DHC Working Group November 3, 2008 Internet Draft Vincent Zimmer Intended status: Informational Intel Corporation Expires: May 2009 Dave Thaler Microsoft DHCPv6 Remote Boot Options draft-zimmer-dhc-dhcpv6-remote-boot-options-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on May 3, 2009. Abstract This document describes a means by which to support network boot of a bare-metal platform utilizing a pre-boot execution environment, such as the Unified Extensible Firmware Interface [UEFI22]. The problem being addressed is that the PXE [PXE21] and UEFI Specifications [UEFI22] only describe how to ascertain boot configuration options using DHCPv4 [RFC2131], not for DHCPv6 [RFC3315]. Similarly, iSCSI boot [RFC4173] does not specify how to discover boot device information in an DHCPv6 environment. This document will describe Zimmer Expires May 3, 2009 [Page 1] Internet-Draft DHCPv6 Remote Boot Options November 2008 how to ascertain this boot information in an IPv6 environment utilizing options in the DHCPv6 hand-off [RFC3315]. Table of Contents 1. Introduction...................................................2 2. DHCPv6 Options ................................................3 2.1. Root Path Option..........................................3 2.2. Next Server Address Option...............................45 2.3. Boot File Size Option....................................56 2.4. Client System Architecture Type Option...................56 2.5. Client Network Interface Identifier Option...............67 2.6. iSNS Option..............................................67 2.7. SLP Directory Agent Option................................8 2.8. SLP Service Scope Option.................................89 3. Security Considerations........................................9 4. IANA Considerations..........................................910 5. Acknowledgments...............................................10 6. References....................................................11 6.1. Normative References.....................................11 6.2. Informative References...................................12 1. Introduction Many hosts today have the ability to boot an Operating System image (or "boot file") that is located on a server in the network. To do so, the host must begin with some functionality just sufficient to be able to get on the network and retrieve the boot file. As indicated in Figure 1, it is desirable to obtain from DHCP the information needed to locate the boot file, so that by the time the host is able to communicate on the network, it can immediately begin downloading the boot file. +------+ _______________________\| DHCP | / 1 Get boot file info /|Server| +------+ +------+ | Host | +------+ +------+ \_______________________\| File | 2 Download boot file /|Server| +------+ Figure 1: Network Boot Sequence Two methods for downloading a boot file are specified today. Zimmer Expires May 3, 2009 [Page 2] Internet-Draft DHCPv6 Remote Boot Options November 2008 o iSCSI: [RFC2132] specifies a DHCPv4 option for retrieving boot file information and [RFC4173] specifies how to download the boot file. o TFTP: [RFC2132] and [RFC4578] specify DHCPv4 options for retrieving boot file information and [RFC1350] specifies how to download the boot file. The problem with both is that while the methods for downloading the boot files can work over either IPv4 or IPv6, the boot file info can only be obtained over DHCPv4. As a result, they do not support a network that only provides IPv6, nor do they support IPv6-only devices. To address this gap, this document specifies DHCPv6 options that provide parity with the DHCPv4 options. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. DHCPv6 Options 2.1. Root Path Option The Root Path option specifies the path-name that contains the client's root disk. The path is formatted as a character string consisting of characters from the NVT ASCII character set. This option provides parity with the Root Path Option defined for DHCPv4 in [RFC2132] section 3.19. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_ROOT_PATH | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . root-disk-pathname (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_ROOT_PATH (TBD1). option-len Length of Root Path Name in octets. root-disk-pathname See below Zimmer Expires May 3, 2009 [Page 3] Internet-Draft DHCPv6 Remote Boot Options November 2008 This NULL-terminated ASCII string is the URL (conforming to [RFC2396]) to a boot file. This string starts with the protocol which is used for downloading. Separated by '://', the hostname or IPv6 address of the server hosting the boot file (see also the note below), the path, file name and query parts of the URL follow. For iSCSI, the format of the URL is specified in [RFC4173] section 5. 