Internet Engineering Task Force J. Bound INTERNET DRAFT Compaq DHC Working Group M. Carney Obsoletes: draft-ietf-dhc-dhcpv6-22.txt Sun Microsystems, Inc C. Perkins Nokia Research Center Ted Lemon Nominum Bernie Volz Ericsson R. Droms(ed.) Cisco Systems 1 Feb 2002 Dynamic Host Configuration Protocol for IPv6 (DHCPv6) draft-ietf-dhc-dhcpv6-23.txt Status of This Memo This document is a submission by the Dynamic Host Configuration Working Group of the Internet Engineering Task Force (IETF). Comments should be submitted to the dhcwg@ietf.org mailing list. Distribution of this memo is unlimited. This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at: http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at: http://www.ietf.org/shadow.html. Abstract The Dynamic Host Configuration Protocol for IPv6 (DHCP) enables DHCP servers to pass configuration parameters such as IPv6 network addresses to IPv6 nodes. It offers the capability of automatic allocation of reusable network addresses and additional configuration flexibility. This protocol is a stateful counterpart to "IPv6 Droms (ed.), et al. Expires 1 Aug 2002 [Page i] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Stateless Address Autoconfiguration" [21], and can be used separately or concurrently with the latter to obtain configuration parameters. Contents Status of This Memo i Abstract i 1. Introduction 1 2. Requirements 2 3. Background 2 4. Design Goals 3 5. Non-Goals 4 6. Terminology 4 6.1. IPv6 Terminology . . . . . . . . . . . . . . . . . . . . 4 6.2. DHCP Terminology . . . . . . . . . . . . . . . . . . . . 5 7. DHCP Constants 7 7.1. Multicast Addresses . . . . . . . . . . . . . . . . . . . 7 7.2. UDP ports . . . . . . . . . . . . . . . . . . . . . . . . 7 7.3. DHCP message types . . . . . . . . . . . . . . . . . . . 8 7.4. Status Codes . . . . . . . . . . . . . . . . . . . . . . 9 7.4.1. Generic Status Codes . . . . . . . . . . . . . . 9 7.4.2. Server-specific Status Codes . . . . . . . . . . 10 7.5. Configuration Variables . . . . . . . . . . . . . . . . . 11 8. Message Formats 11 8.1. DHCP Solicit Message Format . . . . . . . . . . . . . . . 12 8.2. DHCP Advertise Message Format . . . . . . . . . . . . . . 12 8.3. DHCP Request Message Format . . . . . . . . . . . . . . . 12 8.4. DHCP Confirm Message Format . . . . . . . . . . . . . . . 13 8.5. DHCP Renew Message Format . . . . . . . . . . . . . . . . 13 8.6. DHCP Rebind Message Format . . . . . . . . . . . . . . . 13 8.7. DHCP Reply Message Format . . . . . . . . . . . . . . . . 13 8.8. DHCP Release Message Format . . . . . . . . . . . . . . . 13 8.9. DHCP Decline Message Format . . . . . . . . . . . . . . . 14 8.10. DHCP Reconfigure Message Format . . . . . . . . . . . . . 14 8.11. Information-Request Message Format . . . . . . . . . . . 14 9. Relay messages 14 9.1. Relay-forward message . . . . . . . . . . . . . . . . . . 15 9.2. Relay-reply message . . . . . . . . . . . . . . . . . . . 16 10. Representation and use of domain names 16 11. DHCP unique identifier (DUID) 16 Droms (ed.), et al. Expires 1 Aug 2002 [Page ii] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 11.1. DUID contents . . . . . . . . . . . . . . . . . . . . . . 17 11.2. DUID based on link-layer address plus time . . . . . . . 17 11.3. Vendor-assigned unique ID (VUID) . . . . . . . . . . . . 18 11.4. Link-layer address . . . . . . . . . . . . . . . . . . . 19 12. Identity association 20 13. Selecting addresses for assignment to an IA 21 14. Management of temporary addresses 22 15. Reliability of Client Initiated Message Exchanges 23 16. Message validation 24 16.1. Use of Transaction-ID field . . . . . . . . . . . . . . . 24 16.2. Solicit message . . . . . . . . . . . . . . . . . . . . . 25 16.3. Advertise message . . . . . . . . . . . . . . . . . . . . 25 16.4. Request message . . . . . . . . . . . . . . . . . . . . . 25 16.5. Confirm message . . . . . . . . . . . . . . . . . . . . . 25 16.6. Renew message . . . . . . . . . . . . . . . . . . . . . . 26 16.7. Rebind message . . . . . . . . . . . . . . . . . . . . . 26 16.8. Decline messages . . . . . . . . . . . . . . . . . . . . 26 16.9. Release message . . . . . . . . . . . . . . . . . . . . . 27 16.10. Reply message . . . . . . . . . . . . . . . . . . . . . . 27 16.11. Reconfigure message . . . . . . . . . . . . . . . . . . . 27 16.12. Information-request message . . . . . . . . . . . . . . . 27 16.13. Relay-forward message . . . . . . . . . . . . . . . . . . 28 16.14. Relay-reply message . . . . . . . . . . . . . . . . . . . 28 17. Client Source Address and Interface Selection 28 18. DHCP Server Solicitation 28 18.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 29 18.1.1. Creation of Solicit messages . . . . . . . . . . 29 18.1.2. Transmission of Solicit Messages . . . . . . . . 29 18.1.3. Receipt of Advertise messages . . . . . . . . . . 30 18.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 31 18.2.1. Receipt of Solicit messages . . . . . . . . . . . 31 18.2.2. Creation and transmission of Advertise messages . 31 19. DHCP Client-Initiated Configuration Exchange 32 19.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 33 19.1.1. Creation and transmission of Request messages . . 33 19.1.2. Creation and transmission of Confirm messages . . 34 19.1.3. Creation and transmission of Renew messages . . . 35 19.1.4. Creation and transmission of Rebind messages . . 37 19.1.5. Creation and Transmission of Information-request messages . . . . . . . . . . . . . . . . . 38 19.1.6. Receipt of Reply message in response to a Request, Confirm, Renew, Rebind or Information-request message . . . . . . . . . . . . . . . . . 38 19.1.7. Creation and transmission of Release messages . . 40 Droms (ed.), et al. Expires 1 Aug 2002 [Page iii] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 19.1.8. Receipt of Reply message in response to a Release message . . . . . . . . . . . . . . . . . 41 19.1.9. Creation and transmission of Decline messages . . 41 19.1.10. Receipt of Reply message in response to a Decline message . . . . . . . . . . . . . . . . . 42 19.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 42 19.2.1. Receipt of Request messages . . . . . . . . . . . 42 19.2.2. Receipt of Confirm messages . . . . . . . . . . . 43 19.2.3. Receipt of Renew messages . . . . . . . . . . . . 44 19.2.4. Receipt of Rebind messages . . . . . . . . . . . 45 19.2.5. Receipt of Information-request messages . . . . . 46 19.2.6. Receipt of Release messages . . . . . . . . . . . 47 19.2.7. Receipt of Decline messages . . . . . . . . . . . 47 19.2.8. Transmission of Reply messages . . . . . . . . . 47 20. DHCP Server-Initiated Configuration Exchange 48 20.1. Server Behavior . . . . . . . . . . . . . . . . . . . . . 48 20.1.1. Creation and transmission of Reconfigure messages 48 20.1.2. Time out and retransmission of Reconfigure messages . . . . . . . . . . . . . . . . . 49 20.1.3. Receipt of Renew messages . . . . . . . . . . . . 49 20.2. Receipt of Information-request messages . . . . . . . . . 49 20.3. Client Behavior . . . . . . . . . . . . . . . . . . . . . 50 20.3.1. Receipt of Reconfigure messages . . . . . . . . . 50 20.3.2. Creation and transmission of Renew messages . . . 51 20.3.3. Creation and transmission of Information-request messages . . . . . . . . . . . . . . . . . 51 20.3.4. Time out and retransmission of Renew or Information-request messages . . . . . . . 51 20.3.5. Receipt of Reply messages . . . . . . . . . . . . 51 21. Relay Behavior 52 21.1. Relaying of client messages . . . . . . . . . . . . . . . 52 21.2. Relaying of server messages . . . . . . . . . . . . . . . 52 22. Authentication of DHCP messages 53 22.1. DHCP threat model . . . . . . . . . . . . . . . . . . . . 53 22.2. Security of messages sent between servers and relay agents 54 22.3. Summary of DHCP authentication . . . . . . . . . . . . . 54 22.4. Replay detection . . . . . . . . . . . . . . . . . . . . 54 22.5. Configuration token protocol . . . . . . . . . . . . . . 54 22.6. Delayed authentication protocol . . . . . . . . . . . . . 55 22.6.1. Management issues in the delayed authentication protocol . . . . . . . . . . . . . . . . . 55 22.6.2. Use of the Authentication option in the delayed authentication protocol . . . . . . . . . 55 22.6.3. Message validation . . . . . . . . . . . . . . . 56 22.6.4. Key utilization . . . . . . . . . . . . . . . . . 57 22.6.5. Client considerations for delayed authentication protocol . . . . . . . . . . . . . . . . . 57 22.6.6. Server considerations for delayed authentication protocol . . . . . . . . . . . . . . . . . 59 Droms (ed.), et al. Expires 1 Aug 2002 [Page iv] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 23. DHCP options 60 23.1. Format of DHCP options . . . . . . . . . . . . . . . . . 60 23.2. Client Identifier option . . . . . . . . . . . . . . . . 60 23.3. Server Identifier option . . . . . . . . . . . . . . . . 61 23.4. Identity association option . . . . . . . . . . . . . . . 61 23.5. IA Address option . . . . . . . . . . . . . . . . . . . . 63 23.6. Requested Temporary Addresses (RTA) Option . . . . . . . 65 23.7. Option Request option . . . . . . . . . . . . . . . . . . 65 23.8. Preference option . . . . . . . . . . . . . . . . . . . . 66 23.9. Elapsed Time . . . . . . . . . . . . . . . . . . . . . . 67 23.10. Client message option . . . . . . . . . . . . . . . . . . 67 23.11. Server message option . . . . . . . . . . . . . . . . . . 68 23.12. Authentication option . . . . . . . . . . . . . . . . . . 68 23.13. Server unicast option . . . . . . . . . . . . . . . . . . 69 23.14. Status Code Option . . . . . . . . . . . . . . . . . . . 70 23.15. User Class Option . . . . . . . . . . . . . . . . . . . . 70 23.16. Vendor Class Option . . . . . . . . . . . . . . . . . . . 71 23.17. Interface-Id Option . . . . . . . . . . . . . . . . . . . 72 24. Security Considerations 73 25. Year 2000 considerations 73 26. IANA Considerations 74 26.1. Multicast addresses . . . . . . . . . . . . . . . . . . . 74 26.2. DHCPv6 message types . . . . . . . . . . . . . . . . . . 74 26.3. DUID . . . . . . . . . . . . . . . . . . . . . . . . . . 74 26.4. DHCPv6 options . . . . . . . . . . . . . . . . . . . . . 74 26.5. Status codes . . . . . . . . . . . . . . . . . . . . . . 74 26.6. Authentication option . . . . . . . . . . . . . . . . . . 75 27. Acknowledgments 75 References 75 Chair's Address 77 Authors' Addresses 77 A. Appearance of Options in Message Types 79 B. Appearance of Options in the Options Field of DHCP Messages 79 C. Full Copyright Statement 80 1. Introduction This document describes DHCP for IPv6 (DHCP), a UDP [19] client/server protocol designed to reduce the cost of management of IPv6 nodes in environments where network managers require more control over the allocation of IPv6 addresses and configuration of network stack parameters than that offered by "IPv6 Stateless Droms (ed.), et al. Expires 1 Aug 2002 [Page 1] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Address Autoconfiguration" [21]. DHCP is a stateful counterpart to stateless autoconfiguration. Note that both stateful and stateless autoconfiguration can be used concurrently in the same environment, leveraging the strengths of both mechanisms in order to reduce the cost of ownership and management of network nodes. DHCP reduces the cost of ownership by centralizing the management of network resources such as IP addresses, routing information, OS installation information, directory service information, and other such information on a few DHCP servers, rather than distributing such information in local configuration files among all network node. DHCP is designed to be easily extended to carry new configuration parameters through the addition of new DHCP "options" defined to carry this information. Those readers familiar with DHCP for IPv4 [7] will find DHCP for IPv6 provides a superset of the features of DHCP and benefits from the additional features of IPv6 and freedom from the constraints of backward compatibility with BOOTP [4]. 2. Requirements The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described in [2]. This document also makes use of internal conceptual variables to describe protocol behavior and external variables that an implementation must allow system administrators to change. The specific variable names, how their values change, and how their settings influence protocol behavior are provided to demonstrate protocol behavior. An implementation is not required to have them in the exact form described here, so long as its external behavior is consistent with that described in this document. 3. Background The IPv6 Specification provides the base architecture and design of IPv6. Related work in IPv6 that would best serve an implementor to study includes the IPv6 Specification [5], the IPv6 Addressing Architecture [9], IPv6 Stateless Address Autoconfiguration [21], IPv6 Neighbor Discovery Processing [17], and Dynamic Updates to DNS [22]. These specifications enable DHCP to build upon the IPv6 work to provide both robust stateful autoconfiguration and autoregistration of DNS Host Names. The IPv6 Addressing Architecture specification [9] defines the address scope that can be used in an IPv6 implementation, and the various configuration architecture guidelines for network designers of the IPv6 address space. Two advantages of IPv6 are that support for multicast is required, and nodes can create link-local addresses Droms (ed.), et al. Expires 1 Aug 2002 [Page 2] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 during initialization. This means that a client can immediately use its link-local address and a well-known multicast address to begin communications to discover neighbors on the link. For instance, a client can send a Solicit message and locate a server or relay. IPv6 Stateless Address Autoconfiguration [21] specifies procedures by which a node may autoconfigure addresses based on router advertisements [17], and the use of a valid lifetime to support renumbering of addresses on the Internet. In addition the protocol interaction by which a node begins stateless or stateful autoconfiguration is specified. DHCP is one vehicle to perform stateful autoconfiguration. Compatibility with stateless address autoconfiguration is a design requirement of DHCP (see Section 4). IPv6 Neighbor Discovery [17] is the node discovery protocol in IPv6 which replaces and enhances functions of ARP [18]. To understand IPv6 and stateless address autoconfiguration it is strongly recommended that implementors understand IPv6 Neighbor Discovery. Dynamic Updates to DNS [22] is a specification that supports the dynamic update of DNS records for both IPv4 and IPv6. DHCP can use the dynamic updates to DNS to integrate addresses and name space to not only support autoconfiguration, but also autoregistration in IPv6. 4. Design Goals - DHCP is a mechanism rather than a policy. Network administrators set their administrative policies through the configuration parameters they place upon the DHCP servers in the DHCP domain they're managing. DHCP is simply used to deliver parameters according to that policy to each of the DHCP clients within the domain. - DHCP is compatible with IPv6 stateless address autoconfiguration [21], statically configured, non-participating nodes and with existing network protocol implementations. - DHCP does not require manual configuration of network parameters on DHCP clients, except in cases where such configuration is needed for security reasons. A node configuring itself using DHCP should require no user intervention. - DHCP does not require a server on each link. To allow for scale and economy, DHCP must work across DHCP relays. - DHCP clients can operate on a link without IPv6 routers present. - DHCP will provide the ability to renumber network(s) when required by network administrators [3]. Droms (ed.), et al. Expires 1 Aug 2002 [Page 3] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 - A DHCP client can make multiple, different requests for configuration parameters when necessary from one or more DHCP servers at any time. - DHCP will contain the appropriate time out and retransmission mechanisms to efficiently operate in environments with high latency and low bandwidth characteristics. 5. Non-Goals This specification explicitly does not cover the following: - Specification of a DHCP server to server protocol. - How a DHCP server stores its DHCP data. - How to manage a DHCP domain or DHCP server. - How a DHCP relay is configured or what sort of information it may log. 6. Terminology This sections defines terminology specific to IPv6 and DHCP used in this document. 6.1. IPv6 Terminology IPv6 terminology relevant to this specification from the IPv6 Protocol [5], IPv6 Addressing Architecture [9], and IPv6 Stateless Address Autoconfiguration [21] is included below. address An IP layer identifier for an interface or a set of interfaces. unicast address An identifier for a single interface. A packet sent to a unicast address is delivered to the interface identified by that address. multicast address An identifier for a set of interfaces (typically belonging to different nodes). A packet sent to a multicast address is delivered to all interfaces identified by that address. host Any node that is not a router. IP Internet Protocol Version 6 (IPv6). The terms IPv4 and IPv6 are used only in Droms (ed.), et al. Expires 1 Aug 2002 [Page 4] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 contexts where it is necessary to avoid ambiguity. interface A node's attachment to a link. link A communication facility or medium over which nodes can communicate at the link layer, i.e., the layer immediately below IP. Examples are Ethernet (simple or bridged); Token Ring; PPP links, X.25, Frame Relay, or ATM networks; and Internet (or higher) layer "tunnels", such as tunnels over IPv4 or IPv6 itself. link-layer identifier A link-layer identifier for an interface. Examples include IEEE 802 addresses for Ethernet or Token Ring network interfaces, and E.164 addresses for ISDN links. link-local address An IPv6 address having link-only scope, indicated by having the prefix (FE80::0000/64), that can be used to reach neighboring nodes attached to the same link. Every interface has a link-local address. neighbor A node attached to the same link. node A device that implements IP. packet An IP header plus payload. prefix The initial bits of an address, or a set of IP address that share the same initial bits. prefix length The number of bits in a prefix. router A node that forwards IP packets not explicitly addressed to itself. 