Internet DRAFT - draft-bcd-6man-ntp-server-ra-opt
draft-bcd-6man-ntp-server-ra-opt
Network Working Group M. Bhatia
Internet-Draft Alcatel-Lucent
Intended status: Standards Track X. Chen
Expires: June 22, 2012 D. Zhang
Huawei
December 20, 2011
IPv6 Router Advertisement Option for NTP Server Configuration
draft-bcd-6man-ntp-server-ra-opt-00
Abstract
This document specifies a new IPv6 Router Advertisement option to
allow IPv6 routers to advertise Network Time Protocol version 4 or
greater server location information to IPv6 hosts.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 22, 2012.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
Bhatia, et al. Expires June 22, 2012 [Page 1]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Neighbor Discovery Extension . . . . . . . . . . . . . . . . . 4
3.1. NTP Server Unicast Address Suboption . . . . . . . . . . . 5
3.2. NTP Server Multicast Address Suboption . . . . . . . . . . 6
3.3. NTP Server FQDN Suboption . . . . . . . . . . . . . . . . . 7
4. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1. Normative References . . . . . . . . . . . . . . . . . . . 8
7.2. Informative References . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9
Bhatia, et al. Expires June 22, 2012 [Page 2]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
1. Introduction
NTP [RFC5905] servers form a core component of the Internet
infrastructure. They are used to provide time and synchronization
services for hosts and routers in a network, which is critical for
many applications (event logging, security mechanisms and other
services). In order to synchronize the time, all routers and hosts
need to be configured to point to a NTP server that will provide
clocking to all the devices. This ensures accurate and synchronized
time among all devices. Its usually recommended to choose among
several NTP servers in case one of the servers becomes unreachable or
its clock becomes unreliable.
Neighbor Discovery (ND) for IP Version 6 and IPv6 Stateless Address
Autoconfiguration provide ways to configure either fixed or mobile
nodes with one or more IPv6 addresses, default routers and some other
parameters like the link-layer address of the interface from which
the Router Advertisement is sent, link MTU [RFC4861], IP address of
the DNS servers [RFC5006], etc.
This document proposes a new mechanism which uses a new IPv6 Router
Advertisement (RA) option to allow IPv6 routers to advertise NTP
server addresses to IPv6 hosts.
RA-based NTP configuration is a useful, optional alternative in
networks where an IPv6 host's address is autoconfigured through IPv6
stateless address autoconfiguration, and where the delays in
acquiring server addresses and communicating with the servers are
critical. RA-based NTP configuration allows the host to acquire the
nearest server addresses on every link. Furthermore, it learns these
addresses from the same RA message that provides configuration
information for the link, thereby avoiding an additional protocol
run. This can be beneficial in some mobile environments, such as
with Mobile IPv6.
The NTP Server Option that this document proposes is an extension of
Router Advertisment. It does not change the basic function of the
existing ND/SLAAC mechanisms.
Information that an IPv6 host or a router needs to run the basic
Internet applications (such as the Clock Synchronization, Timestamp
Verification, Certificate Expiration check, etc.) can be obtained
with the addition of this option to Neighbor Discovery and address
autoconfiguration.
This mechanism works over a broad range of scenarios and leverages
IPv6 Neighbor Discovery. This works well on links that are high
performance (e.g., Ethernet LANs) and low performance (e.g., cellular
Bhatia, et al. Expires June 22, 2012 [Page 3]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
networks). In the latter case, by combining the NTP server
information (that this draft proposes) with the other information in
the Router Advertisement, the IPv6 devices can learn all the
information needed to use most Internet applications in a single
transaction. This not only saves bandwidth, but also minimizes the
delay needed to learn the NTP server information.
2. Overview
This document defines a new ND option called NTP Server option that
contains the addresses of the NTP servers. Existing ND transport
mechanisms (i.e., Advertisements and Solicitations) are used. This
works in the same way that hosts learn about routers and prefixes.
An IPv6 host can configure the IPv6 addresses of one or more NTP
servers via RA messages periodically sent by a router or solicited by
Router Solicitation (RS) messages.
This approach requires NTP Server information to be configured in the
routers sending the advertisements. The configuration of NTP server
addresses in the routers can be done by manual configuration. The
automatic configuration of NTP server addresses in routers is out of
scope for this document.
The location of the NTP service, like any other Internet service, can
be specified by an IP address or a Fully Qualified Domain Name
(FQDN).
3. Neighbor Discovery Extension
The IPv6 NTP configuration mechanism in this document defines a new
ND option in Neighbor Discovery - the NTP Server (NTPS) option. This
option serves as a container for server location information related
to one NTP server or Simple Network Time Protocol (SNTP) [RFC4330]
server. This option can appear multiple times in a RA message. Each
instance of this option is to be considered by the NTP client or SNTP
client as a server to include in its configuration.
The option itself does not contain any value. Instead, it contains
one or several suboptions that carry NTP server or SNTP server
location. This option MUST include one, and only one, time source
suboption. It carries the NTP server or SNTP server location as a
Unicast or Multicast IPv6 address or as an NTP server or SNTP server
FQDN. More time source suboptions may be defined in the future.
