Internet DRAFT - draft-luo-6man-ipv6-ra-prefix-flag
draft-luo-6man-ipv6-ra-prefix-flag
IPv6 maintenance Working Group(6man) Lin Luo
Internet-Draft H3C Corporation
Intended status: Standards Track Qianli Zhang
Expires: December 30, 2019 Tsinghua University
HaiHong Zhang
H3C Corporation
June 30, 2019
Enhanced IPv6 Stateless Address autoconfiguration
draft-luo-6man-ipv6-ra-prefix-flag-00
Abstract
This document specifies new flag in the format of a Prefix
Information Option, IPv6 routers advertise the address refresh
capability and address generation mechanism to IPv6 hosts.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 20, 2019.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
Luo, et al. Expires December 30, 2019 [Page 1]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Specification of Requirements . . . . . . . . . . . . . . . . 2
3. Algorithm Specification . . . . . . . . . . . . . . . . . . . 3
3.1. Prefix Information Option . . . . . . . . . . . . . . . . 3
3.2. Router processing . . . . . . . . . . . . . . . . . . . 4
3.3. Host processing . . . . . . . . . . . . . . . . . . . . 5
4. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
6. Normative References . . . . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7
Luo, et al. Expires December 30, 2019 [Page 2]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
1. Introduction
The IPv6 Neighbor Discovery (ND) Protocol [RFC4861] specifies router
advertisement message contains Prefix Information Option, [RFC4862]
specifies Stateless Address Autoconfiguration (SLAAC), On the other
hand, Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [RFC8415]
is used when a site requires tighter control over exact address
assignments.
IPv6 hosts generate addresses composed of prefix advertised by
router, an Interface Identifier(IID) in [RFC4291] typically embeds
the link-layer address. In [RFC4941], the concept of a temporary
address is proposed for privacy concerns, the host randomly generates
a temporary identification and the temporary address is regenerated
on a periodic basis. [RFC6724] recommends the host needs to prefer
the temporary address above the public address. Various new forms of
IIDs have been defined, including Cryptographically Generated
Addresses (CGAs) [RFC4982] of Secure Neighbor Discovery (SEND)
[RFC3971] and others.
The security and privacy implications of different IPv6 IIDs are
discussed, and [RFC8064] recommends semantically opaque address as
the default scheme for generating IPv6 stable addresses with SLAAC.
Otherwise, the mechanism of temporary address generation and address
selection are widely used by most operating systems.
This document specifies a new flag in the format of a Prefix
Information Option, IPv6 routers advertise the address refresh
capability and address generation mechanism to IPv6 hosts. Despite
hosts choose any IIDs generation forms, according to address refresh
capability, it is easy to perform extending lifetime of temporary
address and public address. [RFC7136] specifies IIDs MUST be viewed
as an opaque bit string by third parties, except in the local
context, the address generation flag provides a mechanism in
different kinds of application scenarios, such as authorized network
and location service network.
2. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Luo, et al. Expires December 30, 2019 [Page 3]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
3. Algorithm Specification
In a local context, when hosts need authentication to access the
network, most routers offer the capability of flow monitoring and
quality of service based on host IPv6 address, stable address is
required here. Instead of letting host freely generate an address, it
is better to specify that the address time is forced to refresh.
Furthermore, routers can choose the address generation mechanism to
advertise, including CGA, stable and semantically opaque address,
address based on location.
3.1. Prefix Information Option
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Prefix Length |L|A|R|T|Mode|Res|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Valid Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preferred Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Prefix +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This format represents the following changes over that originally
specified for Neighbor Discovery [RFC4861] [RFC6275]:
T 1-bit address time refresh flag. When set,
indicates that the address generated by this prefix
must be refreshed.
Mode 3-bit unsigned integer indicating the address
generation mode, the follow mode values are
currently defined:
0 default addresses mode
1 [RFC7217] stable,opaque addresses mode
2 [RFC3972] CGA mode
Reserved1 Reduced from a 5-bit field to a 1-bit field to
Luo, et al. Expires December 30, 2019 [Page 4]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
account for the addition of the above bit.
3.2. Router Specification
A router sends Router Advertisement messages periodically or in response
to Router Solicitation. Prefix information Option specifies prefix and
corresponding flags which is used for stateless address
autoconfiguration. In each prefix information option:
a) If the router does not specify the address refresh flag and
generation mode , it must be set to 0.
b) If the Autonomous flag is set to 0, the address refresh flag and
generation mode should be set to 0.
c) According to the network configuration, the address refresh flag or
generation mode should be set to an appropriate value.