6.2. DHCP Terminology Terminology specific to DHCP can be found below. agent address The address of a neighboring DHCP Agent on the same link as the DHCP client. Droms (ed.), et al. Expires 1 Aug 2002 [Page 5] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 binding A binding (or, client binding) is a group of server data records containing the information the server has about the addresses in an IA and any other configuration information assigned to the client. A binding is indexed by the tuple . DHCP Dynamic Host Configuration Protocol for IPv6. The terms DHCPv4 and DHCPv6 are used only in contexts where it is necessary to avoid ambiguity. configuration parameter An element of the configuration information set on the server and delivered to the client using DHCP. Such parameters may be used to carry information to be used by a node to configure its network subsystem and enable communication on a link or internetwork, for example. DHCP client (or client) A node that initiates requests on a link to obtain configuration parameters from one or more DHCP servers. DHCP domain A set of links managed by DHCP and operated by a single administrative entity. DHCP server (or server) A server is a node that responds to requests from clients, and may or may not be on the same link as the client(s). DHCP relay (or relay) A node that acts as an intermediary to deliver DHCP messages between clients and servers, and is on the same link as a client. DHCP agent (or agent) Either a DHCP server on the same link as a client, or a DHCP relay. DUID A DHCP Unique IDentifier for a DHCP participant; each DHCP client and server has exactly one DUID. Identity association (IA) A collection of addresses assigned to a client. Each IA has an associated IAID. An IA may have 0 or more addresses associated with it. Droms (ed.), et al. Expires 1 Aug 2002 [Page 6] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Identity association identifier (IAID) An identifier for an IA, chosen by the client. Each IA has an IAID, which is chosen to be unique among all IAIDs for IAs belonging to that client. message A unit of data carried in a packet, exchanged between DHCP agents and clients. transaction-ID An unsigned integer to match responses with replies initiated either by a client or server. 7. DHCP Constants This section describes various program and networking constants used by DHCP. 7.1. Multicast Addresses DHCP makes use of the following multicast addresses: All_DHCP_Agents (FF02::1:2) This link-scoped multicast address is used by clients to communicate with the on-link agent(s) when they do not know the link-local address(es) for those agents. All agents (servers and relays) are members of this multicast group. All_DHCP_Servers (FF05::1:3) This site-scoped multicast address is used by clients or relays to communicate with server(s), either because they want to send messages to all servers or because they do not know the server(s) unicast address(es). Note that in order for a client to use this address, it must have an address of sufficient scope to be reachable by the server(s). All servers within the site are members of this multicast group. 7.2. UDP ports DHCP uses the following destination UDP [19] port numbers. While source ports MAY be arbitrary, client implementations SHOULD permit their specification through a local configuration parameter to facilitate the use of DHCP through firewalls. 546 Client port. Used by servers as the destination port for messages sent to clients and relays. Used by relay Droms (ed.), et al. Expires 1 Aug 2002 [Page 7] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 agents as the destination port for messages sent to clients. 547 Agent port. Used as the destination port by clients for messages sent to agents. Used as the destination port by relays for messages sent to servers. 7.3. DHCP message types DHCP defines the following message types. More detail on these message types can be found in Section 8. Message types not listed here are reserved for future use. The message code for each message type is shown with the message name. SOLICIT (1) The Solicit message is used by clients to locate servers. ADVERTISE (2) The Advertise message is used by servers responding to Solicits. REQUEST (3) The Request message is used by clients to request configuration parameters from servers. CONFIRM (4) The Confirm message is used by clients to confirm that the addresses assigned to an IA and the lifetimes for those addresses, as well as the current configuration parameters assigned by the server to the client are still valid. RENEW (5) The Renew message is used by clients to update the addresses assigned to an IA and the lifetimes for those addresses, as well as the current configuration parameters assigned by the server to the client. A client sends a Renew message to the server that originally populated the IA at time T1. REBIND (6) The Rebind message is used by clients to extend the lifetimes of addresses assigned to an IA, as well as the current configuration parameters assigned by the server to the client. A client sends a Rebind message to all available DHCP servers at time T2 only after the client has been unable to contact the server that originally populated the IA with a Renew message. REPLY (7) The Reply message is used by servers responding to Request, Confirm, Renew, Rebind, Information-request, Release and Decline messages. In the case of responding to Droms (ed.), et al. Expires 1 Aug 2002 [Page 8] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 a Request, Confirm, Information-request, Renew or Rebind message, the Reply contains configuration parameters destined for the client. RELEASE (8) The Release message is used by clients to indicate to a server that the client will no longer use one or more addresses in an IA. DECLINE (9) The Decline message is used by clients to indicate that the client has determined that one or more addresses in an IA are already in use on the link to which the client is connected. RECONFIGURE (10) The Reconfigure message is sent by a server to inform a client that the server has new or updated configuration parameters, and that the client is to initiate a Renew/Reply or Information-request/Reply transaction with the server in order to receive the updated information. INFORMATION-REQUEST (11) The Information-request message is sent by clients to request configuration parameters without the assignment of any IP addresses to the client. RELAY-FORW (12) The Relay-forward message is used by relays to forward client messages to servers. The client message is encapsulated in an option in the Relay-forward message. RELAY-REPL (13) The Relay-reply message is used by servers to send messages to clients through a relay. The server encapsulates the client message as an option in the Relay-reply message, which the relay extracts and forwards to the client. 7.4. Status Codes This section describes status codes exchanged between DHCP implementations. These status codes may appear in the Status Code option or in the status field of an IA. 7.4.1. Generic Status Codes The status codes in this section are used between clients and servers to convey status conditions. The following table contains the status codes, the name for each code (as used in this document) and a brief Droms (ed.), et al. Expires 1 Aug 2002 [Page 9] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 description. Note that the numeric values do not start at 1, nor are they consecutive. The status codes are organized in logical groups. Name Code Description ---------- ---- ----------- Success 0 Success UnspecFail 16 Failure, reason unspecified AuthFailed 17 Authentication failed or nonexistent PoorlyFormed 18 Poorly formed message AddrUnavail 19 Addresses unavailable OptionUnavail 20 Requested options unavailable 7.4.2. Server-specific Status Codes The status codes in this section are used by servers to convey status conditions to clients. The following table contains the status codes, the name for each code (as used in this document) and a brief description. Note that the numeric values do not start at 1, nor are they consecutive. The status codes are organized in logical groups. Name Code Description ---- ---- ----------- NoBinding 32 Client record (binding) unavailable ConfNoMatch 33 Client record Confirm doesn't match IA RenwNoMatch 34 Client record Renew doesn't match IA RebdNoMatch 35 Client record Rebind doesn't match IA InvalidSource 36 Invalid Client IP address NoPrefixMatch 37 One or more prefixes of the addresses in the IA is not valid for the link from which the client message was received Droms (ed.), et al. Expires 1 Aug 2002 [Page 10] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 7.5. Configuration Variables This section presents a table of client and server configuration variables and the default or initial values for these variables. Parameter Default Description ------------------------------------- MIN_SOL_DELAY 1 sec Min delay of first Solicit MAX_SOL_DELAY 5 secs Max delay of first Solicit SOL_TIMEOUT 500 msecs Initial Solicit timeout SOL_MAX_RT 30 secs Max Solicit timeout value REQ_TIMEOUT 250 msecs Initial Request timeout REQ_MAX_RT 30 secs Max Request timeout value REQ_MAX_RC 10 Max Request retry attempts CNF_TIMEOUT 250 msecs Initial Confirm timeout CNF_MAX_RT 1 sec Max Confirm timeout CNF_MAX_RD 10 secs Max Confirm duration REN_TIMEOUT 10 sec Initial Renew timeout REN_MAX_RT 600 secs Max Renew timeout value REB_TIMEOUT 10 secs Initial Rebind timeout REB_MAX_RT 600 secs Max Rebind timeout value INF_TIMEOUT 500 ms Initial Information-request timeout INF_MAX_RT 30 secs Max Information-request timeout value REL_TIMEOUT 250 msecs Initial Release timeout REL_MAX_RT 1 sec Max Release timeout REL_MAX_RC 5 MAX Release attempts DEC_TIMEOUT 250 msecs Initial Decline timeout DEC_MAX_RT 1 sec Max Decline timeout DEC_MAX_RC 5 Max Decline attempts 8. Message Formats All DHCP messages sent between clients and servers share an identical fixed format header and a variable format area for options. Not all fields in the header are used in every message. All values in the message header and in options are in network order. Droms (ed.), et al. Expires 1 Aug 2002 [Page 11] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The following diagram illustrates the format of DHCP messages sent between clients and servers: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | msg-type | transaction-ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . options . . (variable) . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The following sections describe the use of the fields in the DHCP message header in each of the DHCP messages. In these descriptions, fields that are not used in a message are marked as "unused". All unused fields in a message MUST be transmitted as zeroes and ignored by the receiver of the message. 8.1. DHCP Solicit Message Format msg-type SOLICIT transaction-ID An unsigned integer generated by the client used to identify this Solicit message. options See section 23. 8.2. DHCP Advertise Message Format msg-type ADVERTISE transaction-ID An unsigned integer used to identify this Advertise message. Copied from the Solicit message received from the client. options See section 23. 8.3. DHCP Request Message Format msg-type REQUEST transaction-ID An unsigned integer generated by the client used to identify this Request message. options See section 23. Droms (ed.), et al. Expires 1 Aug 2002 [Page 12] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 8.4. DHCP Confirm Message Format msg-type CONFIRM transaction-ID An unsigned integer generated by the client used to identify this Confirm message. options See section 23. 8.5. DHCP Renew Message Format msg-type RENEW transaction-ID An unsigned integer generated by the client used to identify this Renew message. options See section 23. 8.6. DHCP Rebind Message Format msg-type REBIND transaction-ID An unsigned integer generated by the client used to identify this Rebind message. options See section 23. 8.7. DHCP Reply Message Format msg-type REPLY transaction-ID An unsigned integer used to identify this Reply message. Copied from the client Request, Confirm, Renew or Rebind message received from the client. options See section 23. 8.8. DHCP Release Message Format msg-type RELEASE transaction-ID An unsigned integer generated by the client used to identify this Release message. options See section 23. Droms (ed.), et al. Expires 1 Aug 2002 [Page 13] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 8.9. DHCP Decline Message Format msg-type DECLINE transaction-ID An unsigned integer generated by the client used to identify this Decline message. options See section 23. 8.10. DHCP Reconfigure Message Format msg-type RECONFIG transaction-ID An unsigned integer generated by the server used to identify this Reconfigure message. options See section 23. 8.11. Information-Request Message Format msg-type INFORMATION-REQUEST transaction-ID An unsigned integer generated by the client used to identify this Information-request message. options See section 23. 9. Relay messages Relay agents exchange messages with servers to forward messages between clients and servers that are not connected to the same link. Droms (ed.), et al. Expires 1 Aug 2002 [Page 14] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 There are two relay messages, which share the following format: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | msg-type | | +-+-+-+-+-+-+-+-+ | | link-address | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | | | +-+-+-+-+-+-+-+-+ | | client-return-address | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | | | +-+-+-+-+-+-+-+-+ | . . . options (variable number and length) .... . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The following sections describe the use of the Relay message header. 9.1. Relay-forward message The following table defines the use of message fields in a Relay-forward message. msg-type RELAY-FORW link-address An address with a prefix that is assigned to the link from which the client should be assigned an address. client-return-address The IPv6 source address in which the message from the client was received by the relay agent options MUST include a "Client message option"; see section 23.10; MAY include other options added by the relay agent Droms (ed.), et al. Expires 1 Aug 2002 [Page 15] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 9.2. Relay-reply message The following table defines the use of message fields in a Relay-reply message. msg-type RELAY-REPL link-address The link-address copied from the Relay-forward message; used by the relay agent to select the link on which the message is returned to the client client-return-address The source address from the IP datagram in which the message from the client was received by the relay agent options MUST include a "Server message option"; see section 23.11; MAY include other options 10. Representation and use of domain names So that domain names may be encoded uniformly and compactly, a domain name or a list of domain names is encoded using the technique described in sections 3.1 and 4.1.4 of RFC1035 [14]. Section 4.1.4 of RFC1035 describes how more than one domain name can be represented in a list of domain names. For use in this specification, in a list of domain names, the compression pointer (see section 4.1.4 of RFC1035) refers to the offset within the list. If a single domain name is being used by a vendor as a vendor identifier, then the vendor MUST ensure that the domain name has not previously been used by a different vendor. 11. DHCP unique identifier (DUID) Each DHCP client and server has a DUID. DHCP servers use DUIDs to identify clients for the selection of configuration parameters and in the association of IAs with clients. DHCP clients use DUIDs to identify a server in messages where a server needs to be identified. See sections 23.3 and 23.2 for the representation of a DUID in a DHCP message. Clients and servers MUST treat DUIDs as opaque values and MUST only compare DUIDs for equality. Clients and servers MUST NOT in any other way interpret DUIDs. Clients and servers MUST NOT restrict DUIDs to the types defined in this document as additional DUID types may be defined in the future. Droms (ed.), et al. Expires 1 Aug 2002 [Page 16] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The DUID is carried in an option because it may be variable length and because it is not required in all DHCP options. The DUID is designed to be unique across all DHCP clients and servers, and consistent for any specific client or server - that is, the DUID used by a client or server SHOULD NOT change over time, for example, as a result of network hardware reconfiguration. The motivation for having more than one type of DUID is that the DUID must be globally unique, and must also be easy to generate. The sort of globally-unique identifier that is easy to generate for any given device can differ quite widely. Also, some devices may not contain any persistent storage. Retaining a generated DUID in such a device is not possible, so the DUID scheme must accommodate such devices. 11.1. DUID contents A DUID consists of a sixteen-bit type code represented in network order, followed by a variable number of octets that make up the actual identifier. A DUID can be no more than 256 octets long. The following types are currently defined: 1 Link-layer address plus time 2 Vendor-assigned unique ID 3 Link-layer address Formats for the variable field of the DUID for each of the above types are shown below. 11.2. DUID based on link-layer address plus time This type of DUID consists of a two octet type field containing the value 1, a two octet hardware type code, four octets containing a time value, followed by link-layer address of any one network interface that is connected to the DHCP device at the time that the DUID is generated. The time value is the time that the DUID is generated represented in seconds since midnight (UTC), January 1, 2000, modulo 2^32. The hardware type MUST be a valid hardware type assigned by the IANA as described in the section on ARP in RFC 826. Both the time and the hardware type are stored in network order. Droms (ed.), et al. Expires 1 Aug 2002 [Page 17] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The following diagram illustrates the format of a DUID based on link-layer address plus time: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1 | Hardware type (16 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time (32 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . link-layer address (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The choice of network interface can be completely arbitrary, as long as that interface provides a unique link-layer address, and the same DUID should be used in configuring all network interfaces connected to the device, regardless of which interface's link-layer address was used to generate the DUID. Clients and servers using this type of DUID MUST store the DUID in stable storage, and MUST continue to use this DUID even if the network interface used to generate the DUID is removed. Clients and servers that do not have any stable storage MUST NOT use this type of DUID. Clients and servers that use this DUID SHOULD attempt to configure the time prior to generating the DUID, if that is possible, and MUST use some sort of time source (e.g., a real-time clock) in generating the DUID, even if that time source could not be configured prior to generating the DUID. The use of a time source makes it unlikely that two identical DUIDs will be generated if the network interface is removed from the client and another client then uses the same network interface to generate a DUID. A DUID collision is very unlikely even if the clocks haven't been configured prior to generating the DUID. This method of DUID generation is recommended for all general purpose computing devices such as desktop computers and laptop computers, and also for devices such as printers, routers, and so on, that contain some form of writable non-volatile storage. 