Network Working Group                                        S. Miyakawa
Internet-Draft                            NTT Communications Corporation
Expires: Aug 25, December 28, 2003                                      R. Droms
                                                                   Cisco Systems
                                                                Feb
                                                           June 29, 2003

                Requirements for IPv6 prefix delegation
          draft-ietf-ipv6-prefix-delegation-requirement-01.txt
          draft-ietf-ipv6-prefix-delegation-requirement-02.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on Aug 25, December 28, 2003.

Copyright Notice

   Copyright (C) The Internet Society (2003).  All Rights Reserved.

Abstract

   This document describes requirements for how IPv6 address prefixes
   should be delegated to an IPv6 subscriber's network (or "site").

1. Introduction

   With the deployment of IPv6 [2], [1], several Internet Service Providers
   are ready to offer IPv6 access to the public.  In conjunction with
   widely deployed "always on" media such as ADSL, ADSL and the expectation
   that
   customers cusomters will be assigned a /48 IPv6 unicast address prefix, prefix
   (see RFC3513 [2] and section 3 of RFC3177 [3]), an efficient
   mechanism for delegating address prefixes to the customers sites is
   needed.  The delegation mechanism will be intended to automate the
   process of informing the customer's networking equipment of the
   prefixes to be used at the customer's site.

   This document clarifies the requirements for IPv6 address prefix
   delegation from the ISP to the site.

2. Requirements

   The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
   SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL in this document are to be
   interpreted as described in RFC2119 [1].

3. Scenario and terminology

   The following figure illustrates a likely example for the
   organization of a network providing subscription IPv6 service:

                                                     /------\
                                                    /        \
                                                   +          |
                                                  / \        /
        +---------------+              +--------+/   \------/
        |ISP Edge Router|Point-to-point|Customer+
        |               +--------------+ Router |  Customer networks
        |     (PE)      |     link     | (CPE)  +
        +---------------+              +--------+\   /------\
                                                  \ /        \
                                                   +          |
                                                    \        /
                                                     \------/

   Figure 1: Illustration of ISP-customer network architecture

   Terminology:

   PE

   PE:   Provider edge device; the device connected to the service
      provider's network infrastructure at which the link to the
      customer site is terminated

   CPE

   CPE:  Customer provided premises equipment; the device at the customer site at
      which the link to the ISP is terminated

4.

3. Requirements for Prefix Delegation

   The purpose of the prefix delegation mechanism is to communicate delegate and
   manage prefixes to the CPE automatically.

4.1

3.1 Number and Length of Delegated Prefixed Prefixes

   The prefix delegation mechanism SHOULD should allow for delegation of
   prefixes of length /48, /64 and other lengths, lengths between /48 and SHOULD /64, inclusively.  Other lengths
   may be supported.  The mechanism should allow for delegation of more
   than one prefix to the customer.

4.2

3.2 Use of Delegated Prefixes in Customer Network

   The prefix delegation mechanism MUST NOT must not prohibit or inhibit the
   assignment of longer prefixes, created from the delegated prefixes,
   to links within the customer network.  It is not a requirement that
   the prefix delegation mechanism provide for the reporting of prefix
   delegation within the customer network back to the ISP.

4.3 Automated

3.3 Static and Dynamic Assignment

   The prefix delegation mechanism SHOULD should allow for long-lived pre-
   assignment static
   pre-assignment of one or more prefix(es) to a customer prefixes and for automated, possibly short-lived
   on-demand dynamic assignment of a prefix prefixes to a customer
   on demand.

4.4 customer.

3.4 Policy-based Assignment

   The prefix delegation mechanism SHOULD should allow for the use of policy in
   assigning prefixes to a customer.  For example, the customer's
   identity and type of subscribed service may be used to determine the
   address block from which the customer's prefix is selected, and the
   length of the prefix assigned to the customer.

4.5

3.5 Security and Authentication

   The prefix delegation mechanism MUST must provide for reliable
   authentication of the identity of the customer to which the prefixes
   are to be assigned, and MUST must provide for reliable, secure
   transmission of the delegated prefixes to the customer.

4.6

3.6 Accounting

   The prefix delegation mechanism MUST must allow for the ISP to provide
   accounting information about delegated prefixes.

4.7 Layer 2

3.7 Hardware technology Considerations

   The method SHOULD prefix delegation mechanism should work on any layer 2 technologies.  In other words,
   it hardware
   technology and should be layer 2 hardware technology independent.  Though, at the same
   time, it should be noted that now ISP would like to have a solution
   for Point-to-Point link which has own authentication  The
   mechanism must work on shared links.  The mechanism first.
   PPP link with CHAP authentication is a good example.  (Simulated)
   Ethernet and IEEE802.11 (wireless LAN) should be covered in near
   future, but they have low priority (just) for now.  It should be
   clarified that the method should work with
   all L2 protocols hardware technologies either with authentication mechanism or
   without, but ISP ISPs would like to take advantage of a L2 protocol's hardware
   technology's authentication mechanism if it exits.

5.

4. IANA Considerations

   There are no IANA considerations in this document.

6.

5. Security considerations

   Section 4.5 3.5 specifies security requirements for the prefix delegation
   mechanism.

References

   [1]  Bradner, S., "Key words for use  For point to point links, where one trusts that there is
   no man in RFCs the middle, or one trusts layer two authentication,
   authentication may not be necessary.

   A rogue delegating router can issue bogus prefixes to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [2] a requesting
   router.  This may cause denial of service due to unreachability.

   An intruder requesting router may be able to mount a denial of
   service attack by repeated requests for delegated prefixes that
   exhaust the delegating router's available prefixes.

Informative References

   [1]  Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6)
        Specification", RFC 2460, December 1998.

Author's Address

   [2]  Hinden, R. and S. Deering, "Internet Protocol Version 6 (IPv6)
        Addressing Architecture", RFC 2460, December 1998.

   [3]  IESG, IAB,., "IAB/IESG Recommendations on IPv6 Address", RFC
        3177, September 2001.

Authors' Addresses

   Shin Miyakawa
   Innovative IP Architecture Center, NTT Communications Corporation
   Tokyo Opera City Tower 21F, 3-20-2 Nishi-Shinjuku, Shinjuku-ku, Tokyo,
   Japan

   Phone: +81-3-6800-3262
   EMail: miyakawa@nttv6.jp
   Ralph Droms
   Cisco Systems
   300 Apollo Drive
   Chelmsford,
   1414 Massachusetts Avenue
   Boxborough, MA 01886  01719
   USA

   Phone: +1-978-497-4733 +1 978.936.1674
   EMail: rdroms@cisco.com

Full Copyright Statement

   Copyright (C) The Internet Society (2003).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.