IPv6 Working Group Brian Zill Internet Draft Microsoft Document: draft-zill-ipv6wg-zone-prefixlen-00.txt February 23, 2003 Organization Zone Prefix Length Discovery Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document specifies an extension to IPv6 Neighbor Discovery which allows nodes to discover the prefix length of the organizational administrative zone associated with an advertised prefix. 1. Introduction IPv6 Neighbor Discovery [ND] provides a mechanism by which a router may advertise a prefix being used on an attached link. This information is contained in a Router Advertisement Prefix Information Option. Nodes may use this information for on-link determination and/or autonomous address autoconfiguration (as Zill Expires August 23, 2003 1 draft-bzill-IPv6wg-zone-prefixlen-00 February 23, 2003 specified in [ADDRCONF]). This document specifies a modification to the Prefix Information Option format to allow the router to also advertise the length of the advertised prefix which belongs to the same organization (or other administrative entity). Nodes are then free to use this prefix length for "in-org" determination of the addresses of other nodes. While specific uses of this knowledge are beyond the scope of this document, an example might be for a node to apply different policies for communication with other nodes depending upon their "in-org" status. 2. Terminology This document uses terms defined in [IPv6] and [ND]. It also defines the following term: In-organization an address that is assigned to an interface located within a topology administratively controlled by a given organization. Also abbreviated as "in-org". 2.1. Requirements The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described in [KEYWORDS]. 3. Modified Prefix Information Option Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Prefix Length |L|A|R|O| Rsvd1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Valid Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Preferred Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Org PrefixLen | Reserved2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + Zill Expires August 23, 2003 2 draft-bzill-IPv6wg-zone-prefixlen-00 February 23, 2003 | | + Prefix + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ New fields: O 1-bit organization prefix length flag. When set, indicates that this prefix can be used for in-organization determination. When not set the advertisement makes no statement about the in-org properties of the prefix. Org PrefixLen 8-bit unsigned integer. Only meaningful when the O bit is set. Specifies the number of bits in the Prefix which denote the range of network topology administratively controlled by the same organization. The value ranges from 0 to 128. Note that in common usage, the Org PrefixLen would be less than or equal to the Prefix Length. 4. Processing Rules A node receiving a Prefix Information Option where the O bit is not set MUST ignore the contents of the Org PrefixLen field. A router sending a Prefix Information Option without setting the O bit MUST set the Org PrefixLen field to zero. A node receiving a Prefix Information Option with the O bit set MAY treat the Org PrefixLen field as a prefix length denoting the portion of the included prefix to be considered as "in-org". A router sending a Prefix Information Option MAY set the O bit if and only if it also sets the Org PrefixLen field to reflect the portion of the included prefix which is to be considered as "in-org". 5. Security Considerations The organization prefix length information is only as secure as the Router Advertisement it is contained in. Without a method for securing Neighbor Discovery, Router Advertisements are easily Zill Expires August 23, 2003 3 draft-bzill-IPv6wg-zone-prefixlen-00 February 23, 2003 spoofed by other on-link nodes. Any use of the organization prefix length to determine whether or not a peer is part of the same organization should take into account that source addresses on IP packets are often easy to spoof. References [IPv6] S. Deering, R. Hinden. "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998. [ND] T. Narten, E. Nordmark, W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998. [ADDRCONF] S. Thomson, T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998. [KEYWORDS] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, March 1997. Acknowledgments The modified prefix option format presented in this draft is derived from one contained in an expired draft by Erik Nordmark, where it was used for a different purpose. This draft resulted from discussions with Christian Huitema, Mohit Talwar, and Dave Thaler. Author's Address Brian Zill Microsoft One Microsoft Way Redmond, WA 98052 Phone: 1-425-703-3568 Email: bzill@microsoft.com Full Copyright Statement Copyright (C) The Internet Society (2003). All Rights Reserved. Zill Expires August 23, 2003 4 draft-bzill-IPv6wg-zone-prefixlen-00 February 23, 2003 This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Zill Expires August 23, 2003 5