11.3. Vendor-assigned unique ID (VUID) The vendor-assigned unique ID consists of a two-octet value giving the length of the identifier, the value of the idnetifier and the vendor's registered domain name. Droms (ed.), et al. Expires 1 Aug 2002 [Page 18] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The following diagram summarizes the structure of a VUID: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 2 | identifier length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . identifier . . (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . domain name (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The source of the identifier is left up to the vendor defining it, but each identifier part of each VUID MUST be unique to the device that is using it, and MUST be assigned to the device at the time of manufacture and stored in some form of non-volatile storage. The VUID SHOULD be recorded in non-erasable storage. The domain name is simply any domain name that has been legally registered by the vendor in the domain name system [13], stored in the form described in section 10. An example DUID of this type might look like this: +---+---+---+---+---+---+---+---+ | 0 | 2 | 0 | 8 | 12|192|132|221| +---+---+---+---+---+---+---+---+ | 3 | 0 | 9 | 18|101|120| 97|109| +---+---+---+---+---+---+---+---+ |112|108|101| 46| 99|111|109| +---+---+---+---+---+---+---+ This example includes the two-octet type of 2, the two-octet length of 8, eight octets of identifier data, followed by "example.com" represented in ASCII. 11.4. Link-layer address This type of DUID consists of two octets containing the DUID type 3, a two octet network hardware type code, followed by the link-layer address of any one network interface that is permanently connected to the client or server device and cannot be removed. The hardware type MUST be a valid hardware type assigned by the IANA as described in the section on ARP in RFC 826. The hardware type is stored in network order. Droms (ed.), et al. Expires 1 Aug 2002 [Page 19] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The following diagram illustrates the format of a DUID based on link-layer address: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 3 | Hardware type (16 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . link-layer address (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The choice of network interface can be completely arbitrary, as long as that interface provides a unique link-layer address and is permanently attached to the device on which the DUID is being generated. The same DUID should be used in configuring all network interfaces connected to the device, regardless of which interface's link-layer address was used to generate the DUID. This type of DUID is recommended for devices that have a permanently-connected network interface with a link-layer address and do not have nonvolatile, writable stable storage. This type of DUID MUST NOT be used by DHCP clients or servers that cannot tell whether or not a network interface is permanently attached to the device on which the DHCP client is running. 12. Identity association An "identity-association" (IA) is a construct through which a server and a client can identify, group and manage IPv6 addresses. Each IA consists of an IAID and associated configuration information. A client must associate at least one distinct IA with each of its network interfaces and uses that IA to obtain configuration information from a server for that interface. Other distinct IAs may be associated with applications. Each IA must be associated with exactly one interface. The IAID uniquely identifies the IA and must be chosen to be unique among the IAIDs on the client. The IAID is chosen by the client. For any given use of an IA by the client, the IAID for that IA MUST be consistent across restarts of the DHCP client. The client may maintain consistency either by storing the IAID in non-volatile storage or by using an algorithm that will consistently produce the same IAID as long as the configuration of the client has not changed. There may be no way for a client to maintain consistency of the IAIDs if it does not have non-volatile storage and the client's hardware configuration changes. Droms (ed.), et al. Expires 1 Aug 2002 [Page 20] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The configuration information in an IA consists of one or more IPv6 addresses and other parameters. The parameters are specified as DHCP options within the IA, and are associated with the addresses in the IA and the interface to which the IA belongs. Other parameters that are not associated with a particular interface may be specified in the options section of a DHCP message, outside the scope of any IA. Each address in an IA has a preferred lifetime and a valid lifetime, as defined in RFC2462 [21]. The lifetimes are transmitted from the DHCP server to the client in the IA option. The lifetimes apply to the use of IPv6 addresses as described in section 5.5.4 of RFC2462. An address whose valid lifetime has expired MAY be discarded from the IA. See section 23.4 for the representation of an IA in a DHCP message. 13. Selecting addresses for assignment to an IA A server selects addresses to be assigned to an IA according to the address assignment policies determined by the server administrator and the specific information the server determines about the client from the following sources: - The link to which the client is attached. The server determines the link as follows: * If the server receives the message directly from the client and the source address in the IP datagram in which the message was received is a link-local address, then the client is on the same link to which the interface over which the message was received is attached * If the server receives the message from a forwarding relay agent, then the client is on the same link as the one to which the interface identified by the link-address field in the message from the relay is attached - The DUID supplied by the client - Other information in options supplied by the client - Other information in options supplied by the relay agent - If the server receives the message directly from the client and the source address in the IP datagram in which the message was received is not a link-local address, then the client is on the link identified by the source address in the IP datagram (note that this situation can occur only if the server has enabled the use of unicast message delivery by the client and the client has sent a message for which unicast delivery is allowed) Droms (ed.), et al. Expires 1 Aug 2002 [Page 21] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The addresses that the server selects for the client MUST be valid on the link to which the interface is attached, regardless of the way in which the server selects the addresses. 14. Management of temporary addresses A client may be assigned temporary addresses [16]. Clients and servers simply label addresses as "temporary". DHCPv6 handling of address lifetimes and lifetime extensions is no different for temporary addresses. DHCPv6 says nothing about details of temporary addresses like lifetimes, lifetime extensions, how clients use temporary addresses, rules for generating successive temporary addresses, etc. In DHCP, temporary addresses are identified with T-bit set in the IA Address Option(see section 23.5). A client may have zero or more temporary addresses. Addresses with the T-bit set MUST be intended for the client to use for the general purposes described in RFC3041. Addresses that otherwise have short lifetimes or are not intended to be renewed by the server MUST NOT have the T-bit set. Clients ask for temporary addresses and servers assign them. When a client sends an IA to a server, the client lists all of the temporary addresses it knows about and optionally indicates how many additional temporary addresses it wants in the Requested Temporary Addresses Option(see section 23.6). The server compares the number of requested additional temporary addresses against any previously allocated temporary addresses for the IA that were not reported by the client in the IA but still have some reasonable preferred lifetime left. If the number of temporary addresses is less than the requested number, the server adds additional temporary addresses to the IA to satisfy the requested number (subject to server policy). DISCUSSION: It is important that the server include any allocated temporary addresses that were not reported by the client as it is possible the client never received an earlier Reply that contained these additional temporary addresses. If the server did not consider these, a client that fails to receive a server's reply might cause the server to allocate many temporary addresses. When the valid lifetime on a temporary address expires, both the client and server silently discard the address from the IA. The discarded address no longer counts against the client's allotment of temporary addresses. A server SHOULD NOT assign a client temporary addresses without the client having specifically asked for it. The client is not obligated to install address(es) that it receives and did not request and can release any addresses it does not want. Droms (ed.), et al. Expires 1 Aug 2002 [Page 22] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The server MAY update the DNS for a temporary address as described in section 4 of RFC3041, and MUST NOT update the DNS in any other way for a temporary address. 15. Reliability of Client Initiated Message Exchanges DHCP clients are responsible for reliable delivery of messages in the client-initiated message exchanges described in sections 18 and 19. If a DHCP client fails to receive an expected response from a server, the client must retransmit its message. This section describes the retransmission strategy to be used by clients in client-initiated message exchanges. Note that the procedure described in this section is slightly modified for use with the Solicit message (section 18.1.2). The client begins the message exchange by transmitting a message to the server. The message exchange terminates when either the client successfully receives the appropriate response or responses from a server or servers, or when the message exchange is considered to have failed according to the retransmission mechanism described below. The client retransmission behavior is controlled and described by the following variables: RT Retransmission timeout IRT Initial retransmission time MRC Maximum retransmission count MRT Maximum retransmission time MRD Maximum retransmission duration RAND Randomization factor With each message transmission or retransmission, the client sets RT according to the rules given below. If RT expires before the message exchange terminates, the client recomputes RT and retransmits the message. Each of the computations of a new RT include a randomization factor (RAND), which is a random number chosen with a uniform distribution between -0.1 and +0.1. The randomization factor is included to minimize synchronization of messages transmitted by DHCP clients. The algorithm for choosing a random number does not need to be cryptographically sound. The algorithm SHOULD produce a different sequence of numbers from each invocation of the DHCP client. RT for the first message transmission is based on IRT: Droms (ed.), et al. Expires 1 Aug 2002 [Page 23] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 RT = 2*IRT + RAND*IRT RT for each subsequent message transmission is based on the previous value of RT: RT = 2*RTprev + RAND*RTprev MRT specifies an upper bound on the value of RT. If MRT has a value of 0, there is no upper limit on the value of RT. Otherwise: if (RT > MRT) RT = MRT + RAND*MRT MRC specifies an upper bound on the number of times a client may retransmit a message. If MRC has a value of 0, the client MUST continue to retransmit the original message until a response is received. Otherwise, the message exchange fails once the client has transmitted the message MRC times. MRD specifies an upper bound on the length of time a client may retransmit a message. If MRD has a value of 0, the client MUST continue to retransmit the original message until a response is received. Otherwise, the message exchange fails once the client has transmitted the message MRD seconds. If both MRC and MRD are non-zero, the message exchange fails whenever either of the conditions specified in the previous two paragraphs are met. 16. Message validation Servers MUST discard any received messages that include authentication information and fail the authentication check by the server. Clients MUST discard any received messages that include authentication information and fail the authentication check by the client, except as noted in section 22.6.5.2. 16.1. Use of Transaction-ID field The "transaction-ID" field holds a value used by clients and servers to synchronize server responses to client messages. A client SHOULD choose a different transaction-ID for each new message it sends. A client MUST leave the transaction-ID unchanged in retransmissions of a message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 24] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 16.2. Solicit message Clients MUST discard any received Solicit messages. Relay agents MUST discard any Solicit messages received through port 546. Servers MUST discard any Solicit messages that do not include a Client Identifier option. 16.3. Advertise message Clients MUST discard any received Advertise messages that meet any of the following conditions: - the message does not include a Server Identifier option - the message does not include a Client Identifier option - the contents of the Client Identifier option does not match the client's DUID - the "Transaction-ID" field value does not match the value the client used in its Solicit message Servers and relay agents MUST discard any received Advertise messages. 16.4. Request message Clients MUST discard any received Request messages. Relay agents MUST discard any Request messages received through port 546. Servers MUST discard any received Request message that meet any of the following conditions: - the message does not include a Server Identifier option - the contents of the Server Identifier option do not match the server's identifier - the message does not include a Client Identifier option 16.5. Confirm message Clients MUST discard any received Confirm messages. Droms (ed.), et al. Expires 1 Aug 2002 [Page 25] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Relay agents MUST discard any Confirm messages received through port 546. Servers MUST discard any Confirm messages received that do not include a Client Identifier option. 16.6. Renew message Clients MUST discard any received Renew messages. Relay agents MUST discard any Renew messages received through port 546. Servers MUST discard any received Renew message that meets any of the following conditions: - the message does not include a Server Identifier option - the contents of the Server Identifier option do not match the server's identifier - the message does not include a Client Identifier option 16.7. Rebind message Clients MUST discard any received Rebind messages. Relay agents MUST discard any Rebind messages received through port 546. Servers MUST discard any received Rebind message that does not include a Client Identifier option. 16.8. Decline messages Clients MUST discard any received Decline messages. Relay agents MUST discard any Decline messages received through port 546. Servers MUST discard any received Decline message that meets any of the following conditions: - the message does not include a Server Identifier option - the contents of the Server Identifier option do not match the server's identifier - the message does not include a Client Identifier option Droms (ed.), et al. Expires 1 Aug 2002 [Page 26] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 16.9. Release message Clients MUST discard any received Release messages. Relay agents MUST discard any Release messages received through port 546. - the message does not include a Server Identifier option - the contents of the Server Identifier option do not match the server's identifier - the message does not include a Client Identifier option 16.10. Reply message Clients MUST discard any received Reply messages that meet any of the following conditions: - the message does not include a Server Identifier option - the "transaction-ID" field in the message does not match the value used in the original message - the message does not include a Client Identifier option - the contents of the Client Identifier option does not match the DUID of the client Servers and relay agents MUST discard any received Reply messages. 16.11. Reconfigure message Servers and relay agents MUST discard any received Reconfigure messages. Clients MUST discard any Reconfigure messages that meet any of the following conditions: - the message does not include a Server Identifier option - the message does not contain an authentication option - the message fails the authentication validation performed by the client 16.12. Information-request message Clients MUST discard any received Information-request messages. Droms (ed.), et al. Expires 1 Aug 2002 [Page 27] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Relay agents MUST discard any Information-request messages received through port 546. Servers MAY choose to discard any received Information-request messages that do not include a Client Identifier option. Servers MUST discard any received Information-request message that includes a Server Identifier option and the DUID in the option does not match the server's DUID. 16.13. Relay-forward message Clients MUST discard any received Relay-forward messages. 16.14. Relay-reply message Clients and servers MUST discard any received Relay-reply messages. 