user's perspective a device is given a name; the user
may expect that same unqualified name toy be valid within the local
name service or through an Internet name service. Thus implies
relative name resolution should be supported, i.e. there is some
naming convention that allows name resolution while mitigating the
need for the user to know an absolute location in the Internet name
space. Or that there is some means to discover the domain
transparently to the user.
Homenet devices may thus appear in one or more local homenet name Users will typically perform service discovery through GUI interfaces
spaces and also in one or more Internet name spaces. While typically that allow them to browse services on their network in an appropriate
there would be only one local name space, there may be scenarios and intuitive way. Such interfaces are beyond the scope of this
where segmentation of that name space may be desirable. The naming document, but the interface should have an appropriate API for the
system will be required to work internally or externally, be the user discovery to be performed.
within the homenet or outside it, and there may be multiple naming
domains used for any given device, e.g. Internet, home or guest
domains. It is likely that a home user will want access to many of
the devices and services in their home while "roaming" elsewhere.
However, it may be the case that not all devices in the homenet are
made available by name via an Internet name space, and that a "split
view" is preferred for certain devices.
The homenet name service must therefore at the very least co-exist Such interfaces may also typically hide the local domain name element
with Internet name services. There are naming protocols that are from users, especially where only one name space is available. As we
designed to be configured and operate Internet-wide, like unicast- discuss below, in some cases the ability to discover available
based DNS, but also protocols that are designed for zero- domains may be useful.
configuration local environments, like mDNS. Consideration should be
made for how these interact with each other in a homenet scenario. We note that current service discovery protocols are generally aimed
at single subnets. There is thus a choice to make for multi-subnet
homenets as to whether such protocols should be proxied or extended
to operate across a whole homenet. This issue is discussed in more
detail in a later section of this text. The outcome may have an
impact, for example, on whether support may be required for IPv6
multicast routing across the scope of the whole homenet. In general
we should prefer approaches that are backwardly compatible, and allow
current implementations to continue to be used.
3.7.2. Assigning names to devices
Given the large number of devices that may be networked in the
future, devices should have a means to generate their own unique
names within a homenet, and to detect clashes should they arise, e.g.
where two devices of the same type are deployed with the same default
name, or where two running network elements are suddenly joined.
Users will also want simple ways to (re)name devices, again most
likely through an appropriate and intuitive interface that is beyond
the scope of this document. Note the name a user assigns to a device
may be a label that is stored on the device as an attribute of the
device, and may be distinct from the name used in a name service,
e.g. 'Laser Printer in the Study Room' as opposed to
printer2.sitelocal.
3.7.3. Name spaces
It is desirable that only one name space is in use in the homenet,
and that this name space is served authoritatively by a server in the
homenet, most likely resident on the CER.
If a user wishes to access their home devices remotely from elsewhere
on the Internet a globally unique name space is required. This may
be acquired by the user or provided/generated by their ISP. It is
expected that the default case is that a homenet will use a global
domain provided by the ISP, but users wishing to use a name space
that is independent of their provider in the longer term may seek
their own domain name. Examples of provider name space delegation
approaches are described in [I-D.mglt-homenet-naming-delegation] and
[I-D.mglt-homenet-front-end-naming-delegation]. For users wanting to
use their own independent domain names, such services are already
available.
If however a global name space is not available, the homenet will
need to uck and tse a local name space, which would only have meaning
within the local homenet (i.e. it would not be used for remote access
to the homenet). The .local name space has a special meaning for
certain existing protocols which have link-local scope, and is thus
not appropriate for multi-subnet home networks. A differently named
name space is thus required for the homenet.
One approach for picking a local name space is to use an Ambiguous
Local Qualified Domain Name (ALQDN) space, such as .sitelocal (or an
appropriate name reserved for the purpose). While this is a simple
approach, there is the potential for devices that are bookmarked
somehow by an application in one homenet to be confused with a device
with the same name in another homenet.
An alternative approach for local name space would be to use a Unique
Locally Qualified Domain Name (ULQDN) space such as
.<UniqueString>.sitelocal. The <UniqueString> could be generated in
a variety of ways, one potentially being based on the local ULA
prefix across the homenet. Such a <UniqueString> should survive a
cold start, or if an existing value is not set on startup, the CER or
device running the name service should generate a default value. It
could be desirable for the homenet user to be able to override the
<UniqueString> with a value of their choice, but that would increase
the likelihood of a name conflict.
