Internet Engineering Task Force H. Singh Internet-Draft W. Beebee Intended status: Informational Cisco Systems, Inc. Expires: January 9, 2011 C. Donley CableLabs B. Stark AT&T O. Troan, Ed. Cisco Systems, Inc. July 8, 2010 Advanced Requirements for IPv6 Customer Edge Routers draft-wbeebee-v6ops-ipv6-cpe-router-bis-03 Abstract This document continues the work undertaken by the IPv6 CE Router Phase I work in the IETF v6ops Working Group. Advanced requirements or Phase II work is covered in this document. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 9, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect Singh, et al. Expires January 9, 2011 [Page 1] Internet-Draft IPv6 CE router Advanced requirements July 2010 to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Conceptual Configuration Variables . . . . . . . . . . . . . . 4 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 4 4.1. General Requirements . . . . . . . . . . . . . . . . . . . 4 4.2. WAN Side Configuration . . . . . . . . . . . . . . . . . . 5 4.3. LAN Side Configuration . . . . . . . . . . . . . . . . . . 6 4.4. Security Considerations . . . . . . . . . . . . . . . . . 8 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 8.1. Normative References . . . . . . . . . . . . . . . . . . . 9 8.2. Informative References . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 Singh, et al. Expires January 9, 2011 [Page 2] Internet-Draft IPv6 CE router Advanced requirements July 2010 1. Introduction This document defines Advanced IPv6 features for a residential or small office router referred to as an IPv6 CE router. Typically these routers also support IPv4. The IPv6 End-user Network Architecture for such a router is described in [I-D.ietf-v6ops-ipv6-cpe-router]. This version of the document completes the organization of Advanced features between General, WAN, and LAN requirements. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 2. Terminology End-user Network one or more links attached to the IPv6 CE router that connect IPv6 hosts. IPv6 Customer Edge router a node intended for home or small office use which forwards IPv6 packets not explicitly addressed to itself. The IPv6 CE router connects the end-user network to a service provider network. IPv6 host any device implementing an IPv6 stack receiving IPv6 connectivity through the IPv6 CE router LAN interface an IPv6 CE router's attachment to a link in the end-user network. Examples are Ethernets (simple or bridged), 802.11 wireless or other LAN technologies. An IPv6 CE router may have one or more network layer LAN Interfaces. Service Provider an entity that provides access to the Internet. In this document, a Service Provider specifically offers Internet access using IPv6, and may also offer IPv4 Internet access. The Service Provider can provide such access over a variety of different transport methods such as DSL, cable, wireless, and others. Singh, et al. Expires January 9, 2011 [Page 3] Internet-Draft IPv6 CE router Advanced requirements July 2010 WAN interface an IPv6 CE router's attachment to a link used to provide connectivity to the Service Provider network; example link technologies include Ethernets (simple or bridged), PPP links, Frame Relay, or ATM networks as well as Internet-layer (or higher-layer) "tunnels", such as tunnels over IPv4 or IPv6 itself. 3. Conceptual Configuration Variables The CE Router maintains such a list of conceptual optional configuration variables. 1. Enable RIPng ([RFC2080]) on the LAN. 2. Softwire enable. 3. More Specifc Route ([RFC4191]) enable and configure routes. 4. If DHCPv6 fails, the CE Router may initiate PPPOE, a Softwire tunnel, or 6to4 [RFC3056], or 6rd [I-D.ietf-softwire-ipv6-6rd] operation. 5. Change ULA on the device. 