draft-ietf-homenet-arch-07.txt   draft-ietf-homenet-arch-08.txt 
Network Working Group T. Chown, Ed. Network Working Group T. Chown, Ed.
Internet-Draft University of Southampton Internet-Draft University of Southampton
Intended status: Informational J. Arkko Intended status: Informational J. Arkko
Expires: August 14, 2013 Ericsson Expires: November 22, 2013 Ericsson
A. Brandt A. Brandt
Sigma Designs Sigma Designs
O. Troan O. Troan
Cisco Systems, Inc. Cisco Systems, Inc.
J. Weil J. Weil
Time Warner Cable Time Warner Cable
February 10, 2013 May 21, 2013
Home Networking Architecture for IPv6 Home Networking Architecture for IPv6
draft-ietf-homenet-arch-07 draft-ietf-homenet-arch-08
Abstract Abstract
This text describes evolving networking technology within This text describes evolving networking technology within
increasingly large residential home networks. The goal of this increasingly large residential home networks. The goal of this
document is to define a general architecture for IPv6-based home document is to define a general architecture for IPv6-based home
networking, describing the associated principles, considerations and networking, describing the associated principles, considerations and
requirements. The text briefly highlights specific implications of requirements. The text briefly highlights specific implications of
the introduction of IPv6 for home networking, discusses the elements the introduction of IPv6 for home networking, discusses the elements
of the architecture, and suggests how standard IPv6 mechanisms and of the architecture, and suggests how standard IPv6 mechanisms and
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 14, 2013. This Internet-Draft will expire on November 22, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 25 skipping to change at page 2, line 25
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Terminology and Abbreviations . . . . . . . . . . . . . . 5 1.1. Terminology and Abbreviations . . . . . . . . . . . . . . 5
2. Effects of IPv6 on Home Networking . . . . . . . . . . . . . . 6 2. Effects of IPv6 on Home Networking . . . . . . . . . . . . . . 6
2.1. Multiple subnets and routers . . . . . . . . . . . . . . . 6 2.1. Multiple subnets and routers . . . . . . . . . . . . . . . 7
2.2. Global addressability and elimination of NAT . . . . . . . 7 2.2. Global addressability and elimination of NAT . . . . . . . 8
2.3. Multi-Addressing of devices . . . . . . . . . . . . . . . 8 2.3. Multi-Addressing of devices . . . . . . . . . . . . . . . 8
2.4. Unique Local Addresses (ULAs) . . . . . . . . . . . . . . 8 2.4. Unique Local Addresses (ULAs) . . . . . . . . . . . . . . 9
2.5. Avoiding manual configuration of IP addresses . . . . . . 9 2.5. Avoiding manual configuration of IP addresses . . . . . . 10
2.6. IPv6-only operation . . . . . . . . . . . . . . . . . . . 10 2.6. IPv6-only operation . . . . . . . . . . . . . . . . . . . 10
3. Homenet Architecture . . . . . . . . . . . . . . . . . . . . . 10 3. Homenet Architecture . . . . . . . . . . . . . . . . . . . . . 11
3.1. General Principles . . . . . . . . . . . . . . . . . . . . 11 3.1. General Principles . . . . . . . . . . . . . . . . . . . . 12
3.1.1. Reuse existing protocols . . . . . . . . . . . . . . . 11 3.1.1. Reuse existing protocols . . . . . . . . . . . . . . . 12
3.1.2. Minimise changes to hosts and routers . . . . . . . . 12 3.1.2. Minimise changes to hosts and routers . . . . . . . . 12
3.2. Homenet Topology . . . . . . . . . . . . . . . . . . . . . 12 3.2. Homenet Topology . . . . . . . . . . . . . . . . . . . . . 12
3.2.1. Supporting arbitrary topologies . . . . . . . . . . . 12 3.2.1. Supporting arbitrary topologies . . . . . . . . . . . 13
3.2.2. Network topology models . . . . . . . . . . . . . . . 12 3.2.2. Network topology models . . . . . . . . . . . . . . . 13
3.2.3. Dual-stack topologies . . . . . . . . . . . . . . . . 17 3.2.3. Dual-stack topologies . . . . . . . . . . . . . . . . 17
3.2.4. Multihoming . . . . . . . . . . . . . . . . . . . . . 18 3.2.4. Multihoming . . . . . . . . . . . . . . . . . . . . . 18
3.3. A Self-Organising Network . . . . . . . . . . . . . . . . 19 3.3. A Self-Organising Network . . . . . . . . . . . . . . . . 19
3.3.1. Differentiating neighbouring homenets . . . . . . . . 20 3.3.1. Differentiating neighbouring homenets . . . . . . . . 20
3.3.2. Largest practical subnets . . . . . . . . . . . . . . 20 3.3.2. Largest practical subnets . . . . . . . . . . . . . . 20
3.3.3. Homenet realms and borders . . . . . . . . . . . . . . 20 3.3.3. Homenet realms and borders . . . . . . . . . . . . . . 20
3.4. Homenet Addressing . . . . . . . . . . . . . . . . . . . . 21 3.4. Homenet Addressing . . . . . . . . . . . . . . . . . . . . 21
3.4.1. Use of ISP-delegated IPv6 prefixes . . . . . . . . . . 22 3.4.1. Use of ISP-delegated IPv6 prefixes . . . . . . . . . . 22
3.4.2. Stable internal IP addresses . . . . . . . . . . . . . 23 3.4.2. Stable internal IP addresses . . . . . . . . . . . . . 24
3.4.3. Internal prefix delegation . . . . . . . . . . . . . . 24 3.4.3. Internal prefix delegation . . . . . . . . . . . . . . 25
3.4.4. Coordination of configuration information . . . . . . 25 3.4.4. Coordination of configuration information . . . . . . 26
3.4.5. Privacy . . . . . . . . . . . . . . . . . . . . . . . 26 3.4.5. Privacy . . . . . . . . . . . . . . . . . . . . . . . 26
3.5. Routing functionality . . . . . . . . . . . . . . . . . . 26 3.5. Routing functionality . . . . . . . . . . . . . . . . . . 27
3.5.1. Multicast support . . . . . . . . . . . . . . . . . . 27 3.5.1. Multicast support . . . . . . . . . . . . . . . . . . 28
3.6. Security . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.6. Security . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.6.1. Addressability vs reachability . . . . . . . . . . . . 28 3.6.1. Addressability vs reachability . . . . . . . . . . . . 29
3.6.2. Filtering at borders . . . . . . . . . . . . . . . . . 29 3.6.2. Filtering at borders . . . . . . . . . . . . . . . . . 29
3.6.3. Marginal Effectiveness of NAT and Firewalls . . . . . 29 3.6.3. Marginal Effectiveness of NAT and Firewalls . . . . . 30
3.6.4. Device capabilities . . . . . . . . . . . . . . . . . 29 3.6.4. Device capabilities . . . . . . . . . . . . . . . . . 30
3.6.5. ULAs as a hint of connection origin . . . . . . . . . 30 3.6.5. ULAs as a hint of connection origin . . . . . . . . . 30
3.7. Naming and Service Discovery . . . . . . . . . . . . . . . 30 3.7. Naming and Service Discovery . . . . . . . . . . . . . . . 31
3.7.1. Discovering services . . . . . . . . . . . . . . . . . 30 3.7.1. Discovering services . . . . . . . . . . . . . . . . . 31
3.7.2. Assigning names to devices . . . . . . . . . . . . . . 31 3.7.2. Assigning names to devices . . . . . . . . . . . . . . 32
3.7.3. Name spaces . . . . . . . . . . . . . . . . . . . . . 31 3.7.3. Name spaces . . . . . . . . . . . . . . . . . . . . . 32
3.7.4. The homenet name service . . . . . . . . . . . . . . . 33 3.7.4. The homenet name service . . . . . . . . . . . . . . . 34
3.7.5. Independent operation . . . . . . . . . . . . . . . . 34 3.7.5. Independent operation . . . . . . . . . . . . . . . . 35
3.7.6. Considerations for LLNs . . . . . . . . . . . . . . . 35 3.7.6. Considerations for LLNs . . . . . . . . . . . . . . . 35
3.7.7. DNS resolver discovery . . . . . . . . . . . . . . . . 35 3.7.7. DNS resolver discovery . . . . . . . . . . . . . . . . 36
3.8. Other Considerations . . . . . . . . . . . . . . . . . . . 35 3.7.8. Devices roaming from the homenet . . . . . . . . . . . 36
3.8.1. Quality of Service . . . . . . . . . . . . . . . . . . 35 3.8. Other Considerations . . . . . . . . . . . . . . . . . . . 36
3.8.2. Operations and Management . . . . . . . . . . . . . . 36 3.8.1. Quality of Service . . . . . . . . . . . . . . . . . . 36
3.9. Implementing the Architecture on IPv6 . . . . . . . . . . 36 3.8.2. Operations and Management . . . . . . . . . . . . . . 37
4. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 37 3.9. Implementing the Architecture on IPv6 . . . . . . . . . . 37
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37 4. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 38
5.1. Normative References . . . . . . . . . . . . . . . . . . . 37 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 38
5.2. Informative References . . . . . . . . . . . . . . . . . . 38 5.1. Normative References . . . . . . . . . . . . . . . . . . . 38
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 41 5.2. Informative References . . . . . . . . . . . . . . . . . . 39
Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . . 41 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 42
B.1. Version 07 . . . . . . . . . . . . . . . . . . . . . . . . 41 Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . . 42
B.2. Version 06 . . . . . . . . . . . . . . . . . . . . . . . . 42 B.1. Version 08 . . . . . . . . . . . . . . . . . . . . . . . . 42
B.3. Version 05 . . . . . . . . . . . . . . . . . . . . . . . . 42 B.2. Version 07 . . . . . . . . . . . . . . . . . . . . . . . . 43
B.4. Version 04 . . . . . . . . . . . . . . . . . . . . . . . . 42 B.3. Version 06 . . . . . . . . . . . . . . . . . . . . . . . . 43
B.5. Version 03 . . . . . . . . . . . . . . . . . . . . . . . . 43 B.4. Version 05 . . . . . . . . . . . . . . . . . . . . . . . . 44
B.6. Version 02 . . . . . . . . . . . . . . . . . . . . . . . . 44 B.5. Version 04 . . . . . . . . . . . . . . . . . . . . . . . . 44
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 45 B.6. Version 03 . . . . . . . . . . . . . . . . . . . . . . . . 44
B.7. Version 02 . . . . . . . . . . . . . . . . . . . . . . . . 46
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 46
1. Introduction 1. Introduction
This document focuses on evolving networking technology within This document focuses on evolving networking technology within
increasingly large residential home networks and the associated increasingly large residential home networks and the associated
challenges with their deployment and operation. There is a growing challenges with their deployment and operation. There is a growing
trend in home networking for the proliferation of networking trend in home networking for the proliferation of networking
technology through an increasingly broad range of devices and media. technology through an increasingly broad range of devices and media.
This evolution in scale and diversity sets requirements on IETF This evolution in scale and diversity sets requirements on IETF
protocols. Some of these requirements relate to the introduction of protocols. Some of these requirements relate to the introduction of
IPv6, others to the introduction of specialised networks for home IPv6, others to the introduction of specialised networks for home
automation and sensors. automation and sensors.
While at the time of writing some complex home network topologies While at the time of writing some complex home network topologies
exist, but most are relatively simple single subnet networks, and exist, most are relatively simple single subnet networks, and
ostensibly operate using just IPv4 (there may be IPv6 traffic within ostensibly operate using just IPv4. While there may be IPv6 traffic
the network, e.g. for service discovery, but the homenet is within the network, e.g. for service discovery, the homenet is
provisioned by the ISP as an IPv4 network). However, they also provisioned by the ISP as an IPv4 network. Such networks also
typically employ solutions that we would like to avoid such as typically employ solutions that we would like to avoid, such as
private [RFC1918] addressing with (cascaded) network address private [RFC1918] addressing with (cascaded) network address
translation (NAT)[RFC3022], or they may require expert assistance to translation (NAT)[RFC3022], or they may require expert assistance to
set up. set up.
In contrast, emerging IPv6-capable home networks are very likely to In contrast, emerging IPv6-capable home networks are very likely to
have multiple internal subnets, e.g. to support private and guest have multiple internal subnets, e.g. to facilitate private and guest
networks, and have enough address space to allow every device to have networks, heterogeneous link layers, and smart grid components, and
a globally unique address. Thus there are likely to be scenarios enough address space available to allow every device to have a
where internal routing is required, in which case such networks globally unique address. This implies that internal routing
require methods for IPv6 prefixes to be delegated to those subnets. functionality is required, and that the homenet's ISP both provides a
It is not practical to expect home users to configure such prefixes, large enough prefix to allocate a prefix to each subnet, and that a
thus the assumption of this document is that the homenet is as far as method is supported for such prefixes to be delegated efficiently to
possible self-organising and self-configuring, i.e. it need not be those subnets.
pro-actively managed by the residential user.
It is not practical to expect home users to configure their networks.
Thus the assumption of this document is that the homenet is as far as
possible self-organising and self-configuring, i.e. it should
function without pro-active management by the residential user.
The architectural constructs in this document are focused on the The architectural constructs in this document are focused on the
problems to be solved when introducing IPv6 with an eye towards a problems to be solved when introducing IPv6, with an eye towards a
better result than what we have today with IPv4, as well as a better better result than what we have today with IPv4, as well as a better
result than if the IETF had not given this specific guidance. The result than if the IETF had not given this specific guidance. The
document aims to provide the basis and guiding principles for how document aims to provide the basis and guiding principles for how
standard IPv6 mechanisms and addressing [RFC2460] [RFC4291] can be standard IPv6 mechanisms and addressing [RFC2460] [RFC4291] can be
employed in home networking, while coexisting with existing IPv4 employed in home networking, while coexisting with existing IPv4
mechanisms. In emerging dual-stack home networks it is vital that mechanisms. In emerging dual-stack home networks it is vital that
introducing IPv6 does not adversely affect IPv4 operation. We assume introducing IPv6 does not adversely affect IPv4 operation. We assume
that the IPv4 network architecture in home networks is what it is, that the IPv4 network architecture in home networks is what it is,
and can not be affected by new recommendations. It should not be and can not be modified by new recommendations. This document does
assumed that any future new functionality created with IPv6 in mind not discuss how IPv4 home networks provision or deliver support for
will be backward-compatible to include IPv4 support. Further, future multiple subnets. It should not be assumed that any future new
deployments, or specific subnets within an otherwise dual-stack home functionality created with IPv6 in mind will be backward-compatible
network, may be IPv6-only, in which case considerations for IPv4 to include IPv4 support. Further, future deployments, or specific
impact would not apply. subnets within an otherwise dual-stack home network, may be IPv6-
only, in which case considerations for IPv4 impact would not apply.
This architecture document proposes a baseline homenet architecture, This document proposes a baseline homenet architecture, using
based on protocols and implementations that are as far as possible protocols and implementations that are as far as possible proven and
proven and robust. The scope of the document is primarily the robust. The scope of the document is primarily the network layer
network layer technologies that provide the basic functionality to technologies that provide the basic functionality to enable
enable addressing, connectivity, routing, naming and service addressing, connectivity, routing, naming and service discovery.
discovery. While it may, for example, state that homenet components While it may, for example, state that homenet components must be
must be simple to deploy and use, it does not discuss specific user simple to deploy and use, it does not discuss specific user
interfaces, nor does it discuss specific physical, wireless or data- interfaces, nor does it discuss specific physical, wireless or data-
link layer considerations. link layer considerations.