Whichever approach is used, the intent is to disambiguate the name
space across different homenets, not to create a new IANA name space
for such networks. If remote access to the homenet is required, a
global domain is required.
With the introduction of new "dotless" top level domains, there is
potential for ambiguity between for example a local host called
"computer" and (if it is registered) a .computer gTLD. Thus
qualified names should always be used, whether these are exposed to
the user or not.
There may be use cases where segmentation of the name space is
desirable, e.g. for use in different realms within the homenet. Thus
hierarchical name space management is likely to be required.
Where a user may be in a remote network wishing to access devices in
their home network, there may be a requirement to consider the domain
search order presented where two name spaces exist. In such cases, a
GUI may present the user a choice of domains to use, where the name
of their devices is thus relative to that domain. This implies that
a domain discovery function is desirable.
It may be the case that not all devices in the homenet are made
available by name via an Internet name space, and that a 'split view'
is preferred for certain devices.
This document makes no assumption about the presence or omission of a
reverse lookup service. There is an argument that it may be useful
for presenting logging information to users with meaningful device
names rather than literal addresses.
3.7.4. The homenet name service
The homenet name service should support both lookups and discovery. The homenet name service should support both lookups and discovery.
A lookup would operate via a direct query to a known service, while A lookup would operate via a direct query to a known service, while
discovery may use multicast messages (as per mDNS and DNS-SD) or a discovery may use multicast messages or a service where applications
service where applications register in order to be found. register in order to be found.
It is highly desirable that the homenet name service must at the very
least co-exist with the Internet name service. There should also be
a bias towards proven, existing solutions. The strong implication is
thus that the homenet service is DNS-based, or DNS-compatible. There
are naming protocols that are designed to be configured and operate
Internet-wide, like unicast-based DNS, but also protocols that are
designed for zero-configuration local environments, like mDNS.
As described in [I-D.mglt-homenet-naming-delegation], one approach is
to run an authoritative name service in the homenet, most likely on
the CER, which caches results, and to have the homenet's ISP provide
a secondary name service.
For a service such as mDNS to coexist with an Internet name service,
where the homenet is preferably using a global domain name, it is
desirable that the zeroconf devices have a way to add their names to
the global name space in use. Zeroconf protocols could be used to
indicate global FQDNs, e.g. an mDNS service could return a FQDN in a
SRV record.
Regardless, a method for local name service entries to be populated
automatically by devices is desirable. Interfaces to devices might
choose to give users the option as to whether the device should
register itself in the global name space. There should also be a
defined mechanism for device entries to be removed or expired from
the global name space.
It has been suggested for example that Dynamic DNS could be made to
operate in a zero-configuration mode using a locally significant root
domain and with minimal configuration or using a DHCPv6 based
(details to-be-defined) means of automated delegation populate a
global DNS zone.
To protect against attacks such as cache poisoning, it is desirable
to support appropriate name service security methods, including
DNSSEC.
The impact of a change in CER must be considered. It would be
desirable to retain any relevant state (configuration) that was held
in the old CER. This might imply that state information should be
distributed in the homenet, to be recoverable by/to the new CER.
3.7.5. Independent operation
Name resolution and service discovery for reachable devices must Name resolution and service discovery for reachable devices must
continue to function if the local network is disconnected from the continue to function if the local network is disconnected from the
global Internet, e.g. a local media server should still be available global Internet, e.g. a local media server should still be available
even if the Internet link is down for an extended period. This even if the Internet link is down for an extended period. This
implies the local network should also be able to perform a complete implies the local network should also be able to perform a complete
restart in the absence of external connectivity, and have local restart in the absence of external connectivity, and have local
naming and discovery operate correctly. This might be achieved via a naming and service discovery operate correctly.
local cache and an authoritative local name service. Also, a change
in ISP should also not affect local naming and service discovery.
There should be consideration of the security of any local name The approach described above of a local authoritative name service
space. A typical problem here may be that many homenets may use a with a cache would allow local operation for sustained ISP outages.
common "well-known" local domain suffix, e.g. .local, and this may be
ambiguous to a device that could attach to multiple homenets that use
that name, but this is also part of the "avoid joining unintended
networks" problem. A method to utilise a local trust anchor is
desirable.