17. Client Source Address and Interface Selection When a client sends a DHCP message to the All_DHCP_Agents multicast address, it MUST use the IPv6 link-local address assigned to the interface for which the client is interested in obtaining configuration as the source address in the header of the IP datagram. When a client sends a DHCP message directly to a server using unicast (after receiving the Server Unicast option from that server), it MUST use an address assigned to the interafce for which the client is interested in obtaining configuration, which is suitable for use by the server in responding to the client, as the source address in the header of the IP datagram. See "Default Address Selection for IPv6" [6] for more details. The client MUST transmit the message on the link that the interface for which configuration information is being obtained is attached to. The client SHOULD send the message through that interface. The client MAY send the message through another interface attached to the same link if and only if the client is certain the two interface are attached to the same link. 18. DHCP Server Solicitation This section describes how a client locates servers that will assign addresses to IAs belonging to the client. The client is responsible for creating IAs and requesting that a server assign configuration information, including IPv6 addresses, to the IA. The client first creates an IA and assigns it an IAID. The client then transmits a Solicit message containing an IA option Droms (ed.), et al. Expires 1 Aug 2002 [Page 28] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 describing the IA. Servers that can assign configuration information to the IA respond to the client with an Advertise message. The client then initiates a configuration exchange as described in section 19. 18.1. Client Behavior A client uses the Solicit message to discover DHCP servers configured to serve addresses on the link to which the client is attached. 18.1.1. Creation of Solicit messages The client sets the "msg-type" field to SOLICIT. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client MUST include a Client Identifier option to identify itself to the server. The client MUST include one or more IA options for any IAs to which it wants the server to assign addresses. The client MAY include addresses in the IAs as a hint to the server about addresses for which the client has a preference. The client MAY include an Option Request Option in the Solicit message. The client MUST NOT include any other options except those specifically allowed as defined by specific options. If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. 18.1.2. Transmission of Solicit Messages The client sends the Solicit message to the All_DHCP_Agents multicast address. The first Solicit message from the client on the interface MUST be delayed by a random amount of time between MIN_SOL_DELAY and MAX_SOL_DELAY. This random delay desynchronizes clients which start at the same time (e.g., after a power outage). Droms (ed.), et al. Expires 1 Aug 2002 [Page 29] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The client transmits the message according to section 15, using the following parameters: IRT SOL_TIMEOUT MRT SOL_MAX_RT MRC 0 MRD 0 The mechanism in section 15 is modified as follows for use in the transmission of Solicit messages. The message exchange is not terminated by the receipt of an Advertise before IRT has elapsed. Rather, the client collects Advertise messages until IRT has elapsed. Also, the first RT MUST be selected to be strictly greater than IRT by choosing RAND to be strictly greater than 0. A client MUST collect Advertise messages for IRT seconds, unless it receives an Advertise message with a preference value of 255. The preference value is carried in the Preference option (section 23.8). Any Solicit that does not include a Preference option is considered to have a preference value of 0. If the client receives an Advertise message with a preference value of 255, then the client MAY act immediately on that Advertise message without waiting for any additional Advertise messages. If the client does not receive any Advertise messages before IRT has elapsed, it begins the retransmission mechanism described in section 15. The client terminates the retransmission process as soon as it recieves any Advertise message, and the client acts on the received Advertise message without waiting for any additional Advertise messages. A DHCP client SHOULD choose MRC and MRD to be 0. If the DHCP client is configured with either MRC or MRD set to a value other than 0, it MUST stop trying to configure the interface if the message exchange fails. After the DHCP client stops trying to configure the interface, it SHOULD choose to restart the reconfiguration process after some external event, such as user input, system restart, or when the client is attached to a new link. 18.1.3. Receipt of Advertise messages The client MUST ignore any Advertise message that includes a Status Code option containing the value AddrUnavail, with the exception that the client MAY display the associated status message to the user. Droms (ed.), et al. Expires 1 Aug 2002 [Page 30] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Upon receipt of one or more valid Advertise messages, the client selects one or more Advertise messages based upon the following criteria. - Those Advertise messages with the highest server preference value are preferred over all other Advertise messages. - Within a group of Advertise messages with the same server preference value, a client MAY select those servers whose Advertise messages advertise information of interest to the client. For example, the client may choose a server that returned an advertisement with configuration options of interest to the client. - The client MAY choose a less-preferred server if that server has a better set of advertised parameters, such as the available addresses advertised in IAs. Once a client has selected Advertise message(s), the client will typically store information about each server, such as server preference value, addresses advertised, when the advertisement was received, and so on. Depending on the requirements of the user that invoked the DHCP client, the client MAY initiate a configuration exchange with the server(s) immediately, or MAY defer this exchange until later. If the client needs to select an alternate server in the case that a chosen server does not respond, the client chooses the next server according to the criteria given above. 18.2. Server Behavior A server sends an Advertise message in response to Solicit messages it receives to announce the availability of the server to the client. 18.2.1. Receipt of Solicit messages The server determines the information about the client and its location as described in section 13. If administrative policy permits the server to respond to the client, the server will generate and send an Advertise message to the client. 18.2.2. Creation and transmission of Advertise messages The server sets the "msg-type" field to ADVERTISE and copies the contents of the transaction-ID field from the Solicit message received from the client to the Advertise message. The server includes its server identifier in a Server Identifier option. Droms (ed.), et al. Expires 1 Aug 2002 [Page 31] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The server MAY add a Preference option to carry the preference value for the Advertise message. The server implementation SHOULD allow the setting of a server preference value by the administrator. The server preference value MUST default to zero unless otherwise configured by the server administrator. The server MUST include IA options in the Advertise message containing any addresses that would be assigned to IAs contained in the Solicit message from the client. The server MAY include some or all of the IA options from the client in the Advertise message. If the server will not assign any addresses to IAs in a subsequent Request from the client, the server SHOULD either send an Advertise message to the client that includes only a status code option with the status code set to AddrUnavail and a status message for the user or not respond to the Solicit message. The server may choose to assign fewer temporary addresses than the client requested with an RTA option (see section 23.6) and includes a status code of Success in the IA. If the server will assign no temporary addresses, the server includes a status code of AddrUnavail. The server MAY include other options the server will return to the client in a subsequent Reply message. The information in these options will be used by the client in the selection of a server if the client receives more than one Advertise message. The server SHOULD include options specifying values for options requested by the client in an Option Request Option included in the Solicit message. If the Solicit message was received directly by the server, the server unicasts the Advertise message directly to the client using the address in the source address field from the IP datagram in which the Solicit message was received. The Advertise message MUST be unicast through the interface on which the Solicit message was received. If the Solicit message was received in a Relay-forward message, the server constructs a Relay-reply message with the Advertise message in the payload of a "server-message" option. The server unicasts the Relay-reply message directly to the relay agent using the address in the source address field from the IP datagram in which the Relay-forward message was received. 19. DHCP Client-Initiated Configuration Exchange A client initiates a message exchange with a server or servers to acquire or update configuration information of interest. The client may initiate the configuration exchange as part of the operating system configuration process or when requested to do so by the application layer. Droms (ed.), et al. Expires 1 Aug 2002 [Page 32] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 19.1. Client Behavior A client will use Request, Confirm, Renew, Rebind and Information-request messages to acquire and confirm the validity of configuration information. The client uses the server identifier information and information about IAs from previous Advertise messages for use in constructing Request messages. Note that a client may request configuration information from one or more servers at any time. 19.1.1. Creation and transmission of Request messages The client uses a Request message to populate IAs with addresses and obtain other configuration information. The client includes one or more IA options in the Request message, with addresses and information about the IAs that were obtained from the server in a previous Advertise message. The server then returns addresses and other information about the IAs to the client in IA options in a Reply message. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client places the identifier of the destination server in a Server Identifier option. The client MUST include a Client Identifier option to identify itself to the server. The client adds any other appropriate options, including one or more IA options (if the client is requesting that the server assign it some network addresses). The list of addresses in each included IA MUST include the addresses received by the client in a previous Advertise message. If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. If the client has a source address of sufficient scope that can be used by the server as a return address and the client has received a Server Unicast option (section 23.13) from the server, the client SHOULD unicast the Request message to the server. Otherwise, the client MUST send the Request message to the All_DHCP_Agents multicast address. DISCUSSION: Use of multicast and relay agents enables the inclusion of relay agent options in all messages sent by the client. The server should enable the use of unicast only when relay agent options will not be used. Droms (ed.), et al. Expires 1 Aug 2002 [Page 33] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The client transmits the message according to section 15, using the following parameters: IRT REQ_TIMEOUT MRT REQ_MAX_RT MRC REQ_MAX_RC MRD 0 If the message exchange fails, the client MAY choose one of the following actions: - Select another server from a list of servers known to the client; e. g., servers that responded with an Advertise message - Initiate the server discovery process described in section 18 - Terminate the configuration process and report failure 19.1.2. Creation and transmission of Confirm messages Whenever a client may have moved to a new link, its IPv6 addresses and other configuration information may no longer be valid. Examples of times when a client may have moved to a new link include: o The client reboots o The client is physically disconnected from a wired connection o The client returns from sleep mode o The client using a wireless technology changes access points In any situation when a client may have moved to a new link, the client MUST initiate a Confirm/Reply message exchange. The client includes any IAs, along with the addresses associated with those IAs, in its Confirm message. Any responding servers will indicate the acceptability of the addresses with the status in the Reply message it returns to the client. The client sets the "msg-type" field to CONFIRM. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client MUST include a Client Identifier option to identify itself to the server. The client adds any appropriate options, including one or more IA options. The client MUST include the addresses the client currently has associated with those IAs. Droms (ed.), et al. Expires 1 Aug 2002 [Page 34] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. The client sends the Confirm message to the All_DHCP_Agents multicast address. The client MUST use an IPv6 address that the client has confirmed to be valid on the link to which it is currently attached and that is assigned to the interface for which the client is interested in obtaining configuration information as the source address in the IP header of the datagram carrying the Confirm message. The client transmits the message according to section 15, using the following parameters: IRT CNF_TIMEOUT MRT CNF_MAX_RT MRC 0 MRD CNF_MAX_RD If the client receives no responses before the message transmission process as described in section 15 terminates, the client SHOULD continue to use any IP addresses, using the last known lifetimes for those addresses, and SHOULD continue to use any other previously obtained configuration parameters. 19.1.3. Creation and transmission of Renew messages To extend the valid and preferred lifetimes associated with addresses, the client sends a Renew message to the server containing an "IA option" for the IA and its associated addresses. The server determines new lifetimes for the addresses in the IA according to the administrative configuration of the server. The server may also add new addresses to the IA. The server may remove addresses from the IA by setting the preferred and valid lifetimes of those addresses to zero. The server controls the time at which the client contacts the server to extend the lifetimes on assigned addresses through the T1 and T2 parameters assigned to an IA. At time T1 for an IA, the client initiates a Renew/Reply message exchange to extend the lifetimes on any addresses in the IA. The client includes an IA option with all addresses currently assigned to the IA in its Renew message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 35] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The client sets the "msg-type" field to RENEW. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client places the identifier of the destination server in a Server Identifier option. The client MUST include a Client Identifier option to identify itself to the server. The client adds any appropriate options, including one or more IA options (if the client is requesting that the server extend the lifetimes of the addresses assigned to those IAs; note that the client may check the status of other configuration parameters without asking for lifetime extensions). The client MUST include the list of addresses the client currently has associated with the IAs in the Renew message. If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. If the client has a source address of sufficient scope that can be used by the server as a return address and the client has received a Server Unicast option (section 23.13) from the server, the client SHOULD unicast the Renew message to the server. Otherwise, the client sends the Renew message to the All_DHCP_Agents multicast address. DISCUSSION: Use of multicast and relay agents enables the inclusion of relay agent options in all messages sent by the client. The server MUST NOT enable the use of unicast for a client when relay agent options are required for that client. The client transmits the message according to section 15, using the following parameters: IRT REN_TIMEOUT MRT REP_MAX_RT MRC 0 MRD 0 The mechanism in section 15 is modified as follows for use in the transmission of Renew messages. The message exchange is terminated when time T2 is reached (see section 19.1.4), at which time the client begins a Rebind message exchange. Droms (ed.), et al. Expires 1 Aug 2002 [Page 36] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 19.1.4. Creation and transmission of Rebind messages At time T2 for an IA (which will only be reached if the server to which the Renew message was sent at time T1 has not responded), the client initiates a Rebind/Reply message exchange. The client includes an IA option with all addresses currently assigned to the IA in its Rebind message. The client sends this message to the All_DHCP_Agents multicast address. The client sets the "msg-type" field to REBIND. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client MUST include a Client Identifier option to identify itself to the server. The client adds any appropriate options, including one or more IA options. The client MUST include the list of addresses the client currently has associated with the IAs in the Rebind message. If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. The client sends the Rebind message to the All_DHCP_Agents multicast address. The client transmits the message according to section 15, using the following parameters: IRT REB_TIMEOUT MRT REB_MAX_RT MRC 0 MRD 0 The mechanism in section 15 is modified as follows for use in the transmission of Rebind messages. The message exchange is terminated when the lifetimes of all of the addresses assigned to the IA expire (see section 12), at which time the client has several alternative actions to choose from: - The client may choose to use a Solicit message to locate a new DHCP server and send a Request for the expired IA to the new server - The client may have other addresses in other IAs, so the client may choose to discard the expired IA and use the addresses in the other IAs Droms (ed.), et al. Expires 1 Aug 2002 [Page 37] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 19.1.5. Creation and Transmission of Information-request messages The client uses an Information-request message to obtain configuration information without having addresses assigned to it. The client sets the "msg-type" field to INFORMATION-REQUEST. The client generates a transaction ID and inserts this value in the "transaction-ID" field. The client SHOULD include a Client Identifier option to identify itself to the server. If the client does not include a Client Identifier option, the server will not be able to return any client-specific options to the client. If the client chooses to request specific options from the server, it does so by including an Option Request option (see section 23.7, which MUST include all of the options the client is requesting. The client MAY include options with data values as hints to the server about parameter values the client would like to have returned. The client MUST NOT include any IA options. If the client has an IPv6 address of sufficient scope, the client MAY choose to send the Information-request message to the All_DHCP_Servers multicast address. Otherwise, the client MUST send the Information-request message to the All_DHCP_Agents multicast address. The client transmits the message according to section 15, using the following parameters: IRT INF_TIMEOUT MRT INF_MAX_RT MRC 0 MRD 0 19.1.6. Receipt of Reply message in response to a Request, Confirm, Renew, Rebind or Information-request message Upon the receipt of a valid Reply message in response to a Request, Confirm, Renew, Rebind or Information-request message, the client extracts the configuration information contained in the Reply. The client MAY choose to report any status code or message from the status code option in the Reply message. The client SHOULD perform duplicate address detection [21] on each of the addresses in any IAs it receives in the Reply message after a Request message. If any of the addresses are found to be in use on the link, the client sends a Decline message to the server as described in section 19.1.9. Droms (ed.), et al. Expires 1 Aug 2002 [Page 38] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The client records the T1 and T2 times for each IA in the Reply message. The client records any addresses included with IAs in the Reply message. The client updates the preferred and valid lifetimes for the addresses in the IA from the lifetime information in the IA option. The client leaves any addresses that the client has associated with the IA that are not included in the IA option unchanged. The client SHOULD respond to the server with a Release message for any addresses in the Reply message that have a valid lifetime of 0. The client constructs and transmits this message as described in section 19.1.7. If the Reply was received in response to a Renew or Rebind message, the client must update the information in any IA option contained in the Reply message. The client adds any new addresses from the IA option to the IA, updates lifetimes for existing addresses in the IA from the IA option and discards any addresses with a lifetime of zero in the IA option. Management of the specific configuration information is detailed in the definition of each option, in section 23. When the client receives a NoPrefixMatch status in an IA from the server the client can assume it needs to send a Request to the server to obtain appropriate addresses for the IA. If the client receives any Reply messages that do not indicate a NoPrefixMatch status, the client can use the addresses in the IA and ignore any messages that do indicate a NoPrefixMatch status. When the client receives an AddrUnavail status in an IA from the server for a Request message the client will have to find a new server to create an IA. When the client receives a NoBinding status in an IA from the server for a Confirm message the client can assume it needs to send a Request to reestablish an IA with the server. When the client receives a ConfNoMatch status in an IA from the server for a Confirm message the client can send a Renew message to the server to extend the lifetimes of the addresses. When the client receives a NoBinding status in an IA from the server for a Renew message the client can assume it needs to send a Request to reestablish an IA with the server. When the client receives a RenwNoMatch status in an IA from the server for a Renew message the client can assume it needs to send a Request to reestablish an IA with the server. When the client receives an AddrUnavail status in an IA from the server for a Renew message the client can assume it needs to send a Request to reestablish an IA with the server. Droms (ed.), et al. Expires 1 Aug 2002 [Page 39] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 When the client receives a NoBinding status in an IA from the server for a Rebind message the client can assume it needs to send a Request to reestablish an IA with the server or try another server. When the client receives a RebdNoMatch status in an IA from the server for a Rebind message the client can assume it needs to send a Request to reestablish an IA with the server or try another server. When the client receives an AddrUnavail status in an IA from the server for a Rebind message the client can assume it needs to send a Request to reestablish an IA with the server or try another server. 19.1.7. Creation and transmission of Release messages The client sets the "msg-type" field to RELEASE. The client generates a transaction ID and places this value in the "transaction-ID" field. The client places the identifier of the server that allocated the address(es) a Server Identifier option. The client MUST include a Client Identifier option to identify itself to the server. The client includes options containing the IAs it is releasing in the "options" field. The addresses to be released MUST be included in the IAs. The client continues to use any other addresses in the IAs. The appropriate "status" field in the options MUST be set to indicate the reason for the release. The client MUST NOT use any of the addresses in the IAs in the message as the source address in the Release message or in any subsequently transmitted message. If the client has a source address of sufficient scope that can be used by the server as a return address and the client has received a Server Unicast option (section 23.13) from the server, the client SHOULD unicast the Release message to the server. Otherwise, the client MUST send the Release message to the All_DHCP_Agents multicast address. DISCUSSION: Use of multicast and relay agents enables the inclusion of relay agent options in all messages sent by the client. The server MUST NOT enable the use of unicast for a client when relay agent options are required for that client. A client MAY choose to wait for a Reply message from the server in response to the Release message. If the client does wait for a Reply, the client MAY choose to retransmit the Release message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 40] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The client transmits the message according to section 15, using the following parameters: IRT REL_TIMEOUT MRT 0 MRC REL_MAX_MRC MRD 0 The client MUST abandon the attempt to release addresses if the Release message exchange fails. The client MUST stop using all of the addresses in the IA(s) being released as soon as the client begins the Release message exchange process. If an IA is released but the Reply from a DHCP server is lost, the client will retransmit the Release message, and the server may respond with a Reply indicating a status of "Nobinding". Therefore, the client does not treat a Reply message with a status of "Nobinding" in a Release message exchange as if it indicates an error. Note that if the client fails to release the IA, the addresses assigned to the IA will be reclaimed by the server when the lifetime of the address expires. 19.1.8. Receipt of Reply message in response to a Release message Upon receipt of a valid Reply message, the client can consider the Release event successful. 19.1.9. Creation and transmission of Decline messages The client sets the "msg-type" field to DECLINE. The client generates a transaction ID and places this value in the "transaction-ID" field. The client places the identifier of the server that allocated the address(es) in a Server Identifier option. The client MUST include a Client Identifier option to identify itself to the server. The client includes options containing the IAs it is declining in the "options" field. The addresses to be declined MUST be included in the IAs. The client continues to use other addresses in the IAs. The appropriate "status" field in the options MUST be set to indicate the reason for declining the address. The client MUST NOT use any of the addresses in the IAs in the message as the source address in the Decline message or in any subsequently transmitted message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 41] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 If the client has a source address of sufficient scope that can be used by the server as a return address and the client has received a Server Unicast option (section 23.13) from the server, the client SHOULD unicast the Decline message to the server. Otherwise, the client MUST send the Decline message to the All_DHCP_Agents multicast address. DISCUSSION: Use of multicast and relay agents enables the inclusion of relay agent options in all messages sent by the client. The server MUST NOT enable the use of unicast for a client when relay agent options are required for that client. The client transmits the message according to section 15, using the following parameters: IRT DEC_TIMEOUT MRT DEC_MAX_RT MRC DEC_MAX_RC MRD 0 The client MUST abandon the attempt to decline addresses if the Decline message exchange fails. 19.1.10. Receipt of Reply message in response to a Decline message Upon receipt of a valid Reply message, the client can consider the Decline event successful. 19.2. Server Behavior For this discussion, the Server is assumed to have been configured in an implementation specific manner with configuration of interest to clients. 19.2.1. Receipt of Request messages The server MAY choose to discard Request messages received via unicast from a client to which the server has not sent a unicast option. When the server receives a Request the client is requesting the configuration of a new IA by the server. The server MUST take the IA from the client and associate a binding for that client in an implementation-specific manner within the configuration parameter database for DHCP clients managed by the server. Droms (ed.), et al. Expires 1 Aug 2002 [Page 42] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Upon the receipt of a valid Request message from a client the server can respond to, (implementation-specific administrative policy satisfied) the server scans the options field. The server then constructs a Reply message and sends it to the client. The server SHOULD process each option for the client in an implementation-specific manner. The server MUST construct a Reply message containing the following values: msg-type REPLY transaction-ID The transaction-ID from the Request message. The server MUST include a Server Identifier option containing the server's DUID in the Reply message. If the server finds that the prefix on one or more IP addresses in any IA in the message from the client is not a valid prefix for the link to which the client is connected, the server MUST return the IA to the client with the status field set to NoPrefixMatch. If the server cannot assign any addresses to any of the IAs in the message from the client, the server SHOULD include the IAs in the Reply message with the status field set to AddrUnavail and no addresses in the IA. For any IAs to which the server can assign addresses, server includes the IA with addresses and other configuration parameters a status of Success, and add the IA as a new client binding. The server may choose to assign fewer temporary addresses than the client requested with an RTA option (see section 23.6) and includes a status code of Success in the IA. If the server chooses to assign no temporary addresses, the server includes a status code of AddrUnavail. The server adds options to the Reply message for any other configuration information to be assigned to the client. 19.2.2. Receipt of Confirm messages When the server receives a Confirm message, the client is requesting confirmation that the configuration information it will use is valid. The server SHOULD locate the binding for that client and compare the information in the Confirm message from the client to the information associated with that client. Upon the receipt of a valid Confirm message from a client the server can respond to, (implementation-specific administrative policy satisfied) the server scans the options field. Droms (ed.), et al. Expires 1 Aug 2002 [Page 43] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 If the server cannot determine if the information in the Confirm message is valid or invalid, the server MUST NOT send a reply to the client. For example, if the server does not have a binding for the client, but the configuration information in the Confirm message appears valid, the server does not reply. If the server finds that the information for the client does not match what is in the binding for that client or the configuration information is not valid, the server sends a Reply message containing a Status Code option with the value ConfNoMatch. If the server finds that the information for the client does match the information in the binding for that client, and the configuration information is still valid, the server sends a Reply message containing a Status Code option with the value Success. The server SHOULD process each option for the client in an implementation-specific manner. The server MUST construct a Reply message containing the following values: msg-type REPLY transaction-ID The transaction-ID from the Confirm message. The server MUST include a Server Identifier option containing the server's DUID in the Reply message. The Reply message from the server MUST contain a Status Code option and MUST NOT include any other options. 19.2.3. Receipt of Renew messages The server MAY choose to discard Renew messages received via unicast from a client to which the server has not sent a unicast option. Upon the receipt of a valid Renew message from a client the server can respond to, (implementation-specific administrative policy satisfied) the server scans the options field. When the server receives a Renew and IA option from a client it SHOULD locate the clients binding and verify the information in the IA from the client matches the information stored for that client. If the server cannot find a client entry for this IA the server SHOULD return an IA containing no addresses with status set to NoBinding. If the server finds that the addresses in the IA for the client do not match the client binding the server should return an IA containing no addresses with status set to RenwNoMatch. Droms (ed.), et al. Expires 1 Aug 2002 [Page 44] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 If the server cannot Renew addresses for the client it SHOULD send back an IA containing no addresses to the client with the status field set to AddrUnavail. If the server finds the addresses in the IA for the client then the server SHOULD send back the IA to the client with new lifetimes and T1/T2 times if the default is not being used, and set status to Success. The server may choose to change the list of addresses and the lifetimes of addresses in IAs that are returned to the client. The server may choose to assign fewer temporary addresses than the client requested with an RTA option (see section 23.6) and includes a status code of Success in the IA. If the server chooses to assign no temporary addresses, the server includes a status code of AddrUnavail. The server SHOULD process each option for the client in an implementation-specific manner. The server MUST construct a Reply message containing the following values: msg-type REPLY transaction-ID The transaction-ID from the Confirm message. The server MUST include a Server Identifier option containing the server's DUID in the Reply message. 19.2.4. Receipt of Rebind messages Upon the receipt of a valid Rebind message from a client the server can respond to, (implementation-specific administrative policy satisfied) the server scans the options field. When the server receives a Rebind and IA option from a client it SHOULD locate the clients binding and verify the information in the IA from the client matches the information stored for that client. If the server cannot find a client entry for this IA the server SHOULD return an IA containing no addresses with status set to NoBinding. If the server finds that the addresses in the IA for the client do not match the client binding the server should return an IA containing no addresses with status set to RebdNoMatch. If the server cannot Rebind addresses for the client it SHOULD send back an IA containing no addresses to the client with the status field set to AddrUnavail. If the server finds the addresses in the IA for the client then the server SHOULD send back the IA to the client with new lifetimes and Droms (ed.), et al. Expires 1 Aug 2002 [Page 45] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 T1/T2 times if the default is not being used, and set status to Success. The server may choose to assign fewer temporary addresses than the client requested with an RTA option (see section 23.6) and includes a status code of Success in the IA. If the server will assign no temporary addresses, the server includes a status code of AddrUnavail. The server SHOULD process each option for the client in an implementation-specific manner. The server MUST construct a Reply message containing the following values: msg-type REPLY transaction-ID The transaction-ID from the Confirm message. The server MUST include a Server Identifier option containing the server's DUID in the Reply message. 19.2.5. Receipt of Information-request messages When the server receives an Information-request message, the client is requesting configuration information that does not include the assignment of any addresses. The server SHOULD determine all configuration parameters appropriate to the client, based on the server configuration policies known to the server. Upon the receipt of a valid Information-request message from a client the server can respond to, (implementation-specific administrative policy satisfied) the server scans the options field. The server then constructs a Reply message and sends it to the client. The server SHOULD process each option for the client in an implementation-specific manner. The server MUST construct a Reply message containing the following values: msg-type REPLY transaction-ID The transaction-ID from the Confirm message. The server MUST include a Server Identifier option containing the server's DUID in the Reply message. The server adds options to the Reply message for all of the configuration parameters to be returned to the client. Droms (ed.), et al. Expires 1 Aug 2002 [Page 46] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 19.2.6. Receipt of Release messages The server MAY choose to discard Release messages received via unicast from a client to which the server has not sent a unicast option. Upon the receipt of a valid Release message, the server examines the IAs and the addresses in the IAs for validity. If the IAs in the message are in a binding for the client and the addresses in the IAs have been assigned by the server to those IAs, the server deletes the addresses from the IAs and makes the addresses available for assignment to other clients. The server ignores invalid addresses (though it may choose to log an error if it finds an invalid address). After all the addresses have been processed, the server generates a Reply message and includes a Status Code option with value Success and a Server Identifier option with the server's DUID. The server MUST NOT include any other options in the Reply message. A server is not required to (but may choose to as an implementation strategy) retain any record of an IA from which all of the addresses have been released. 