[RFC6204] defines basic requirements for customer edge routers [RFC6204] defines basic requirements for customer edge routers
(CERs). The scope of this text is the internal homenet, and thus (CERs). This document has recently been updated with the definition
specific features on the CER are out of scope for this text. While of requirements for specific transition tools on the CER in
the network may be dual-stack or IPv6-only, the definition of [I-D.ietf-v6ops-6204bis], specifically DS-Lite [RFC6333] and 6rd
specific transition tools on the CER, as introduced in RFC 6204-bis [RFC5969]. Such detailed specification of CER devices is considered
[I-D.ietf-v6ops-6204bis] with DS-Lite [RFC6333] and 6rd [RFC5969], out of scope of this architecture document, and we assume that any
are also considered out of scope of this text. required update of the CER device specification as a result of
adopting this architecture will be handled as separate and specific
updates to these existing documents. Further, the scope of this text
is the internal homenet, and thus specific features on the WAN side
of the CER are out of scope for this text.
1.1. Terminology and Abbreviations 1.1. Terminology and Abbreviations
In this section we define terminology and abbreviations used In this section we define terminology and abbreviations used
throughout the text. throughout the text.
o ALQDN: Ambiguous Locally Qualified Domain Name. An example would o ALQDN: Ambiguous Locally Qualified Domain Name. An example would
be .sitelocal. be .sitelocal.
o CER: Customer Edge Router. A border router at the edge of the o Border: a point, typically resident on a router, between two
homenet. networks, e.g. between the main internal homenet and a guest
network. This defines point(s) at which filtering and forwarding
policies for different types of traffic may be applied.
o CER: Customer Edge Router: A border router intended for use in a
homenet, which connects the homenet to a service provider network.
o FQDN: Fully Qualified Domain Name. A globally unique name space. o FQDN: Fully Qualified Domain Name. A globally unique name space.
o Homenet: A home network, comprising host and router equipment,
with one or more CERs providing connectivity to service provider
network(s).
o Internet Service Provider (ISP): an entity that provides access to
the Internet. In this document, a service provider specifically
offers Internet access using IPv6, and may also offer IPv4
Internet access. The service provider can provide such access
over a variety of different transport methods such as DSL, cable,
wireless, and others.
o LLN: Low-power and lossy network. o LLN: Low-power and lossy network.
o LQDN: Locally Qualified Domain Name. A name space local to the o LQDN: Locally Qualified Domain Name. A name space local to the
homenet. homenet.
o NAT: Network Address Translation. Typically referring to IPv4 o NAT: Network Address Translation. Typically referring to IPv4
Network Address and Port Translation (NAPT) [RFC3022]. Network Address and Port Translation (NAPT) [RFC3022].
o NPTv6: Network Prefix Translation for IPv6 [RFC6296]. o NPTv6: Network Prefix Translation for IPv6 [RFC6296].
o PCP: Port Control Protocol [I-D.ietf-pcp-base]. o PCP: Port Control Protocol [I-D.ietf-pcp-base].
o Realm: a network delimited by a defined border. A guest network
within a homenet may form one realm.
o 'Simple Security'. Defined in [RFC4864] and expanded further in o 'Simple Security'. Defined in [RFC4864] and expanded further in
[RFC6092]; describes recommended perimeter security capabilities [RFC6092]; describes recommended perimeter security capabilities
for IPv6 networks. for IPv6 networks.
o ULA: IPv6 Unique Local Addresses [RFC4193]. o ULA: IPv6 Unique Local Addresses [RFC4193].
o ULQDN: Unique Locally Qualified Domain Name. An example might be o ULQDN: Unique Locally Qualified Domain Name. An example might be
.<UniqueString>.sitelocal. .<UniqueString>.sitelocal.
o UPnP: Universal Plug and Play. Includes the Internet Gateway o UPnP: Universal Plug and Play. Includes the Internet Gateway
skipping to change at page 6, line 48 skipping to change at page 7, line 30
different subnets may in general be associated with parts of the different subnets may in general be associated with parts of the
homenet that have different routing and security policies. Further, homenet that have different routing and security policies. Further,
link layer networking technology is poised to become more link layer networking technology is poised to become more
heterogeneous, as networks begin to employ both traditional Ethernet heterogeneous, as networks begin to employ both traditional Ethernet
technology and link layers designed for low-power and lossy networks technology and link layers designed for low-power and lossy networks
(LLNs), such as those used for certain types of sensor devices. (LLNs), such as those used for certain types of sensor devices.
Constraining the flow of certain traffic from Ethernet links to much Constraining the flow of certain traffic from Ethernet links to much
lower capacity links thus becomes an important topic. lower capacity links thus becomes an important topic.
The introduction of IPv6 for home networking enables the potential The introduction of IPv6 for home networking enables the potential
for every home network to be delegated enough address space to for every home network to be delegated enough address space from its
provision globally unique prefixes for each such subnet in the home. ISP to provision globally unique prefixes for each such subnet in the
As discussed later, this assumes the customer's ISP delegates enough home. While the number of addresses in a standard /64 IPv6 prefix is
address space to the home. While the number of addresses in a practically infinite, the number of prefixes available for assignment
standard /64 IPv6 prefix is practically infinite, the number of to the home network is not. As a result the growth inhibitor for the
prefixes available for assignment to the home network is not. As a home network shifts from the number of addresses to the number of
result the growth inhibitor for the home network shifts from the prefixes offered by the provider; this topic is discussed in
number of addresses to the number of prefixes offered by the [RFC6177] (BCP 157), which recommends that "end sites always be able
provider. to obtain a reasonable amount of address space for their actual and
planned usage".
The addition of routing between subnets raises the issue of how to The addition of routing between subnets raises a number of issues.
extend mechanisms such as service discovery which currently only One is a method by which prefixes can be efficiently allocated to
each subnet, without user intervention. Another is the issue of how
to extend mechanisms such as service discovery which currently only
operate within a single subnet using link-local traffic. In a operate within a single subnet using link-local traffic. In a
typical IPv4 home network, there is only one subnet, so such typical IPv4 home network, there is only one subnet, so such
mechanisms would normally operate as expected. For multi-subnet IPv6 mechanisms would normally operate as expected. For multi-subnet IPv6
home networks there are two broad choices to enable such protocols to home networks there are two broad choices to enable such protocols to
work across the scope of the entire homenet; extend existing work across the scope of the entire homenet; extend existing
protocols to work across that scope, or introduce proxies for protocols to work across that scope, or introduce proxies for
existing link layer protocols. This topic is discussed later in the existing link layer protocols. This topic is discussed in
document. Section 3.7.
There will also be the need to discover which routers in the homenet
are the border router(s) by an appropriate mechanism. Here, there
are a number of choices, including the use of an appropriate service
discovery protocol. Whatever method is chosen would likely have to
deal with handling more than one router responding in multihomed
environments.
2.2. Global addressability and elimination of NAT 2.2. Global addressability and elimination of NAT
The end-to-end communication that is potentially enabled with IPv6 is The possibility for direct end-to-end communication on the Internet
on the one hand an incredible opportunity for innovation and simpler that will be restored by the introduction of IPv6 is on the one hand
network operation, but it is also a concern as it exposes nodes in an incredible opportunity for innovation and simpler network
the internal networks to receipt of potentially unwanted traffic from operation, but it is also a concern as it potentially exposes nodes
the Internet. in the internal networks to receipt of unwanted traffic from the
Internet.
With devices and applications able to talk directly to each other With devices and applications able to talk directly to each other
when they have globally unique addresses, there may be an expectation when they have globally unique addresses, there may be an expectation
of improved host security to compensate for this. It should be noted of improved host security to compensate for this. It should be noted
that many devices may (for example) ship with default settings that that many devices may (for example) ship with default settings that
make them readily vulnerable to compromise by external attackers if make them readily vulnerable to compromise by external attackers if
globally accessible, or may simply not have robustness designed-in globally accessible, or may simply not have robustness designed-in
because it was either assumed such devices would only be used on because it was either assumed such devices would only be used on
private networks or the device itself doesn't have the computing private networks or the device itself doesn't have the computing
power to apply the necessary security methods. power to apply the necessary security methods. In addition, the
upgrade cycle for devices (or their firmware) may be slow, and/or
lack auto-update mechanisms.
It is important to distinguish between addressability and It is thus important to distinguish between addressability and
reachability. While IPv6 offers global addressability through use of reachability. While IPv6 offers global addressability through use of
globally unique addresses in the home, whether devices are globally globally unique addresses in the home, whether devices are globally
reachable or not would depend on the firewall or filtering reachable or not would depend on any firewall or filtering
configuration, and not, as is commonly the case with IPv4, the configuration, and not, as is commonly the case with IPv4, the
presence or use of NAT. In this respect, IPv6 networks may or may presence or use of NAT. In this respect, IPv6 networks may or may
not have filters applied at their borders to control such traffic, not have filters applied at their borders to control such traffic,
i.e. at the homenet CER. [RFC4864] and [RFC6092] discuss such i.e. at the homenet CER. [RFC4864] and [RFC6092] discuss such
filtering, and the merits of 'default allow' against 'default deny' filtering, and the merits of 'default allow' against 'default deny'
policies for external traffic initiated into a homenet. This policies for external traffic initiated into a homenet. This
document takes no position on which mode is the default, but assumes document takes no position on which mode is the default, but assumes
the choice to use either would be made available. the choice to for the homenet to use either mode would be available.
2.3. Multi-Addressing of devices 2.3. Multi-Addressing of devices
In an IPv6 network, devices will often acquire multiple addresses, In an IPv6 network, devices will often acquire multiple addresses,
typically at least a link-local address and one or more globally typically at least a link-local address and one or more globally
unique addresses. Where a homenet is multihomed, a device would unique addresses. Where a homenet is multihomed, a device would
typically receive a globally unique address from within the delegated typically receive a globally unique address (GUA) from within the
prefix from each upstream ISP. Devices may also have an IPv4 address delegated prefix from each upstream ISP. Devices may also have an
if the network is dual-stack, an IPv6 Unique Local Address (ULA) IPv4 address if the network is dual-stack, an IPv6 Unique Local
[RFC4193] (see below), and one or more IPv6 Privacy Addresses Address (ULA) [RFC4193] (see below), and one or more IPv6 Privacy
[RFC4941]. Addresses [RFC4941].
It should thus be considered the norm for devices on IPv6 home It should thus be considered the norm for devices on IPv6 home
networks to be multi-addressed, and to need to make appropriate networks to be multi-addressed, and to need to make appropriate
address selection decisions for the candidate source and destination address selection decisions for the candidate source and destination
address pairs for any given connection. Default Address Selection address pairs for any given connection. Default Address Selection
for IPv6 [RFC6724] provides a solution for this, though it may face for IPv6 [RFC6724] provides a solution for this, though it may face
problems in the event of multihoming where, as described above, nodes problems in the event of multihoming where, as described above, nodes
will be configured with one address from each upstream ISP prefix. will be configured with one address from each upstream ISP prefix.
In such cases the presence of upstream BCP 38 [RFC2827] ingress In such cases the presence of upstream BCP 38 [RFC2827] ingress
filtering requires multi-addressed nodes to select the correct source filtering requires multi-addressed nodes to select the correct source
address to be used for the corresponding uplink, but the node may not address to be used for the corresponding uplink. A challenge here is
have the information it needs to make that decision based on that the node may not have the information it needs to make that
addresses alone. We discuss such challenges in the multihoming decision based on addresses alone. We discuss this challenge in
section later in this document. Section 3.2.4.
2.4. Unique Local Addresses (ULAs) 2.4. Unique Local Addresses (ULAs)
[RFC4193] defines Unique Local Addresses (ULAs) for IPv6 that may be [RFC4193] defines Unique Local Addresses (ULAs) for IPv6 that may be
used to address devices within the scope of a single site. Support used to address devices within the scope of a single site. Support
for ULAs for IPv6 CERs is described in [RFC6204]. A home network for ULAs for IPv6 CERs is described in [RFC6204]. A home network
running IPv6 should deploy ULAs alongside its globally unique running IPv6 should deploy ULAs alongside its globally unique
prefix(es) to allow stable communication between devices (on prefix(es) to allow stable communication between devices (on
different subnets) within the hoemnet where that externally allocated different subnets) within the homenet where that externally allocated
globally unique prefix may change over time (e.g. due to renumbering globally unique prefix may change over time (e.g. due to renumbering
within the subscriber's ISP) or where external connectivity may be within the subscriber's ISP) or where external connectivity may be
temporarily unavailable. While setting up a network there may also temporarily unavailable.
be a period with no connectivity, in which case ULAs would be
required for inter-subnet communication. In the case where LLNs are While setting up a network there may be a period where it has no
being set up in a new home/deployment, individual LLNs may, at least external connectivity, in which case ULAs would be required for
initially, each use their own /48 ULA prefix. inter-subnet communication. In the case where LLNs are being set up
in a new home/deployment (as early as during construction of the
home), LLNs will likely need to use their own /48 ULA prefix.
Depending upon circumstances beyond the scope of homenet, it may be
impossible to renumber the ULA used by the LLN so routing between ULA
/48s may be required. Also, some devices, particularly constrained
devices, may have only a ULA (in addition to a link-local), while
others may have both a GUA and a ULA.
Note that unlike private IPv4 RFC 1918 space, the use of ULAs does
not imply use of host-based IPv6 NAT, or NPTv6 prefix-based NAT
[RFC6296], rather that in an IPv6 homenet a node should use its ULA
address internally, and its additional globally unique IPv6 address
as a source address for external communications. By using such
globally unique addresses between hosts and devices in remote
networks, the architectural cost and complexity, particularly to
applications, of NAT or NPTv6 translation is avoided. As such,
neither IPv6 NAT or NPTv6 is recommended for use in the homenet
architecture.
Where both a ULA and a global prefix are in use, the ULA source
address is used to communicate with ULA destination addresses when
appropriate, i.e. when the ULA source and destination lie within the
/48 ULA prefix(es) known to be used within the same homenet. In
cases where multiple /48 ULA prefixes are in use within a single
homenet (perhaps because multiple homenet routers each independently
auto-generate a /48 ULA prefix and then share prefix/routing
information), utilising a ULA source address and a ULA destination
address from two disjoint internal ULA prefixes is preferable to
using GUAs.
While a homenet should operate correctly with two or more /48 ULAs While a homenet should operate correctly with two or more /48 ULAs
enabled, a mechanism for the creation and use of a single /48 ULA enabled, a mechanism for the creation and use of a single /48 ULA
prefix is desirable for addressing consistency and policy prefix is desirable for addressing consistency and policy
enforcement. It may thus be expected that one router in the homenet enforcement. It may thus be expected that one router in the homenet
be elected a 'master' to delegate ULA prefixes to subnets from a be elected a 'master' to delegate ULA prefixes to subnets from a
single /48 ULA prefix. single /48 ULA prefix.