4. Requirements 4.1. General Requirements Quality of Service: Q-1: The CPE router MAY support differentiated services [RFC2474]. DNS: D-1: For local DNS queries for configuration, the CE Router may include a DNS server to handle local queries. Non-local queries can be forwarded unchanged to a DNS server specified in the DNS server DHCPv6 option. The CE Router may also include DNS64 functionality which is specified in [I-D.bagnulo-behave-dns64]. Singh, et al. Expires January 9, 2011 [Page 4] Internet-Draft IPv6 CE router Advanced requirements July 2010 D-2: The local DNS server MAY also handle renumbering from the Service Provider provided prefix for local names used exclusively inside the home (the local AAAA and PTR records are updated). This capability provides connectivity using local DNS names in the home after a Service Provider renumbering. A CE Router MAY add local DNS entries based on dynamic requests from the LAN segment(s). The protocol to carry such requests from hosts to the CE Router is yet to be described. The CE Router MAY support manual configuration via the web using a URL string like http://router.local as per multicast DNS (mDNS). Zero-configuration is vendor-dependent. G-1: TODO if any. 4.2. WAN Side Configuration The IPv6 CE router will need to support connectivity to one or more access network architectures. This document describes an IPv6 CE router that is not specific to any particular architecture or Service Provider, and supports all commonly used architectures. WAN side requirements: W-1: The CE Router WAN interface MUST support a B4 Interface as specified in [I-D.ietf-softwire-dual-stack-lite]. W-2: The CE Router WAN interface MUST support at least one 6rd Virtual Interface as specified in [I-D.ietf-softwire-ipv6-6rd]. W-3: The CE Router MUST support an IPv6 firewall feature. DHCPV6 requirements: WD-1: The CE Router MUST use a persistent DUID ([RFC3315]) for DHCPv6 messages. The DUID MUST NOT change between network interface reset or CE Router reset. Multicast requirements: WM-1: Consistent with [RFC4605], the CE router MUST NOT implement the router portion of MLDv2 for the WAN interface. WM-2: Multicast data MUST NOT be sent on any softwire tunnel operating on the CE Router with transition technologies like DS-Lite as specified in [I-D.ietf-softwire-dual-stack-lite]. Prefix Delegation requirements: Singh, et al. Expires January 9, 2011 [Page 5] Internet-Draft IPv6 CE router Advanced requirements July 2010 WPD-1: The CE Router is a requesting router and follows [RFC3633] for acquiring a delegated prefix from the Service Provider. Manageability requirements: WPD-1: TODO. 4.3. LAN Side Configuration Prefix Sub-Delegation requirements: LPD-1: The LAN interface(s) are sub-delegated prefixes subnetted from the delegated prefix acquired by the WAN interface. The CE Router MUST support hierarchical prefix delegation for automatic sub-delegation in the LAN. Any other automated prefix sub-delegation is vendor dependent. CPE Router Behavior in a routed network: R-1: One example of the CPE Router use in the home is shown below. The home has a broadband modem combined with a CPE Router, all in one device. The LAN interface of the device is connected to another standalone CPE Router that supports a wireless access point. To support such a network, this document recommends using prefix sub-delegation of the prefix obtained either via IA_PD from WAN interface or a ULA from the LAN interface . The network interface of the downstream router may obtain an IA_PD via stateful DHCPv6. If the CPE router supports the routed network through automatic prefix sub-delegation, the CPE router MUST support a DHCPv6 server or DHCPv6 relay agent. Further, if an IA_PD is used, the Service Provider or user MUST allocate an IA_PD or ULA prefix short enough to be sub-delegated and subsequently used for SLAAC. Therefore, a prefix length shorter than /64 is needed. The CPE Router MAY support RIPng in the home network. /-------+------------\ /------------+-----\ SP <--+ Modem | CPE Router +--+ CPE Router | WAP + --> PC \-------+------------/ \------------+-----/ WAP = Wireless Access Point Figure 1. Singh, et al. Expires January 9, 2011 [Page 6] Internet-Draft IPv6 CE router Advanced requirements July 2010 R-2: The CE Router MAY support [RFC4191] on its LAN interfaces. Small consumer embedded multi-homed hosts in the home may not have configurable routing tables. The CE Router can communicate More Specific Routes (MSRs) to these hosts to allow them to choose a preferred router to send traffic to for traffic destined to specific prefixes configured