With the introduction of new "dotless" top level domains, there is Having an independent local trust anchor is desirable, to support
potential for ambiguity between for example a local host called secure exchanges should external connectivity be unavailable.
"computer" and (if it is registered) a .computer gTLD. This suggests
some implicit local name space is probably required. Such a name
space should also be configurable to something else by the user.
Discovery of a name service for access to external Internet resources
is also a fundamental requirement in a multi-subnet homenet; the
problem is not just name and service discovery within the homenet
itself.
In some parts of the homenet, e.g. LLNs, devices may be sleeping, in A change in ISP should should not affect local naming and service
which case a proxy for such nodes may be required, that can respond discovery. However, if the homenet uses a global name space provided
for example to multicast service discovery requests. Those same by the ISP, then this will obviously have an impact if the user
parts of the network may have less capacity for multicast traffic changes their network provider.
that may be flooded from other parts of the network. In general,
message utilisation should be efficient considering the network
technologies the service may need to operate over.
A desirable target may be a fully functional, self-configuring secure 3.7.6. Considerations for LLNs
local name service so that all devices can be referred to by name,
and these FQDNs are resolved locally. This could make clean use of
ULAs and multiple ISP-provided prefixes much easier. Such a local
name service should be (by default) authoritative for the local name
space in both IPv4 and IPv6. A dual-stack residential gateway should
include a dual-stack DNS server.
Current service discovery protocols are generally aimed at single In some parts of the homenet, in particular LLNs, devices may be
subnets. If service discovery is to operate across the an entire sleeping, in which case a proxy for such nodes may be required, that
homenet, by adopting an approach like that proposed as Extended mDNS can respond (for example) to multicast service discovery requests.
(xmDNS) [I-D.lynn-homenet-site-mdns], then support may be required Those same parts of the network may have less capacity for multicast
for IPv6 multicast across the scope of the whole homenet. traffic that may be flooded from other parts of the network. In
general, message utilisation should be efficient considering the
network technologies the service may need to operate over.
There are efforts underway to determine naming and dicovery solutions
for use by the Constrained Application Protocol (CoAP) in LLN
networks. These are outside the scope of this document.
3.7.7. DNS resolver discovery
Automatic discovery of a name service to allow client devices in the
homenet to resolve external domains on the Internet is required, and
such discovery must support clients that may be a number of router
hops away from the name service.
3.8. Other Considerations 3.8. Other Considerations
This section discusses some other considerations for home networking This section discusses some other considerations for home networking
that may affect the architecture. that may affect the architecture.
3.8.1. Proxy or Extend? 3.8.1. Proxy or Extend?
There are two broad choices for allowing services that would There are two broad choices for allowing services that would
otherwise be link-local to work across a homenet site. In the otherwise be link-local to work across a homenet site. In the
example of service discovery, one is to take protocols like mDNS and example of service discovery, one is to take protocols like mDNS and
have them run over site multicast within the homenet. This is fine have them run over site multicast within the homenet, as described in
if all hosts support the extension, and the scope within any internal the Extended mDNS proposal (xmDNS) [I-D.lynn-homenet-site-mdns].
borders is well-understood. But it's not backwards-compatible with This is fine if all hosts support the extension, and the scope within
existing link-local protocols. The alternative is to proxy service any internal borders is well-understood. But it's not backwards-
discovery across each link, to propagate it. This is more complex, compatible with existing link-local protocols. The alternative is to
but is backwards-compatible. It would need to work with IPv6, and proxy service discovery across subnets to propagate it. This is more
dual-stack. complex, but is backwards-compatible. It would need to work with
IPv6, and dual-stack.
The homenet architecture proposes that any existing protocols that The homenet architecture proposes that any existing protocols that
are designed to only work within a subnet should be extended to work are designed to only work within a subnet should be extended to work
across subnets, rather than defining proxy capabilities for each of across subnets, rather than defining proxy capabilities for each of
those functions. However, while it is desirable to extend protocols those functions. However, while it is desirable to extend protocols
to site scope operation rather than providing proxy functions on to site scope operation rather than providing proxy functions on
subnet boundaries, the reality is that until all hosts can use site- subnet boundaries, the reality is that until all hosts can use site-
scope discovery protocols, existing link-local protocols would need scope discovery protocols, existing link-local protocols would need
to be proxied anyway. to be proxied anyway.
skipping to change at page 31, line 47 skipping to change at page 35, line 27
require extensions to support source and destination address based require extensions to support source and destination address based
routing within the homenet. routing within the homenet.
