Homenet | T. Winters, Ed. |
Internet-Draft | UNH-IOL |
Intended status: Informational | February 14, 2014 |
Expires: August 18, 2014 |
Service Provider Edge Router Interaction
draft-winters-homenet-sper-interaction-01
This document describes the interaction between a Service Provider Gateway fixed at the home edge, and the Home Networking interior routers. It assesses the interactions between existing routers implementing [RFC7084] and the Home Networking routers. The document will also define the interactions between other Service Provider Edge Router (eg. HIPnet) and Home Networking router.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 18, 2014.
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
This document defines the interactions between the future Homenet network and 7084 Routers and Service Provider Edge Routers (SPER). In the future the SPER will be full Homenet routers but there will be a period of transition. This document specifies how currently deployed SPER will interact with Homenet architecture [I-D.ietf-homenet-arch]. The goal of this document is to make recommendations on issues uncovered to make the devices work with the future Homenet. These recommendations may result in requirements for the Homenet routers.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
For purposes of this report the Design Team adopts the following terminology.
According to [I-D.kline-homenet-default-perimeter] there are 3 types of product interfaces: external, internal, and mixed. Border Discovery is the process of discovering the interface types. Below we describe the the 3 choices.
Border Discovery must be performed on all interfaces. Legacy Routers that don't support Homenet will not participate in Border Discovery and are considered to be external to the Homenet Border.
WAN ports are permanently defined as external requiring no discovery. LAN ports perform Border Discovery. This requires that the user connect the WAN interface to the ISP or SPER defining the boundary. All other ports are in border discovery mode. The advantage of this approach is that it allows the Homenet to have multiple egress ports.
+-----------+ | Service | | Provider | | Router | +-----+-----+ | | | Customer | Internet Connection | +-----v-----+ | 7084 | | Router | | | +-----+-----+ | +----+-+-------+ | | | | +---+----+ +-----+------+ | IPv6 | | Homenet | | Host | | Router | | | | | +--------+ +------------+
A 7084 Router acquires addresses to provision the LAN through DHCP Prefix Delegation [RFC3633]. A 7084 Router will assign a separate /64 from the set of delegated prefix(es) for each LAN interfaces. The Router can assign addresses to the LAN hosts using either SLAAC or DHCP. There is no requirement for redistributing any unused prefix(es) that were delegated to the 7084 Router. Support of IA_PD on the LAN interface is not required for a 7084 Router. If a 7084 Router does not support IA_PD on the LAN interface the Homenet will not receive a prefix allocation, and therefore will not have global addressing for the entire Homenet.
A 7084 Router learns default routes through Router Advertisements on the WAN interface. Routes are installed when a prefix is assigned to a LAN interface. All other Home Routing information requires user configuration.
A 7084 Router will NOT forward packets from an unrecognized source address. Any IPv6 packets routed from the Homenet would receive an ICMPv6 Destination Unreachable message. This restricts the Homenet to internal communications only. Packets with unrecognized destination addresses in the Homenet MAY pass thru a 7084 Router if configured. This configuration might be done thru the mechanism such a IA_PD or direct configuration.
A 7084 Router does not have a method for participating in Homenet border discovery. A 7084 Router and any hosts connected to the Router are considered to be as External to the Homenet. A Homenet Router is recommended to support a configuration method that will allow the border to include the 7084 Router as Internal to the Homenet.
For service discovery to works routers need to forward multicast traffic appropriately enabling server discovery across the home network. A 7084 Router does not have any requirements for supporting multicast forwarding. Based on this knowledge it is unlikely that Service Discovery between the 7084 and Homemnet will work.
+-----------+ | Service | | Provider | | Router | +-----+-----+ | | | Customer | Internet Connection | +-----v-----+ | Homenet | | Router | | | +-----+-----+ | +----+-+-------+ | | | | +---+----+ +-----+------+ | IPv6 | | 7084 | | Host | | Router | | | | | +--------+ +------------+
A 7084 Router needs to receive an IA_PD to allow devices on LAN interfaces to be addressed. For addressing to work properly the Homenet must provide IA_PDs when requested.
When a Homenet Router is assigned an IA_PD it MUST install routes for the prefixes into the Homenet Routing infrastructure. This will allow packets to be routed from the Homenet to the 7084 Router. A 7084 Router only needs a Router Advertisement with a valid Router Lifetime to route into the Homenet.