19.2.7. Receipt of Decline messages The server MAY choose to discard Decline messages received via unicast from a client to which the server has not sent a unicast option. Upon the receipt of a valid Decline message, the server examines the IAs and the addresses in the IAs for validity. If the IAs in the message are in a binding for the client and the addresses in the IAs have been assigned by the server to those IA, the server deletes the addresses from the IAs. The server SHOULD mark the addresses declined by the client so that those addresses are not assigned to other clients, and MAY choose to make a notification that addresses were declined. The server ignores invalid addresses (though it may choose to log an error if it finds an invalid address). After all the address have been processed, the server generates a Reply message and includes a Status Code option with value Success and a Server Identifier option with the server' DUID. The server MUST NOT include any other options in the Reply message. 19.2.8. Transmission of Reply messages If the Request, Confirm, Renew, Rebind, Release, Decline or Information-request message from the client was originally received in a Relay-forward message from a relay, the server places the Reply message in the options field of a Relay-response message and Droms (ed.), et al. Expires 1 Aug 2002 [Page 47] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 copies the link-address and client-return-address fields from the Relay-forward message into the Relay-response message. The server then unicasts the Reply or Relay-reply to the source address from the IP datagram in which the original message was received. 20. DHCP Server-Initiated Configuration Exchange A server initiates a configuration exchange to cause DHCP clients to obtain new addresses and other configuration information. For example, an administrator may use a server-initiated configuration exchange when links in the DHCP domain are to be renumbered. Other examples include changes in the location of directory servers, addition of new services such as printing, and availability of new software (system or application). 20.1. Server Behavior A server sends a Reconfigure message to cause a client to initiate immediately a Renew/Reply or Information-request/Reply message exchange with the server. 20.1.1. Creation and transmission of Reconfigure messages The server sets the "msg-type" field to RECONFIGURE. The server generates a transaction-ID and inserts it in the "transaction-ID" field. The server places its identifier in a Server Identifier option. The server MAY include an Option Request option to inform the client of what information has been changed or new information that has been added. In particular, the server specifies the IA option in the Option Request option if the server wants the client to obtain new address information. The server MUST include an authentication option with the appropriate settings and add that option as the last option in the "options" field of the Reconfigure message. The server MUST NOT include any other options in the Reconfigure except as specifically allowed in the definition of individual options. A server sends each Reconfigure message to a single DHCP client, using an IPv6 unicast address of sufficient scope belonging to the DHCP client. The server may obtain the address of the client through the information that the server has about clients that have been in contact with the server, or the server may be configured with the address of the client through some external agent. Droms (ed.), et al. Expires 1 Aug 2002 [Page 48] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 To reconfigure more than one client, the server unicasts a separate message to each client. The server may initiate the reconfiguration of multiple clients concurrently; for example, a server may send a Reconfigure message to additional clients while previous reconfiguration message exchanges are still in progress. The Reconfigure message causes the client to initiate a Renew/Reply or Information-request/Reply message exchange with the server. The server interprets the receipt of a Renew or Information-request message from the client as satisfying the Reconfigure message request. 20.1.2. Time out and retransmission of Reconfigure messages If the server does not receive a Renew or Information-request message from the client in RECREP_MSG_TIMEOUT milliseconds, the server retransmits the Reconfigure message, doubles the RECREP_MSG_TIMEOUT value and waits again. The server continues this process until REC_MSG_ATTEMPTS unsuccessful attempts have been made, at which point the server SHOULD abort the reconfigure process for that client. Default and initial values for RECREP_MSG_TIMEOUT and REC_MSG_ATTEMPTS are documented in section 7.5. 20.1.3. Receipt of Renew messages The server generates and sends Reply message(s) to the client as described in section 19.2.8, including in the "options" field new values for configuration parameters. It is possible that the client may send a Renew message after the server has sent a Reconfigure but before the Reconfigure is received by the client. In this case, the Renew message from the client may not include all of the IAs and requests for parameters to be reconfigured by the server. To accommodate this scenario, the server MAY choose to send a Reply with the IAs and other parameters to be reconfigured, even if those IAs and parameters were not in the Renew message from the client. 20.2. Receipt of Information-request messages If the server has assigned addresses to one or more IAs that belong to the responding client, the server MUST silently discard the Information-request message. If the client has requested options in an Option Request option that the server is unable to provide to the client, the server MAY send a Reply message with only those options it can provide. If the server sends a Reply message that does not include all of the options Droms (ed.), et al. Expires 1 Aug 2002 [Page 49] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 requested by the client, it MUST include a Status Code option with code OptionUnavail. The server generates and sends Reply message(s) to the client as described in section 19.2.8, including in the "options" field new values for configuration parameters. It is possible that the client may send an Information-request message after the server has sent a Reconfigure but before the Reconfigure is received by the client. In this case, the Information-request message from the client may not request all of the parameters to be reconfigured by the server. To accommodate this scenario, the server MAY choose to send a Reply with the other parameters to be reconfigured, even if those parameters were not specified in the Information-request message from the client. 20.3. Client Behavior A client MUST always monitor UDP port 546 for Reconfigure messages on interfaces for which it has acquired DHCP parameters. Since the results of a reconfiguration event may affect application layer programs, the client SHOULD log these events, and MAY notify these programs of the change through an implementation-specific interface. 20.3.1. Receipt of Reconfigure messages Upon receipt of a valid Reconfigure message, the client initiates a transaction with the server. While the transaction is in progress, the client silently discards any Reconfigure messages it receives. If the client has IAs with addresses that have been assigned by the server from which the Reconfigure message was received, the client MUST respond with a Renew message. Otherwise, the client responds with an Information-request message. DISCUSSION: The Reconfigure message acts as a trigger that signals the client to complete a successful message exchange. Once the client has received a Reconfigure, the client proceeds with the message exchange (retransmitting the Renew or Information-request message if necessary); the client ignores any additional Reconfigure messages (regardless of the transaction ID in the Reconfigure message) until the exchange is complete. Subsequent Reconfigure messages (again independent of the transaction ID) cause the client to initiate a new exchange. How does this mechanism work in the face of duplicated or retransmitted Reconfigure messages? Duplicate messages will be ignored because the client will begin the exchange Droms (ed.), et al. Expires 1 Aug 2002 [Page 50] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 after the receipt of the first Reconfigure. Retransmitted messages will either trigger the exchange (if the first Reconfigure was not received by the client) or will be ignored. The server can discontinue retransmission of Reconfigure messages to the client once the server receives the Renew or Information-request message from the client. It might be possible for a duplicate or retransmitted Reconfigure to be sufficiently delayed (and delivered out of order) to arrive at the client after the exchange (initiated by the original Reconfigure) has been completed. In this case, the client would initiate a redundant exchange. The likelihood of delayed and out of order delivery is small enough to be ignored. The consequence of the redundant exchange is inefficiency rather than incorrect operation. 20.3.2. Creation and transmission of Renew messages When responding to a Reconfigure, the client creates and sends the Renew message in exactly the same manner as outlined in section 19.1.3, with the exception: if the server included on Option Request option specifying the IA option, the client MUST include IA options containing the addresses the client currently has assigned to ALL IAs for the interface through which the Reconfigure message was received. 20.3.3. Creation and transmission of Information-request messages When responding to a Reconfigure, the client creates and sends the Information-request message in exactly the same manner as outlined in section 19.1.5, with the exception that the client includes a Server Identifier option with the identifier from the Reconfigure message to which the client is responding. 20.3.4. Time out and retransmission of Renew or Information-request messages The client uses the same variables and retransmission algorithm as it does with Renew or Information-request messages generated as part of a client-initiated configuration exchange. See sections 19.1.3 and 19.1.5 for details. 20.3.5. Receipt of Reply messages Upon the receipt of a valid Reply message, the client extracts the contents of the "options" field, and sets (or resets) configuration parameters appropriately. The client records and updates the lifetimes for any addresses specified in IAs in the Reply message. If the configuration parameters changed were requested by the Droms (ed.), et al. Expires 1 Aug 2002 [Page 51] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 application layer, the client notifies the application layer of the changes using an implementation-specific interface. 21. Relay Behavior For this discussion, the Relay MAY be configured to use a list of server destination addresses, which MAY include unicast addresses, the All_DHCP_Servers multicast address, or other multicast addresses selected by the network administrator. If the Relay has not been explicitly configured, it MUST use the All_DHCP_Servers multicast address as the default. 21.1. Relaying of client messages When a Relay receives a valid client message, it constructs a Relay-forward message. The relay places an address with a prefix assigned to the link on which the client should be assigned an address in the link-address field. This address will be used by the server to determine the link from which the client should be assigned an address and other configuration information. If the relay cannot use the address in the link-address field to identify the interface through which the response to the client will be forwarded, the relay MUST include an Interface-id option (see section 23.17) in the Relay-forward message. The server will include the Interface-id option in its Relay-reply message. The relay copies the source address from the IP datagram in which the message was received from the client into the client-return-address field in the Relay-forward message. The relay constructs a "client-message" option 23.10 that contains the entire message from the client in the data field of the option. The relay places the "relay-message" option along with any "relay-specific" options in the options field of the Relay-forward message. The Relay MUST send the Relay-forward message to the list of server destination addresses with which it has been configured. 21.2. Relaying of server messages When the relay receives a Relay-reply message, it extracts the server message from the "server-message" option. If the Relay-reply message includes a Interface-id option, the relay forwards the message from the server to the client on the link identified by the Interface-id option. Otherwise, the relay forwards the message on the link identified by the link-address field. In either case, the relay forwards the message to the address in the client-return-address field in the Relay-reply message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 52] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 22. Authentication of DHCP messages Some network administrators may wish to provide authentication of the source and contents of DHCP messages. For example, clients may be subject to denial of service attacks through the use of bogus DHCP servers, or may simply be misconfigured due to unintentionally instantiated DHCP servers. Network administrators may wish to constrain the allocation of addresses to authorized hosts to avoid denial of service attacks in "hostile" environments where the network medium is not physically secured, such as wireless networks or college residence halls. Because of the risk of denial of service attacks against DHCP clients, the use of authentication is mandated in Reconfigure messages. A DHCP server MUST include an authentication option in Reconfigure messages sent to clients. The DHCP authentication mechanism is based on the design of authentication for DHCP for IPv4 [8]. 22.1. DHCP threat model The threat to DHCP is inherently an insider threat (assuming a properly configured network where DHCPv6 ports are blocked on the perimeter gateways of the enterprise). Regardless of the gateway configuration, however, the potential attacks by insiders and outsiders are the same. The attack specific to a DHCP client is the possibility of the establishment of a "rogue" server with the intent of providing incorrect configuration information to the client. The motivation for doing so may be to establish a "man in the middle" attack or it may be for a "denial of service" attack. There is another threat to DHCP clients from mistakenly or accidentally configured DHCP servers that answer DHCP client requests with unintentionally incorrect configuration parameters. The threat specific to a DHCP server is an invalid client masquerading as a valid client. The motivation for this may be for "theft of service", or to circumvent auditing for any number of nefarious purposes. The threat common to both the client and the server is the resource "denial of service" (DoS) attack. These attacks typically involve the exhaustion of valid addresses, or the exhaustion of CPU or network bandwidth, and are present anytime there is a shared resource. In current practice, redundancy mitigates DoS attacks the best. Droms (ed.), et al. Expires 1 Aug 2002 [Page 53] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 22.2. Security of messages sent between servers and relay agents Relay agents and servers that choose to exchange messages securely use the IPsec mechanisms for IPv6 [10]. The way in which IPsec is employed by relay agents and servers is not specified in this document. 22.3. Summary of DHCP authentication Authentication of DHCP messages is accomplished through the use of the Authentication option. The authentication information carried in the Authentication option can be used to reliably identify the source of a DHCP message and to confirm that the contents of the DHCP message have not been tampered with. The Authentication option provides a framework for multiple authentication protocols. Two such protocols are defined here. Other protocols defined in the future will be specified in separate documents. The protocol field in the Authentication option identifies the specific protocol used to generate the authentication information carried in the option. The algorithm field identifies a specific algorithm within the authentication protocol; for example, the algorithm field specifies the hash algorithm used to generate the message authentication code (MAC) in the authentication option. The replay detection method (RDM) field specifies the type of replay detection used in the replay detection field. 22.4. Replay detection The Replay Detection Method (RDM) field determines the type of replay detection used in the Replay Detection field. If the RDM field contains 0x00, the replay detection field MUST be set to the value of a monotonically increasing counter. Using a counter value such as the current time of day (e.g., an NTP-format timestamp [12]) can reduce the danger of replay attacks. This method MUST be supported by all protocols. 22.5. Configuration token protocol If the protocol field is 0, the authentication information field holds a simple configuration token. The configuration token is an opaque, unencoded value known to both the sender and receiver. The sender inserts the configuration token in the DHCP message and the receiver matches the token from the message to the shared token. If the configuration option is present and the token from the message does not match the shared token, the receiver MUST discard the message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 54] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Configuration token may be used to pass a plain-text configuration token and provides only weak entity authentication and no message authentication. This protocol is only useful for rudimentary protection against inadvertently instantiated DHCP servers. DISCUSSION: The intent here is to pass a constant, non-computed token such as a plain-text password. Other types of entity authentication using computed tokens such as Kerberos tickets or one-time passwords will be defined as separate protocols. 