DECADE Working Group K. Pentikousis Internet-Draft Huawei Intended Status: Proposed Standard Expires: March 17, 2013 September 13, 2012 DECADE Server Discovery draft-pentikousis-decade-discovery-00 Abstract A DECADE system must provide discovery mechanisms which enable the automatic configuration of DECADE clients with all information necessary to contact appropriate DECADE servers in the network. Typically, this configuration information would include the domain name or IP address of each DECADE server that should be considered by the client. Ideally, a DECADE discovery mechanism should capitalize upon existing Internet protocols, such as DHCP, which is widely deployed today. This document discusses DECADE server discovery and, as a first step towards automatic discovery, specifies how a DECADE client can obtain server location information using DHCP. To this end, it defines two DHCPv6 options which can be used to automatically provision the domain name or IP address of suitable servers in a DECADE system. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Pentikousis Expires March 17, 2013 [Page 1] INTERNET DRAFT DECADE Server Discovery September 13, 2012 Copyright and License Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1 Requirements Language . . . . . . . . . . . . . . . . . . . . . 2 2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 3 DECADE Server Discovery . . . . . . . . . . . . . . . . . . . . 4 4 DECADE Server Discovery using DHCP . . . . . . . . . . . . . . 6 4.1 DECADE Server Domain Name List DHCP Option . . . . . . . . 6 4.2 DECADE Server IP Address List DHCP Option . . . . . . . . . 7 4.3 DHCP Client Operation . . . . . . . . . . . . . . . . . . . 8 4.4 DHCP Server Operation . . . . . . . . . . . . . . . . . . . 8 4.5 Option Appearance . . . . . . . . . . . . . . . . . . . . . 9 4.6 On DHCP Options Aliasing . . . . . . . . . . . . . . . . . 9 5 DECADE Client Operation . . . . . . . . . . . . . . . . . . . . 10 6 Security Considerations . . . . . . . . . . . . . . . . . . . . 10 7 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 11 8 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 11 9 References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 9.1 Normative References . . . . . . . . . . . . . . . . . . . 11 9.2 Informative References . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 1 Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Pentikousis Expires March 17, 2013 [Page 2] INTERNET DRAFT DECADE Server Discovery September 13, 2012 2 Introduction The Decoupled Application Data Enroute (DECADE) architecture [D-ARCH] defines a system comprising content distribution applications, in- network storage, and network servers that can improve the efficiency of sharing data in the Internet as a whole, as well as in smaller, confined IP networks. DECADE aims at being an open system [RFC6646] in which applications can store and retrieve data objects inside the network and use DECADE servers to manage them [D-REQS]. Applications are also given the means to explicitly control who can access their stored data objects via the DECADE servers [D-ARCH]. A single DECADE system may include numerous servers deployed at different parts of the network, some of which may handle the general storage needs of the entire user base while others could provide purpose-specific quotas to a subset of the users. In such a large system, each client should be able to locate all servers which it is authorized to use. In particular for large organizations, automatic provisioning and configuration of DECADE clients, possibly taking into consideration the point of network attachment, is important from an operations and management perspective. Obviously, application end-points can use "native application protocols" to exchange information about DECADE server locations and convey such information to their respective DECADE client. For example, once an application end-point uploads a data object in a server, it can notify its peer about the server location where the data object has been stored along with all necessary credentials to access it. Such application-level only interaction may be plausible for many scenarios. However, in other scenarios, the network administrator may wish to point applications wishing to partake in a DECADE system to suitable servers based on network-related preferences. Overall, the mechanism(s) defined in this document can assist DECADE clients in determining which server(s) to use. In general, we should expect that DECADE server location information could be provisioned through different channels. This document introduces DECADE server discovery and, as a first step towards this direction, specifies how a DECADE client can obtain server location information using DHCP. In doing so, this specification follows the recommendation of [D-ARCH] and reuses and extends an existing and widely deployed, we may add, protocol for server discovery in a DECADE system. Finally, by capitalizing on DHCP [RFC3315], this client configuration method can support both push and pull functionality on behalf of the network administrator. Pentikousis Expires March 17, 2013 [Page 3] INTERNET DRAFT DECADE Server Discovery September 13, 2012 The rest of this document is organized as follows. After clarifying the terminology used in this document in the following subsection, we proceed with the introduction of DECADE server discovery in Sections 3 and 4. DECADE client operation in this context is discussed in Section 5. Finally, Section 6 presents the specification's security considerations. 