Where both a ULA and a global prefix are in use, the default address
selection mechanisms described above should ensure that a ULA source
address is used to communicate with ULA destination addresses when
appropriate, i.e. when the ULA destination lies within the /48 ULA
prefix(es) known to be used within the same homenet. Note that
unlike private IPv4 RFC 1918 space, the use of ULAs does not imply
use of host-based IPv6 NAT, or NPTv6 prefix-based NAT [RFC6296],
rather that in an IPv6 homenet a node should use its ULA address
internally, and its additional globally unique IPv6 address as the
source address for external communications. By using such globally
unique addresses between networks, the architectural cost and
complexity, particulrly to applications, of NAT or NPTv6 translation
is avoided. As such, neither IPv6 NAT or NPTv6 is recommended for
use in the homenet architecture.
A counter-argument to using ULAs is that it is undesirable to A counter-argument to using ULAs is that it is undesirable to
aggressively deprecate global prefixes for temporary loss of aggressively deprecate global prefixes for temporary loss of
connectivity, so for a host to lose its global address there would connectivity, so for a host to lose its global address there would
have to be a connection breakage longer than the lease period, and have to be a connection breakage longer than the lease period, and
even then, deprecating prefixes when there is no connectivity may not even then, deprecating prefixes when there is no connectivity may not
be advisable. However, it is assumed in this architecture that be advisable. However, it is assumed in this architecture that
homenets will need to support and use ULAs. homenets should support and use ULAs.
As noted later in this text, if appropriate filtering is in place on
the CER(s), a ULA source address may be taken as an indication of
locally sourced traffic.
2.5. Avoiding manual configuration of IP addresses 2.5. Avoiding manual configuration of IP addresses
Some IPv4 home networking devices expose IPv4 addresses to users, Some IPv4 home networking devices expose IPv4 addresses to users,
e.g. the IPv4 address of a home IPv4 CER that may be configured via a e.g. the IPv4 address of a home IPv4 CER that may be configured via a
web interface. In potentially complex future IPv6 homenets, users web interface. In potentially complex future IPv6 homenets, users
should not be expected to enter IPv6 literal addresses in devices or should not be expected to enter IPv6 literal addresses in devices or
applications, given their much greater length and apparent randomness applications, given their much greater length and the apparent
of such addresses to a typical home user. Thus, even for the randomness of such addresses to a typical home user. Thus, even for
simplest of functions, simple naming and the associated (minimal, and the simplest of functions, simple naming and the associated (minimal,
ideally zero configuration) discovery of services is imperative for and ideally zero configuration) discovery of services is imperative
the easy deployment and use of homenet devices and applications. for the easy deployment and use of homenet devices and applications.
As mentioned previously, this means that zeroconf naming and service As mentioned previously, this means that zeroconf naming and service
discovery protocols must be capable of operating across subnet discovery protocols must be capable of operating across subnet
boundaries. boundaries.
2.6. IPv6-only operation 2.6. IPv6-only operation
It is likely that IPv6-only networking will be deployed first in It is likely that IPv6-only networking will be deployed first in
'greenfield' homenet scenarios, or perhaps as one element of an 'greenfield' homenet scenarios, or perhaps as one element of an
otherwise dual-stack network. Running IPv6-only adds additional otherwise dual-stack network. Running IPv6-only adds additional
requirements, e.g. for devices to get configuration information via requirements, e.g. for devices to get configuration information via
skipping to change at page 10, line 23 skipping to change at page 11, line 13
and for devices to be able to initiate communications to external and for devices to be able to initiate communications to external
devices that are IPv4-only. Thus, for example, the following devices that are IPv4-only. Thus, for example, the following
requirements are amongst those that should be considered in IPv6-only requirements are amongst those that should be considered in IPv6-only
environments: environments:
o Ensuring there is a way to access content in the IPv4 Internet. o Ensuring there is a way to access content in the IPv4 Internet.
This can be arranged through appropriate use of NAT64 [RFC6144] This can be arranged through appropriate use of NAT64 [RFC6144]
and DNS64 [RFC6145], for example, or via a node-based DS-Lite and DNS64 [RFC6145], for example, or via a node-based DS-Lite
[RFC6333] approach. [RFC6333] approach.
o DNS discovery mechanisms are enabled for IPv6. Both stateless o Ensuring DNS resolver discovery mechanisms are enabled for IPv6.
DHCPv6 [RFC3736] [RFC3646] and Router Advertisement options Both stateless DHCPv6 [RFC3736] [RFC3646] and Router Advertisement
[RFC6106] may have to be supported and turned on by default to options [RFC6106] may have to be supported and turned on by
ensure maximum compatibility with all types of hosts in the default to ensure maximum compatibility with all types of hosts in
network. This requires, however, that a working DNS server is the network. This requires, however, that a working DNS server is
known and addressable via IPv6, and that the automatic discovery known and addressable via IPv6, and that the automatic discovery
of such a server is possible through multiple routers in the of such a server is possible through multiple routers in the
homenet. homenet.
o All nodes in the home network support operations in IPv6-only o Ensuring all nodes in the home network support operations in IPv6-
mode. Some current devices work well with dual-stack but fail to only mode. Some current devices work well with dual-stack but
recognise connectivity when IPv4 DHCP fails, for instance. fail to recognise connectivity when IPv4 DHCP fails, for instance.
The widespread availability of robust solutions to these types of The widespread availability of robust solutions to these types of
requirements will help accelerate the uptake of IPv6-only homenets. requirements will help accelerate the uptake of IPv6-only homenets.
The specifics of these are however beyond the scope of this document, The specifics of these are however beyond the scope of this document,
especially those functions that reside on the CER. especially those functions that reside on the CER.
3. Homenet Architecture 3. Homenet Architecture
The aim of this architecture text is to outline how to construct The aim of this text is to outline how to construct advanced IPv6-
advanced IPv6-based home networks involving multiple routers and based home networks involving multiple routers and subnets using
subnets using standard IPv6 protocols and addressing [RFC2460] standard IPv6 protocols and addressing [RFC2460] [RFC4291]. In this
[RFC4291]. In this section, we present the elements of such a home section, we present the elements of the proposed home networking
networking architecture, with discussion of the associated design architecture, with discussion of the associated design principles.
principles.
Existing IETF work [RFC6204] defines the 'basic' requirements for
CERs, while [I-D.ietf-v6ops-6204bis] updates the current requirements
based on operator feedback and adds new requirements for IP
transition technologies and transition technology coexistence. This
document describes a homenet architecture which is focused on the
internal homenet, rather than the CER(s).
In general, home network equipment needs to be able to operate in In general, home network equipment needs to be able to operate in
networks with a range of different properties and topologies, where networks with a range of different properties and topologies, where
home users may plug components together in arbitrary ways and expect home users may plug components together in arbitrary ways and expect
the resulting network to operate. Significant manual configuration the resulting network to operate. Significant manual configuration
is rarely, if at all, possible, or even desirable given the knowledge is rarely, if at all, possible, or even desirable given the knowledge
level of typical home users. Thus the network should, as far as level of typical home users. Thus the network should, as far as
possible, be self-configuring, though configuration by advanced users possible, be self-configuring, though configuration by advanced users
should not be precluded. should not be precluded.
skipping to change at page 11, line 31 skipping to change at page 12, line 14
o Routing o Routing
o Prefix configuration for routers o Prefix configuration for routers
o Name resolution o Name resolution
o Service discovery o Service discovery
o Network security o Network security
The remainder of this document describes the principles by which a The remainder of this document describes the principles by which the
homenet architecture may deliver these properties. homenet architecture may deliver these properties.
3.1. General Principles 3.1. General Principles
There is little that the Internet standards community can do about There is little that the Internet standards community can do about
the physical topologies or the need for some networks to be separated the physical topologies or the need for some networks to be separated
at the network layer for policy or link layer compatibility reasons. at the network layer for policy or link layer compatibility reasons.
However, there is a lot of flexibility in using IP addressing and However, there is a lot of flexibility in using IP addressing and
inter-networking mechanisms. This architecture text discusses how inter-networking mechanisms. This text discusses how such
this flexibility should be used to provide the best user experience flexibility should be used to provide the best user experience and
and ensure that the network can evolve with new applications in the ensure that the network can evolve with new applications in the
future. The principles described in this text should be followed future. The principles described in this text should be followed
when designing homenet solutions. when designing homenet solutions.
3.1.1. Reuse existing protocols 3.1.1. Reuse existing protocols
It is desirable to reuse existing protocols where possible, but at It is desirable to reuse existing protocols where possible, but at
the same time to avoid consciously precluding the introduction of new the same time to avoid consciously precluding the introduction of new
or emerging protocols. A generally conservative approach, giving or emerging protocols. A generally conservative approach, giving
weight to running code, is preferable. Where new protocols are weight to running (and available) code, is preferable. Where new
required, evidence of commitment to implementation by appropriate protocols are required, evidence of commitment to implementation by
vendors or development communities is highly desirable. Protocols appropriate vendors or development communities is highly desirable.
used should be backwardly compatible, and forward compatible where Protocols used should be backwardly compatible, and forward
changes are made. compatible where changes are made.
3.1.2. Minimise changes to hosts and routers 3.1.2. Minimise changes to hosts and routers
Where possible, any requirement for changes to hosts and routers Where possible, any requirement for changes to hosts and routers
should be minimised, though solutions which, for example, should be minimised, though solutions which, for example,
incrementally improve with host or router changes may be acceptable. incrementally improve capability with host or router changes may be
acceptable.
3.2. Homenet Topology 3.2. Homenet Topology
This section considers homenet topologies, and the principles that This section considers homenet topologies, and the principles that
may be applied in designing an architecture to support as wide a may be applied in designing an architecture to support as wide a
range of such topologies as possible. range of such topologies as possible.
3.2.1. Supporting arbitrary topologies 3.2.1. Supporting arbitrary topologies
There should ideally be no built-in assumptions about the topology in There should ideally be no built-in assumptions about the topology in
skipping to change at page 12, line 43 skipping to change at page 13, line 27
connectivity, except when the user creates a physical island within connectivity, except when the user creates a physical island within
the topology. Some potentially pathological cases that can be the topology. Some potentially pathological cases that can be
created include bridging ports of a router together, however this created include bridging ports of a router together, however this
case can be detected and dealt with by the router. Loops within a case can be detected and dealt with by the router. Loops within a
routed topology are in a sense good in that they offer redundancy. routed topology are in a sense good in that they offer redundancy.
Bridging loops can be dangerous but are also detectable when a switch Bridging loops can be dangerous but are also detectable when a switch
learns the MAC of one of its interfaces on another or runs a spanning learns the MAC of one of its interfaces on another or runs a spanning
tree or link state protocol. It is only loops using simple repeaters tree or link state protocol. It is only loops using simple repeaters
that are truly pathological. that are truly pathological.
The topology of the homenet may change over time, due to the addition
or removal of equipment, but also due to temporary failures or
connectivity problems. In some cases this may lead to, for example,
a multihomed homenet being split into two isolated homenets, or,
after such a fault is remedied, two isolated parts reconfiguring back
to a single network.
3.2.2. Network topology models 3.2.2. Network topology models
Most IPv4 home network models at the time of writing tend to be Most IPv4 home network models at the time of writing tend to be
relatively simple, typically a single NAT router to the ISP and a relatively simple, typically a single NAT router to the ISP and a
single internal subnet but, as discussed earlier, evolution in single internal subnet but, as discussed earlier, evolution in
network architectures is driving more complex topologies, such as the network architectures is driving more complex topologies, such as the
separation of guest and private networks. There may also be some separation of guest and private networks. There may also be some
cascaded IPv4 NAT scenarios, which we mention in the next section. cascaded IPv4 NAT scenarios, which we mention in the next section.
For IPv6 homenets, the network models described in [RFC6204] and its
In general, the models described in [RFC6204] and its successor RFC successor RFC 6204-bis [I-D.ietf-v6ops-6204bis] should, as a minimum,
6204-bis [I-D.ietf-v6ops-6204bis] should be supported by the IPv6 be supported.
home networking architecture. The functions resident on the CER
itself are, as stated previously, out of scope of this text.
There are a number of properties or attributes of a home network that There are a number of properties or attributes of a home network that
we can use to describe its topology and operation. The following we can use to describe its topology and operation. The following
properties apply to any IPv6 home network: properties apply to any IPv6 home network:
o Presence of internal routers. The homenet may have one or more o Presence of internal routers. The homenet may have one or more
internal routers, or may only provide subnetting from interfaces internal routers, or may only provide subnetting from interfaces
on the CER. on the CER.
o Presence of isolated internal subnets. There may be isolated o Presence of isolated internal subnets. There may be isolated
skipping to change at page 18, line 7 skipping to change at page 18, line 7
alongside IPv4+NAT, given that such dual-stack homenets will be alongside IPv4+NAT, given that such dual-stack homenets will be
commonplace for some time. That said, it is desirable that IPv6 commonplace for some time. That said, it is desirable that IPv6
works better than IPv4 in as many scenarios as possible. Further, works better than IPv4 in as many scenarios as possible. Further,
the homenet architecture must operate in the absence of IPv4. the homenet architecture must operate in the absence of IPv4.
A general recommendation is to follow the same topology for IPv6 as A general recommendation is to follow the same topology for IPv6 as
is used for IPv4, but not to use NAT. Thus there should be routed is used for IPv4, but not to use NAT. Thus there should be routed
IPv6 where an IPv4 NAT is used and, where there is no NAT, routing or IPv6 where an IPv4 NAT is used and, where there is no NAT, routing or
bridging may be used. Routing may have advantages when compared to bridging may be used. Routing may have advantages when compared to
bridging together high speed and lower speed shared media, and in bridging together high speed and lower speed shared media, and in
addition bridging may not be suitable for some media, such as ad-hoc addition bridging may not be suitable for some networks, such as ad-
mobile networks. hoc mobile networks.
In some cases IPv4 home networks may feature cascaded NATs, which In some cases IPv4 home networks may feature cascaded NATs. End
could include cases where NAT routers are included within VMs, or users are frequently unaware that they have created such networks as
where Internet connection sharing services are used. IPv6 routed 'home routers' and 'home switches' are frequently confused. In
versions of such cases will be required. We should thus note that addition, there are cases where NAT routers are included within
routers in the homenet may not be separate physical devices; they may Virtual Machine Hypervisors, or where Internet connection sharing
be embedded within other devices. services have been enabled. This document applies equally to such
hidden NAT 'routers'. IPv6 routed versions of such cases will be
required. We should thus also note that routers in the homenet may
not be separate physical devices; they may be embedded within other
devices.
3.2.4. Multihoming 3.2.4. Multihoming
A homenet may be multihomed to multiple providers, as the network A homenet may be multihomed to multiple providers, as the network
models above illustrate. This may either take a form where there are models above illustrate. This may either take a form where there are
multiple isolated networks within the home or a more integrated multiple isolated networks within the home or a more integrated
network where the connectivity selection needs to be dynamic. network where the connectivity selection needs to be dynamic.
Current practice is typically of the former kind, but the latter is Current practice is typically of the former kind, but the latter is
expected to become more commonplace. expected to become more commonplace.