22.6. Delayed authentication protocol If the protocol field is 1, the message is using the "delayed authentication" mechanism. In delayed authentication, the client requests authentication in its Solicit message and the server replies with an Advertise message that includes authentication information. This authentication information contains a nonce value generated by the source as a message authentication code (MAC) to provide message authentication and entity authentication. The use of a particular technique based on the HMAC protocol [11] using the MD5 hash [20] is defined here. 22.6.1. Management issues in the delayed authentication protocol The "delayed authentication" protocol does not attempt to address situations where a client may roam from one administrative domain to another, i.e. interdomain roaming. This protocol is focused on solving the intradomain problem where the out-of-band exchange of a shared secret is feasible. 22.6.2. Use of the Authentication option in the delayed authentication protocol In a Solicit message, the Authentication option carries the Protocol, Algorithm, RDM and Replay detection fields, but no Authentication information. In an Advertise, Request, Renew, Rebind, Confirm, Decline, Release or Information-request message, the Authentication option carries the Protocol, Algorithm, RDM and Replay detection fields and Authentication information. Droms (ed.), et al. Expires 1 Aug 2002 [Page 55] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The format of the Authentication information is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Secret ID (32 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | HMAC-MD5 (128 bits) | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The following definitions will be used in the description of the authentication information for delayed authentication, algorithm 1: Replay Detection - as defined by the RDM field K - a secret value shared between the source and destination of the message; each secret has a unique identifier (secret ID) secret ID - the unique identifier for the secret value used to generate the MAC for this message HMAC-MD5 - the MAC generating function. The sender computes the MAC using the HMAC generation algorithm [11] and the MD5 hash function [20]. The entire DHCP message (except the MAC field of the authentication option itself), including the DHCP message header and the options field, is used as input to the HMAC-MD5 computation function. The 'secret ID' field MUST be set to the identifier of the secret used to generate the MAC. DISCUSSION: Algorithm 1 specifies the use of HMAC-MD5. Use of a different technique, such as HMAC-SHA, will be specified as a separate protocol. Delayed authentication requires a shared secret key for each client on each DHCP server with which that client may wish to use the DHCP protocol. Each secret key has a unique identifier that can be used by a receiver to determine which secret was used to generate the MAC in the DHCP message. Therefore, delayed authentication may not scale well in an architecture in which a DHCP client connects to multiple administrative domains. 22.6.3. Message validation To validate an incoming message, the receiver first checks that the value in the replay detection field is acceptable according Droms (ed.), et al. Expires 1 Aug 2002 [Page 56] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 to the replay detection method specified by the RDM field. Next, the receiver computes the MAC as described in [11]. The receiver MUST set the 'MAC' field of the authentication option to all 0s for computation of the MAC. If the MAC computed by the receiver does not match the MAC contained in the authentication option, the receiver MUST discard the DHCP message. 22.6.4. Key utilization Each DHCP client has a key, K. The client uses its key to encode any messages it sends to the server and to authenticate and verify any messages it receives from the server. The client's key SHOULD be initially distributed to the client through some out-of-band mechanism, and SHOULD be stored locally on the client for use in all authenticated DHCP messages. Once the client has been given its key, it SHOULD use that key for all transactions even if the client's configuration changes; e.g., if the client is assigned a new network address. Each DHCP server MUST know, or be able to obtain in a secure manner, the keys for all authorized clients. If all clients use the same key, clients can perform both entity and message authentication for all messages received from servers. However, the sharing of keys is strongly discouraged as it allows for unauthorized clients to masquerade as authorized clients by obtaining a copy of the shared key. To authenticate the identity of individual clients, each client MUST be configured with a unique key. 22.6.5. Client considerations for delayed authentication protocol 22.6.5.1. Sending Solicit messages When the client sends a Solicit message and wishes to use authentication, it includes an Authentication option with the desired protocol, algorithm, RDM and replay detection field as described in section 22.6. The client does not include any authentication information in the Authentication option. 22.6.5.2. Receiving Advertise messages The client validates any Advertise messages containing an Authentication option specifying the delayed authentication protocol using the validation test described in section 22.6.3. Client behavior if no Advertise messages include authentication information or pass the validation test is controlled by local policy on the client. According to client policy, the client MAY choose to respond to a Advertise message that has not been authenticated. Droms (ed.), et al. Expires 1 Aug 2002 [Page 57] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The decision to set local policy to accept unauthenticated messages should be made with care. Accepting an unauthenticated Advertise message can make the client vulnerable to spoofing and other attacks. If local users are not explicitly informed that the client has accepted an unauthenticated Advertise message, the users may incorrectly assume that the client has received an authenticated address and is not subject to DHCP attacks through unauthenticated messages. A client MUST be configurable to discard unauthenticated messages, and SHOULD be configured by default to discard unauthenticated messages. A client MAY choose to differentiate between Advertise messages with no authentication information and Advertise messages that do not pass the validation test; for example, a client might accept the former and discard the latter. If a client does accept an unauthenticated message, the client SHOULD inform any local users and SHOULD log the event. 22.6.5.3. Sending Request, Confirm, Renew, Rebind, Decline or Release messages If the client authenticated the Advertise message through which the client selected the server, the client MUST generate authentication information for subsequent Request, Confirm, Renew, Rebind or Release messages sent to the server as described in section 22.6. When the client sends a subsequent message, it MUST use the same secret used by the server to generate the authentication information. 22.6.5.4. Sending Information-request messages If the client has negotiated a secret with the server through a previous message exchange, the client MUST use the same secret used by the server to generate the authentication information. If the client has not negotiated a secret with the server, the client MUST use a secret that has been selected for the client through some external mechanism. 22.6.5.5. Receiving Reply messages If the client authenticated the Advertise it accepted, the client MUST validate the associated Reply message from the server. The client MUST discard the Reply if the message fails to pass validation and MAY log the validation failure. If the Reply fails to pass validation, the client MUST restart the DHCP configuration process by sending a Solicit message. The client MAY choose to remember which server replied with a Reply message that failed to pass validation and discard subsequent messages from that server. Droms (ed.), et al. Expires 1 Aug 2002 [Page 58] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 If the client accepted an Advertise message that did not include authentication information or did not pass the validation test, the client MAY accept an unauthenticated Reply message from the server. 22.6.5.6. Receiving Reconfigure messages The client MUST validate the Reconfigure message from the server. The client MUST discard the Reconfigure if the message fails to pass validation and MAY log the validation failure. 22.6.6. Server considerations for delayed authentication protocol 22.6.6.1. Receiving Solicit messages and Sending Advertise messages The server selects a secret for the client and includes authentication information in the Advertise message returned to the client as specified in section 22.6. The server MUST record the identifier of the secret selected for the client and use that same secret for validating subsequent messages with the client. 22.6.6.2. Receiving Request, Confirm, Renew, Rebind or Release messages and Sending Reply messages The server uses the secret identified in the message and validates the message as specified in section 22.6.3. If the message fails to pass validation or the server does not know the secret identified by the 'secret ID' field, the server MUST discard the message and MAY choose to log the validation failure. If the message passes the validation procedure, the server responds to the specific message as described in section 19.2. The server MUST include authentication information generated using the secret identified in the received message as specified in section 22.6. 22.6.6.3. Sending Reconfigure messages The server MUST include authentication information in a Reconfigure message, generated as specified in section 22.6 using the secret the server initially negotiated with the client to which the Reconfigure message is to be sent. If the server has not previously negotiated a secret with the client, the server MUST use a secret that has been selected for the client through some external mechanism. Droms (ed.), et al. Expires 1 Aug 2002 [Page 59] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 23. DHCP options Options are used to carry additional information and parameters in DHCP messages. Every option shares a common base format, as described in section 23.1. All values in options is represented in network order. This document describes the DHCP options defined as part of the base DHCP specification. Other options may be defined in the future in a separate document. 23.1. Format of DHCP options 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-code | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-data | | (option-len octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code An unsigned integer identifying the specific option type carried in this option. option-len An unsigned integer giving the length of the option-data field in this option in octets. option-data The data for the option; the format of this data depends on the definition of the option. DHCPv6 options are scoped by using encapsulation. Some options apply generally to the client, some are specific to an IA, and some are specific to the addresses within an IA. These latter two cases are discussed in sections 23.4 and 23.5. 23.2. Client Identifier option The Client Identifier option is used to carry a DUID identifying a client between a client and a server. The Client Identifier option MUST appear before any IA options in the DHCP message. The format of the DUID option is: Droms (ed.), et al. Expires 1 Aug 2002 [Page 60] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_CLIENTID | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . DUID . . (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_CLIENTID (TBD) option-len Length of DUID in octets option-data The DUID for the client 23.3. Server Identifier option The Server Identifier option is used to carry a DUID identifying a server between a client and a server. The format of the Server Identifier option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_SERVERID | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . DUID . . (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_SERVERID (TBD) option-len Length of DUID in octets option-data The DUID for the server 23.4. Identity association option The identity association option is used to carry an identity association, the parameters associated with the IA and the addresses assigned to the IA. Droms (ed.), et al. Expires 1 Aug 2002 [Page 61] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The format of the IA option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION IA | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IAID (4 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | T1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | T2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IA Status | | +-+-+-+-+-+-+-+-+ | . Options . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_IA (TBD) option-len See section 23. IAID The unique identifier for this IA. T1 The time at which the client contacts the server from which the addresses in the IA were obtained to extend the lifetimes of the addresses assigned to the IA. T2 The time at which the client contacts any available server to extend the lifetimes of the addresses assigned to the IA. IA status Status of the IA in this option. options Options associated with this IA. The Options field encapsulates those options that are specific to this IA. For example, all of the Address Options carrying the addresses associated with this IA are in the Options field. Note that an IA has no explicit "lifetime" or "lease length" of its own. When the lifetimes of all of the addresses in an IA have expired, the IA can be considered as having expired. T1 and T2 are included to give servers explicit control over when a client recontacts the server about a specific IA. In a message sent by a client to a server, values in the T1 and T2 fields indicate the client's preference for those parameters. The client may send 0 if it has no preference for T1 and T2. In a Droms (ed.), et al. Expires 1 Aug 2002 [Page 62] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 message sent by a server to a client, the client MUST use the values in the T1 and T2 fields for the T1 and T2 parameters. The values in the T1 and T2 fields are the number of seconds until T1 and T2. The server MUST set the T1 and T2 times to values that will allow the client to extend as appropriate the lifetimes of any addresses in the IA. If the server does not intend for a client to extend the lifetimes of a particular address in an IA, the server MAY set the renewal time values to occur after the lifetimes on that address expire. T1 is the time at which the client SHOULD begin the lifetime extension process by sending a Renew message to the server that originally assigned the addresses to the IA. T2 is the time at which the client SHOULD start sending a Rebind message to any server. A client MAY begin the lifetime extension process prior to T1 if it needs additional addresses for some reason. T1 and T2 are specified as unsigned integers that specify the time in seconds relative to the time at which the messages containing the option is received. 23.5. IA Address option The IA Address option is used to specify IPv6 addresses associated with an IA. The IA Address option must be encapsulated in the Options field of an Identity Association option. The Options field encapsulates those options that are specific to this address. Droms (ed.), et al. Expires 1 Aug 2002 [Page 63] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The format of the IA Address option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_IAADDR | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |T| addr status | prefix length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | IPv6 address | | (16 octets) | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | preferred lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | pref. lifetime (cont.) | valid lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | valid lifetime (cont.) | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | . . . Options . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_IADDR (TBD) option-len See section 23. T When set to 1, indicates that this address is a "temporary address" [16]; when set to 0, the address is not a temporary address. addr status Status of this address in this IA. prefix length Prefix length for this address. IPv6 address An IPv6 address preferred lifetime The preferred lifetime for the IPv6 address in the option. valid lifetime The valid lifetime for the IPv6 address in the option options Options associated with this address In a message sent by a client to a server, values in the preferred and valid lifetime fields indicate the client's preference for those parameters. The client may send 0 if it has no preference for the preferred and valid lifetimes. In a message sent by a server to a client, the client MUST use the values in the preferred and valid Droms (ed.), et al. Expires 1 Aug 2002 [Page 64] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 lifetime fields for the preferred and valid lifetimes. The values in the preferred and valid lifetimes are the number of seconds remaining in each lifetime. One or more IA Address Options can appear anywhere in an IA option. 23.6. Requested Temporary Addresses (RTA) Option The Requested Temporary Addresses (RTA) option is used by a client to request a server to assign additional temporary addresses to an IA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_RTA | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | num-requested | +-+-+-+-+-+-+-+-+ option-code OPTION_RTA (TBD) option-len See section 23. num-requested The number of additional temporary addresses the client is requesting. This is an unsigned value. This option MUST only be sent by a client and only in a Solicit, Request, Renew, or Rebind message. It MUST only appear encapsulated within an Identity association option. A client MUST only include this option when it wants to have additional temporary address allocated; a client SHOULD NOT send this option if 'num-requested' is 0. 23.7. Option Request option The Option Request option is used to identify a list of options in a message between a client and a server. Droms (ed.), et al. Expires 1 Aug 2002 [Page 65] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The format of the Option Request option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_ORO | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | requested-option-code-1 | requested-option-code-2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_ORO (TBD) option-len See section 23. requested-option-code-n The option code for an option requested by the client. A client MAY include an Option Request option in a Solicit, Request, Renew, Rebind, Confirm or Information-request message to inform the server about options the client wants the server to send to the client. 