draft-ietf-homenet-hybrid-proxy-zeroconf-01.txt   draft-ietf-homenet-hybrid-proxy-zeroconf-02.txt 
Homenet Working Group M. Stenberg Homenet Working Group M. Stenberg
Internet-Draft Independent Internet-Draft Independent
Intended status: Standards Track September 2, 2015 Intended status: Standards Track October 15, 2015
Expires: March 5, 2016 Expires: April 17, 2016
Auto-Configuration of a Network of Hybrid Unicast/Multicast DNS-Based Auto-Configuration of a Network of Hybrid Unicast/Multicast DNS-Based
Service Discovery Proxy Nodes Service Discovery Proxy Nodes
draft-ietf-homenet-hybrid-proxy-zeroconf-01 draft-ietf-homenet-hybrid-proxy-zeroconf-02
Abstract Abstract
This document describes how a proxy functioning between Unicast DNS- This document describes how a proxy functioning between Unicast DNS-
Based Service Discovery and Multicast DNS can be automatically Based Service Discovery and Multicast DNS can be automatically
configured using an arbitrary network-level state sharing mechanism. configured using an arbitrary network-level state sharing mechanism.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 33 skipping to change at page 1, line 33
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 5, 2016. This Internet-Draft will expire on April 17, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 24 skipping to change at page 2, line 24
3.3.2. Node name (scheme 2) . . . . . . . . . . . . . . . . 5 3.3.2. Node name (scheme 2) . . . . . . . . . . . . . . . . 5
3.3.3. Link name (scheme 2) . . . . . . . . . . . . . . . . 5 3.3.3. Link name (scheme 2) . . . . . . . . . . . . . . . . 5
4. TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.1. DNS Delegated Zone TLV . . . . . . . . . . . . . . . . . 6 4.1. DNS Delegated Zone TLV . . . . . . . . . . . . . . . . . 6
4.2. Domain Name TLV . . . . . . . . . . . . . . . . . . . . . 7 4.2. Domain Name TLV . . . . . . . . . . . . . . . . . . . . . 7
4.3. Node Name TLV . . . . . . . . . . . . . . . . . . . . . . 7 4.3. Node Name TLV . . . . . . . . . . . . . . . . . . . . . . 7
5. Desirable behavior . . . . . . . . . . . . . . . . . . . . . 7 5. Desirable behavior . . . . . . . . . . . . . . . . . . . . . 7
5.1. DNS search path in DHCP requests . . . . . . . . . . . . 8 5.1. DNS search path in DHCP requests . . . . . . . . . . . . 8
5.2. Hybrid proxy . . . . . . . . . . . . . . . . . . . . . . 8 5.2. Hybrid proxy . . . . . . . . . . . . . . . . . . . . . . 8
5.3. Hybrid proxy network zeroconf daemon . . . . . . . . . . 8 5.3. Hybrid proxy network zeroconf daemon . . . . . . . . . . 8
6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Limited zone stitching for host name resolution . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 7. Security Considerations . . . . . . . . . . . . . . . . . . . 9
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
8.1. Normative references . . . . . . . . . . . . . . . . . . 9 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
8.2. Informative references . . . . . . . . . . . . . . . . . 9 9.1. Normative references . . . . . . . . . . . . . . . . . . 9
9.2. Informative references . . . . . . . . . . . . . . . . . 10
Appendix A. Example configuration . . . . . . . . . . . . . . . 10 Appendix A. Example configuration . . . . . . . . . . . . . . . 10
A.1. Used topology . . . . . . . . . . . . . . . . . . . . . . 10 A.1. Used topology . . . . . . . . . . . . . . . . . . . . . . 10
A.2. Zero-configuration steps . . . . . . . . . . . . . . . . 10 A.2. Zero-configuration steps . . . . . . . . . . . . . . . . 11
A.3. TLV state . . . . . . . . . . . . . . . . . . . . . . . . 11 A.3. TLV state . . . . . . . . . . . . . . . . . . . . . . . . 11
A.4. DNS zone . . . . . . . . . . . . . . . . . . . . . . . . 12 A.4. DNS zone . . . . . . . . . . . . . . . . . . . . . . . . 12
A.5. Interaction with hosts . . . . . . . . . . . . . . . . . 13 A.5. Interaction with hosts . . . . . . . . . . . . . . . . . 13
