IETF IPv6 Working Group Haibo Wen Internet-Draft Alcatel Shanghai Bell Expires: October 27, 2006 March 28, 2006 Port Identifier option for RS/RA messages in IPv6 access network draft-wen-ipv6-rsra-opt-pid-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on October 27, 2006. Copyright Notice Copyright (C) The Internet Society (2006). All Rights Reserved. Wen Expires October 27, 2006 [Page 1] Internet-Draft Port Identifier option for RS/RA March 2006 Abstract This document makes an extension to stateless address auto- configuration (SAAC) mechanism by defining Port Identifier option for RS/RA messages in IPv6 access network. This option can make SAAC possible without upgrading access node and CPE to be layer 3 devices. Conventions used in this document The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described in RFC 2119 [3]. Terminology This document uses the terminology described in [1][2][3]. In addition, some new terms are defined below: Access node Access node is the point to which the subscriber network physically connects. In this document, Layer 3 access node is an access node that works at layer 3, acts as a router with access management functions in access network. Layer 2 access node is an access node that works at layer 2, without layer 3 routing function. Aggregation network The part of the network stretching from from access node to the Broadband Network Gateways(BNG, i.e., IP edge router). BRAS Broadband Remote Access Server is a broadband network gateway and is the aggregation point for the subscriber traffic. It also provides subscriber authentication, management and other functions before forwarding IP traffic to and receiving it from the Internet. Subscriber Network a network which is owned by a subscriber, and attached to an access node. In this network, all the terminals/hosts share same prefixes, each can be trusted to behave correctly, so they are friendly to each other. Subscriber network can also be called home network. Wen Expires October 27, 2006 [Page 2] Internet-Draft Port Identifier option for RS/RA March 2006 1. Introduction Stateless Address Auto-Configuration (SAAC)[1] is a very important feature for IPv6 technology. And SAAC has been proposed with the following goals: (1) No manual configuration of individual machines before connecting them to the network. (2)No DHCP server or router as a prerequistie for the communication between a set of machines attached to a single link. The machines can form their IPv6 addresses by appending their 64-bit interface identifier to a well-known link- local prefix. (3)No requirement of the presence of DHCP server for address configuration in a large site with multiple networks and routers. (4) Facilitating the graceful renumbering of a site's machines. In the standard IPv6 stateless configuration, a router sends periodical as well as solicited RA messages out its advertising interfaces. The RA messages are encapsulated in ICMPv6 packets. Within the RA messages, global IP prefixes are advertised to the directly attached link. Thus all the terminals can obtain the IPv6 prefixes to form their global IPv6 addresses by appending their interface identifier to the IPv6 prefixes. With the explosive growth of Internet and end user, Network Service Providers (NAP) are considering evolving their network architecture to support IPv6 technology. It's a trend that many terminals/hosts in subscriber network will connect to Internet via CPE in the future, thus the devices in subscriber network can form a subnet. Considering simple management and maintenance, the policy of one prefix per subscriber network, i.e., a /64 prefix will be assigned to each subscriber network, will be deployed by NAP. And in current access network, most of the CPEs in the subscriber networks are layer 2 devices, and the access nodes in aggregrate network are layer 2 devices, too. Because replacing CPE and access node to be layer 3 devices will require much more investment, it is a better way to make current access network support SAAC without this kind of investment. This document contributes on how to implement SAAC with one prefix per subscriber network in IPv6 access network without replacing current CPE and access node with layer 3 devices. This is done by defining a new option for Router Advertisment (RA) /Router Solicitation (RS) messages. Wen Expires October 27, 2006 [Page 3] Internet-Draft Port Identifier option for RS/RA March 2006 2. Port Identifier option 2.1 Motivation In the standard IPv6 stateless configuration, a router sends periodical as well as solicited RA messages out its advertising interfaces. The RA messages are encapsulated in ICMPv6 packets. Within the RA messages, global IP prefixes are advertised to the directly attached link. Thus all the terminals can obtain the IPv6 prefixes to form their global IPv6 addresses by appending their interface identifier to the IPv6 prefixes. When an interface of an IPv6 terminal becomes enabled, the terminal which may be unwilling to wait for the next unsolicited RA message to locate default routers or learn prefixes, will transimit RS message. In IPv6 access network with layer 2 CPE and layer 2 access node, RA messages will be advertised from BRAS/BNG