through manual configuration. Advertisement of MSRs through RAs is turned off by default. Multicast Behavior: LM-1: The CPE Router MUST follow the model described for MLD Proxy in [RFC4605] to implement multicast. LM-2: Consistent with [RFC4605], the LAN interfaces on the CPE router MUST NOT implement an MLDv2 Multicast Listener. LM-3: If the CPE Router hardware includes a network bridge between the WAN interface and the LAN interface(s), then the CPE Router MUST support MLDv2 snooping as per [RFC4541]. ND Proxy requirements: LNDP-1: If the CE Router has only one /64 prefix to be used across multiple LAN interfaces and the CE Router supports any two LAN interfaces that cannot bridge data between them because the two interfaces have disparate MAC layers, then the CE Router MUST support Proxying Neighbor Advertisements as specified in Section 7.2.8 of [RFC4861]. If any two LAN interfaces support bridging between the interfaces, then Proxying Neighbor Advertisements is not necessary between the two interfaces. Legacy 3GPP networks have the following requirements: 1. No DHCPv6 prefix is delegated to the CE Router. 2. Only one /64 is available on the WAN link. 3. The link types between the WAN interface and LAN interface(s) are disparate and, therefore, can't be bridged. 4. No NAT66 is to be used. 5. Each LAN interface needs global connectivity. 6. Uses SLAAC to configure LAN interface addresses. Singh, et al. Expires January 9, 2011 [Page 7] Internet-Draft IPv6 CE router Advanced requirements July 2010 For these legacy 3GPP networks, the CPE Router MUST support ND Proxy between the WAN and LAN interface(s). If a CE Router will never be deployed in an environment with these characteristics, then ND Proxy is not necessary. 4.4. Security Considerations Security requirements: S-1: The IPv6 CE router SHOULD support [I-D.vyncke-advanced-ipv6-security]. 5. Acknowledgements Thanks to the following people (in alphabetical order) for their guidance and feedback: Mikael Abrahamsson, Merete Asak, Scott Beuker, Mohamed Boucadair, Rex Bullinger, Brian Carpenter, Remi Denis-Courmont, Gert Doering, Alain Durand, Katsunori Fukuoka, Tony Hain, Thomas Herbst, Kevin Johns, Stephen Kramer, Victor Kuarsingh, Francois-Xavier Le Bail, David Miles, Shin Miyakawa, Jean-Francois Mule, Michael Newbery, Carlos Pignataro, John Pomeroy, Antonio Querubin, Teemu Savolainen, Matt Schmitt, Hiroki Sato, Mark Townsley, Bernie Volz, James Woodyatt, Dan Wing and Cor Zwart This draft is based in part on CableLabs' eRouter specification. The authors wish to acknowledge the additional contributors from the eRouter team: Ben Bekele, Amol Bhagwat, Ralph Brown, Eduardo Cardona, Margo Dolas, Toerless Eckert, Doc Evans, Roger Fish, Michelle Kuska, Diego Mazzola, John McQueen, Harsh Parandekar, Michael Patrick, Saifur Rahman, Lakshmi Raman, Ryan Ross, Ron da Silva, Madhu Sudan, Dan Torbet and Greg White 6. Contributors The following people have participated as co-authors or provided substantial contributions to this document: Ralph Droms, Kirk Erichsen, Fred Baker, Jason Weil, Lee Howard, Jean-Francois Tremblay, Yiu Lee, John Jason Brzozowski and Heather Kirksey. Singh, et al. Expires January 9, 2011 [Page 8] Internet-Draft IPv6 CE router Advanced requirements July 2010 7. IANA Considerations This memo includes no request to IANA. 8. References 8.1. Normative References [I-D.bagnulo-behave-dns64] Bagnulo, M., Sullivan, A., Matthews, P., Beijnum, I., and M. Endo, "DNS64: DNS extensions for Network Address Translation from IPv6 Clients to IPv4 Servers", draft-bagnulo-behave-dns64-02 (work in progress), March 2009. [I-D.ietf-6man-ipv6-subnet-model] Singh, H., Beebee, W., and E. Nordmark, "IPv6 Subnet Model: the Relationship between Links and Subnet Prefixes", draft-ietf-6man-ipv6-subnet-model-12 (work in progress), April 2010. [I-D.ietf-softwire-dual-stack-lite] Durand, A., Droms, R., Haberman, B., Woodyatt, J., Lee, Y., and R. Bush, "Dual-Stack Lite Broadband Deployments Following IPv4 Exhaustion", draft-ietf-softwire-dual-stack-lite-04 (work in progress), March 2010. [I-D.ietf-softwire-ipv6-6rd] Townsley, M. and O. Troan, "IPv6 Rapid Deployment on IPv4 Infrastructures (6rd)", draft-ietf-softwire-ipv6-6rd-10 (work in progress), May 2010. [I-D.ietf-v6ops-ipv6-cpe-router] Singh, H., Beebee, W., Donley, C., Stark, B., and O. Troan, "Basic Requirements for IPv6 Customer Edge Routers", draft-ietf-v6ops-ipv6-cpe-router-06 (work in progress), June 2010. [I-D.vyncke-advanced-ipv6-security] Vyncke, E. and M. Townsley, "Advanced Security for IPv6 CPE", draft-vyncke-advanced-ipv6-security-01 (work in progress), March 2010. [RFC1122] Braden, R., "Requirements for Internet Hosts - Communication Layers", STD 3, RFC 1122, October 1989. Singh, et al. Expires January 9, 2011 [Page 9] Internet-Draft IPv6 CE router Advanced requirements July 2010 [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080, January 1997. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet Networks", RFC 2464, December 1998. [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, December 1998. [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", BCP 38, RFC 2827, May 2000. [RFC3056] Carpenter, B. and K. Moore, "Connection of IPv6 Domains via IPv4 Clouds", RFC 3056, February 2001. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. [RFC3646] Droms, R., "DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, December 2003. [RFC3736] Droms, R., "Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6", RFC 3736, April 2004. [RFC4075] Kalusivalingam, V., "Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6", RFC 4075, May 2005. [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", RFC 4191, November 2005. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005. [RFC4242] Venaas, S., Chown, T., and B. Volz, "Information Refresh Time Option for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 4242, November 2005. Singh, et al. Expires January 9, 2011 [Page 10] Internet-Draft IPv6 CE router Advanced requirements July 2010 [RFC4294] Loughney, J., "IPv6 Node Requirements", RFC 4294, April 2006. [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", RFC 4443, March 2006. [RFC4541] Christensen, M., Kimball, K., and F. Solensky, "Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches", RFC 4541, May 2006. [RFC4605] Fenner, B., He, H., Haberman, B., and H. Sandick, "Internet Group Management Protocol (IGMP) / Multicast Listener Discovery (MLD)-Based Multicast Forwarding ("IGMP/MLD Proxying")", RFC 4605, August 2006. [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan", BCP 122, RFC 4632, August 2006. [RFC4779] Asadullah, S., Ahmed, A., Popoviciu, C., Savola, P., and J. Palet, "ISP IPv6 Deployment Scenarios in Broadband Access Networks", RFC 4779, January 2007. [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, September 2007. [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, September 2007. [RFC4864] Van de Velde, G., Hain, T., Droms, R., Carpenter, B., and E. Klein, "Local Network Protection for IPv6", RFC 4864, May 2007. [RFC5072] S.Varada, Haskins, D., and E. Allen, "IP Version 6 over PPP", RFC 5072, September 2007. 8.2. Informative References [I-D.ietf-behave-v6v4-framework] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for IPv4/IPv6 Translation", draft-ietf-behave-v6v4-framework-09 (work in progress), May 2010. [UPnP-IGD] Singh, et al. Expires January 9, 2011 [Page 11] Internet-Draft IPv6 CE router Advanced requirements July 2010 UPnP Forum, "Universal Plug and Play (UPnP) Internet Gateway Device (IGD)", November 2001, . Authors' Addresses Hemant Singh Cisco Systems, Inc. 1414 Massachusetts Ave. Boxborough, MA 01719 USA Phone: +1 978 936 1622 Email: shemant@cisco.com URI: http://www.cisco.com/ Wes Beebee Cisco Systems, Inc. 1414 Massachusetts Ave. Boxborough, MA 01719 USA Phone: +1 978 936 2030 Email: wbeebee@cisco.com URI: http://www.cisco.com/ Chris Donley CableLabs 858 Coal Creek Circle Louisville, CO 80027 USA Email: c.donley@cablelabs.com Barbara Stark AT&T 725 W Peachtree St Atlanta, GA 30308 USA Email: barbara.stark@att.com Singh, et al. Expires January 9, 2011 [Page 12] Internet-Draft IPv6 CE router Advanced requirements July 2010 Ole Troan (editor) Cisco Systems, Inc. Veversmauet 8 N-5017 BERGEN, Norway Email: ot@cisco.com Singh, et al. Expires January 9, 2011 [Page 13]