2.2. Next Server Address Option This option conveys the address of the server to use in the next step of the client's bootstrap process. A DHCP server may return its own address in this option, if the server is prepared to supply the next bootstrap service (e.g., delivery of an operating system executable image). This option provides parity with the siaddr field in DHCPv4. The format of the option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_NEXT_SERVER_ADDRESS | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Next Server Address | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_NEXT_SERVER_ADDRESS (TBD3). option-len 16 Next Server Address The IPv6 address or IPv4-mapped address of the next server Zimmer Expires May 3, 2009 [Page 4] Internet-Draft DHCPv6 Remote Boot Options November 2008 2.3. Boot File Size Option This option specifies the length in 512-octet blocks of the default boot image for the client. The file length is specified as a 32-bit integer. This option provides parity with the Boot File Size Option defined for DHCPv4 in [RFC2132] section 3.15. The format of the option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_BOOT_FILE_SIZE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | File Size | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_BOOT_FILE_SIZE (TBD4). option-len 4 File Size The length in 512-octet blocks of the boot image for the client. 2.4. Client System Architecture Type Option This option provides parity with the Client System Architecture Type Option defined for DHCPv4 in [RFC4578] section 2.1. The format of the option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_CLIENT_ARCH_TYPE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . Processor Architecture Type (variable length) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_CLIENT_ARCH_TYPE (TBD5). option-len See below. Zimmer Expires May 3, 2009 [Page 5] Internet-Draft DHCPv6 Remote Boot Options November 2008 Processor Architecture Type A list of one or more architecture types, as specified in [RFC4578] section 2.1. 2.5. Client Network Interface Identifier Option The Client Network Interface Identifier option is sent by a DHCP client to a DHCP server to provide information about its level of Universal Network Device Interface (UNDI) support. This option provides parity with the Client Network Interface Identifier Option defined for DHCPv4 in [RFC4578] section 2.2. The format of the option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_NII | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Major | Minor | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_NII (TBD6). option-len 3 Type As specified in [RFC4578] section 2.2. Major As specified in [RFC4578] section 2.2. Minor As specified in [RFC4578] section 2.2. 2.6. iSNS Option As specified in [RFC4173] section 6, iSCSI boot requires either iSNS or SLP support. This option provides parity with the iSNS Option defined for DHCPv4 in [RFC4174] section 2. 0 1 2 3 Zimmer Expires May 3, 2009 [Page 6] Internet-Draft DHCPv6 Remote Boot Options November 2008 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION ISNS | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | iSNS Functions | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DD Access | Administrative FLAGS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | iSNS Server Security Bitmap | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Address A | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Address B | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | . . . . | | Additional Secondary iSNS Servers | | . . . . | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_ISNS (TBD7) option-len 2 iSNS Functions As specified in [RFC4174] section 2. Reserved MUST be set to zero DD Access As specified in [RFC4174] section 2. Administrative FLAGS As specified in [RFC4174] section 2. iSNS Server Security Bitmap As specified in [RFC4174] section 2. Address A As specified in [RFC4174] section 2, except that it contains an IPv6 address. Address B As specified in [RFC4174] section 2, except that it contains an IPv6 address. Additional Secondary iSNS Servers As specified in [RFC4174] section 2, except that it contains IPv6 addresses. Zimmer Expires May 3, 2009 [Page 7] Internet-Draft DHCPv6 Remote Boot Options November 2008 2.7. SLP Directory Agent Option As specified in [RFC4173] section 6, iSCSI boot requires either iSNS or SLP support. This option provides parity with the SLP Directory Agent Option defined for DHCPv4 in [RFC2610] section 3. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION SLP | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Mandatory | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . Address List (variable) . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2.8. SLP Service Scope Option As specified in [RFC4173] section 6, iSCSI boot requires either iSNS or SLP support. This option provides parity with the SLP Directory Agent Option defined for DHCPv4 in [RFC2610] section 4. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Zimmer Expires May 3, 2009 [Page 8] Internet-Draft DHCPv6 Remote Boot Options November 2008 | OPTION SLP SERVICE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Mandatory | Scope List (variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ option-code OPTION_SLP_SERVICE (TBD8) option-len 2 Scope List As specified in [RFC2610] section 4 3. Security Considerations If an adversary manages to modify the response from a DHCP server or insert its own response, a host could be led to contact a rogue file server, resulting in an attacker being able to run arbitrary code on the host. Consequently, a practical way to verify loaded boot images is to make sure that each host verifies the boot file to be executed using a mechanism of their choice. In addition, some options contain information about a client's system architecture and may be of use to potential attackers. See the security considerations in [RFC3315], [RFC4173], and [RFC4578] for more discussion. This document introduces no new concerns beyond the ones covered therein for IPv4. 4. IANA Considerations This document introduces a new IANA registry for processor architecture types. The name of this registry shall be "Processor Architecture Type". Registry entries consist of a 16-bit integer recorded in decimal format, and a descriptive name. The initial values of this registry can be found in [RFC4578] section 2.1. The assignment policy for values shall be Expert Review, and any requests for values must supply the descriptive name for the processor architecture type. Zimmer Expires May 3, 2009 [Page 9] Internet-Draft DHCPv6 Remote Boot Options November 2008 5. Acknowledgments The authors would like to thank Ruth Li, Dong Wei, Kathryn Hampton, Phil Dorah, Richard Chan, and Fiona Jensen for discussions that led to this document. Zimmer Expires May 3, 2009 [Page 10] Internet-Draft DHCPv6 Remote Boot Options November 2008 6. References 6.1. Normative References [PXE21] Henry, M. and M. Johnston, "Preboot Execution Environment (PXE) Specification", September 1999, http://www.pix.net/software/pxeboot/archive/pxespec.pdf [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2131] Droms, R. "Dynamic Host Configuration Protocol", RFC 2131, March, 1997. [RFC2610] C. Perkins, E. Guttman, "DHCP Options for Service Location Protocol," RFC2610, June 1999. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and Carney, M., "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)," RFC 3315, July 2003. [RFC4172] Monia, C., Tseng, J., and K. Gibbons, "The IPv4 Dynamic Host Configuration Protocol (DHCP) Option for the Internet Storage Name Service", RFC 4174, September 2005. [RFC4173] Sarkar, P., Missimer, D. and Sapuntzakis, C., "Bootstrapping Clients using the Internet Small Computer System Interface (iSCSI) Protocol," RFC 4173, September 2005. [RFC4174] Monia, C., Tseng, J., and K. Gibbons, "The IPv4 Dynamic Host Configuration Protocol (DHCP) Option for the Internet Storage Name Service", RFC 4174, September 2005. [RFC4578] Johnston, M. and Venaas, S. "Dynamic Host Configuration Protocol (DHCP) Options for the Intel Preboot eXecution Environment (PXE)", RFC 4578, November 2006. [UEFI22] Unified Extensible Firmware Interface Specification, Version 2.2, September 2008, http://www.uefi.org Zimmer Expires May 3, 2009 [Page 11] Internet-Draft DHCPv6 Remote Boot Options November 2008 6.2. Informative References Author's Addresses Vincent Zimmer Intel DP2-420 2800 Center Drive DuPont, WA 98327 Phone: +1 253 371 5667 Email: vincent.zimmer@intel.com Dave Thaler Microsoft One Microsoft Way Redmond, WA 98052 Phone: +1 425 703-8835 Email: dthaler@microsoft.com Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information Zimmer Expires May 3, 2009 [Page 12] Internet-Draft DHCPv6 Remote Boot Options November 2008 on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Zimmer Expires May 3, 2009 [Page 13]