to subscriber networks. For RS/RA messages, each subscriber network and the BRAS's interface that will advertise RA message must be formed into a logical LAN. If not, the following problems occur: (1) Because the subscriber network information (or subscriber line information) is terminated at the access node, BRAS/BNG cannot identify the originating subscriber network of any upstream RS message, then it doesn't know how to choose correct prefix to form an appropriate RA to respond. (2) Access node couldn't know the exact destination subscriber network of each downstream RA message, if the RA message is broadcasted to all the subscriber networks connecting to the same access node, this may lead to prefix spoofing. Port Identifier (PID) option is defined in this document to solve the problems above-mentioned. It is kind of DHCP relay agent option (option 82) for Dynamic Host Configuration Protocol in IPv4. For the upstream RS message, access node inserts the subscriber line information (i.e., the Port Identifier of the user port on the access node) into RS with PID option. In downstream RA message, BRAS/BNG should arrange the PID option with the corresponding Prefix Information in pair (i.e., each RA contains a Port Identifier and the Prefix information that has been assigned to the subscriber network that connects to the port that is identified by Port identifier). 2.1 Port Identifier option Port Identifier (PID) option contains a subscriber network identifier , or the identifier of the port in relay agent (i.e., access node) which connects the subscriber network. In additon, it contains the relay agent ID which can be used by operator for network management Wen Expires October 27, 2006 [Page 4] Internet-Draft Port Identifier option for RS/RA March 2006 purpose and also it can be used to help the BNG or BRAS forwards the RA to the correct relay agent efficiently. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved |I|Relay agent ID +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Relay agent ID ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Port Infomation ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fields: Type 8-bit identifier of the option type (TBD: IANA) Option Name Type Port Identifier option (TBD) Length 8-bit unsigned integer. The length of the option (including the type and length fields) is in units of 8 octets. The value 0 is invalid. Nodes MUST silently discard an ND packet that contains an option with length zero. Reserved 7-bit reserved field. It is set 0. I 1-bit field. If set to 1, it indicates Relay agent ID field carrys IPv6 address as Relay agent ID. Relay agent ID This field uniquely identifies an RS/RA relay agent (i.e., an access node). When field I is set to 1,an IPv6 address identifies the relay agent. Any layer 2/3 ID can be used by the service provider to identify the access node in its network if needed. Port Information This field consists of a sequence of SubOpt/Length /Value turples for each sub-option, encoded in the following manner(which will be discussed in 2.1.1): +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - | SubOpt Type |SubOpt Data Len| Option Data +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - SubOpt Data Len is the length of the Option Data field of this sub-option, in octets. Wen Expires October 27, 2006 [Page 5] Internet-Draft Port Identifier option for RS/RA March 2006 Description This option is used in the network environment when RS/RA is running in aggregationn network, i.e., between subscriber network and BRAS/BNG; in another word, access node is not a layer3 access node and CPE is not a layer3 device either. This option is used to indicate which subscriber network sends the RS message or which subscriber network this RA message will be sent to. In upstream direction, access node is responsible for inserting this option in the incoming RS messages, then forwarding it to BNG (or BRAS). In downstream direction, BRAS /BNG addes this option to the corresponding RA, access nodes identify the option, remove it and forward the RA to correct subscriber network. This option has no influence of the protocol stack on hosts/terminals. 2.1.1 Sub-Options 2.1.1.1 Pad sub-options There are two pad sub-options which are used to insert to the Port Information field area of Port Identifier option. Normally, Pad sub- option appears in the end of Port Informaiton field to make sure that the whole Port Identifier option to be in units of 8 octets. Pad1 sub-option (alignment requirement: none) +-+-+-+-+-+-+-+-+ | 0 | +-+-+-+-+-+-+-+-+ NOTE! the format of the Pad1 option is a special case -- it does not have length and value fields. The Pad1 option is used to insert one octet of padding into the Port Information field of Port Identifier option. If more than one octet of padding is required, the PadN option, described next, should be used, rather than multiple Pad1 options. PadN option (alignment requirement: none) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - | 1 |SubOpt Data Len| Option Data +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - Wen Expires October 27, 2006 [Page 6] Internet-Draft Port Identifier option for RS/RA March 2006 The PadN option is used to insert two or more octets. For N octets of padding, the SubOpt Data Len field contains the value N-2, and the Option Data consists of N-2 zero-valued octets. 