In the general homenet architecture, hosts should be multi-addressed In the general homenet architecture, multihomed hosts should be
with a global IPv6 address from the global prefix delegated from each multi-addressed with a global IPv6 address from the global prefix
ISP they communicate with or through. When such multi-addressing is delegated from each ISP they communicate with or through. When such
in use, hosts need some way to pick source and destination address multi-addressing is in use, hosts need some way to pick source and
pairs for connections. A host may choose a source address to use by destination address pairs for connections. A host may choose a
various methods, most commonly [RFC6724]. Applications may of course source address to use by various methods, most commonly [RFC6724].
do different things, and this should not be precluded. Applications may of course do different things, and this should not
be precluded.
For the single CER Network Model C illistrated above, multihoming may For the single CER Network Model C illustrated above, multihoming may
be offered by source routing at the CER. With multiple exit routers, be offered by source routing at the CER. With multiple exit routers,
as in CER Network Model B, the complexity rises. Given a packet with as in CER Network Model B, the complexity rises. Given a packet with
a source address on the home network, the packet must be routed to a source address on the home network, the packet must be routed to
the proper egress to avoid BCP 38 filtering at an ISP. It is highly the proper egress to avoid BCP 38 filtering if exiting through the
desirable that the packet is routed in the most efficient manner to wrong ISP. It is highly desirable that the packet is routed in the
the correct exit, though as a minimum requirement the packet should most efficient manner to the correct exit, though as a minimum
not be dropped. requirement the packet should not be dropped.
The homenet archiecture should support both the above models, i.e. The homenet architecture should support both the above models, i.e.
one or more CERs. However, the general multihoming problem is broad, one or more CERs. However, the general multihoming problem is broad,
and solutions suggested to date within the IETF have included complex and solutions suggested to date within the IETF have included complex
architectures for monitoring connectivity, traffic engineering, architectures for monitoring connectivity, traffic engineering,
identifier-locator separation, connection survivability across identifier-locator separation, connection survivability across
multihoming events, and so on. It is thus important that the homenet multihoming events, and so on. It is thus important that the homenet
architecture should as far as possible minimise the complexity of any architecture should as far as possible minimise the complexity of any
multihoming support. multihoming support.
An example of such a 'simpler' approach has been documented in An example of such a 'simpler' approach has been documented in
[I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat]. Alternatively a [I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat]. Alternatively a
flooding/routing protocol could potentially be used to pass flooding/routing protocol could potentially be used to pass
information through the homenet, such that internal routers and information through the homenet, such that internal routers and
ultimately end hosts could learn per-prefix configuration ultimately end hosts could learn per-prefix configuration
information, allowing better address selection decisions to be made. information, allowing better address selection decisions to be made.
However, this would imply probably host and certainly router changes. However, this would imply router and, most likely, host changes.
Or another avenue is to introduce support for source routing Another avenue is to introduce support for source routing throughout
throughout the homenet; while greatly improving the 'intelligence' of the homenet; while greatly improving the 'intelligence' of routing
routing decisions within the homenet, such an approach would require decisions within the homenet, such an approach would require
relatively significant router changes. relatively significant router changes but avoid host changes.
As explained previously, NPTv6 is not recommended in the homenet As explained previously, while NPTv6 has been proposed for providing
architecture. multi-homing support in networks, its use is not recommended in the
homenet architecture.
There are some other multihoming considerations for homenet It should be noted that some multihoming scenarios may see one
scenarios. First, it may be the case that multihoming applies due to upstream being a "walled garden", and thus only appropriate for
an ISP migration from a transition method to a native deployment,
e.g. a 6rd [RFC5969] sunsetting scenario. Second, one upstream may
be a "walled garden", and thus only appropriate to be used for
connectivity to the services of that provider; an example may be a connectivity to the services of that provider; an example may be a
VPN service that only routes back to the enterprise business network VPN service that only routes back to the enterprise business network
of a user in the homenet. While we should not specifically target of a user in the homenet. While we should not specifically target
walled garden multihoming as a principal goal, it should not be walled garden multihoming as a principal goal, it should not be
precluded. precluded.
The homenet architecture should also not preclude use of host or The homenet architecture should also not preclude use of host or
application-oriented tools, e.g. Shim6 [RFC5533] or Happy Eyeballs application-oriented tools, e.g. Shim6 [RFC5533], MPTCP [RFC6824] or
[RFC6555]. In general, any incremental improvements obtained by host Happy Eyeballs [RFC6555]. In general, any incremental improvements
changes should give benefit for the hosts introducing them, but not obtained by host changes should give benefit for the hosts
be required. introducing them, but not be required.
3.3. A Self-Organising Network 3.3. A Self-Organising Network
A home network architecture should be naturally self-organising and The home network architecture should be naturally self-organising and
self-configuring under different circumstances relating to the self-configuring under different circumstances relating to the
connectivity status to the Internet, number of devices, and physical connectivity status to the Internet, number of devices, and physical
topology. At the same time, it should be possible for advanced users topology. At the same time, it should be possible for advanced users
to manually adjust (override) the current configuration. to manually adjust (override) the current configuration.
While a goal of the homenet architecture is for the network to be as While a goal of the homenet architecture is for the network to be as
self-organising as possible, there may be instances where some manual self-organising as possible, there may be instances where some manual
configuration is required, e.g. the entry of a cryptographic key to configuration is required, e.g. the entry of a cryptographic key to
apply wireless security, or to configure a shared routing secret. apply wireless security, or to configure a shared routing secret.
The latter may be relevant when considering how to bootstrap a The latter may be relevant when considering how to bootstrap a
routing configuration. It is highly desirable that the number of routing configuration. It is highly desirable that the number of
such configurations is minimised. such configurations is minimised.
3.3.1. Differentiating neighbouring homenets 3.3.1. Differentiating neighbouring homenets
It is important that self-configuration with 'unintended' devices is It is important that self-configuration with 'unintended' devices is
avoided. Methods are needed for devices to know whether they are avoided. There should be a way for a user to administratively assert
intended to be part of the same homenet site or not. Thus methods to in a simple way whether or not a device belongs to a homenet. The
ensure separation between neighbouring homenets are required. This goal is to allow the establishment of borders, particularly between
may require use of some unique 'secret' for devices/protocols in each two adjacent homenets, and to avoid unauthorised devices from
homenet. Some existing mechanisms exist to assist home users to participating in the homenet. Such an authorisation capability may
associate devices as simply as possible, e.g. 'connect' button need to operate through multiple hops in the homenet.
support.
The homenet should thus support a way for a homenet owner to claim
ownership of their devices in a reasonably secure way. This could be
achieved by a pairing mechanism, by for example pressing buttons
simultaneously on an authenticated and a new homenet device. Or by
an enrolment process, as described in
[I-D.behringer-homenet-trust-bootstrap].
3.3.2. Largest practical subnets 3.3.2. Largest practical subnets
Today's IPv4 home networks generally have a single subnet, and early Today's IPv4 home networks generally have a single subnet, and early
dual-stack deployments have a single congruent IPv6 subnet, possibly dual-stack deployments have a single congruent IPv6 subnet, possibly
with some bridging functionality. More recently, some vendors have with some bridging functionality. More recently, some vendors have
started to introduce 'home' and 'guest' functions, which in IPv6 started to introduce 'home' and 'guest' functions, which in IPv6
would be implemented as two subnets. would be implemented as two subnets.
Future home networks are highly likely to have one or more internal Future home networks are highly likely to have one or more internal
routers and thus need multiple subnets, for the reasons described routers and thus need multiple subnets, for the reasons described
earlier. As part of the self-organisation of the network, the earlier. As part of the self-organisation of the network, the
homenet should subdivide itself to the largest practical subnets that homenet should subdivide itself to the largest practical subnets that
can be constructed within the constraints of link layer mechanisms, can be constructed within the constraints of link layer mechanisms,
bridging, physical connectivity, and policy, and where applicable bridging, physical connectivity, and policy, and where applicable
performance or other criteria. For example, bridging a busy Gigabit performance or other criteria.
Ethernet subnet and a wireless subnet together may impact wireless
performance.
While it may be desirable to maximise the chance of link-local While it may be desirable to maximise the chance of link-local
protocols operating across a homenet by maximising the size of a protocols operating across a homenet by maximising the size of a
subnet, multi-subnet home networks are inevitable, so their support subnet, multi-subnet home networks are inevitable, so their support
must be included. must be included.
3.3.3. Homenet realms and borders 3.3.3. Homenet realms and borders
The homenet will need to be aware of the extent of its own 'site', The homenet will need to be aware of the extent of its own 'site',
which will, for example, define the borders for ULA and site scope which will, for example, define the borders for ULA and site scope
skipping to change at page 21, line 34 skipping to change at page 21, line 41
It is desirable to classify the external border of the home network It is desirable to classify the external border of the home network
as a unique logical interface separating the home network from as a unique logical interface separating the home network from
service provider network/s. This border interface may be a single service provider network/s. This border interface may be a single
physical interface to a single service provider, multiple layer 2 physical interface to a single service provider, multiple layer 2
sub-interfaces to a single service provider, or multiple connections sub-interfaces to a single service provider, or multiple connections
to a single or multiple providers. This border makes it possible to to a single or multiple providers. This border makes it possible to
describe edge operations and interface requirements across multiple describe edge operations and interface requirements across multiple
functional areas including security, routing, service discovery, and functional areas including security, routing, service discovery, and
router discovery. router discovery.
Some initial proposals towards border discovery are presented in
[I-D.kline-default-perimeter].
It should be possible for the homenet user to override any It should be possible for the homenet user to override any
automatically determined borders and the default policies applied automatically determined borders and the default policies applied
between them. between them.
Some initial proposals towards border discovery are presented in
[I-D.kline-default-perimeter].
3.4. Homenet Addressing 3.4. Homenet Addressing
The IPv6 addressing scheme used within a homenet must conform to the The IPv6 addressing scheme used within a homenet must conform to the
IPv6 addressing architecture [RFC4291]. In this section we discuss IPv6 addressing architecture [RFC4291]. In this section we discuss
how the homenet needs to adapt to the prefixes made available to it how the homenet needs to adapt to the prefixes made available to it
by its upstream ISP, such that internal subnets, hosts and devices by its upstream ISP, such that internal subnets, hosts and devices
can obtain the and configure the necessary addressing information to can obtain the and configure the necessary addressing information to
operate. operate.
3.4.1. Use of ISP-delegated IPv6 prefixes 3.4.1. Use of ISP-delegated IPv6 prefixes
A homenet may receive an arbitrary length IPv6 prefix from its Discussion of IPv6 prefix allocation policies is included in
provider, e.g. /60, /56 or /48. The offered prefix may be stable or [RFC6177]. In practice, a homenet may receive an arbitrary length
change from time to time. Some ISPs may offer relatively stable IPv6 prefix from its provider, e.g. /60, /56 or /48. The offered
prefixes, while others may change the prefix whenever the CER is prefix may be stable or change from time to time; it is generally
reset. Some discussion of IPv6 prefix allocation policies is expected that ISPs will offer relatively stable prefixes to their
included in [RFC6177] which discusses why, for example, a one-size- residential customers. Regardless, the home network needs to be
fits-all /48 allocation is not desirable. adaptable as far as possible to ISP prefix allocation policies, and
thus make no assumptions about the stability of the prefix received
from an ISP, or the length of the prefix that may be offered.
The homenet architecture expects internal host subnets to be /64 in However, if, for example, only a /64 is offered by the ISP, the
size. While it may be possible to operate a DHCPv6-only network with homenet may be severely constrained or even unable to function.
prefixes longer than /64, doing so would break SLAAC, and is thus not [RFC6177] (BCP 157) states that "a key principle for address
recommended. management is that end sites always be able to obtain a reasonable
amount of address space for their actual and planned usage, and over
time ranges specified in years rather than just months. In practice,
that means at least one /64, and in most cases significantly more.
One particular situation that must be avoided is having an end site
feel compelled to use IPv6-to-IPv6 Network Address Translation or
other burdensome address conservation techniques because it could not
get sufficient address space." This architecture text assumes that
this guidance is being followed by ISPs.
The home network needs to be adaptable to ISP prefix allocation There are many problems that would arise from a homenet not being
policies, and thus make no assumptions about the stability of the offered a sufficient prefix size for its needs. Rather than attempt
prefix received from an ISP, or the length of the prefix that may be to contrive a method for a homenet to operate in a constrained manner
offered. However, if only a /64 is offered by the ISP, the homenet when faced with insufficient prefixes, such as the use of subnet
may be severely constrained or even unable to function. As stated prefixes longer than /64 (which would break SLAAC), use of NPTv6, or
above, attempting to use internal subnet prefixes longer than /64 falling back to bridging across potentially very different media, it
would break SLAAC, and is thus not recommended. Using ULA prefixes is recommended that the receiving router instead enters an error
internally with NPTv6 at the boundary is not recommended for reasons state and issues appropriate warnings. Some consideration may need
given elsewhere. Reverting to bridging would destroy subnetting, to be given to how such a warning or error state should best be
breaks multicast if bridged onto 802.11 wireless networks and has presented to a typical home user.
serious limitations with regard to heterogeneous link layer
technologies and LLNs. For those reasons it is recommended that
DHCP-PD or OSPFv3 capable routers have the ability to issue a warning
upon receipt of a /64 if required to assign further prefixes within
the home network. Though some consideration needs to be given to how
that should be presented to a typical home user.
Thus the border CER router should 'hint', most likely via DHCP-PD, Thus a homenet CER should request, for example via DHCP-PD, that it
that it would like a /48 prefix from its ISP, i.e. it asks the ISP would like a /48 prefix from its ISP, i.e. it asks the ISP for the
for the maximum size prefix it might expect to be offered, but in maximum size prefix it might expect to be offered, even if in
practice it may only be offered a /56 or /60. For a typical IPv6 practice it may only be offered a /56 or /60. For a typical IPv6
homenet, it is not recommended that an ISP offer less than a /60 homenet, it is not recommended that an ISP offer less than a /60
prefix, and should preferably offer at least a /56. prefix, and it is highly preferable that the ISP offers at least a
/56. It is expected that the allocated prefix to the homenet from
any single ISP is a contiguous, aggregated one. While it may be
possible for a homenet CER to issue multiple prefix requests to
attempt to obtain multiple delegations, such behaviour is out of
scope of this document.
In practice, it is expected that ISPs will deliver a relatively There are reports that some CER equipment does not support receipt of
stable home prefix to customers. The norm for residential customers a prefix bigger than /64, but the homenet architecture is designed
of large ISPs may be similar to their single IPv4 address provision; for future IPv6 home networks, and we assume that such restricted
by default it is likely to remain persistent for some time, but equipment will become rarer over time.
changes in the ISP's own provisioning systems may lead to the
customer's IP (and in the IPv6 case their prefix pool) changing. It It is expected that ISPs will deliver a relatively stable prefix to
is not expected that ISPs will support Provider Independent (PI) residential customers. The norm for residential customers of large
addressing for general residential homenets. ISPs may be similar to their single IPv4 address provision; by
default it is likely to remain persistent for some time, but changes
in the ISP's own provisioning systems may lead to the customer's IP
(and in the IPv6 case their prefix pool) changing. It is not
expected that ISPs will generally support Provider Independent (PI)
addressing for residential homenets.