Some protocol changes are however required in the architecture, e.g. Some protocol changes are however required in the architecture, e.g.
for name resolution and service discovery, extensions to existing for name resolution and service discovery, extensions to existing
multicast-based name resolution protocols are needed to enable them multicast-based name resolution protocols are needed to enable them
to work across subnets, within the scope of the home network site. to work across subnets, within the scope of the home network site.
Some of the hardest problems in developing solutions for home Some of the hardest problems in developing solutions for home
networking IPv6 architectures include discovering the right borders networking IPv6 architectures include discovering the right borders
where the domain "home" ends and the service provider domain begins, where the "home" domain ends and the service provider domain begins,
deciding whether some of the necessary discovery mechanism extensions deciding whether some of the necessary discovery mechanism extensions
should affect only the network infrastructure or also hosts, and the should affect only the network infrastructure or also hosts, and the
ability to turn on routing, prefix delegation and other functions in ability to turn on routing, prefix delegation and other functions in
a backwards compatible manner. a backwards compatible manner.
4. Conclusions 4. Conclusions
This text defines principles and requirements for a homenet This text defines principles and requirements for a homenet
architecture. The principles and requirements documented here should architecture. The principles and requirements documented here should
be observed by any future texts describing homenet protocols for be observed by any future texts describing homenet protocols for
skipping to change at page 32, line 49 skipping to change at page 36, line 31
[RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy
Extensions for Stateless Address Autoconfiguration in Extensions for Stateless Address Autoconfiguration in
IPv6", RFC 4941, September 2007. IPv6", RFC 4941, September 2007.
[RFC6092] Woodyatt, J., "Recommended Simple Security Capabilities in [RFC6092] Woodyatt, J., "Recommended Simple Security Capabilities in
Customer Premises Equipment (CPE) for Providing Customer Premises Equipment (CPE) for Providing
Residential IPv6 Internet Service", RFC 6092, Residential IPv6 Internet Service", RFC 6092,
January 2011. January 2011.
[RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O.
Troan, "Basic Requirements for IPv6 Customer Edge
Routers", RFC 6204, April 2011.
[I-D.ietf-v6ops-6204bis]
Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic
Requirements for IPv6 Customer Edge Routers",
draft-ietf-v6ops-6204bis-09 (work in progress), May 2012.
5.2. Informative References 5.2. Informative References
[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and
E. Lear, "Address Allocation for Private Internets", E. Lear, "Address Allocation for Private Internets",
BCP 5, RFC 1918, February 1996. BCP 5, RFC 1918, February 1996.
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
and W. Weiss, "An Architecture for Differentiated and W. Weiss, "An Architecture for Differentiated
Services", RFC 2475, December 1998. Services", RFC 2475, December 1998.
[RFC2775] Carpenter, B., "Internet Transparency", RFC 2775, [RFC2775] Carpenter, B., "Internet Transparency", RFC 2775,
February 2000. February 2000.
[RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering:
Defeating Denial of Service Attacks which employ IP Source
Address Spoofing", BCP 38, RFC 2827, May 2000.
[RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network
Address Translator (Traditional NAT)", RFC 3022, Address Translator (Traditional NAT)", RFC 3022,
January 2001. January 2001.
[RFC3646] Droms, R., "DNS Configuration options for Dynamic Host [RFC3646] Droms, R., "DNS Configuration options for Dynamic Host
Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, Configuration Protocol for IPv6 (DHCPv6)", RFC 3646,
December 2003. December 2003.
[RFC4192] Baker, F., Lear, E., and R. Droms, "Procedures for [RFC4192] Baker, F., Lear, E., and R. Droms, "Procedures for
Renumbering an IPv6 Network without a Flag Day", RFC 4192, Renumbering an IPv6 Network without a Flag Day", RFC 4192,
skipping to change at page 34, line 6 skipping to change at page 37, line 31
[RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for [RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for
IPv4/IPv6 Translation", RFC 6144, April 2011. IPv4/IPv6 Translation", RFC 6144, April 2011.
[RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
Algorithm", RFC 6145, April 2011. Algorithm", RFC 6145, April 2011.