2.1 Terminology This document uses the terms DECADE-compatible client, server, system, and data object as defined in [D-REQS]. In general, we will use the terms "client" and "server" to refer to the DECADE system entities. In addition, within the context of this document, we assume a DECADE-compatible system with an architecture as described in [D-ARCH]. Further, this document uses the terms DHCP client, server, DUID, and domain as defined in RFC 3315 [RFC3315]. Finally, and unless otherwise noted, the terms "IP" and "DHCP" refer to IPv6 and DHCPv6, respectively. 3 DECADE Server Discovery According to [D-REQS][D-ARCH], a DECADE compatible system MUST include a server discovery mechanism. Clearly, DECADE clients MAY obtain server configuration details by other means, including manual configuration, presets at the operating system or application level, or using other application-specific protocols. For instance, a DECADE-compatible application may come pre-configured to access a particular server through its fully qualified domain name (FQDN) or globally routable IP address. In addition, however, the network administrator may wish to provision DECADE system related information to eligible nodes authorized to connect at different attachment points of the network. For example, each domain in a large organization may include a (set of) DECADE server(s) accessible for use only by the nodes in the particular domain, such as the data analysis or the software development department. Deployment of servers on the basis of geographical or departmental criteria can often take advantage of traffic locality to improve performance and security as well as ease management and maintenance tasks. Moreover, the network administrator may choose to provision all eligible network nodes with information about further DECADE server(s), which may be accessible from the entire network of the Pentikousis Expires March 17, 2013 [Page 4] INTERNET DRAFT DECADE Server Discovery September 13, 2012 organization. The client could also be provisioned with backup DECADE server location information to improve system resilience or to balance traffic load. In all, a DECADE client can take advantage of any manually (or otherwise) provisioned servers, may use different servers when connected to different network attachment points, and should be able to access organization-wide DECADE servers in parallel. Examples for automatic configuration of DECADE clients based on the preferences of the network administrator abound. Consider, for instance, the case of users traveling abroad. Subscribers of an ISP providing residential broadband connectivity may use the ISP's DECADE server when connected from home but can take advantage of another server when on vacation at a resort hotel halfway around the globe. This nowadays typical scenario, involves users uploading and sharing with friends vacation photos and videos while connected to a Wi-Fi hotspot. In this case, the administrator of the Wi-Fi hotspot may offer DECADE services along with plain Internet connectivity to all nodes connected to its network. In principle, the administrator could require users to manually enter (local) server location information. In practice, however, this process is cumbersome and error-prone. It would be far better if the DECADE client on each node connected to the Wi-Fi hotspot were able to automatically discover available server location information in this network. This way, the vacationers of our example could exchange photos and videos as data objects stored locally at the DECADE server of the resort with their friends vacationing at the same hotel while, at the same time, they could arrange that all of their data objects were also stored at another DECADE server back home. The following section specifies the mechanisms which enable a DECADE client to obtain the DECADE server domain name(s) and/or IP address(es) based on the network administrator preferences using DHCP, thus providing a solution for scenarios such as those described above. Note that the use of DHCP for discovering DECADE servers is orthogonal to other mechanisms for DECADE client configuration. A DECADE client, in coordination with the application(s) using the DECADE system, can decide which server(s) to employ based on several factors, such as, for example, user preferences; node and network policies; authorization, trust, privacy, and other security concerns; quota availability and usage cost; and end-to-end performance, just to name a few. However, the decision making process regarding which of the available (or already discovered) servers to use is outside the scope of the server discovery specification. Pentikousis Expires March 17, 2013 [Page 5] INTERNET DRAFT DECADE Server Discovery September 13, 2012 4 DECADE Server Discovery using DHCP A DECADE client MAY use DHCP to obtain server location information (e.g., domain name or IP address) in the network. This specification defines two DHCP options: one for obtaining an ordered list of DECADE server domain names and another for obtaining an ordered list of DECADE server IP addresses, described in subsections 4.1 and 4.2, respectively. The DHCP options defined herein refer to server location information only. A DECADE-compatible application MAY trigger the DHCP-based server discovery process upon its startup or at any point of time during its operation. The DHCP client on the node MUST provide a mechanism for the DECADE client to retrieve the DECADE server location information as received from the network. A DECADE-compatible application and/or DECADE client MAY indicate to the DHCP client on the node the currently configured DECADE server(s). Said server(s) SHOULD have been used successfully in a previous application session, regardless of how they have been configured, i.e. via DHCP or otherwise, perhaps even manually, at an earlier stage. In addition, on a node with support for DECADE protocols, it is possible to discover DECADE server(s) upon bootstrapping or operating system configuration time, as well as when the node changes its point of network attachment, or when new interfaces become active. That is, the DHCP client on a node with DECADE support MAY use the DHCP options described in this document whenever it obtains a new address for any of its interfaces. In this case, when a DECADE-compatible application is started, it MAY use the DECADE server(s) which were already discovered through DHCP without initiating another discovery process. Finally, a DHCP implementation MUST support both options as described in subsections 4.1 and 4.2, below, in order to be compliant with this specification. 