When an ISP does need to restructure, and in doing so renumber its When an ISP does need to restructure, and in doing so renumber its
customer homenets, 'flash' renumbering is likely to be imposed. This customer homenets, 'flash' renumbering is likely to be imposed. This
implies a need for the homenet to be able to handle a sudden implies a need for the homenet to be able to handle a sudden
renumbering event which, unlike the process described in [RFC4192], renumbering event which, unlike the process described in [RFC4192],
would be a 'flag day" event, which means that a graceful renumbering would be a 'flag day" event, which means that a graceful renumbering
process moving through a state with two active prefixes in use would process moving through a state with two active prefixes in use would
not be possible. While renumbering can be viewed as an extended not be possible. While renumbering can be viewed as an extended
version of an initial numbering process, the difference between flash version of an initial numbering process, the difference between flash
renumbering and an initial 'cold start' is the need to provide renumbering and an initial 'cold start' is the need to provide
service continuity. service continuity.
There may be cases where local law means some ISPs are required to There may be cases where local law means some ISPs are required to
change IPv6 prefixes (current IPv4 addresses) for privacy reasons for change IPv6 prefixes (current IPv4 addresses) for privacy reasons for
their customers. In such cases it may be possible to avoid an their customers. In such cases it may be possible to avoid an
instant 'flash' renumbering and plan a non-flag day renumbering as instant 'flash' renumbering and plan a non-flag day renumbering as
per RFC 4192. per RFC 4192. Similarly, if an ISP has a planned renumbering
process, it may be able to adjust lease timers, etc appropriately.
The customer may of course also choose to move to a new ISP, and thus The customer may of course also choose to move to a new ISP, and thus
begin using a new prefix. In such cases the customer should expect a begin using a new prefix. In such cases the customer should expect a
discontinuity, and not only may the prefix change but potentially discontinuity, and not only may the prefix change, but potentially
also the prefix length, if the new ISP offers a different default also the prefix length if the new ISP offers a different default size
size prefix. Regardless, it's desirable that homenet protocols prefix. The homenet may also be forced to renumber itself if
support rapid renumbering and that operational processes don't add significant internal 'replumbing' is undertaken by the user.
unnecessary complexity for the renumbering process. Further, the Regardless, it's desirable that homenet protocols support rapid
introduction of any new homenet protocols should not make any form of renumbering and that operational processes don't add unnecessary
renumbering any more complex than it already is. complexity for the renumbering process. Further, the introduction of
any new homenet protocols should not make any form of renumbering any
more complex than it already is.
Finally, the internal operation of the home network should also not Finally, the internal operation of the home network should also not
depend on the availability of the ISP network at any given time, depend on the availability of the ISP network at any given time,
other than of course for connectivity to services or systems off the other than of course for connectivity to services or systems off the
home network. This reinforces the use of ULAs for stable internal home network. This reinforces the use of ULAs for stable internal
communication, and the need for a naming and service discovery communication, and the need for a naming and service discovery
mechanism that can operate independently within the homenet. mechanism that can operate independently within the homenet.
3.4.2. Stable internal IP addresses 3.4.2. Stable internal IP addresses
The network should by default attempt to provide IP-layer The network should by default attempt to provide IP-layer
connectivity between all internal parts of the homenet as well as to connectivity between all internal parts of the homenet as well as to
and from the external Internet, subject to the filtering policies or and from the external Internet, subject to the filtering policies or
other policy constraints discussed later in the security section. other policy constraints discussed later in the security section.
ULAs should be used within the scope of a homenet to support routing ULAs should be used within the scope of a homenet to support stable
between subnets regardless of whether a globally unique ISP-provided routing and connectivity between subnets and hosts regardless of
prefix is available. As discussed previously, it would be expected whether a globally unique ISP-provided prefix is available. In the
that ULAs would be used alongside one or more such global prefixes in case of a prolonged external connectivity outage, ULAs allow internal
a homenet, such that hosts become multi-addressed with both globally operations across routed subnets to continue. ULA addresses also
unique and ULA prefixes. ULAs should be used for all devices, not allow constrained LLN devices to create permanent relationships
just those intended to only have internal connectivity. Default between IPv6 addresses, e.g. from a wall controller to a lamp, where
address selection would then enable ULAs to be preferred for internal symbolic host names would require additional non-volatile memory and
updating global prefixes in sleeping LLN devices might also be
problematic.
As discussed previously, it would be expected that ULAs would
normally be used alongside one or more global prefixes in a homenet,
such that hosts become multi-addressed with both globally unique and
ULA prefixes. ULAs should be used for all devices, not just those
intended to only have internal connectivity. Default address
selection would then enable ULAs to be preferred for internal
communications between devices that are using ULA prefixes generated communications between devices that are using ULA prefixes generated
within the same homenet. within the same homenet.
ULA addresses will allow constrained LLN devices to create permanent In cases where ULA prefixes are in use within a homenet but there is
relationships between IPv6 addresses, e.g. from a wall controller to no external IPv6 connectivity (and thus no GUAs in use),
a lamp. Symbolic host names would require additional non-volatile recommendations ULA-5, L-3 and L-4 in RFC 6204 should be followed to
memory. Updating global prefixes in sleeping LLN devices might also ensure correct operation, in particular where the homenet may be
be problematic. dual-stack with IPv4 external connectivity. The use of the Route
Information Option described in [RFC4191] provides a mechanism to
advertise such more-specific ULA routes.
The use of ULAs should be restricted to the homenet scope through The use of ULAs should be restricted to the homenet scope through
filtering at the border(s) of the homenet, as described in RFC 6092. filtering at the border(s) of the homenet, as mandated by RFC 6024
requirement S-2.
Note that it is possible that in some cases multiple /48 ULA prefixes Note that it is possible that in some cases multiple /48 ULA prefixes
may be in use within the same homenet, e.g. when the network is being may be in use within the same homenet, e.g. when the network is being
deployed, perhaps also without external connectivity. It is expect deployed, perhaps also without external connectivity. In cases where
that routers in the homenet would somehow elect a 'master' that would multiple ULA /48's are in use, hosts need to know that each /48 is
be responsible for delegating /64 prefixes to internal requesting local to the homenet, e.g. by inclusion in their local address
routers, much as routers obtain /64 global prefixes from the prefix selection policy table.
pool delegated by the ISP to the CER. In cases where multiple ULA
/48's are in use, hosts need to know that each /48 is local to the
homenet, e.g. by inclusion in their local address selection policy
table.
3.4.3. Internal prefix delegation 3.4.3. Internal prefix delegation
As mentioned above, there are various sources of prefixes. From the As mentioned above, there are various sources of prefixes. From the
homenet perspective, a single global prefix from each ISP should be homenet perspective, a single global prefix from each ISP should be
received on the border CER [RFC3633]. Where multiple CERs exist with received on the border CER [RFC3633]. Where multiple CERs exist with
multiple ISP prefix pools, it is expected that routers within the multiple ISP prefix pools, it is expected that routers within the
homenet would assign themselves prefixes from each ISP they homenet would assign themselves prefixes from each ISP they
communicate with/through. As discussed above, a ULA prefix can be communicate with/through. As discussed above, a ULA prefix should be
made available for stable internal communications, or for use on provisioned for stable internal communications or for use on
constrained/LLN networks. There may also be a prefix associated with constrained/LLN networks.
NAT64, if in use in the homenet.
The delegation or availability of a prefix pool to the homenet should The delegation or availability of a prefix pool to the homenet should
allow subsequent internal autonomous delegation of prefixes for use allow subsequent internal autonomous delegation of prefixes for use
within the homenet. Such internal delegation should not assume a within the homenet. Such internal delegation should not assume a
flat or hierarchical model, nor should it make an assumption about flat or hierarchical model, nor should it make an assumption about
whether the delegation of internal prefixes is distributed or whether the delegation of internal prefixes is distributed or
centralised. The assignment mechanism should provide reasonable centralised. The assignment mechanism should provide reasonable
efficiency, so that typical home network prefix allocation sizes can efficiency, so that typical home network prefix allocation sizes can
accommodate all the necessary /64 allocations in most cases, and not accommodate all the necessary /64 allocations in most cases, and not
waste prefixes. Further, duplicate assignment of multiple /64s to waste prefixes. Further, duplicate assignment of multiple /64s to
skipping to change at page 25, line 18 skipping to change at page 25, line 46
with it. However, where ULAs are used, most likely but not with it. However, where ULAs are used, most likely but not
necessarily in parallel with global prefixes, one router should be necessarily in parallel with global prefixes, one router should be
elected as 'master' for delegation of ULA prefixes for the homenet, elected as 'master' for delegation of ULA prefixes for the homenet,
such that only one /48 ULA covers the whole homenet where possible. such that only one /48 ULA covers the whole homenet where possible.
That router should generate a /48 ULA for the site, and then delegate That router should generate a /48 ULA for the site, and then delegate
/64's from that ULA prefix to subnets. In cases where two /48 ULAs /64's from that ULA prefix to subnets. In cases where two /48 ULAs
are generated within a homenet, the network should still continue to are generated within a homenet, the network should still continue to
function, meaning that hosts will need to determine that each ULA is function, meaning that hosts will need to determine that each ULA is
local to the homenet. local to the homenet.
Delegation within the homenet should give each subnet a prefix that Delegation within the homenet should result in each link being
is persistent across reboots, power outages and similar short-term assigned a stable prefix that is persistent across reboots, power
outages. Addition of a new routing device should not affect existing outages and similar short-term outages. The availability of
persistent prefixes should not depend on the router boot order. The
addition of a new routing device should not affect existing
persistent prefixes, but persistence may not be expected in the face persistent prefixes, but persistence may not be expected in the face
of significant 'replumbing' of the homenet. Persistent prefixes of significant 'replumbing' of the homenet. However, delegated ULA
should not depend on router boot order. However, such persistent
prefixes may imply the need for stable storage on routing devices,
and also a method for a home user to 'reset' the stored prefix should
a significant reconfiguration be required (though ideally the home
user should not be involved at all).
The delegation method should support renumbering, which would
typically be 'flash' renumbering in that the homenet would not have
advance notice of the event or thus be able to apply the types of
approach described in [RFC4192]. As a minimum, delegated ULA
prefixes within the homenet should remain persistent through an ISP- prefixes within the homenet should remain persistent through an ISP-
driven renumbering event. driven renumbering event.
Provisioning such persistent prefixes may imply the need for stable
storage on routing devices, and also a method for a home user to
'reset' the stored prefix should a significant reconfiguration be
required (though ideally the home user should not be involved at
all).
Several proposals have been made for prefix delegation within a Several proposals have been made for prefix delegation within a
homenet. One group of proposals is based on DHCPv6 PD, as described homenet. One group of proposals is based on DHCPv6 PD, as described
in [I-D.baker-homenet-prefix-assignment], [RFC3315] and [RFC3633]. in [I-D.baker-homenet-prefix-assignment], [RFC3315] and [RFC3633].
The other uses OSPFv3, as described in DHCPv6 PD is also used by [I-D.grundemann-homenet-hipnet]. Another
[I-D.arkko-homenet-prefix-assignment]. More detailed analysis of proposal uses OSPFv3, as described in
these approaches needs to be made against the requirements/principles [I-D.arkko-homenet-prefix-assignment] and
described above. [I-D.ietf-ospf-ospfv3-autoconfig].
The above methods assume that all router devices participating in a
homenet use the same internal prefix delegation method. This implies
that only one delegation method should be in use.
3.4.4. Coordination of configuration information 3.4.4. Coordination of configuration information
The network elements will need to be integrated in a way that takes The network elements will need to be integrated in a way that takes
account of the various lifetimes on timers that are used on different account of the various lifetimes on timers that are used on different
elements, e.g. DHCPv6 PD, router, valid prefix and preferred prefix elements, e.g. DHCPv6 PD, router, valid prefix and preferred prefix
timers. timers.
3.4.5. Privacy 3.4.5. Privacy
skipping to change at page 26, line 27 skipping to change at page 27, line 11
regardless, e.g. through Privacy Addresses [RFC4941]. This may regardless, e.g. through Privacy Addresses [RFC4941]. This may
benefit mutual privacy of users within a home network, but not mask benefit mutual privacy of users within a home network, but not mask
which home network traffic is sourced from. which home network traffic is sourced from.
3.5. Routing functionality 3.5. Routing functionality
Routing functionality is required when there are multiple routers Routing functionality is required when there are multiple routers
deployed within the internal home network. This functionality could deployed within the internal home network. This functionality could
be as simple as the current 'default route is up' model of IPv4 NAT, be as simple as the current 'default route is up' model of IPv4 NAT,
or, more likely, it would involve running an appropriate routing or, more likely, it would involve running an appropriate routing
protocol. protocol. Regardless of the solution method, the functionality
discussed below should be met.
The homenet unicast routing protocol should preferably be an existing The homenet unicast routing protocol should preferably be an existing
deployed protocol that has been shown to be reliable and robust, and deployed protocol that has been shown to be reliable and robust, and
it is preferable that the protocol is 'lightweight'. It is desirable it is preferable that the protocol is both 'lightweight' and that
open source implementations are readily available. It is desirable
that the routing protocol has knowledge of the homenet topology, that the routing protocol has knowledge of the homenet topology,
which implies a link-state protocol is preferable. If so, it is also which implies a link-state protocol is preferable. This would mean
desirable that the announcements and use of LSAs and RAs are the routing protocol gives a consistent view of the network, and that
appropriately coordinated. This would mean the routing protocol it can pass around more than just routing information.
gives a consistent view of the network, and that it can pass around
more than just routing information.
Multiple interface PHYs must be accounted for in the homenet routed Multiple interface PHYs must be accounted for in the homenet routed
topology. Technologies such as Ethernet, WiFi, MoCA, etc must be topology. Technologies such as Ethernet, WiFi, MoCA, etc must be
capable of coexisting in the same environment and should be treated capable of coexisting in the same environment and should be treated
as part of any routed deployment. The inclusion of the PHY layer as part of any routed deployment. The inclusion of the PHY layer
characteristics including bandwidth, loss, and latency in path characteristics including bandwidth, loss, and latency in path
computation should be considered for optimising communication in the computation should be considered for optimising communication in the
homenet. Multiple upstreams should be supported, as described in the homenet.
multihoming section earlier. This should include load-balancing to
multiple providers, and failover from a primary to a backup link when The routing protocol should support the generic use of multiple
customer Internet connections, and the concurrent use of multiple
delegated prefixes. A routing protocol that can make routing
decisions based on source and destination addresses is thus
desirable, to avoid upstream ISP BCP38 ingress filtering problems.
Multihoming support should also include load-balancing to multiple
providers, and failover from a primary to a backup link when
available. The protocol however should not require upstream ISP available. The protocol however should not require upstream ISP
connectivity to be established to continue routing within the connectivity to be established to continue routing within the
homenet. homenet.
To support multihoming within a homenet, a routing protocol that can
make routing decisions based on source and destination addresses is
desirable, to avoid upstream ISP ingress filtering problems. In
general the routing protocol should support multiple ISP uplinks and
delegated prefixes in concurrent use.
The routing environment should be self-configuring, as discussed The routing environment should be self-configuring, as discussed
previously. An example of how OSPFv3 can be self-configuring in a previously. An example of how OSPFv3 can be self-configuring in a
homenet is described in [I-D.acee-ospf-ospfv3-autoconfig]. homenet is described in [I-D.ietf-ospf-ospfv3-autoconfig].
