Internet DRAFT - draft-white-auto-subnet

draft-white-auto-subnet





ipv6                                                            A. White
Internet-Draft                                               A. Williams
Expires: May 2, 2003                                            Motorola
                                                           November 2002


         Automatic Globally Unique Site Local Subnet Allocation
                       draft-white-auto-subnet-00

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on May 2, 2003.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

Abstract

   This memo specifies an automatically generated globally unique site
   local address format based on IEEE EUI-48 identifiers.












White & Williams           Expires May 2, 2003                  [Page 1]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   1.1 Definitions  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Address Format . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.1 Existing Site Local Space  . . . . . . . . . . . . . . . . . .  4
   2.2 New Allocation . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  Discussion . . . . . . . . . . . . . . . . . . . . . . . . . .  5
   3.1 Multihomed links . . . . . . . . . . . . . . . . . . . . . . .  5
   3.2 Limitations  . . . . . . . . . . . . . . . . . . . . . . . . .  6
   4.  Example  . . . . . . . . . . . . . . . . . . . . . . . . . . .  6
   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  7
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . .  8
       References . . . . . . . . . . . . . . . . . . . . . . . . . .  8
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . .  8
   A.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  9
       Full Copyright Statement . . . . . . . . . . . . . . . . . . . 10


































White & Williams           Expires May 2, 2003                  [Page 2]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


1. Introduction

   Site local addresses are specified by the IPv6 addressing
   architecture [1].  As specified site local addresses are not globally
   unique and valid only within a "site".

   If sites freely allocate from the fec0::/48 space, problems can occur
   when addresses leak outside a sit or when sites merge.

   Leakage: Even with strong filtering, it is possible for site local
      addresses to leak outside the site.  Because site local addresses
      are ambiguous (non-unique), multiple devices may share the same
      address.  When a device outside the site attempts to use such an
      address, it is desirable that communication reliably fails instead
      of attempting communciation with an incorrect device.

   Merging: Since site locals are only required to be unique within a
      site, problems can occur when merging sites.  If the sets of site
      local addresses used between the two sites are not disjoint,
      renumbering may be required to merge the sites.

      Manual allocation of site local prefixes by system administrators
      results in clustering.  Many administrators will allocate subnets
      fec0:0:0:1::/64, fec0:0:0:2::/64, etc, increasing the likelihood
      of collision during a merge.

   This memo specifies a mechanism for generating stable globally unique
   site local subnet addresses (64 bits) without requiring any
   registration mechanism, based on router interface MAC address.  These
   addresses are not aggregable, but this is not expected to be a
   problem within a site.

1.1 Definitions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119.

2. Address Format

   A router generates a unique 64 bit subnet prefix based on a 48 bit
   device identifier, such as an IEEE EUI-48 identifier (e.g.  ethernet
   MAC address).  For each such identifier the router may allocate a
   number of subnets.

   Routers with multiple identifiers (e.g.  multiple ethernet
   interfaces) may choose to use a single identifier to address all
   attached links (and subnets) or to use each interface's identifier to



White & Williams           Expires May 2, 2003                  [Page 3]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


   address that link, or a combination thereof.  Routers using per-
   interface allocation may set the subnet bits 0 or to an arbitrary
   value.

   Two models are available, depending on the prefix used.

      Inside existing site local space.

      New allocation


2.1 Existing Site Local Space

   The first option is to reserve some of the existing fec0::/10 site
   local address space for globally unique addresses.  The proposed
   prefix is fef0:/12.  The 64 bit subnet prefix consists of the 12 bit
   prefix "1111 1110 1111" (fef0::/12), the 48 bit device identifier and
   4 bits of subnet identifier.

   ---------------------------------------------------------------------


   | 12 bits |     48 bits      |  4 bits  |       64 bits        |
   +---------+------------------+----------+----------------------+
   |   fef   | router device ID |  sub ID  | machine interface ID |
   +---------+------------------+----------+----------------------+
   |    <-      subnet prefix        ->    |                      |

                  Figure 1: Address Format: fef0::/12

   ---------------------------------------------------------------------


2.2 New Allocation

   The second option is to allocate a new non-aggregable non-globally-
   routable address space.  The proposed space is fe00::/10.  The 64 bit
   subnet prefix consists of the 10 bit prefix "1111 1110 00" (fe00::/
   10), the 48 bit device identifier and 6 bits of subnet identifier.












White & Williams           Expires May 2, 2003                  [Page 4]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


   ---------------------------------------------------------------------


   | 10 bits |     48 bits      |  6 bits  |       64 bits        |
   +---------+------------------+----------+----------------------+
   |   fe0   | router device ID |  sub ID  | machine interface ID |
   +---------+------------------+----------+----------------------+
   |    <-      subnet prefix        ->    |                      |

                  Figure 2: Address Format: fe00::/10

   ---------------------------------------------------------------------


3. Discussion

   Subnet prefixes allocated by this mechanism are globally unique to
   the extent that IEEE EUI-48 device identifiers are globally unique.
   They persist on the link as long as the allocating router is not
   changed.  They can be configured by the router upon startup without
   any external communication.

   Subnet prefixes allocated by this mechanism are generally non-
   aggregable.  This is not expected to be a problem for addressing
   realms small enough to be considered a 'site'.

   This proposal provides for globally unique site local addresses
   without requiring any additional registration.  Because addresses are
   globally unique and generated in a predictable manner, merging does
   not require renumbering.  Out of site hosts attempting communication
   are more likely to fail, since the addresses are unambiguous and will
   thus be filtered rather than finding an incorrect device.