While the FQDN option offers the most deployment flexibility,
resiliency as well as security, the IP address options are defined to
cover cases where a DNS dependency is not desirable. If the NTP
Bhatia, et al. Expires June 22, 2012 [Page 4]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
server or SNTP server location is an IPv6 multicast address, the
client SHOULD use this address as an NTP multicast group address and
listen to messages sent to this group in order to synchronize its
clock.
The format of the NTP Server (NTPS) Option is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
~ NTP Server Address Sub Options ~
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| |
~ Padding ~
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: NTP Server Option in the RA
Fields:
Type: 8 bit identifier of the NTP Server option type in the RA
message - To be assigned by IANA.
Length: 8 bit unsigned integer. Total length of the included sub
options (including the Type and Length fields) is in units of 8
octets.
NTP Server Address Sub Options : List of NTP server addresses sub
options
Padding: It is optional and is used, if required, to preserve IPv6
8-octet alignment.
3.1. NTP Server Unicast Address Suboption
This suboption is intended to appear inside the NTP Server Option
within the RA message. It specifies the IPv6 unicast address of an
NTP server or SNTP server available to the client.
Bhatia, et al. Expires June 22, 2012 [Page 5]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
| Unicast IPv6 address of NTP server |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: NTP Server Unicast Address Suboption
Fields:
Type: 8 bit identifier of the NTP Server Unicast Address Suboption -
To be assigned by IANA.
Length:8 bit unsigned integer. Total length of the sub options
(including the Type and Length fields) in octets. Its set to 18
Unicast IPv6 address of NTP server: An IPv6 Address
3.2. NTP Server Multicast Address Suboption
This suboption is intended to appear inside the NTP Server Option
within the RA message. It specifies the IPv6 Multicast Group address
of an NTP server or SNTP server available to the client.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
| Multicast IPv6 address of NTP server |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
Figure 2: NTP Server Multicast Address Suboption
Fields:
Type: 8 bit identifier of the NTP Server Multicast Address Suboption
- To be assigned by IANA.
Bhatia, et al. Expires June 22, 2012 [Page 6]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
Length:8 bit unsigned integer. Total length of the sub options
(including the Type and Length fields) in octets. Its set to 18
Multicast IPv6 address of NTP server: An IPv6 Address
3.3. NTP Server FQDN Suboption
This suboption is intended to appear inside the NTP Server Option
within the RA message. It specifies the FQDN of an NTP server or
SNTP server available to the client.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
| FQDN of NTP server |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
Figure 2: NTP Server FQDN Suboption
Fields:
Type: 8 bit identifier of the NTP Server FQDN Suboption - To be
assigned by IANA.
Length:8 bit unsigned integer. Total length of the FQDN field and
including the Type and Length fields in octets.
FQDN of NTP server: Fully-Qualified Domain Name of the NTP server or
SNTP server. This field MUST be encoded as described in [RFC3315].
Internationalized domain names are not allowed in this field.
4. Security Considerations
Because NTPS option does not change the base functions of existing
ND/SLAAC mechanism, it can be claimed that the NTP Server option for
RA has vulnerabilities similar to those existing in current
mechanisms. If the Secure Neighbor Discovery (SEND) protocol is used
as a security mechanism for ND, all the ND options including the NTP
Server option are automatically included in the signatures [RFC3971],
and the NTPS transport is integrity-protected.
Bhatia, et al. Expires June 22, 2012 [Page 7]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
5. IANA Considerations
IANA needs to assign an option code for the NTP Server Option that
will be used in the Router Advertisments.
IANA is required to maintain a new number space of NTP Server
suboptions as defined in this document. IANA should assign future
NTP time source suboptions with an "IETF Consensus" policy as
described in [RFC5226].
6. Acknowledgements
This document is built upon draft-chen-ntps-ra-opt-00 which expired
eons ago.
7. References
7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
September 2007.
[RFC5905] Mills, D., Martin, J., Burbank, J., and W. Kasch, "Network
Time Protocol Version 4: Protocol and Algorithms
Specification", RFC 5905, June 2010.
7.2. Informative References
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
Neighbor Discovery (SEND)", RFC 3971, March 2005.
[RFC4330] Mills, D., "Simple Network Time Protocol (SNTP) Version 4
for IPv4, IPv6 and OSI", RFC 4330, January 2006.
[RFC5006] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli,
"IPv6 Router Advertisement Option for DNS Configuration",
RFC 5006, September 2007.
Bhatia, et al. Expires June 22, 2012 [Page 8]
Internet-Draft IPv6 Router Advertisement Support for NTP December 2011
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
Authors' Addresses
Manav Bhatia
Alcatel-Lucent
Email: manav.bhatia@alcatel-lucent.com
Xu Chen
Huawei
Email: zhangdacheng@huawei.com
Dacheng Zhang
Huawei
Email: zhangdacheng@huawei.com
Bhatia, et al. Expires June 22, 2012 [Page 9]