Minimising convergence time should be a goal in any routed Minimising convergence time should be a goal in any routed
environment, but as a guideline a maximum convergence time of around environment, but as a guideline a maximum convergence time at most 30
30 seconds should be the target. seconds should be the target.
Any routed solution will require a means for determining the As per prefix delegation, it is assumed that a single routing
boundaries of the homenet. Borders may include but are not limited solution is in use in the homenet architecture. If there is an
to the interface to the upstream ISP, or a gateway device to a identified need to support multiple solutions, these must be
separate home network such as a LLN network. In some cases there may interoperable.
be no border present, which may for example occur before an upstream
connection has been established. The border discovery functionality An appropriate mechanism is required to discover which router(s) in
may be integrated into the routing protocol itself, but may also be the homenet are providing the CER function. Borders may include but
imported via a separate discovery mechanism. are not limited to the interface to the upstream ISP, a gateway
device to a separate home network such as a LLN network, or a gateway
to a guest or private corporate extension network. In some cases
there may be no border present, which may for example occur before an
upstream connection has been established. The border discovery
functionality may be integrated into the routing protocol itself, but
may also be imported via a separate discovery mechanism.
In general, LLN or other networks should be able to attach and In general, LLN or other networks should be able to attach and
participate the same way as the main homenet, or alternatively map/be participate the same way as the main homenet, or alternatively map/be
gatewayed to the main homenet. Current home deployments use largely gatewayed to the main homenet. Current home deployments use largely
different mechanisms in sensor and basic Internet connectivity different mechanisms in sensor and basic Internet connectivity
networks. IPv6 VM solutions may also add additional routing networks. IPv6 VM solutions may also add additional routing
requirements. requirements.
3.5.1. Multicast support 3.5.1. Multicast support
skipping to change at page 28, line 16 skipping to change at page 29, line 5
3.6. Security 3.6. Security
The security of an IPv6 homenet is an important consideration. The The security of an IPv6 homenet is an important consideration. The
most notable difference to the IPv4 operational model is the removal most notable difference to the IPv4 operational model is the removal
of NAT, the introduction of global addressability of devices, and of NAT, the introduction of global addressability of devices, and
thus a need to consider whether devices should have global thus a need to consider whether devices should have global
reachability. Regardless, hosts need to be able to operate securely, reachability. Regardless, hosts need to be able to operate securely,
end-to-end where required, and also be robust against malicious end-to-end where required, and also be robust against malicious
traffic direct towards them. However, there are other challenges traffic direct towards them. However, there are other challenges
introduced, e.g. default filtering policies at the borders between introduced, e.g. default filtering policies at the borders between
other homenet realms. various homenet realms.
3.6.1. Addressability vs reachability 3.6.1. Addressability vs reachability
An IPv6-based home network architecture should embrace the An IPv6-based home network architecture should embrace the
transparent end-to-end communications model as described in transparent end-to-end communications model as described in
[RFC2775]. Each device should be globally addressable, and those [RFC2775]. Each device should be globally addressable, and those
addresses must not be altered in transit. However, security addresses must not be altered in transit. However, security
perimeters can be applied to restrict end-to-end communications, and perimeters can be applied to restrict end-to-end communications, and
thus while a host may be globally addressable it may not be globally thus while a host may be globally addressable it may not be globally
reachable. reachable.
In IPv4 NAT networks, the NAT provides an implicit firewall function.
[RFC4864] describes a 'Simple Security' model for IPv6 networks, [RFC4864] describes a 'Simple Security' model for IPv6 networks,
whereby stateful perimeter filtering can be applied instead where whereby stateful perimeter filtering can be applied to control the
global addresses are used. RFC 4864 implies an IPv6 'default deny' reachability of devices in a homenet. RFC 4864 states in Section 4.2
policy for inbound connections be used for similar functionality to that "the use of firewalls ... is recommended for those that want
IPv4 NAT. It should be noted that such a 'default deny' approach boundary protection in addition to host defences". It should be
would effectively replace the need for IPv4 NAT traversal protocols noted that a 'default deny' filtering approach would effectively
with a need to use a signalling protocol to request a firewall hole replace the need for IPv4 NAT traversal protocols with a need to use
be opened. Thus to support applications wanting to accept a signalling protocol to request a firewall hole be opened, e.g. a
connections initiated into home networks where a 'default deny' protocol such as UPnP or PCP [I-D.ietf-pcp-base]. In networks with
policy is in place support for a signalling protocol such as UPnP or multiple CERs, the signalling would need to handle the cases of flows
PCP [I-D.ietf-pcp-base] is required. In networks with multiple CERs, that may use one or more exit routers. CERs would need to be able to
the signalling would need to handle the cases of flows that may use advertise their existence for such protocols.
one or more exit routers. CERs would need to be able to advertise
their existence for such protocols.
[RFC6092] expands on RFC 4864, giving a more detailed discussion of [RFC6092] expands on RFC 4864, giving a more detailed discussion of
IPv6 perimeter security recommendations, without mandating a 'default IPv6 perimeter security recommendations, without mandating a 'default
deny' approach. Indeed, RFC 6092 does not enforce a particular mode deny' approach. Indeed, RFC 6092 does not enforce a particular mode
of operation, instead stating that CERs must provide an easily of operation, instead stating that CERs must provide an easily
selected configuration option that permits a 'transparent' mode, thus selected configuration option that permits a 'transparent' mode, thus
ensuring a 'default allow' model is available. The homenet ensuring a 'default allow' model is available. The homenet
architecture text makes no recommendation on the default setting, and architecture text makes no recommendation on the default setting, and
refers the reader to RFC 6092. refers the reader to RFC 6092.
skipping to change at page 29, line 36 skipping to change at page 30, line 22
perimeters inside the homenet. Constrained LLN nodes may implement perimeters inside the homenet. Constrained LLN nodes may implement
network key security but may depend on access policies enforced by network key security but may depend on access policies enforced by
the LLN border router. the LLN border router.
3.6.3. Marginal Effectiveness of NAT and Firewalls 3.6.3. Marginal Effectiveness of NAT and Firewalls
Security by way of obscurity (address translation) or through Security by way of obscurity (address translation) or through
firewalls (filtering) is at best marginally effective. The very poor firewalls (filtering) is at best marginally effective. The very poor
security track record of home computer, home networking and business security track record of home computer, home networking and business
PC computers and networking is testimony to its ineffectiveness. A PC computers and networking is testimony to its ineffectiveness. A
compromise behind the firewall of any device exposes all others, security compromise behind the firewall of any device exposes all
making an entire network that relies on obscurity or a firewall as others, making an entire network that relies on obscurity or a
vulnerable as the most insecure device on the private side of the firewall as vulnerable as the most insecure device on the private
network. side of the network.
However, given home network products with very poor security, putting However, given home network products with very poor security, putting
a firewall in place does provide some protection, even if only a firewall in place does provide some protection, even if only
marginally effective. The use of firewalls today, whether a good marginally effective. The use of firewalls today, whether a good
practice or not, is common practice and whatever protection afforded, practice or not, is common practice and whatever protection afforded,
even if marginally effective, must not be lost. even if marginally effective, should not be lost.
3.6.4. Device capabilities 3.6.4. Device capabilities
In terms of the devices, homenet hosts should implement their own In terms of the devices, homenet hosts should implement their own
security policies in accordance to their computing capabilities. security policies in accordance to their computing capabilities.
They should have the means to request transparent communications to They should have the means to request transparent communications to
be initiated to them, either for all ports or for specific services. be able to be initiated to them through security filters in the
homenet, either for all ports or for specific services. Users should
Users should have simple methods to associate devices to services have simple methods to associate devices to services that they wish
that they wish to operate transparently through (CER) borders. to operate transparently through (CER) borders.
3.6.5. ULAs as a hint of connection origin 3.6.5. ULAs as a hint of connection origin
It has been suggested that using ULAs would provide an indication to As noted in Section 3.6, if appropriate filtering is in place on the
applications that received traffic is locally sourced. This could CER(s), as mandated by RFC 6024 requirement S-2, a ULA source address
then be used with security settings to designate between which nodes may be taken as an indication of locally sourced traffic. This
a particular application is allowed to communicate, provided ULA indication could then be used with security settings to designate
address space is filtered appropriately at the boundary of the realm. between which nodes a particular application is allowed to
communicate, provided ULA address space is filtered appropriately at
the boundary of the realm.
3.7. Naming and Service Discovery 3.7. Naming and Service Discovery
Naming and service discovery must be supported in the homenet, and The homenet requires devices to be able to determine and use unique
the service(s) providing this function must as far as possible names by which they can be accessed on the network. Users and
support unmanaged operation. devices will need to be able to discover devices and services
available on the network, e.g. media servers, printers, displays or
specific home automation devices. Thus naming and service discovery
must be supported in the homenet, and, given the nature of typical
home network users, the service(s) providing this function must as
far as possible support unmanaged operation.
The naming system will be required to work internally or externally, The naming system will be required to work internally or externally,
be the user within the homenet or outside it, i.e. the user should be be the user within the homenet or outside it, i.e. the user should be
able to refer to devices by name, and potentially connect to them, able to refer to devices by name, and potentially connect to them,
wherever they may be. The most natural way to think about such wherever they may be. The most natural way to think about such
naming and service discovery is to enable it to work across the naming and service discovery is to enable it to work across the
entire homenet residence (site), disregarding technical borders such entire homenet residence (site), disregarding technical borders such
as subnets but respecting policy borders such as those between guest as subnets but respecting policy borders such as those between guest
and other internal network realms. and other internal network realms. Remote access may be desired by
the homenet residents while travelling, but also potentially by
manufacturers or other 'benevolent' third parties.
3.7.1. Discovering services 3.7.1. Discovering services
Users will typically perform service discovery through GUI interfaces Users will typically perform service discovery through GUI interfaces
that allow them to browse services on their network in an appropriate that allow them to browse services on their network in an appropriate
and intuitive way. Such interfaces are beyond the scope of this and intuitive way. Devices may also need to discover other devices,
document, but the interface should have an appropriate API for the without any user intervention or choice. Either way, such interfaces
discovery to be performed. are beyond the scope of this document, but the interface should have
an appropriate API for the discovery to be performed.
Such interfaces may also typically hide the local domain name element Such interfaces may also typically hide the local domain name element
from users, especially where only one name space is available. from users, especially where only one name space is available.
However, as we discuss below, in some cases the ability to discover However, as we discuss below, in some cases the ability to discover
available domains may be useful. available domains may be useful.
We note that current service discovery protocols are generally aimed We note that current zero-configuration service discovery protocols
at single subnets. There is thus a choice to make for multi-subnet are generally aimed at single subnets. There is thus a choice to
homenets as to whether such protocols should be proxied or extended make for multi-subnet homenets as to whether such protocols should be
to operate across a whole homenet. In this context, that may mean proxied or extended to operate across a whole homenet. In this
bridging a link-local method, taking care to avoid loops, or context, that may mean bridging a link-local method, taking care to
extending the scope of multicast traffic used for the purpose. This avoid loops, or extending the scope of multicast traffic used for the
document does not mandate either solution, rather it expresses the purpose. It may mean that some proxy or hybrid service is utilised,
principles that should be used for a homenet naming and service perhaps co-resident on the CER. Or it may be that a new approach is
discovery environment. Or it may be that a new approach is
preferable, e.g. flooding information around the homenet as preferable, e.g. flooding information around the homenet as
attributes within the routing protocol (which could allow per-prefix attributes within the routing protocol (which could allow per-prefix
configuration). In general we should prefer approaches that are configuration). However, we should prefer approaches that are
backwardly compatible, and allow current implementations to continue backwardly compatible, and allow current implementations to continue
to be used. to be used. Note that this document does not mandate a particular
solution, rather it expresses the principles that should be used for
a homenet naming and service discovery environment.
One of the primary challenges facing service discovery today is lack One of the primary challenges facing service discovery today is lack
of interoperability due to the ever increasing number of service of interoperability due to the ever increasing number of service
discovery protocols available. While it is conceivable for consumer discovery protocols available. While it is conceivable for consumer
devices to support multiple discovery protocols, this is clearly not devices to support multiple discovery protocols, this is clearly not
the most efficient use of network and computational resources. One the most efficient use of network and computational resources. One
goal of the homenet architecture should be a path to service goal of the homenet architecture should be a path to service
discovery protocol interoperability either through a standards based discovery protocol interoperability either through a standards based
translation scheme, hooks into current protocols to allow some for of translation scheme, hooks into current protocols to allow some for of
communication among discovery protocols, extensions to support a communication among discovery protocols, extensions to support a
central service repository in the homenet, or simply convergence central service repository in the homenet, or simply convergence
towards a unified protocol suite. towards a unified protocol suite.
3.7.2. Assigning names to devices 3.7.2. Assigning names to devices
Given the large number of devices that may be networked in the Given the large number of devices that may be networked in the
future, devices should have a means to generate their own unique future, devices should have a means to generate their own unique
names within a homenet, and to detect clashes should they arise, e.g. names within a homenet, and to detect clashes should they arise, e.g.
where a second device of the same type/vendor as an existing device where a second device of the same type/vendor as an existing device
with the same default name is deployed, or where two running network with the same default name is deployed, or where two running network
elements with such devices are suddenly joined. For example, mDNS elements with such devices are suddenly joined. It is expected that
[I-D.cheshire-dnsext-multicastdns] section 8 describes such a a device should have a fixed name while within the scope of the
mechanism for a single subnetwork and the '.local' zone. Before homenet.
assigning a name to the device and the .local naming space, the
device checks whether the name already belongs to another device by
sending a multicast DNS query.
Users will also want simple ways to (re)name devices, again most Users will also want simple ways to (re)name devices, again most
likely through an appropriate and intuitive interface that is beyond likely through an appropriate and intuitive interface that is beyond
the scope of this document. Note the name a user assigns to a device the scope of this document. Note the name a user assigns to a device
may be a label that is stored on the device as an attribute of the may be a label that is stored on the device as an attribute of the
device, and may be distinct from the name used in a name service, device, and may be distinct from the name used in a name service,
e.g. 'Study Laser Printer' as opposed to printer2.<somedomain>. e.g. 'Study Laser Printer' as opposed to printer2.<somedomain>.
3.7.3. Name spaces 3.7.3. Name spaces
It is desirable that only one name space is in use in the homenet, If access to homenet devices is required remotely from anywhere on
and that this name space is served authoritatively by a server in the the Internet, then at least one globally unique name space is
homenet, most likely resident on the CER. required, though the use of multiple name spaces should not be
precluded. The name space(s) should be served authoritatively by the
homenet, most likely by a server resident on the CER. Such name
spaces may be acquired by the user or provided/generated by their ISP
or an alternative cloud-based service. It is likely that the default
case is that a homenet will use a global domain provided by the ISP,
but advanced users wishing to use a name space that is independent of
their provider in the longer term should be able to acquire and use
their own domain name. For users wanting to use their own
independent domain names, such services are already available.