   This mechanism also specifies subnet based allocation, as opposed to
   site based allocation for global or existing site local address.
   This allows subnet allocation to be zero-configuration, as the subnet
   address is allocated by the router rather than additional
   administrative policy.

3.1 Multihomed links

   In the case where a link contains two (or more) routers, two options
   are available.  Either the link may be multi-homed, with each router
   providing a generated site local prefix, or one router may be
   instructed not to use its automatic prefix and be configured with the
   prefix from the master router on the link.  Multihoming is
   advantageous in a zero-configuration environment, while the
   administrator may prefer configuration.



White & Williams           Expires May 2, 2003                  [Page 5]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


3.2 Limitations

   Tying the subnet identifier router EUIs has two potential
   limitations.  Routes are unlikely to be aggregable, and changing
   routers may cause renumbering.

   It is envisaged that site scoped networks will be small enough
   (orders of magnitude less than the global internet) that aggregation
   is unnecessary for effective routing table operation.  Site scoped
   networks with thousands of links / subnets may cause problems.

   Router change may be dealt with in several ways.  Fully zero-
   configuration systems should be able to reconfigure themselves to
   compensate for readdressing.  In non-zero-configuration systems, the
   new router could be configured with the old routers addresses.  This
   assumes that the old router is not being re-used (and thus the EUI-48
   remains unique).  Alternatively, manually configured subnet prefixes
   could be allocated to subnets attached to critical servers.

4. Example































White & Williams           Expires May 2, 2003                  [Page 6]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


   ---------------------------------------------------------------------


                                  +----------+
                                  |  Router  |
                                  |    A     |
                                  +--+----+--+
                    00:80:ab:cd:ef:02|    |00:80:ab:cd:ef:01
                                     |    |
             fef0:080a:bcde:f020::/64|    |fef0:080a:bcde:f010::/64
         +---------------------------+    +-----+
         |fef0:0505:566a:abb0::/64              |
         |                                      |
         |                                      |      fef0:0409:8675
         |00:50:55:66:aa:bb               +-----+----+   :4231::/64
   +-----+----+                           |  Router  +---------------
   |  Router  |          00:40:98:67:54:23|    C     |
   |    B     |                           +--+----+--+ fef0:0409:8675
   +-----+----+                              |    |      :4233::/64
         |00:50:55:66:aa:bb                  |    +------------------
         |                                   |
         |fef0:0505:566a:abb0::/64           +-----------------------
         |                                   fef0:0409:8675:4234::/64

                        Figure 3: Sample Network

   ---------------------------------------------------------------------

   The above diagram shows a sample network.  Routers A and B are using
   the ethernet MAC address (EUI-48) of each interface to generate
   subnet addresses.  Router C is using a single EUI-48 and using the
   sub ID bits to generate subnet addresses.

   Note that the link between A and B is multi-homed based on both A and
   B's interfaces, while C's interface that links to A has been
   configured not to serve an address.  If this had not been done, C
   would have allocated the prefix fef0:0409:8675:4232::/64 to that
   link.

   In the example above, the proposed fef0::/12 prefix has been used as
   the conversion from EUI-48 to prefix is clearer.

5. IANA Considerations

   A top level prefix is required for these addresses.  There are two
   options.

   If this is to be nested within the existing site-local architecture,



White & Williams           Expires May 2, 2003                  [Page 7]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


   fef0::/12 is suitable.  All 54 bits from 13 to 64 are used to define
   the subnet identifer.  This conflicts with [1] (16 bit SLA) but is in
   accordance with [3].

   Alternatively, a new 10 bit prefix could be allocated from within
   fe00::/9 (e.g.  fe00::/10).

6. Security Considerations

   This proposal reveals the router's device identifier, thus
   introducing similar concerns to those described in privacy addressing
   [2].  While the link may be identified from within the site, site
   based filtering should restrict these identifiers from leaking
   outside the site.

   Mechanisms for preventing site local addresses from leaking to the
   public internet are beyond the scope of this memo.

   Unless a router is intended to be installed as part of a site local
   network, automatic allocation of site local subnet addresses SHOULD
   be disabled by default.

References

   [1]  Hinden, R. and S. Deering, "IP Version 6 Addressing
        Architecture", RFC 2373, July 1998.

   [2]  Narten, T. and R. Draves, "Privacy Extensions for Stateless
        Address Autoconfiguration in IPv6", RFC 3041, January 2001.

   [3]  Hinden, R. and S. Deering, "IP Version 6 Addressing
        Architecture", ID draft-ietf-ipngwg-addr-arch-v3-11, October
        2002.


Authors' Addresses

   Andrew White
   Motorola Australian Research Centre
   Locked Bag 5028
   Botany, NSW  1455
   AU

   Phone: +61 2 9666 0500
   EMail: Andrew.E.White@motorola.com
   URI:   http://www.motorola.com.au/marc/





White & Williams           Expires May 2, 2003                  [Page 8]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


   Aidan Williams
   Motorola Australian Research Centre
   Locked Bag 5028
   Botany, NSW  1455
   AU

   Phone: +61 2 9666 0500
   EMail: Aidan.Williams@motorola.com
   URI:   http://www.motorola.com.au/marc/

Appendix A. Acknowledgements

   TBD.






































White & Williams           Expires May 2, 2003                  [Page 9]

Internet-Draft    Auto Globally Unique SL Subnet Alloc     November 2002


Full Copyright Statement

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.



















White & Williams           Expires May 2, 2003                 [Page 10]