[RFC6177] Narten, T., Huston, G., and L. Roberts, "IPv6 Address [RFC6177] Narten, T., Huston, G., and L. Roberts, "IPv6 Address
Assignment to End Sites", BCP 157, RFC 6177, March 2011. Assignment to End Sites", BCP 157, RFC 6177, March 2011.
[RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O.
Troan, "Basic Requirements for IPv6 Customer Edge
Routers", RFC 6204, April 2011.
[RFC6296] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Prefix [RFC6296] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Prefix
Translation", RFC 6296, June 2011. Translation", RFC 6296, June 2011.
[RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
Stack Lite Broadband Deployments Following IPv4 Stack Lite Broadband Deployments Following IPv4
Exhaustion", RFC 6333, August 2011. Exhaustion", RFC 6333, August 2011.
[RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with
Dual-Stack Hosts", RFC 6555, April 2012. Dual-Stack Hosts", RFC 6555, April 2012.
[RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown,
"Default Address Selection for Internet Protocol Version 6
(IPv6)", RFC 6724, September 2012.
[I-D.mglt-homenet-front-end-naming-delegation]
Cloetens, W., Lemordant, P., and D. Migault, "IPv6 Home
Network Front End Naming Delegation",
draft-mglt-homenet-front-end-naming-delegation-00 (work in
progress), July 2012.
[I-D.mglt-homenet-naming-delegation]
Cloetens, W., Lemordant, P., and D. Migault, "IPv6 Home
Network Naming Delegation Architecture",
draft-mglt-homenet-naming-delegation-00 (work in
progress), July 2012.
[I-D.baker-fun-multi-router] [I-D.baker-fun-multi-router]
Baker, F., "Exploring the multi-router SOHO network", Baker, F., "Exploring the multi-router SOHO network",
draft-baker-fun-multi-router-00 (work in progress), draft-baker-fun-multi-router-00 (work in progress),
July 2011. July 2011.
[I-D.lynn-homenet-site-mdns] [I-D.lynn-homenet-site-mdns]
Lynn, K. and D. Sturek, "Extended Multicast DNS", Lynn, K. and D. Sturek, "Extended Multicast DNS",
draft-lynn-homenet-site-mdns-00 (work in progress), draft-lynn-homenet-site-mdns-01 (work in progress),
March 2012. September 2012.
[I-D.townsley-troan-ipv6-ce-transitioning]
Townsley, M. and O. Troan, "Basic Requirements for
Customer Edge Routers - multihoming and transition",
draft-townsley-troan-ipv6-ce-transitioning-02 (work in
progress), December 2011.
[I-D.baker-fun-routing-class]
Baker, F., "Routing a Traffic Class",
draft-baker-fun-routing-class-00 (work in progress),
July 2011.
[I-D.howard-homenet-routing-comparison]
Howard, L., "Evaluation of Proposed Homenet Routing
Solutions", draft-howard-homenet-routing-comparison-00
(work in progress), December 2011.
[I-D.herbst-v6ops-cpeenhancements]
Herbst, T. and D. Sturek, "CPE Considerations in IPv6
Deployments", draft-herbst-v6ops-cpeenhancements-00 (work
in progress), October 2010.
[I-D.vyncke-advanced-ipv6-security] [I-D.vyncke-advanced-ipv6-security]
Vyncke, E., Yourtchenko, A., and M. Townsley, "Advanced Vyncke, E., Yourtchenko, A., and M. Townsley, "Advanced
Security for IPv6 CPE", Security for IPv6 CPE",
draft-vyncke-advanced-ipv6-security-03 (work in progress), draft-vyncke-advanced-ipv6-security-03 (work in progress),
October 2011. October 2011.
[I-D.ietf-6man-rfc3484bis] [I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat]
Thaler, D., Draves, R., Matsumoto, A., and T. Chown, Matsushima, S., Okimoto, T., Troan, O., Miles, D., and D.
"Default Address Selection for Internet Protocol version 6
(IPv6)", draft-ietf-6man-rfc3484bis-06 (work in progress),
June 2012.
[I-D.v6ops-multihoming-without-ipv6nat]
Troan, O., Miles, D., Matsushima, S., Okimoto, T., and D.