Appendix B. Implementation . . . . . . . . . . . . . . . . . . . 13 Appendix B. Implementation . . . . . . . . . . . . . . . . . . . 13
Appendix C. Why not just proxy Multicast DNS? . . . . . . . . . 13 Appendix C. Why not just proxy Multicast DNS? . . . . . . . . . 13
C.1. General problems . . . . . . . . . . . . . . . . . . . . 14 C.1. General problems . . . . . . . . . . . . . . . . . . . . 14
C.2. Stateless proxying problems . . . . . . . . . . . . . . . 14 C.2. Stateless proxying problems . . . . . . . . . . . . . . . 14
C.3. Stateful proxying problems . . . . . . . . . . . . . . . 15 C.3. Stateful proxying problems . . . . . . . . . . . . . . . 15
Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 15 Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 15
Appendix E. Changelog [RFC Editor: please remove] . . . . . . . 15 Appendix E. Changelog [RFC Editor: please remove] . . . . . . . 15
skipping to change at page 8, line 42 skipping to change at page 8, line 42
precedence. precedence.
The daemon (or other entity with access to the TLVs) SHOULD generate The daemon (or other entity with access to the TLVs) SHOULD generate
zone information for DNS implementation that will be used to serve zone information for DNS implementation that will be used to serve
the (domain) zone to hosts. Domain Name TLV described in Section 4.2 the (domain) zone to hosts. Domain Name TLV described in Section 4.2
should be used as base for the zone, and then all DNS Delegated Zones should be used as base for the zone, and then all DNS Delegated Zones
described in Section 4.1 should be used to produce the rest of the described in Section 4.1 should be used to produce the rest of the
entries in zone (see Appendix A.4 for example interpretation of the entries in zone (see Appendix A.4 for example interpretation of the
TLVs in Appendix A.3. TLVs in Appendix A.3.
6. Security Considerations 6. Limited zone stitching for host name resolution
Section 4.1 of the hybrid proxy specification [I-D.ietf-dnssd-hybrid]
notes that the stitching of multiple .local zones into a single DNS-
SD zone is to be defined later. This specification does not even
attempt that, but for the purpose of host name resolution, it is
possible to use the set of DNS Delegated Zone TLVs with S-bit or
B-bit set to also provide host naming for the (domain). It is done
by simply rewriting A/AAAA queries for (name).(domain) to every
(name).(ddz-subdomain).(domain), and providing response to the host
when the first non-empty one is received, rewritten back to
(name).(domain).
While this scheme is not very scalable, as it multiplies the number
of queries by the number of links (given no response in cache), it
does work in small networks with relatively few sub-domains.
7. Security Considerations
There is a trade-off between security and zero-configuration in There is a trade-off between security and zero-configuration in
general; if used network state synchronization protocol is not general; if used network state synchronization protocol is not
authenticated (and in zero-configuration case, it most likely is authenticated (and in zero-configuration case, it most likely is
not), it is vulnerable to local spoofing attacks. We assume that not), it is vulnerable to local spoofing attacks. We assume that
this scheme is used either within (lower layer) secured networks, or this scheme is used either within (lower layer) secured networks, or
with not-quite-zero-configuration initial set-up. with not-quite-zero-configuration initial set-up.
If some sort of dynamic inclusion of links to be covered using border If some sort of dynamic inclusion of links to be covered using border
discovery or such is used, then effectively service discovery will discovery or such is used, then effectively service discovery will
share fate with border discovery (and also security issues if any). share fate with border discovery (and also security issues if any).
7. IANA Considerations 8. IANA Considerations
This document has no actions for IANA. This document has no actions for IANA.