23.8. Preference option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_PREFERENCE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | pref value | +-+-+-+-+-+-+-+-+ option-code OPTION_PREFERENCE (TBD) option-len See section 23. pref value The preference value for the server in this message. A server MAY include a Preference option in an Advertise message to control the selection of a server by the client. See section 18.1.3 for the use of the Preference option by the client and the interpretation of Preference option data value. Droms (ed.), et al. Expires 1 Aug 2002 [Page 66] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 23.9. Elapsed Time 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_ELAPSED_TIME | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | elapsed time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_ELAPSED_TIME (TBD) option-len See section 23. elapsed time The amount of time since the client began its current DHCP transaction. This time is expressed in hundredths of a second (10^-2 seconds). A client MAY include an Elapsed Time option in messages to indicate how long the client has been trying to complete a DHCP transaction. Servers and Relay Agents MAY use the data value in this option as input to policy controlling how a server responds to a client message. 23.10. Client message option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_CLIENT_MSG | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . DHCP client message . . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_CLIENT_MSG (TBD) option-len See section 23. DHCP client message The message received from the client; forwarded verbatim to the server. A relay agent forwards a message from a client to a server as the contents of a Client Message option in a Relay-forward message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 67] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 23.11. Server message option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_SERVER_MSG | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . DHCP server message . . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_SERVER_MSG (TBD) option-len See section 23. DHCP server message The message received from the server; forwarded verbatim to the client. A server sends a DHCP message to be forwarded to a client by a relay agent as the contents of a Server Message option in a Relay-reply message. 23.12. Authentication option The Authentication option carries authentication information to authenticate the identity and contents of DHCP messages. The use of the Authentication option is described in section 22. If present, the Authentication option MUST appear as the first option in the DHCP message. Droms (ed.), et al. Expires 1 Aug 2002 [Page 68] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 The format of the Authentication option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_AUTH | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Protocol | Algorithm | RDM | Replay detect.| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Replay Detection (64 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Replay cont. | Auth. Info | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Authentication Information | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_AUTH (TBD) option-len See section 23. protocol The authentication protocol used in this authentication option algorithm The algorithm used in the authentication protocol RDM The replay detection method used in this authentication option Replay detection The replay detection information for the RDM Authentication information The authentication information, as specified by the protocol and algorithm used in this authentication option 23.13. Server unicast option The server MAY send this option to a client to indicate to the client that is allowed to unicast messages to the server. The server specifies the IPv6 address to which the client is to send unicast messages in the server-address field. When a client receives this option, where permissible, the client MAY send messages directly to the server using the IPv6 address specified in the server-address field of the option. Details about when the client may send messages to the server using unicast are in section 19. Droms (ed.), et al. Expires 1 Aug 2002 [Page 69] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_UNICAST | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | server-address | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_UNICAST (TBD) option-len See section 23. server-address The IP address to which the client should send messages delivered using unicast 23.14. Status Code Option This option returns a status indication related to the DHCP message in which it appears. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_STATUS_CODE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | status-code | status-message | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_STATUS_CODE (TBD) option-len See section 23. status-code The numeric code for the status encoded in this option. The status codes are defined in section 7.4. status-message A UTF-8 encoded text string, which MUST NOT be null-terminated. 23.15. User Class Option This option is used by a client to identify the type or category of user or applications it represents. The information contained in the Droms (ed.), et al. Expires 1 Aug 2002 [Page 70] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 data area of this option is contained in one or more opaque fields that represent the user class or classes of which the client is a member. The user class information carried in this option MUST be configurable on the client. 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_USER_CLASS | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | user class data | | . . . | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code TBD option-len See section 23. user class data The user classes carried by the client. The data area of the user class option MUST contain one or more instances of user class data. Each instance of the user class data is formatted as follows: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ | user class len | user class data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ The user class len is two octets long and specifies the length of the opaque user class data in network order. Servers can interpret the meanings of multiple class specifications in an implementation dependent or configuration dependent manner, and so the use of multiple classes by a DHCP client should be based on the specific server implementation and configuration which will be used to process that User class option. Servers not equipped to interpret the user class information sent by a client MUST ignore it (although it may be reported). 23.16. Vendor Class Option This option is used by clients and servers to exchange vendor-specific information. The definition of this information is vendor specific. The vendor is indicated in the vendor class identifier option. Servers not equipped to interpret the vendor-specific information sent by a client MUST ignore it (although it may be reported). Clients which do not receive desired vendor-specific information SHOULD make an attempt to operate without it, although they may do so (and announce they are doing so) in a degraded mode. Droms (ed.), et al. Expires 1 Aug 2002 [Page 71] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_VENDOR_CLASS | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | vendor-id | . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-data | . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code TBD option-len See section 23. vendor-id A domain name belonging to the vendor used to identify the vendor that defined this vendor class option. option-data An opaque object of option-len octets, presumably interpreted by vendor-specific code on the clients and servers The vendor-id must adhere to the rules in section 10. The Encapsulated vendor-specific options field MUST be encoded as a sequence of code/length/value fields of identical format to the DHCP options field. Each of the encapsulated options is formatted as follows. 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | opt-code | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-data | | . . . | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ opt-code The code for the encapsulated option option-len See section 23. option-data The data area for the encapsulated option 23.17. Interface-Id Option The relay agent MAY send the Interface-id option to identify the interface on which the client message was received. If a relay Droms (ed.), et al. Expires 1 Aug 2002 [Page 72] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 receives a Relay-reply message with an Interface-id option, the relay forwards the message to the client through the interface identified by the option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_INTERFACE_ID | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Interface-Id | . . . . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_INTERFACE_ID (TBD) option-len See section 23. Interface-Id An opaque value of arbitrary length generated by the relay agent to identify one of the relay agent's interfaces The server MUST copy the Interface-Id option from the Relay-Forward message into the Relay-Reply message the server sends to the relay agent in response to the Relay-Forward message. This option MUST NOT appear in any message except a Relay-Forward or Relay-Reply message. Servers MAY use the Interface-ID for parameter assignment policies. The Interface-ID SHOULD be considered an opaque value, with policies based on exact string match only; that is, the Interface-ID SHOULD NOT be internally parsed by the server. 24. Security Considerations Section 22 describes a threat model and an option that provides an authentication framework to defend against that threat model. 25. Year 2000 considerations Since all times are relative to the current time of the transaction, there is no problem within the DHCPv6 protocol related to any hardcoded dates or two-digit representation of the current year. Droms (ed.), et al. Expires 1 Aug 2002 [Page 73] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 26. IANA Considerations This document defines several new name spaces associated with DHCPv6 and DHCPv6 options. IANA is requested to manage the allocation of values from these name spaces, which are described in the remainder of this section. These name spaces are all to be managed separately from the name spaces defined for DHCPv4 [7, 1]. New values in each of these name spaces should be approved by the process of IETF consensus [15]. 26.1. Multicast addresses Section 7.1 defines the following multicast addresses, which have been assigned by IANA for use by DHCPv6: All_DHCP_Agents address: FF02::1:2 All_DHCP_Servers address: FF05::1:3 IANA is requested to manage definition of additional multicast addresses in the future. 26.2. DHCPv6 message types IANA is requested to record the message types defined in section 7.3. IANA is requested to manage definition of additional message types in the future. 26.3. DUID IANA is requested to record the DUID types defined in section 11.1. IANA is requested to manage definition of additional DUID types in the future. 26.4. DHCPv6 options IANA is requested to assign option-codes to the options defined in section 23. IANA is requested to manage the definition of additional DHCPv6 option-codes in the future. 26.5. Status codes IANA is requested to record the status codes defined in section 7.4. IANA is requested to manage the definition of additional status codes in the future. Droms (ed.), et al. Expires 1 Aug 2002 [Page 74] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 26.6. Authentication option Section 22 defines three new name spaces associated with the Authentication Option (section 23.12), which are to be created and maintained by IANA: Protocol, Algorithm and RDM. Initial values assigned from the Protocol name space are 0 (for the configuration token Protocol in section 22.5) and 1 (for the delayed authentication Protocol in section 22.6). Additional protocols may be defined in the future. The Algorithm name space is specific to individual Protocols. That is, each Protocol has its own Algorithm name space. The guidelines for assigning Algorithm name space values for a particular protocol should be specified along with the definition of a new Protocol. For the configuration token Protocol, the Algorithm field MUST be 0, as described in section 22.5. For the delayed authentication Protocol, the Algorithm value 1 is assigned to the HMAC-MD5 generating function as defined in section 22.6. Additional algorithms for the delayed authentication protocol may be defined in the future. The initial value of 0 from the RDM name space is assigned to the use of a monotonically increasing value as defined in section 22.4. Additional replay detection methods may be defined in the future. 27. Acknowledgments Thanks to the DHC Working Group for their time and input into the specification. In particular, thanks also for the consistent input, ideas, and review by (in alphabetical order) Thirumalesh Bhat, Vijayabhaskar, Brian Carpenter, Matt Crawford, Francis Dupont, Josh Littlefield, Gerald Maguire, Jack McCann, Thomas Narten, Erik Nordmark, Yakov Rekhter, Mark Stapp, Matt Thomas, Sue Thomson, and Phil Wells. Thanks to Steve Deering and Bob Hinden, who have consistently taken the time to discuss the more complex parts of the IPv6 specifications. Bill Arbaugh reviewed the authentication mechanism described in section 22. And, thanks to Steve Deering for pointing out at IETF 51 in London that the DHCPv6 specification has the highest revision number of any Internet Draft. Droms (ed.), et al. Expires 1 Aug 2002 [Page 75] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 References [1] S. Alexander and R. Droms. DHCP Options and BOOTP Vendor Extensions, March 1997. RFC 2132. [2] S. Bradner. Key words for use in RFCs to Indicate Requirement Levels, March 1997. RFC 2119. [3] S. Bradner and A. Mankin. The Recommendation for the IP Next Generation Protocol, January 1995. RFC 1752. [4] W.J. Croft and J. Gilmore. Bootstrap Protocol, September 1985. RFC 951. [5] S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification, December 1998. RFC 2460. [6] R. Draves. Default Address Selection for IPv6, September 2001. work in progress. [7] R. Droms. Dynamic Host Configuration Protocol, March 1997. RFC 2131. [8] R. Droms, Editor, W. Arbaugh, and Editor. Authentication for DHCP Messages, June 2001. RFC 3118. [9] R. Hinden and S. Deering. IP Version 6 Addressing Architecture, July 1998. RFC 2373. [10] S. Kent and R. Atkinson. Security Architecture for the Internet Protocol, November 1998. RFC 2401. [11] H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed-Hashing for Message Authentication, February 1997. RFC 2104. [12] David L. Mills. Network Time Protocol (Version 3) Specification, Implementation, March 1992. RFC 1305. [13] P.V. Mockapetris. Domain names - concepts and facilities, November 1987. RFC 1034. [14] P.V. Mockapetris. Domain names - implementation and specification, November 1987. RFC 1035. [15] T. Narten and H. Alvestrand. Guidelines for Writing an IANA Considerations Section in RFCs, October 1998. RFC 2434. [16] T. Narten and R. Draves. Privacy Extensions for Stateless Address Autoconfiguration in IPv6, January 2001. RFC 3041. [17] T. Narten, E. Nordmark, and W. Simpson. Neighbor Discovery for IP Version 6 (IPv6), December 1998. RFC 2461. Droms (ed.), et al. Expires 1 Aug 2002 [Page 76] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 [18] D.C. Plummer. Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware, November 1982. RFC 826. [19] J. Postel. User Datagram Protocol, August 1980. RFC 768. [20] R. Rivest. The MD5 Message-Digest Algorithm, April 1992. RFC 1321. [21] S. Thomson and T. Narten. IPv6 Stateless Address Autoconfiguration, December 1998. RFC 2462. [22] P. Vixie, Ed., S. Thomson, Y. Rekhter, and J. Bound. Dynamic Updates in the Domain Name System (DNS UPDATE), April 1997. RFC 2136. Chair's Address The working group can be contacted via the current chair: Ralph Droms Cisco Systems 300 Apollo Drive Chelmsford, MA 01824 Phone: (978) 244-4733 E-mail: rdroms@cisco.com Authors' Addresses Questions about this memo can be directed to: Droms (ed.), et al. Expires 1 Aug 2002 [Page 77] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Jim Bound Compaq Computer Corporation ZK3-3/W20 110 Spit Brook Road Nashua, NH 03062-2698 USA Voice: +1 603 884 0062 E-mail: Jim.Bound@compaq.com Mike Carney Sun Microsystems, Inc Mail Stop: UMPK17-202 901 San Antonio Road Palo Alto, CA 94303-4900 USA Voice: +1-650-786-4171 E-mail: mwc@eng.sun.com Charles E. Perkins Communications Systems Lab Nokia Research Center 313 Fairchild Drive Mountain View, California 94043 USA Voice: +1-650 625-2986 E-mail: charliep@iprg.nokia.com Fax: +1 650 625-2502 Ted Lemon Nominum, Inc. 950 Charter Street Redwood City, CA 94043 E-mail: Ted.Lemon@nominum.com Bernie Volz Ericsson 959 Concord St Framingham, MA 01701 Voice: +1-508-875-3162 Fax: +1-508-875-3018 E-mail: bernie.volz@ericsson.com Ralph Droms Cisco Systems 300 Apollo Drive Chelmsford, MA 01824 USA Voice: +1 978 479 4733 E-mail: rdroms@cisco.com Droms (ed.), et al. Expires 1 Aug 2002 [Page 78] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 A. Appearance of Options in Message Types The following table indicates with a "*" the options are allowed in each DHCP message type: Client Server IA RTA Option Pref Time Client Server ID ID Request Forw. Forw. Solicit * * * * Advert. * * * * * * Request * * * * * Confirm * * * * Renew * * * * * Rebind * * * * Decline * * * * * Release * * * * * Reply * * * * * * Reconf. * * * Inform. * (see note) * R-forw. * * R-repl. * * NOTE: Only included in Information-Request messages that are sent in response to a Reconfigure (see section 20.3.3). Auth Server Status User Vendor Unica. Code Class Class Solicit * * * Advert. * * * Request * * * Confirm * * * Renew * * * Rebind * * * Decline * * * * Release * * * * Reply * * * Reconf. * Inform. * * * R-forw. * * R-repl. * * B. Appearance of Options in the Options Field of DHCP Messages The following table indicates with a "*" where options can appear in the options field or encapsulated in other options: Droms (ed.), et al. Expires 1 Aug 2002 [Page 79] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 Option IA IAADDR RTA Client Server Field Forw. Forw. Client msg. * * Server msg. * * DUID * IA * IAADDR * RTA * ORO * Pref * Time * Client Forw. * Server Forw. * DSTM Addr. * DSTM Tunnel * Authentic. * Server Uni. * Dom. Srch. * Dom. Server * Status Cod. * * * Circ. ID * * User Class * Vend. Class * C. Full Copyright Statement Copyright (C) The Internet Society (2001). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING Droms (ed.), et al. Expires 1 Aug 2002 [Page 80] Internet Draft DHCP for IPv6 (-23) 1 Feb 2002 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Droms (ed.), et al. Expires 1 Aug 2002 [Page 81]