If a user wishes to access their home devices remotely from elsewhere Devices may also be assigned different names in different name
on the Internet a globally unique name space is required. This may spaces, e.g. by third parties who may manage systems or devices in
be acquired by the user or provided/generated by their ISP. It is the homenet on behalf of the resident(s). Remote management of the
expected that the default case is that a homenet will use a global homenet is out of scope of this document.
domain provided by the ISP, but advanced users wishing to use a name
space that is independent of their provider in the longer term should
be able to acquire and use their own domain name. Examples of
provider name space delegation approaches are described in
[I-D.mglt-homenet-naming-delegation] and
[I-D.mglt-homenet-front-end-naming-delegation]. For users wanting to
use their own independent domain names, such services are already
available.
If however a global name space is not available, the homenet will If however a global name space is not available, the homenet will
need to pick and use a local name space which would only have meaning need to pick and use a local name space which would only have meaning
within the local homenet (i.e. it would not be used for remote access within the local homenet (i.e. it would not be used for remote access
to the homenet). The .local name space currently has a special to the homenet). The .local name space currently has a special
meaning for certain existing protocols which have link-local scope, meaning for certain existing protocols which have link-local scope,
and is thus not appropriate for multi-subnet home networks. A and is thus not appropriate for multi-subnet home networks. A
different name space is thus required for the homenet. different name space is thus required for the homenet.
One approach for picking a local name space is to use an Ambiguous One approach for picking a local name space is to use an Ambiguous
Local Qualified Domain Name (ALQDN) space, such as .sitelocal (or an Local Qualified Domain Name (ALQDN) space, such as .sitelocal (or an
appropriate name reserved for the purpose). While this is a simple appropriate name reserved for the purpose). While this is a simple
approach, there is the potential in principle for devices that are approach, there is the potential in principle for devices that are
bookmarked somehow by an application in one homenet to be confused bookmarked somehow by an application in one homenet to be confused
with a device with the same name in another homenet. with a device with the same name in another homenet. In practice
however the underlying service discovery protocols should be capable
of handling moving to a network where a new device is using the same
name as a device used previously in another homenet.
An alternative approach for a local name space would be to use a An alternative approach for a local name space would be to use a
Unique Locally Qualified Domain Name (ULQDN) space such as Unique Locally Qualified Domain Name (ULQDN) space such as
.<UniqueString>.sitelocal. The <UniqueString> could be generated in .<UniqueString>.sitelocal. The <UniqueString> could be generated in
a variety of ways, one potentially being based on the local /48 ULA a variety of ways, one potentially being based on the local /48 ULA
prefix being used across the homenet. Such a <UniqueString> should prefix being used across the homenet. Such a <UniqueString> should
survive a cold restart, i.e. be consistent after a network power- survive a cold restart, i.e. be consistent after a network power-
down, or, if a value is not set on startup, the CER or device running down, or, if a value is not set on startup, the CER or device running
the name service should generate a default value. It could be the name service should generate a default value. It would be
desirable for the homenet user to be able to override the desirable for the homenet user to be able to override the
<UniqueString> with a value of their choice, but that would increase <UniqueString> with a value of their choice, but that would increase
the likelihood of a name conflict. the likelihood of a name conflict.
Whichever approach is used, the intent of using a ULQDN is to In the (likely) event that the homenet is accessible from outside the
disambiguate the name space across different homenets, not to create homenet (using the global name space), it is vital that the homenet
a new IANA name space for such networks. However, in practice an name space follow the rules and conventions of the global name space.
ALQDN may typically suffice, because the underlying service discovery In this mode of operation, names in the homenet (including those
protocols should be capable of handling moving to a network where a automatically generated by devices) must be usable as labels in the
new device is using the same name as a device used previously in global name space. [RFC5890] describes considerations for
another homenet. And regardless, if remote access to a homenet is Internationalizing Domain Names in Applications (IDNA).
required, a global domain is required, which implictly disambiguates
devices.
With the introduction of new "dotless" top level domains, there is Also, with the introduction of new 'dotless' top level domains, there
also potential for ambiguity between, for example, a local host is also potential for ambiguity between, for example, a local host
called 'computer' and (if it is registered) a .computer gTLD. Thus called 'computer' and (if it is registered) a .computer gTLD. Thus
qualified names should always be used, whether these are exposed to qualified names should always be used, whether these are exposed to
the user or not. the user or not.
There may be use cases where segmentation of the name space is There may be use cases where either different name spaces may be
desirable, e.g. for use in different realms within the homenet. Thus desired for different realms in the homenet, or for segmentation of a
hierarchical name space management is likely to be required. single name space within the homenet. Thus hierarchical name space
management is likely to be required. There should also be nothing to
prevent individual device(s) being independently registered in
external name spaces.
Where a user may be in a remote network wishing to access devices in Where a user is in a remote network wishing to access devices in
their home network, there may be a requirement to consider the domain their home network, there may be a requirement to consider the domain
search order presented where two accompanying name spaces exist. In search order presented where multiple associated name spaces exist.
such cases, a GUI may present the user a choice of domains to use, This also implies that a domain discovery function is desirable.
where the name of their devices is thus relative to that domain.
This implies that a domain discovery function is desirable.
It may be the case that not all devices in the homenet are made It may be the case that not all devices in the homenet are made
available by name via an Internet name space, and that a 'split view' available by name via an Internet name space, and that a 'split view'
is preferred for certain devices. is preferred for certain devices.
This document makes no assumption about the presence or omission of a This document makes no assumption about the presence or omission of a
reverse lookup service. There is an argument that it may be useful reverse lookup service. There is an argument that it may be useful
for presenting logging information to users with meaningful device for presenting logging information to users with meaningful device
names rather than literal addresses. names rather than literal addresses.
skipping to change at page 33, line 43 skipping to change at page 34, line 40
discovery may use multicast messages or a service where applications discovery may use multicast messages or a service where applications
register in order to be found. register in order to be found.
It is highly desirable that the homenet name service must at the very It is highly desirable that the homenet name service must at the very
least co-exist with the Internet name service. There should also be least co-exist with the Internet name service. There should also be
a bias towards proven, existing solutions. The strong implication is a bias towards proven, existing solutions. The strong implication is
thus that the homenet service is DNS-based, or DNS-compatible. There thus that the homenet service is DNS-based, or DNS-compatible. There
are naming protocols that are designed to be configured and operate are naming protocols that are designed to be configured and operate
Internet-wide, like unicast-based DNS, but also protocols that are Internet-wide, like unicast-based DNS, but also protocols that are
designed for zero-configuration local environments, like mDNS designed for zero-configuration local environments, like mDNS
[I-D.cheshire-dnsext-multicastdns]. Note that when DNS is used as [RFC6762].
the homenet name service, it includes both a resolving service and an
authoritative service. The authoritative service hosts the homenet
related zone, that may be requested by the resolving service.
As described in [I-D.mglt-homenet-naming-delegation], one approach is
to run an authoritative name service in the homenet as well as a
resolving name service, most likely on the CER. The homenet
resolving name service relies both on the homenet authoritative
service as well as on a secondary resolving name service provided by
the ISP, for global Internet naming resolution.
For a service such as mDNS to coexist with an Internet name service,
where the homenet is preferably using a global domain name, it is
desirable that the zeroconf devices have a way to add their names to
the global name space in use. One solution could be for zeroconf
protocols to be used to indicate global FQDNs, e.g. an mDNS service
could return a FQDN in a SRV record.
Regardless, a method for local name service entries to be populated When DNS is used as the homenet name service, it includes both a
automatically by devices is desirable. Interfaces to devices might resolving service and an authoritative service. The authoritative
choose to give users the option as to whether the device should service hosts the homenet related zone. One approach when
register itself in the global name space. There should also be a provisioning such a name service, which is designed to facilitate
defined mechanism for device entries to be removed or expired from name resolution from the global Internet, is to run an authoritative
the global name space. name service on the CER and a secondary resolving name service
provided by the ISP or perhaps a cloud-based third party.
It has been suggested that Dynamic DNS could be made to operate in a Where zeroconf name services are used, it is desirable that these can
zero-configuration mode using a locally significant root domain and also coexist with the Internet name service. In particular, where
with minimal configuration or, using a DHCPv6 based means of the homenet is using a global name space, it is desirable that
automated delegation, populate a global DNS zone. devices have the ability, where desired, to add entries to that name
space. There should also be a mechanism for such entries to be
removed or expired from the global name space.
To protect against attacks such as cache poisoning, it is desirable To protect against attacks such as cache poisoning, it is desirable
to support appropriate name service security methods, including to support appropriate name service security methods, including
DNSSEC. DNSSEC.
The CER is an appropriate location to host the naming service.
However, it introduces an additional load due to the name service
management, e.g. signing the zone, or resolving naming queries. This
additional load must be balanced with the CER capabilities, else the
function(s) may need to be offloaded elsewhere, e.g. with the ISP,
though this may impact on the independent operation principle.
Finally, the impact of a change in CER must be considered. It would Finally, the impact of a change in CER must be considered. It would
be desirable to retain any relevant state (configuration) that was be desirable to retain any relevant state (configuration) that was
held in the old CER. This might imply that state information should held in the old CER. This might imply that state information should
be distributed in the homenet, to be recoverable by/to the new CER, be distributed in the homenet, to be recoverable by/to the new CER,
or to the homenet's ISP or a third party service by some means. or to the homenet's ISP or a third party cloud-based service by some
means.
3.7.5. Independent operation 3.7.5. Independent operation
Name resolution and service discovery for reachable devices must Name resolution and service discovery for reachable devices must
continue to function if the local network is disconnected from the continue to function if the local network is disconnected from the
global Internet, e.g. a local media server should still be available global Internet, e.g. a local media server should still be available
even if the Internet link is down for an extended period. This even if the Internet link is down for an extended period. This
implies the local network should also be able to perform a complete implies the local network should also be able to perform a complete
restart in the absence of external connectivity, and have local restart in the absence of external connectivity, and have local
naming and service discovery operate correctly. naming and service discovery operate correctly.
skipping to change at page 35, line 18 skipping to change at page 35, line 42
Having an independent local trust anchor is desirable, to support Having an independent local trust anchor is desirable, to support
secure exchanges should external connectivity be unavailable. secure exchanges should external connectivity be unavailable.
A change in ISP should not affect local naming and service discovery. A change in ISP should not affect local naming and service discovery.
However, if the homenet uses a global name space provided by the ISP, However, if the homenet uses a global name space provided by the ISP,
then this will obviously have an impact if the user changes their then this will obviously have an impact if the user changes their
network provider. network provider.
3.7.6. Considerations for LLNs 3.7.6. Considerations for LLNs
In some parts of the homenet, in particular LLNs, devices may be In some parts of the homenet, in particular LLNs or any devices where
sleeping, in which case a proxy for such nodes may be required, that battery power is used, devices may be sleeping, in which case a proxy
could respond (for example) to multicast service discovery requests. for such nodes may be required, that could respond (for example) to
Those same parts of the network may have less capacity for multicast multicast service discovery requests. Those same devices or parts of
traffic that may be flooded from other parts of the network. In the network may have less capacity for multicast traffic that may be
general, message utilisation should be efficient considering the flooded from other parts of the network. In general, message
network technologies the service may need to operate over. utilisation should be efficient considering the network technologies
and constrained devices that the service may need to operate over.
There are efforts underway to determine naming and discovery There are efforts underway to determine naming and discovery
solutions for use by the Constrained Application Protocol (CoAP) in solutions for use by the Constrained Application Protocol (CoAP) in
LLN networks. These are outside the scope of this document. LLN networks. These are outside the scope of this document.
3.7.7. DNS resolver discovery 3.7.7. DNS resolver discovery
Automatic discovery of a name service to allow client devices in the Automatic discovery of a name service to allow client devices in the
homenet to resolve external domains on the Internet is required, and homenet to resolve external domains on the Internet is required, and
such discovery must support clients that may be a number of router such discovery must support clients that may be a number of router
hops away from the name service. Similarly the search domains for hops away from the name service. Similarly the search domains for
local FQDN-derived zones should be included. local FQDN-derived zones should be included.
3.7.8. Devices roaming from the homenet
It is likely that some devices which have registered names within the
homenet Internet name space and that are mobile will attach to the
Internet at other locations and acquire an IP address at those
locations. In such cases it may be desirable that devices may be
accessed by the same name as is used in the home network.
Solutions to this problem are not discussed in this document. They
may include use of Mobile IPv6, or Dynamic DNS, either of which would
put additional requirements on to the homenet.
3.8. Other Considerations 3.8. Other Considerations
This section discusses two other considerations for home networking This section discusses two other considerations for home networking
that the architecture should not preclude, but that this text is that the architecture should not preclude, but that this text is
neutral towards. neutral towards.
3.8.1. Quality of Service 3.8.1. Quality of Service
Support for QoS in a multi-service homenet may be a requirement, e.g. Support for QoS in a multi-service homenet may be a requirement, e.g.
for a critical system (perhaps healthcare related), or for for a critical system (perhaps healthcare related), or for
skipping to change at page 36, line 40 skipping to change at page 37, line 30
management is done is out of scope of this document; many solutions management is done is out of scope of this document; many solutions
exist. exist.
3.9. Implementing the Architecture on IPv6 3.9. Implementing the Architecture on IPv6
This architecture text encourages re-use of existing protocols. Thus This architecture text encourages re-use of existing protocols. Thus
the necessary mechanisms are largely already part of the IPv6 the necessary mechanisms are largely already part of the IPv6
protocol set and common implementations, though there are some protocol set and common implementations, though there are some
exceptions. exceptions.
For automatic routing, it is expected that existing routing protocols For automatic routing, it is expected that solutions can be found
can be used as is. However, a new mechanism may be needed in order based on existing protocols. Some relatively smaller updates are
to turn a selected protocol on by default. likely to be required, e.g. a new mechanism may be needed in order to
turn a selected protocol on by default, a mechanism may be required
to automatically assign prefixes to links within the homenet.
Some functionality, if required by the architecture, would add Some functionality, if required by the architecture, may need more
significant changes or require development of new protocols, e.g. significant changes or require development of new protocols, e.g.
support for multihoming with multiple exit routers would likely support for multihoming with multiple exit routers would likely
require extensions to support source and destination address based require extensions to support source and destination address based
routing within the homenet. routing within the homenet.
Some protocol changes are however required in the architecture, e.g. Some protocol changes are however required in the architecture, e.g.
for name resolution and service discovery, extensions to existing for name resolution and service discovery, extensions to existing
multicast-based name resolution protocols are needed to enable them zeroconf link-local name resolution protocols are needed to enable
to work across subnets, within the scope of the home network site. them to work across subnets, within the scope of the home network
site.
Some of the hardest problems in developing solutions for home Some of the hardest problems in developing solutions for home
networking IPv6 architectures include discovering the right borders networking IPv6 architectures include discovering the right borders
where the 'home' domain ends and the service provider domain begins, where the 'home' domain ends and the service provider domain begins,
deciding whether some of the necessary discovery mechanism extensions deciding whether some of the necessary discovery mechanism extensions
should affect only the network infrastructure or also hosts, and the should affect only the network infrastructure or also hosts, and the
ability to turn on routing, prefix delegation and other functions in ability to turn on routing, prefix delegation and other functions in
a backwards compatible manner. a backwards compatible manner.
4. Conclusions 4. Conclusions
skipping to change at page 38, line 5 skipping to change at page 38, line 43
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, October 2005. Addresses", RFC 4193, October 2005.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, February 2006.