Wing, "IPv6 Multihoming without Network Address Wing, "IPv6 Multihoming without Network Address
Translation", draft-v6ops-multihoming-without-ipv6nat-00 Translation",
(work in progress), March 2011. draft-ietf-v6ops-ipv6-multihoming-without-ipv6nat-04 (work
in progress), February 2012.
[I-D.baker-homenet-prefix-assignment] [I-D.baker-homenet-prefix-assignment]
Baker, F. and R. Droms, "IPv6 Prefix Assignment in Small Baker, F. and R. Droms, "IPv6 Prefix Assignment in Small
Networks", draft-baker-homenet-prefix-assignment-01 (work Networks", draft-baker-homenet-prefix-assignment-01 (work
in progress), March 2012. in progress), March 2012.
[I-D.arkko-homenet-prefix-assignment] [I-D.arkko-homenet-prefix-assignment]
Arkko, J., Lindem, A., and B. Paterson, "Prefix Assignment Arkko, J., Lindem, A., and B. Paterson, "Prefix Assignment
in a Home Network", in a Home Network",
draft-arkko-homenet-prefix-assignment-02 (work in draft-arkko-homenet-prefix-assignment-02 (work in
progress), July 2012. progress), July 2012.
[I-D.acee-ospf-ospfv3-autoconfig] [I-D.acee-ospf-ospfv3-autoconfig]
Lindem, A. and J. Arkko, "OSPFv3 Auto-Configuration", Lindem, A. and J. Arkko, "OSPFv3 Auto-Configuration",
draft-acee-ospf-ospfv3-autoconfig-03 (work in progress), draft-acee-ospf-ospfv3-autoconfig-03 (work in progress),
July 2012. July 2012.
[I-D.ietf-pcp-base] [I-D.ietf-pcp-base]
Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P. Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P.
Selkirk, "Port Control Protocol (PCP)", Selkirk, "Port Control Protocol (PCP)",
draft-ietf-pcp-base-26 (work in progress), June 2012. draft-ietf-pcp-base-28 (work in progress), October 2012.
[I-D.kline-default-perimeter]
Kline, E., "Default Perimeter Identification",
draft-kline-default-perimeter-00 (work in progress),
July 2012.
[I-D.hain-ipv6-ulac] [I-D.hain-ipv6-ulac]
Hain, T., Hinden, R., and G. Huston, "Centrally Assigned Hain, T., Hinden, R., and G. Huston, "Centrally Assigned
IPv6 Unicast Unique Local Address Prefixes", IPv6 Unicast Unique Local Address Prefixes",
draft-hain-ipv6-ulac-02 (work in progress), July 2010. draft-hain-ipv6-ulac-02 (work in progress), July 2010.
[I-D.chakrabarti-homenet-prefix-alloc] [I-D.chakrabarti-homenet-prefix-alloc]
Nordmark, E., Chakrabarti, S., Krishnan, S., and W. Nordmark, E., Chakrabarti, S., Krishnan, S., and W.
Haddad, "Simple Approach to Prefix Distribution in Basic Haddad, "Simple Approach to Prefix Distribution in Basic
Home Networks", draft-chakrabarti-homenet-prefix-alloc-01 Home Networks", draft-chakrabarti-homenet-prefix-alloc-01
(work in progress), October 2011. (work in progress), October 2011.
[I-D.arkko-homenet-physical-standard] [I-D.ietf-v6ops-6204bis]
Arkko, J. and A. Keranen, "Minimum Requirements for Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic
Physical Layout of Home Networks", Requirements for IPv6 Customer Edge Routers",
draft-arkko-homenet-physical-standard-00 (work in draft-ietf-v6ops-6204bis-11 (work in progress),
progress), March 2012. September 2012.
[Gettys11] [Gettys11]
Gettys, J., "Bufferbloat: Dark Buffers in the Internet", Gettys, J., "Bufferbloat: Dark Buffers in the Internet",
March 2011, March 2011,
<http://www.ietf.org/proceedings/80/slides/tsvarea-1.pdf>. <http://www.ietf.org/proceedings/80/slides/tsvarea-1.pdf>.
[IGD-2] UPnP Gateway Committee, "Internet Gateway Device (IGD) V [IGD-2] UPnP Gateway Committee, "Internet Gateway Device (IGD) V
2.0", September 2010, <http://upnp.org/specs/gw/ 2.0", September 2010, <http://upnp.org/specs/gw/
UPnP-gw-WANIPConnection-v2-Service.pdf>. UPnP-gw-WANIPConnection-v2-Service.pdf>.