A Homenet Router with the firewall on might not allow valid traffic from devices connected to the 7084 Router. When a Homenet Router is assigned an IA_PD there needs to be a secure way for the Homenet Border to allow IPv6 traffic to flow from the 7084 router into the Homenet or Internet.
For service discovery to work routers need to forward multicast traffic appropriately enabling server discovery across the home network. A 7084 Router does not have any requirements for supporting multicast forwarding. Based on this knowledge it is unlikely that Service Discovery between the 7084 and Homemnet will work.
+-----------+ | Service | | Provider | | Router | +-----+-----+ | | | Customer | Internet Connection | +-----+-----+ | SPER | | | | | +-----+-----+ | +----+-+-------+ | | | | +---+----+ +-----+------+ | IPv6 | | Homenet | | Host | | | | | | | +--------+ +------------+
SPERs use DHCPv6 prefix sub-delegation to build the network [I-D.grundemann-homenet-hipnet]. If the prefix is larger then a single /64 prefix the SPER will subdivide the IPv6 prefix received via DHCPv6 [RFC3315]. Using Recursive Prefix Delegation allows the Homenet to receive prefixes that can be used to address the network.
Leveraging the recursive prefix delegation method described above, a SPER installs a route to the WAN interface of the router which delegated the prefixes. With this routing information the SPER is able to properly route packets to and from the Homenet.
A SPER implements a stateful [RFC6092] firewall which may be have it enabled. This stateful firewall will allow homenet traffic to leave the network. It is limited to only returning traffic originated from the Homenet. No connections can be originated from outside of the Homenet.
A Homenet Router with the firewall on might not allow valid traffic from devices connected to the HIPnet SPER. A Homenet Router will be able to detect a SPER based on a CER_ID, [I-D.donley-dhc-cer-id-option], SPER MUST include an CER_ID option with an address that is not the unspecified address (::). This allows for the Homenet Router to detect a SPER allowing native IPv6 traffic through the firewall so that traffic can flow between the SPER and Homenet.
Both the Homenet and SPER have several common protocols that can be used for service discovery such as mDNS [RFC6762], DNS-SD [RFC6763], and [SSDP]. Both the SPER and Homenet Routers may have host directly connected that are using them as DNS servers. If the SPER advertises itself as the DNS-SD server for connected host, the host could query the SPER. The issue that arises with this configuration is the HIPnet Router currently has no method for finding the Homenet router to query when trying to resolve DNS.
+-----------+ | Service | | Provider | | Router | +-----+-----+ | | | Customer | Internet Connection | +-----+-----+ | Homenet | | | | | +-----+-----+ | +------+-------+ | | | | +---+----+ +-----+------+ | IPv6 | | SPER | | Host | | | | | | | +--------+ +------------+
A SPER needs to receive an IA_PD to address IPv6 host and routers behind it. If a large enough prefix is assigned, /56 for example, the SPER will attempt further sub-delegation. This will not be optimized for the network but will still function properly. For addressing between the SPER and Homenet to work properly the Homenet must provide IA_PDs when requested.
When a Homenet Router assigns an IA_PD to the SPER it MUST install routes for the prefixes into the Homenet Routing infrastructure. This will allow packets to be routed from the Homenet to the SPER. If there are two ingress paths to the SPER, the sub-optimal path will be choosen based on the interface that assigned the IA_PD.
A Homenet Router with the firewall enabled might not allow valid traffic from devices connected to the SPER or addressed by the SPER to enter the Homenet. When a Homenet Router assigns an IA_PD there needs to be a secure way for the Homenet Border to allow IPv6 traffic to flow from the SPER into the Homenet or Internet.
For service discovery to work routers need to forward multicast traffic appropriately enabling server discovery across the home network.
This document makes no request of IANA.
The Homenet Design Team: Mikael Abrahamsson, Ray Bellis, John Brzozowski, Lorenzo Colitti, Tim Chown, Chris Donley, Markus Stenberg, Andrew Yourtchecko, Erik Kline
[RFC6762] | Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762, February 2013. |
[SSDP] | UPnP Forum, "Univeral Plug and Play (UPnP) Device Architecture 1.1", November 2008. |
[BBF.TR124] | Broadband Forum, "TR-124: Functional Requirements for Broadband Residental Gateways Devices", August 2012. |