4.1 DECADE Server Domain Name List DHCP Option The format of the DECADE Server Domain Name List DHCP option is illustrated in Figure 1. Pentikousis Expires March 17, 2013 [Page 6] INTERNET DRAFT DECADE Server Discovery September 13, 2012 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_DECADE_SERVER | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . DECADE Server Domain Name List . . (variable length) . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. The DECADE Server Domain Name List DHCPv6 option option-code OPTION_DECADE_SERVER (TBD_IANA) option-len Length of DS-NAMELIST in octets; variable DS-NAMELIST DECADE Server Domain Name List The DECADE Server Domain Name List (DS-NAMELIST) field MUST be encoded as per [RFC3315], Section 8, and MUST be ordered according to the preference of the DHCP server administrator. Implementers are reminded that the total length of each domain name is restricted to a maximum of 255 octets as per [RFC1035]. 4.2 DECADE Server IP Address List DHCP Option The format of the DECADE Server IP Address List DHCP option is illustrated in Figure 2. Pentikousis Expires March 17, 2013 [Page 7] INTERNET DRAFT DECADE Server Discovery September 13, 2012 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_DECADE_SERVER_ADDR | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . DECADE Server IP Address List . . (variable length) . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2. The DECADE Server IP Address List DHCPv6 option option-code OPTION_DECADE_SERVER_ADDR (TBD_IANA) option-len Length of DS-ADDRLIST in octets; variable, MUST be multiple of 16 DS-ADDRLIST DECADE Server IP Address List The DECADE Server IP Address List (DS-ADDRLIST) MUST be ordered according to the preference of the DHCP server administrator. 4.3 DHCP Client Operation A DHCP client implementing these options and running on a node with a DECADE-compatible client MAY send neither, either, or both of the DHCP options defined in this document. A DHCP client implementing this option can include the DECADE Server DHCP options in its Option Request Option (ORO) as per [RFC3315] at node bootstrap, (re)configuration time, or upon explicit request from a DECADE client. See also Section 4.5, below. The DHCP client MUST make all DECADE server configuration information, as received from the DHCP server, available to the DECADE client(s) on the node. For example, if both a domain name list and a IP address list are returned by the DHCP server, then the DECADE client must be able to obtain both lists as ordered by the network administrator. 4.4 DHCP Server Operation A DHCP server that implements the options specified in this document and is configured by the network administrator with DECADE server location information (domain name and IP address): Pentikousis Expires March 17, 2013 [Page 8] INTERNET DRAFT DECADE Server Discovery September 13, 2012 * MAY send both the domain name list and the IP address list, even if the DHCP client did not explicitly request DECADE server location information in its ORO. * SHOULD send the domain name list and it MAY send the IP address list, if the client requests the DECADE Server Domain Name List. * MUST send the IP address list and it MAY send the domain name list, if the client requests the DECADE Server IP Address List only. The DHCP server MAY use the DHCP Unique IDentifier (DUID) [RFC3315] of the DHCP client to determine the contents of the DECADE server list(s) to be returned. 4.5 Option Appearance The DECADE Server Domain Name List and DECADE Server IP Address List options MUST each appear at most once in any DHCP message. The order in which these options appear is not significant; however, the DHCP client MUST maintain the order of servers in the respective lists as set by the DHCP server. The DECADE Server Domain Name List and DECADE Server IP Address List options MUST appear only in the following DHCP messages [RFC3315]: Solicit, Advertise, Request, Renew, Rebind, Information-Request, and Reply. If either of these options appears in other DHCP messages, they MUST be ignored by compliant implementations. Similarly, the option numbers for the options defined in this specification (OPTION_DECADE_SERVER and OPTION_DECADE_SERVER_ADDR) MAY appear in the Option Request Option (ORO) part of the following DHCP messages [RFC3315]: Solicit, Request, Renew, Rebind, Information-Request, and Reconfigure. If either of these option numbers appears in other DHCP messages, they SHOULD be ignored by compliant implementations. 