draft-ietf-6man-ra-pref64-02.txt   draft-ietf-6man-ra-pref64-03.txt 
IPv6 Maintenance L. Colitti IPv6 Maintenance L. Colitti
Internet-Draft J. Linkova Internet-Draft J. Linkova
Intended status: Standards Track Google Intended status: Standards Track Google
Expires: January 23, 2020 July 22, 2019 Expires: January 25, 2020 July 24, 2019
Discovering PREF64 in Router Advertisements Discovering PREF64 in Router Advertisements
draft-ietf-6man-ra-pref64-02 draft-ietf-6man-ra-pref64-03
Abstract Abstract
This document specifies a Router Advertisement option to communicate This document specifies a Router Advertisement option to communicate
NAT64 prefixes to clients. NAT64 prefixes to clients.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 31 skipping to change at page 1, line 31
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 23, 2020. This Internet-Draft will expire on January 25, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 16 skipping to change at page 2, line 16
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 2
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2
2. Use cases for communicating the NAT64 prefix to hosts . . . . 3 2. Use cases for communicating the NAT64 prefix to hosts . . . . 3
3. Why include the NAT64 prefix in Router Advertisements . . . . 3 3. Why include the NAT64 prefix in Router Advertisements . . . . 3
4. Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Option format . . . . . . . . . . . . . . . . . . . . . . . . 4 5. Option format . . . . . . . . . . . . . . . . . . . . . . . . 4
6. Handling Multiple NAT64 Prefixes . . . . . . . . . . . . . . 6 6. Handling Multiple NAT64 Prefixes . . . . . . . . . . . . . . 6
7. Multihoming . . . . . . . . . . . . . . . . . . . . . . . . . 7 7. Multihoming . . . . . . . . . . . . . . . . . . . . . . . . . 7
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 8. Pref64 Consistency . . . . . . . . . . . . . . . . . . . . . 8
9. Security Considerations . . . . . . . . . . . . . . . . . . . 8 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 10. Security Considerations . . . . . . . . . . . . . . . . . . . 8
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9
11.1. Normative References . . . . . . . . . . . . . . . . . . 8 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
11.2. Informative References . . . . . . . . . . . . . . . . . 9 12.1. Normative References . . . . . . . . . . . . . . . . . . 9
11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 10 12.2. Informative References . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 12.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction 1. Introduction
NAT64 [RFC6146] with DNS64 [RFC6147] is a widely-deployed mechanism NAT64 [RFC6146] with DNS64 [RFC6147] is a widely-deployed mechanism
to provide IPv4 access on IPv6-only networks. In various scenarios, to provide IPv4 access on IPv6-only networks. In various scenarios,
the host must be aware of the NAT64 prefix in use by the network. the host must be aware of the NAT64 prefix in use by the network.
This document specifies a Router Advertisement [RFC4861] option to This document specifies a Router Advertisement [RFC4861] option to
communicate the NAT64 prefix to hosts. communicate the NAT64 prefix to hosts.
1.1. Requirements Language 1.1. Requirements Language
skipping to change at page 5, line 15 skipping to change at page 5, line 15
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Lifetime | | Type | Length | Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| Highest 96 bits of the Prefix | | Highest 96 bits of the Prefix |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Prefix Length | Reserved | | Lowest bits (96-127) of the prefix (optional, if Length > 2) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | | Prefix Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: NAT64 Prefix Option Format Figure 1: NAT64 Prefix Option Format
Fields: Fields:
Type 8-bit identifier of the Pref64 option type as assigned by Type 8-bit identifier of the Pref64 option type as assigned by
IANA: TBD IANA: TBD
Length 8-bit unsigned integer. The length of the option (including Length 8-bit unsigned integer. The length of the option (including
the Type and Length fields) is in units of 8 octets. If the the Type and Length fields) is in units of 8 octets. If the
skipping to change at page 6, line 30 skipping to change at page 6, line 30
which this NAT64 prefix MAY be used. The value of Lifetime which this NAT64 prefix MAY be used. The value of Lifetime
SHOULD by default be set to lesser of 3 x MaxRtrAdvInterval SHOULD by default be set to lesser of 3 x MaxRtrAdvInterval
or 65535 seconds. A value of zero means that the prefix or 65535 seconds. A value of zero means that the prefix
MUST no longer be used. MUST no longer be used.