[RFC4864] Van de Velde, G., Hain, T., Droms, R., Carpenter, B., and [RFC4864] Van de Velde, G., Hain, T., Droms, R., Carpenter, B., and
E. Klein, "Local Network Protection for IPv6", RFC 4864, E. Klein, "Local Network Protection for IPv6", RFC 4864,
May 2007. May 2007.
[RFC5890] Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework",
RFC 5890, August 2010.
5.2. Informative References 5.2. Informative References
[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and
E. Lear, "Address Allocation for Private Internets", E. Lear, "Address Allocation for Private Internets",
BCP 5, RFC 1918, February 1996. BCP 5, RFC 1918, February 1996.
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
and W. Weiss, "An Architecture for Differentiated and W. Weiss, "An Architecture for Differentiated
Services", RFC 2475, December 1998. Services", RFC 2475, December 1998.
skipping to change at page 38, line 30 skipping to change at page 39, line 30
Address Spoofing", BCP 38, RFC 2827, May 2000. Address Spoofing", BCP 38, RFC 2827, May 2000.
[RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network
Address Translator (Traditional NAT)", RFC 3022, Address Translator (Traditional NAT)", RFC 3022,
January 2001. January 2001.
[RFC3646] Droms, R., "DNS Configuration options for Dynamic Host [RFC3646] Droms, R., "DNS Configuration options for Dynamic Host
Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, Configuration Protocol for IPv6 (DHCPv6)", RFC 3646,
December 2003. December 2003.
[RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and
More-Specific Routes", RFC 4191, November 2005.
[RFC4192] Baker, F., Lear, E., and R. Droms, "Procedures for [RFC4192] Baker, F., Lear, E., and R. Droms, "Procedures for
Renumbering an IPv6 Network without a Flag Day", RFC 4192, Renumbering an IPv6 Network without a Flag Day", RFC 4192,
September 2005. September 2005.
[RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy
Extensions for Stateless Address Autoconfiguration in Extensions for Stateless Address Autoconfiguration in
IPv6", RFC 4941, September 2007. IPv6", RFC 4941, September 2007.
[RFC5533] Nordmark, E. and M. Bagnulo, "Shim6: Level 3 Multihoming [RFC5533] Nordmark, E. and M. Bagnulo, "Shim6: Level 3 Multihoming
Shim Protocol for IPv6", RFC 5533, June 2009. Shim Protocol for IPv6", RFC 5533, June 2009.
skipping to change at page 39, line 32 skipping to change at page 40, line 36
Stack Lite Broadband Deployments Following IPv4 Stack Lite Broadband Deployments Following IPv4
Exhaustion", RFC 6333, August 2011. Exhaustion", RFC 6333, August 2011.
[RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with
Dual-Stack Hosts", RFC 6555, April 2012. Dual-Stack Hosts", RFC 6555, April 2012.
[RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown,
"Default Address Selection for Internet Protocol Version 6 "Default Address Selection for Internet Protocol Version 6
(IPv6)", RFC 6724, September 2012. (IPv6)", RFC 6724, September 2012.
[I-D.mglt-homenet-front-end-naming-delegation] [RFC6762] Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762,
Migault, D., Cloetens, W., Lemordant, P., and C. February 2013.
Griffiths, "IPv6 Home Network Front End Naming
Delegation",
draft-mglt-homenet-front-end-naming-delegation-01 (work in
progress), November 2012.
[I-D.mglt-homenet-naming-delegation] [RFC6824] Ford, A., Raiciu, C., Handley, M., and O. Bonaventure,
Cloetens, W., Lemordant, P., and D. Migault, "IPv6 Home "TCP Extensions for Multipath Operation with Multiple
Network Naming Delegation Architecture", Addresses", RFC 6824, January 2013.
draft-mglt-homenet-naming-delegation-00 (work in
progress), July 2012.
[I-D.lynn-homenet-site-mdns] [I-D.lynn-homenet-site-mdns]
Lynn, K. and D. Sturek, "Extended Multicast DNS", Lynn, K. and D. Sturek, "Extended Multicast DNS",
draft-lynn-homenet-site-mdns-01 (work in progress), draft-lynn-homenet-site-mdns-01 (work in progress),
September 2012. September 2012.
[I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat] [I-D.ietf-v6ops-ipv6-multihoming-without-ipv6nat]
Matsushima, S., Okimoto, T., Troan, O., Miles, D., and D. Troan, O., Miles, D., Matsushima, S., Okimoto, T., and D.
Wing, "IPv6 Multihoming without Network Address Wing, "IPv6 Multihoming without Network Address
Translation", Translation",
draft-ietf-v6ops-ipv6-multihoming-without-ipv6nat-04 (work draft-ietf-v6ops-ipv6-multihoming-without-ipv6nat-05 (work
in progress), February 2012. in progress), March 2013.
[I-D.baker-homenet-prefix-assignment] [I-D.baker-homenet-prefix-assignment]
Baker, F. and R. Droms, "IPv6 Prefix Assignment in Small Baker, F. and R. Droms, "IPv6 Prefix Assignment in Small
Networks", draft-baker-homenet-prefix-assignment-01 (work Networks", draft-baker-homenet-prefix-assignment-01 (work
in progress), March 2012. in progress), March 2012.
[I-D.arkko-homenet-prefix-assignment] [I-D.arkko-homenet-prefix-assignment]
Arkko, J., Lindem, A., and B. Paterson, "Prefix Assignment Arkko, J., Lindem, A., and B. Paterson, "Prefix Assignment
in a Home Network", in a Home Network",
draft-arkko-homenet-prefix-assignment-03 (work in draft-arkko-homenet-prefix-assignment-03 (work in
progress), October 2012. progress), October 2012.
[I-D.acee-ospf-ospfv3-autoconfig] [I-D.ietf-ospf-ospfv3-autoconfig]
Lindem, A. and J. Arkko, "OSPFv3 Auto-Configuration", Lindem, A. and J. Arkko, "OSPFv3 Auto-Configuration",
draft-acee-ospf-ospfv3-autoconfig-03 (work in progress), draft-ietf-ospf-ospfv3-autoconfig-02 (work in progress),
July 2012. April 2013.
[I-D.cheshire-dnsext-multicastdns]
Cheshire, S. and M. Krochmal, "Multicast DNS",
draft-cheshire-dnsext-multicastdns-15 (work in progress),
December 2011.
[I-D.ietf-pcp-base] [I-D.ietf-pcp-base]
Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P. Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P.
Selkirk, "Port Control Protocol (PCP)", Selkirk, "Port Control Protocol (PCP)",
draft-ietf-pcp-base-29 (work in progress), November 2012. draft-ietf-pcp-base-29 (work in progress), November 2012.
[I-D.grundemann-homenet-hipnet]
Grundemann, C., Donley, C., Brzozowski, J., Howard, L.,
and V. Kuarsingh, "A Near Term Solution for Home IP
Networking (HIPnet)", draft-grundemann-homenet-hipnet-01
(work in progress), February 2013.
[I-D.kline-default-perimeter] [I-D.kline-default-perimeter]
Kline, E., "Default Border Definition", Kline, E., "Default Border Definition",
draft-kline-default-perimeter-01 (work in progress), draft-kline-default-perimeter-01 (work in progress),
November 2012. November 2012.
[I-D.ietf-v6ops-6204bis] [I-D.ietf-v6ops-6204bis]
Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic
Requirements for IPv6 Customer Edge Routers", Requirements for IPv6 Customer Edge Routers",
draft-ietf-v6ops-6204bis-12 (work in progress), draft-ietf-v6ops-6204bis-12 (work in progress),
October 2012. October 2012.
[I-D.behringer-homenet-trust-bootstrap]
Behringer, M., Pritikin, M., and S. Bjarnason,
"Bootstrapping Trust on a Homenet",
draft-behringer-homenet-trust-bootstrap-00 (work in
progress), October 2012.
[Gettys11] [Gettys11]
Gettys, J., "Bufferbloat: Dark Buffers in the Internet", Gettys, J., "Bufferbloat: Dark Buffers in the Internet",
March 2011, March 2011,
<http://www.ietf.org/proceedings/80/slides/tsvarea-1.pdf>. <http://www.ietf.org/proceedings/80/slides/tsvarea-1.pdf>.
[IGD-2] UPnP Gateway Committee, "Internet Gateway Device (IGD) V [IGD-2] UPnP Gateway Committee, "Internet Gateway Device (IGD) V
2.0", September 2010, <http://upnp.org/specs/gw/ 2.0", September 2010, <http://upnp.org/specs/gw/
UPnP-gw-WANIPConnection-v2-Service.pdf>. UPnP-gw-WANIPConnection-v2-Service.pdf>.
Appendix A. Acknowledgments Appendix A. Acknowledgments
The authors would like to thank Aamer Akhter, Mark Andrews, Dmitry The authors would like to thank Aamer Akhter, Mark Andrews, Dmitry
Anipko, Ran Atkinson, Fred Baker, Ray Bellis, Cameron Byrne, Brian Anipko, Ran Atkinson, Fred Baker, Ray Bellis, Teco Boot, John
Carpenter, Stuart Cheshire, Lorenzo Colitti, Robert Cragie, Ralph Brzozowski, Cameron Byrne, Brian Carpenter, Stuart Cheshire, Lorenzo
Droms, Lars Eggert, Jim Gettys, Olafur Gudmundsson, Wassim Haddad, Colitti, Robert Cragie, Ralph Droms, Lars Eggert, Jim Gettys, Olafur
Joel M. Halpern, David Harrington, Lee Howard, Ray Hunter, Joel Gudmundsson, Wassim Haddad, Joel M. Halpern, David Harrington, Lee
Jaeggli, Heather Kirksey, Ted Lemon, Acee Lindem, Kerry Lynn, Daniel Howard, Ray Hunter, Joel Jaeggli, Heather Kirksey, Ted Lemon, Acee
Migault, Erik Nordmark, Michael Richardson, Mattia Rossi, Barbara Lindem, Kerry Lynn, Daniel Migault, Erik Nordmark, Michael
Stark, Sander Steffann, Don Sturek, Dave Taht, Dave Thaler, Michael Richardson, Mattia Rossi, Barbara Stark, Markus Stenberg, Sander
Thomas, Mark Townsley, JP Vasseur, Curtis Villamizar, Dan Wing, Russ Steffann, Don Sturek, Andrew Sullivan, Dave Taht, Dave Thaler,
White, and James Woodyatt for their comments and contributions within Michael Thomas, Mark Townsley, JP Vasseur, Curtis Villamizar, Dan
homenet WG meetings and on the WG mailing list. An acknowledgement Wing, Russ White, and James Woodyatt for their comments and
generally means that person's text made it in to the document, or was contributions within homenet WG meetings and on the WG mailing list.
helpful in clarifying or reinforcing an aspect of the document. An acknowledgement generally means that person's text made it in to
the document, or was helpful in clarifying or reinforcing an aspect
of the document.
Appendix B. Changes Appendix B. Changes
This section will be removed in the final version of the text. This section will be removed in the final version of the text.
B.1. Version 07 B.1. Version 08
Changes made include:
o Various clarifications made in response to list comments
o Added note on ULAs with IPv4, where no GUAs in use
o Added note on naming and internationalisation (IDNA)
o Added note on trust relationships when adding devices
o Added note for MPTCP
o Added various naming and SD notes
o Added various notes on delegated ISP prefixes
B.2. Version 07
Changes made include: Changes made include:
o Removed reference to NPTv6 in section 3.2.4. Instead now say it o Removed reference to NPTv6 in section 3.2.4. Instead now say it
has an architectural cost to use in the earlier section, and thus has an architectural cost to use in the earlier section, and thus
it is not recommended for use in the homenet architecture. it is not recommended for use in the homenet architecture.
o Removed 'proxy or extend?' section. Included shorter text in main o Removed 'proxy or extend?' section. Included shorter text in main
body, without mandating either approach for service discovery. body, without mandating either approach for service discovery.
skipping to change at page 42, line 17 skipping to change at page 43, line 43
o Reordered section 3.3 to improve flow. o Reordered section 3.3 to improve flow.
o Added recommendation that homenet is not allocated less than /60, o Added recommendation that homenet is not allocated less than /60,
and a /56 is preferable. and a /56 is preferable.
o Tidied up first few intro sections. o Tidied up first few intro sections.
o Other minor edits from list feedback. o Other minor edits from list feedback.
B.2. Version 06 B.3. Version 06
Changes made include: Changes made include:
o Stated that unmanaged goal is 'as far as possible'. o Stated that unmanaged goal is 'as far as possible'.
o Added note about multiple /48 ULAs potentially being in use. o Added note about multiple /48 ULAs potentially being in use.
o Minor edits from list feedback. o Minor edits from list feedback.
B.3. Version 05 B.4. Version 05
Changes made include: Changes made include:
o Some significant changes to naming and SD section. o Some significant changes to naming and SD section.
o Removed some expired drafts. o Removed some expired drafts.
o Added notes about issues caused by ISP only delegating a /64. o Added notes about issues caused by ISP only delegating a /64.
o Recommended against using prefixes longer than /64. o Recommended against using prefixes longer than /64.
o Suggested CER asks for /48 by DHCP-PD, even if it only receives o Suggested CER asks for /48 by DHCP-PD, even if it only receives
less. less.
o Added note about DS-Lite but emphasised transition is out of o Added note about DS-Lite but emphasised transition is out of
scope. scope.
o Added text about multicast routing. o Added text about multicast routing.
B.4. Version 04 B.5. Version 04
Changes made include: Changes made include:
o Moved border section from IPv6 differences to principles section. o Moved border section from IPv6 differences to principles section.
o Restructured principles into areas. o Restructured principles into areas.
o Added summary of naming and service discovery discussion from WG o Added summary of naming and service discovery discussion from WG
list. list.
B.5. Version 03 B.6. Version 03
Changes made include: Changes made include:
o Various improvements to the readability. o Various improvements to the readability.
o Removed bullet lists of requirements, as requested by chair. o Removed bullet lists of requirements, as requested by chair.
o Noted 6204bis has replaced advanced-cpe draft. o Noted 6204bis has replaced advanced-cpe draft.
o Clarified the topology examples are just that. o Clarified the topology examples are just that.
skipping to change at page 44, line 26 skipping to change at page 46, line 5
the homenet. the homenet.
o Added some ISPs renumber due to privacy laws. o Added some ISPs renumber due to privacy laws.
o Removed extra repeated references to Simple Security. o Removed extra repeated references to Simple Security.
o Removed some solution creep on RIOs/RAs. o Removed some solution creep on RIOs/RAs.
o Load-balancing scenario added as to be supported. o Load-balancing scenario added as to be supported.
B.6. Version 02 B.7. Version 02
Changes made include: Changes made include:
o Made the IPv6 implications section briefer. o Made the IPv6 implications section briefer.
o Changed Network Models section to describe properties of the o Changed Network Models section to describe properties of the
homenet with illustrative examples, rather than implying the homenet with illustrative examples, rather than implying the
number of models was fixed to the six shown in 01. number of models was fixed to the six shown in 01.
o Text to state multihoming support focused on single CER model. o Text to state multihoming support focused on single CER model.
 End of changes. 137 change blocks. 
534 lines changed or deleted 640 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/