4.6 On DHCP Options Aliasing The network location of a DECADE server can be defined through an IP address or a fully qualified domain name (FQDN). In principle, the network administrator need only configure the DECADE server domain names in a DHCP server. The DHCP server implementation can perform the domain name lookup on behalf of the DHCP client and return the DECADE server IP address list instead of the domain name list, thus reducing signaling overhead in terms of DNS resolution messages and packet overhead as argued in [GUIDE], Section 7. Therefore, one can make the case that there is no need to define two options that provision the same type of configuration parameter, in this case, the Pentikousis Expires March 17, 2013 [Page 9] INTERNET DRAFT DECADE Server Discovery September 13, 2012 DECADE server location information. Hence, defining one option, e.g. the DECADE Server IP Address List, instead of two, should be sufficient. However, it is more likely than not that a DECADE client can take better decisions about which DECADE server(s) to use if it does obtain the domain name of the server(s). To sum up, and given the advantages of DNS indirection as well, a DECADE client SHOULD prefer DECADE servers which can be located by an FQDN. That said, and given the strong recommendation against aliasing [GUIDE], it remains for the DECADE WG to decide which of the two options to choose, if a choice is mandated. 5 DECADE Client Operation In general, the DECADE client SHOULD prefer to contact a DECADE server using its domain name. The indirection and late binding provided by DNS should be taken advantage of whenever possible. However, it is possible that for certain DECADE system deployments DNS cannot be used or be relied upon, hence, a DECADE client MAY contact a server using an IP address. The client implementation may maintain two separate lists for DECADE domain names and IP addresses. The list(s) of DECADE servers at the client may be prioritized according to various factors and can include server location information which has been entered manually or configured automatically, e.g., via DHCP. With respect to the list of DECADE server location information made available to the DECADE client via the DHCP options defined in this document (or other means), the DECADE client MAY decide to ignore all DECADE servers suggested by the network administrator. However, if the DECADE client decides to use the servers suggested by the network administrator via DHCP, the client MUST consider all domain names in the received list first, before initiating connections to DECADE servers in the IP address list. 6 Security Considerations In general, a DECADE client SHOULD be on guard with all configuration information which is dynamically provisioned. In particular, the DECADE client should exercise caution when using dynamically provisioned information as it may end up contacting malicious DECADE servers, the operators of which could get access to sensitive or private information, lead denial of service attacks, pollute data objects uploaded on the server, and so on. That said, DHCP supports Pentikousis Expires March 17, 2013 [Page 10] INTERNET DRAFT DECADE Server Discovery September 13, 2012 an authentication mechanism that can alleviate man-in-the-middle attacks and more authentication mechanisms may be deployed; see [GUIDE]. DHCP is used to provision nodes with generally applicable configuration information. As such, the server location information received by a client SHOULD apply to all applications running on the node. A DECADE system administrator SHOULD NOT use the DHCP options defined in this document to provide application-specific server locations in order to avoid placing extraneous load on the DHCP server infrastructure. As the server location can be used by any application in a DECADE- compatible node, effectively, DHCP can be used to provide further server options to DECADE-compatible applications. However, the availability of server location information does not necessarily mean that the client has access to store and retrieve data objects from the servers obtained through DHCP. Authentication and authorization for accessing each server included in the lists obtained via DHCP are performed as per usual. The security considerations in [D-ARCH], [D-REQS], and [RFC3315] apply here as well, and DECADE client and server implementers ought to keep in mind that a range of attacks from within the network are possible. 7 IANA Considerations IANA is requested to assign two option codes from the "DHCPv6 Options Codes" registry for OPTION_DECADE_SERVER and OPTION_DECADE_SERVER_ADDR. 8 Acknowledgments Section 4 of this draft would not be possible without the great job done by the folks who wrote [RFC3315], [RFC3319], [RFC5908], and [GUIDE]. Tomasz Mrugalski provided valuable pointers and insights with respect to DHCP, in general, and options definitions, in particular. Many thanks! 9 References 9.1 Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Pentikousis Expires March 17, 2013 [Page 11] INTERNET DRAFT DECADE Server Discovery September 13, 2012 Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987. 9.2 Informative References [RFC3319] Schulzrinne, H. and B. Volz, "Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers", RFC 3319, July 2003. [RFC5908] Gayraud, R. and B. Lourdelet, "Network Time Protocol (NTP) Server Option for DHCPv6", RFC 5908, June 2010. [RFC6646] Song, H., Zong, N., Yang, Y., and R. Alimi, "DECoupled Application Data Enroute (DECADE) Problem Statement", RFC 6646, July 2012. [D-ARCH] Alimi, R., Rahman, A., Kutscher, D., and Yang, Y., "DECADE Architecture", draft-ietf-decade-arch-09, (work in progress), August 2012. [D-REQS] Gu, Y., Bryan, D., Yang, Y., Zhang, P., and Alimi, R., "DECADE Requirements", draft-ietf-decade-reqs-08, (work in progress), August 2012. [GUIDE] Hankins, D., Mrugalski, T., Siodelski, M., Jiang, S., and Krishnan, S., "Guidelines for Creating New DHCPv6 Options", (work in progress), July 2012. Authors' Addresses Kostas Pentikousis Huawei Technologies Carnotstr. 4 10587 Berlin Germany EMail: k.pentikousis@huawei.com Pentikousis Expires March 17, 2013 [Page 12]