Appendix A. Acknowledgments Appendix A. Acknowledgments
The authors would like to thank Aamer Akhter, Mark Andrews, Dmitry The authors would like to thank Aamer Akhter, Mark Andrews, Dmitry
Anipko, Fred Baker, Ray Bellis, Cameron Byrne, Brian Carpenter, Anipko, Fred Baker, Ray Bellis, Cameron Byrne, Brian Carpenter,
Stuart Cheshire, Lorenzo Colitti, Robert Cragie, Ralph Droms, Lars Stuart Cheshire, Lorenzo Colitti, Robert Cragie, Ralph Droms, Lars
Eggert, Jim Gettys, olafur Gudmundsson, Wassim Haddad, Joel M. Eggert, Jim Gettys, olafur Gudmundsson, Wassim Haddad, Joel M.
Halpern, David Harrington, Lee Howard, Ray Hunter, Joel Jaeggli, Halpern, David Harrington, Lee Howard, Ray Hunter, Joel Jaeggli,
Heather Kirksey, Ted Lemon, Kerry Lynn, Erik Nordmark, Michael Heather Kirksey, Ted Lemon, Acee Lindem, Kerry Lynn, Erik Nordmark,
Richardson, Barbara Stark, Sander Steffann, Dave Taht, Dave Thaler, Michael Richardson, Barbara Stark, Sander Steffann, Don Sturek, Dave
Mark Townsley, JP Vasseur, Curtis Villamizar, Dan Wing, Russ White, Taht, Dave Thaler, Michael Thomas, Mark Townsley, JP Vasseur, Curtis
and James Woodyatt for their contributions within homenet WG meetings Villamizar, Dan Wing, Russ White, and James Woodyatt for their
and on the WG mailing list. comments and contributions within homenet WG meetings and on the WG
mailing list.
Appendix B. Changes Appendix B. Changes
This section will be removed in the final version of the text. This section will be removed in the final version of the text.
B.1. Version 04 B.1. Version 05
Changes made include:
o Some significant changes to naming and SD section.
o Removed some expired drafts.
o Added notes about issues caused by ISP only delegating a /64.
o Recommended against using prefixes longer than /64.
o Suggested CPE asks for /48 by DHCP-PD, even if it only receives
less.
o Added note about DS-Lite but emphasised transition is out of
scope.
o Added text about multicast routing.
B.2. Version 04
Changes made include: Changes made include:
o Moved border section from IPv6 differences to principles section. o Moved border section from IPv6 differences to principles section.
o Restructured principles into areas. o Restructured principles into areas.
o Added summary of naming and service discovery discussion from WG o Added summary of naming and service discovery discussion from WG
list. list.
B.2. Version 03 B.3. Version 03
Changes made include: Changes made include:
o Various improvements to the readability. o Various improvements to the readability.
o Removed bullet lists of requirements, as requested by chair. o Removed bullet lists of requirements, as requested by chair.
o Noted 6204bis has replaced advanced-cpe draft. o Noted 6204bis has replaced advanced-cpe draft.
o Clarified the topology examples are just that. o Clarified the topology examples are just that.
skipping to change at page 38, line 13 skipping to change at page 42, line 11
the homenet. the homenet.
o Added some ISPs renumber due to privacy laws. o Added some ISPs renumber due to privacy laws.
o Removed extra repeated references to Simple Security. o Removed extra repeated references to Simple Security.
o Removed some solution creep on RIOs/RAs. o Removed some solution creep on RIOs/RAs.
o Load-balancing scenario added as to be supported. o Load-balancing scenario added as to be supported.
B.3. Version 02 B.4. Version 02
Changes made include: Changes made include:
o Made the IPv6 implications section briefer. o Made the IPv6 implications section briefer.
o Changed Network Models section to describe properties of the o Changed Network Models section to describe properties of the
homenet with illustrative examples, rather than implying the homenet with illustrative examples, rather than implying the
number of models was fixed to the six shown in 01. number of models was fixed to the six shown in 01.
o Text to state multihoming support focused on single CER model. o Text to state multihoming support focused on single CER model.
 End of changes. 91 change blocks. 
284 lines changed or deleted 512 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/