2.1.1.2 Agent Circuit ID Sub-option This sub-option may be added by access nodes (or Relay Agent) which terminate switched or permanent circuits or port or logical port. It encodes an agent-local identifier of the circuit (i.e., port identifier) from which a RS message was received. It is intended for use by access nodes/agents in relaying RA messages back to the proper circuit/DSL-line/subscriber network. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SubOpt Type(2)|SubOpt Data Len| Circuit ID Info ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fields: SubOpt Type 8-bit identifier of the option type: 2. SubOpt Data Len 8-bit unsigned integer. The length of Circuit Information field is in octets. The value 0 is invalid. Nodes MUST silently discard an ND packet that contains an option with length zero. Circuit ID Info. This field is possible be the user port number of access node, or cable data virtual circuit number, or other local number which can be used to identify the connection to subscriber network. 3. Scenario for usage of new option for stateless auto-configuration in IPv6 access network Figure 1 illustrates a network architecture where there is no routed gateway in the subscriber network. The terminals in the subscriber network are connected to layer 2 access node located in NAP network through bridged CPE. Terminals initiate RS message to access network, and BRAS can advertise RA message to the subscriber network. The Figure 2 shows the procedure of stateless auto-configuration in this IPv6 access network. Wen Expires October 27, 2006 [Page 7] Internet-Draft Port Identifier option for RS/RA March 2006 ____________________ / \ | ISP core network | \__________ _________/ | +-------+-------+ | BRAS | \ +-------+-------+ \ __________|___________ \ / \ | | aggregation network | | \__________ ___________/ | | | +-------+-------+ | | layer 2 | | access | access node | | network +-------+-------+ | / | / +------+------+ |DSL to subscriber / | subscriber | |premises / | network 2 | | +------+------+ | \ +------+------+ \ | CPE | \ | (bridge) | \ +------+------+ | | | Subscriber +------------+--------------+ | network | | | | +-----+----+ +----+-----+ +-----+----+ / | terminal | | terminal | | terminal | / +----------+ +----------+ +----------+ / Figure 1: network architecture for IPv6 access The procedure consists of the following steps: Step (a) : IPv6 terminal/Host sends RS (Router Solicitation) message to get RA message. Step (b) : Layer 2 access node inserts PID option to the incoming RS message, and forward this RS to the BRAS/BNG. Step (c) : BRAS/BNG forms the appropriate RA message according to the Port ID in RS message, and then advertise it. The RA message will containing the appropriate PID option and Prefix Information option. The Port ID option is copied from the corresponding RS message. Wen Expires October 27, 2006 [Page 8] Internet-Draft Port Identifier option for RS/RA March 2006 Step (d) : Access node receives the RA message, removes the PID option from RA message, and then forward it to the corresponding subscriber network. Then the terminal can obtain the prefix from the RA message. +---------+ +-----------+ +------------------+ |User IPv6| | layer2 | |ISP's edge router | | terminal| |access node| | or BNG | +---------+ +-----------+ +------------------+ | | | (a)|------RS message------>| | | | (b)|--------RS with PID option-------->| (c)|<-------RA with PID and Prefix-----| | Information option | (d)|<--RA with Prefix --| | Information option | Figure 2. Procedure of stateless auto-configuration for scenario 1 In this procedure, access node and BRAS/BNG are reponsible for inserting/removing/identifying the Port Identifier option. It only request access node and BRAS/BNG to implement this functionality. There is no any requirement on terminals/hosts. 4. Acknowledgements The author would like to thank Songwei Ma, David Watkinson, Stefaan De Cnodder, Jan Van den Abeele, Sven Ooghe, and the other members in R&I access and edge group in Alcatel Shanghai Bell for their comments and help. 5. References 5.1 Normative References [1] S. Thomson, and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC2462, December 1998. [2] S. Deering, and R. Hiden, "Internet Protocol, Version 6 (IPv6) Specification", RFC2460, December 1998. [3] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Wen Expires October 27, 2006 [Page 9] Internet-Draft Port Identifier option for RS/RA March 2006 Authors' Addresses Haibo Wen Alcatel Shanghai Bell Co., Ltd. 388#, NingQiao Road, Pudong Jinqiao Shanghai 201206 P.R. China Phone: +86 (21) 5854-1240, ext.: 9273 Email: Haibo.WEN@alcatel-sbell.com.cn Intellectual Property Statement The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. Full Copyright Statement Copyright (C) The Internet Society (2006). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. Wen Expires October 27, 2006 [Page 10] Internet-Draft Port Identifier option for RS/RA March 2006 The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Wen Expires October 27, 2006 [Page 11]