3.3. Host Specification
Upon receipt of a valid Router Advertisement message:
a) If the Autonomous flag is set to 0, the address refresh flag and
address generation mode should be silently ignored.
b) If the prefix is link-local prefix, the address refresh flag and
address generation mode should be silently ignored.
c) If the Prefix Information Option is valid to generate address:
1) The host must expand the time of address when the address
refresh flag is set to 1.
2) The generate mode should be ignored if the host does not
support.
3) The generation mode flag is set to 0, the address is generated
by default.
4) Host should generate address as the mode described.
4. Security Considerations
This document specifies a new flag in the format of a Prefix
Information Option, IPv6 routers to advertise the address refresh
capability and address generation mechanism to IPv6 hosts. The
inclusion of additional bit fields provides extend information of
Luo, et al. Expires December 30, 2019 [Page 5]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
network, it shares the security issues of NDP that are documented in
[RFC4861]. It recommends the existed scheme for generating IPv6
address with SLAAC, such that the security and privacy issues of IIDs
are mitigated.
Luo, et al. Expires December 30, 2019 [Page 6]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
5. IANA Considerations
This document does not include an IANA request.
6. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
<https://www.rfc-editor.org/info/rfc2119>.
[RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
Neighbor Discovery (SEND)", RFC 3971, March 2005.
<https://www.rfc-editor.org/info/rfc3971>.
[RFC3972] Aura, T., "Cryptographically Generated Addresses
(CGA)",RFC 3972, March 2005.
<https://www.rfc-editor.org/info/rfc3972>.
[RFC4291] R. Hinden, S. Deering, "IP Version 6 Addressing
Architecture",RFC4291, DOI 10.17487/RFC4291, February
2006. <https://www.rfc-editor.org/info/rfc4291>.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC
4861,September 2007.
<https://www.rfc-editor.org/info/rfc4861>.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862, DOI
10.17487/RFC4862, September 2007.
<https://www.rfc-editor.org/info/rfc4862>.
[RFC4941] T. Narten, R. Draves, S. Krishnan, "Privacy Extensions for
Stateless Address Autoconfiguration in IPv6",RFC4941, DOI
10.17487/RFC4941, September 2007.<https://www.rfc-
editor.org/info/rfc4941>.
[RFC4982] M. Bagnulo, J. Arkko, "Support for Multiple Hash
Algorithms in Cryptographically Generated Addresses
(CGAs)",RFC4982, DOI 10.17487/RFC4982, July 2007.
<https://www.rfc-editor.org/info/rfc4982>.
[RFC6275] C. Perkins, D. Johnson, and J. Arkko, "Mobility Support in
IPv6", RFC 6275, DOI 10.17487/RFC6275, July 2011.
<https://www.rfc-editor.org/info/rfc6275>.
Luo, et al. Expires December 30, 2019 [Page 7]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
[RFC6724] D. Thaler, R. Draves, and A. Matsumoto, "Default Address
Selection for Internet Protocol Version 6 (IPv6)",
RFC6724, DOI 10.17487/RFC6724, September 2012.
<https://www.rfc-editor.org/info/rfc6724.
[RFC7136] B. Carpenter, S. Jiang, "Significance of IPv6 Interface
Identifiers",RFC7136, DOI 10.17487/RFC7136, February 2014.
<https://www.rfc-editor.org/info/rfc7136>.
[RFC7217] F. Gont, "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)",RFC7217, DOI 10.17487/RFC7217,
April 2014. <https://www.rfc-editor.org/info/rfc7217>.
[RFC8064] F. Gont, A. Cooper, D. Thaler, W. Liu, "Recommendation on
Stable IPv6 Interface Identifiers",RFC8064, DOI
10.17487/RFC8064, February 2017. <https://www.rfc-
editor.org/info/rfc8064>.
[RFC8415] T. Mrugalski, M. Siodelski, B. Volz, A. Yourtchenko, M.
Richardson, S. Jiang, T. Lemon, T. Winters, "Dynamic Host
Configuration Protocol for IPv6 (DHCPv6)", RFC 8415,
November 2018. <https://www.rfc-editor.org/info/rfc8415>.
Luo, et al. Expires December 30, 2019 [Page 8]
�
Internet-Draft IPv6 RA Prefix Flag June 2019
Authors' Addresses
Lin Luo
H3c Corporation
Hangzhou,
P.R.China
Email: extrall@h3c.com
Haihong Zhang
H3c Corporation
Beijing,
P.R.China
Email: zhanghaihong.04355@h3c.com
Qianli Zhang
Tsinghua University
Beijing, 100086
P.R.China
EMail: zhang@cernet.edu.cn
Luo, et al. Expires December 30, 2019 [Page 9]