8. References 9. References
8.1. Normative references 9.1. Normative references
[I-D.ietf-dnssd-hybrid] [I-D.ietf-dnssd-hybrid]
Cheshire, S., "Hybrid Unicast/Multicast DNS-Based Service Cheshire, S., "Hybrid Unicast/Multicast DNS-Based Service
Discovery", draft-ietf-dnssd-hybrid-00 (work in progress), Discovery", draft-ietf-dnssd-hybrid-00 (work in progress),
November 2014. November 2014.
[RFC1035] Mockapetris, P., "Domain names - implementation and [RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <http://www.rfc-editor.org/info/rfc1035>. November 1987, <http://www.rfc-editor.org/info/rfc1035>.
skipping to change at page 9, line 39 skipping to change at page 10, line 9
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC6762] Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762, [RFC6762] Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762,
DOI 10.17487/RFC6762, February 2013, DOI 10.17487/RFC6762, February 2013,
<http://www.rfc-editor.org/info/rfc6762>. <http://www.rfc-editor.org/info/rfc6762>.
[RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service [RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service
Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013, Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013,
<http://www.rfc-editor.org/info/rfc6763>. <http://www.rfc-editor.org/info/rfc6763>.
8.2. Informative references 9.2. Informative references
[I-D.ietf-homenet-hncp] [I-D.ietf-homenet-hncp]
Stenberg, M., Barth, S., and P. Pfister, "Home Networking Stenberg, M., Barth, S., and P. Pfister, "Home Networking
Control Protocol", draft-ietf-homenet-hncp-09 (work in Control Protocol", draft-ietf-homenet-hncp-09 (work in
progress), August 2015. progress), August 2015.
[RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic
Host Configuration Protocol (DHCP) version 6", RFC 3633, Host Configuration Protocol (DHCP) version 6", RFC 3633,
DOI 10.17487/RFC3633, December 2003, DOI 10.17487/RFC3633, December 2003,
<http://www.rfc-editor.org/info/rfc3633>. <http://www.rfc-editor.org/info/rfc3633>.
[RFC3646] Droms, R., Ed., "DNS Configuration options for Dynamic [RFC3646] Droms, R., Ed., "DNS Configuration options for Dynamic
Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646,
DOI 10.17487/RFC3646, December 2003, DOI 10.17487/RFC3646, December 2003,
<http://www.rfc-editor.org/info/rfc3646>. <http://www.rfc-editor.org/info/rfc3646>.
8.3. URIs 9.3. URIs
[1] https://github.com/sbyx/hnetd/ [1] https://github.com/sbyx/hnetd/
Appendix A. Example configuration Appendix A. Example configuration
A.1. Used topology A.1. Used topology
Let's assume home network that looks like this: Let's assume home network that looks like this:
|[0] |[0]
skipping to change at page 15, line 44 skipping to change at page 15, line 44
Thanks to Stuart Cheshire for the original hybrid proxy draft and Thanks to Stuart Cheshire for the original hybrid proxy draft and
interesting discussion in Orlando, where I was finally convinced that interesting discussion in Orlando, where I was finally convinced that
stateful Multicast DNS proxying is a bad idea. stateful Multicast DNS proxying is a bad idea.
Also thanks to Mark Baugher, Ole Troan, Shwetha Bhandari and Gert Also thanks to Mark Baugher, Ole Troan, Shwetha Bhandari and Gert
Doering for review comments. Doering for review comments.
Appendix E. Changelog [RFC Editor: please remove] Appendix E. Changelog [RFC Editor: please remove]
draft-ietf-homenet-hybrid-proxy-zeroconf-02:
o Added subsection on simple zone stitching for host naming
purposes.
draft-ietf-homenet-hybrid-proxy-zeroconf-01: draft-ietf-homenet-hybrid-proxy-zeroconf-01:
o Refreshed the draft while waiting on progress of draft-ietf-dnssd- o Refreshed the draft while waiting on progress of draft-ietf-dnssd-
hybrid. hybrid.
Author's Address Author's Address
Markus Stenberg Markus Stenberg
Independent Independent
Helsinki 00930 Helsinki 00930
 End of changes. 12 change blocks. 
16 lines changed or deleted 39 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/