Highest 96-bit unsigned integer. Contains bits 0 - 95 of the NAT64 Highest 96-bit unsigned integer. Contains bits 0 - 95 of the NAT64
96 bits prefix. 96 bits prefix.
of the of the
prefix prefix
Lowest 32-bit unsigned integer. Contains bits 96 - 127 of the NAT64
bits of prefix. This field is optional and presents only if the
the prefix length is not 96 bits.
prefix
Prefix 8-bit unsigned integer. Optional field which present only if Prefix 8-bit unsigned integer. Optional field which present only if
Length the prefix length is not 96 bits. The sender MUST set it Length the prefix length is not 96 bits. The sender MUST set it
only to one of the following values: 32, 40, 48, 56, 64 only to one of the following values: 32, 40, 48, 56, 64
([RFC6052]. The receiver MUST ignore the Pref64 option if ([RFC6052]. The receiver MUST ignore the Pref64 option if
the prefix length value is not set to one of those numbers. the prefix length value is not set to one of those numbers.
Reserved A 7-byte unused field. It MUST be initialized to zero by Reserved A 3-byte unused field. If present it MUST be initialized to
the sender and MUST be ignored by the receiver. This field zero by the sender and MUST be ignored by the receiver. This
is optional and presents only if the prefix length is not 96 field is optional and presents only if the prefix length is
bits. not 96 bits.
6. Handling Multiple NAT64 Prefixes 6. Handling Multiple NAT64 Prefixes
In some cases a host may receive multiple NAT64 prefixes from In some cases a host may receive multiple NAT64 prefixes from
different sources. Possible scenarios include (but are not limited different sources. Possible scenarios include (but are not limited
to): to):
o the host is using multiple mechanisms to discover Pref64 prefixes o the host is using multiple mechanisms to discover Pref64 prefixes
(e.g. by using PCP ([RFC7225]) and/or by resolving IPv4-only fully (e.g. by using PCP ([RFC7225]) and/or by resolving IPv4-only fully
qualified domain name ([RFC7050]) in addition to receiving the qualified domain name ([RFC7050]) in addition to receiving the
skipping to change at page 8, line 5 skipping to change at page 8, line 11
requires the host to support the concept of multiple Provisioning requires the host to support the concept of multiple Provisioning
Domains (PvD, a set of configuration information associated with a Domains (PvD, a set of configuration information associated with a
network, [RFC7556]) and to be able to use these PvDs. network, [RFC7556]) and to be able to use these PvDs.
This issue is not specific to the Pref64 RA option and, for example, This issue is not specific to the Pref64 RA option and, for example,
is quite typical for DNS resolving on multihomed hosts (e.g. a host is quite typical for DNS resolving on multihomed hosts (e.g. a host
might resolve a destination name by using the corporate DNS server might resolve a destination name by using the corporate DNS server
via the VPN tunnel but then send the traffic via its Internet-facing via the VPN tunnel but then send the traffic via its Internet-facing
interface). interface).
8. IANA Considerations 8. Pref64 Consistency
Section 6.2.7 of [RFC4861] recommends that routers inspects RAs sent
by other routers to ensure that all routers onlink advertise the
consistent information. Routers SHOULD inspect valid Pref64 options
received on a given link and verify the consistency. Detected
inconsistencies indicate that one or more routers might be
misconfigured. Routers SHOULD log such cases to system or network
management. Routers SHOULD check and compare the following
information:
o set of Pref64 with non-zero lifetime;
o set of Pref64 with zero lifetime.
PvD-aware routers MUST only compare information scoped to the same
implicit or explicit PvD.
9. IANA Considerations
The IANA is requested to assign a new IPv6 Neighbor Discovery Option The IANA is requested to assign a new IPv6 Neighbor Discovery Option
type for the PREF64 option defined in this document. type for the PREF64 option defined in this document.
+---------------+-------+ +---------------+-------+
| Option Name | Type | | Option Name | Type |
+---------------+-------+ +---------------+-------+
| PREF64 option | (TBD) | | PREF64 option | (TBD) |
+---------------+-------+ +---------------+-------+
Table 1 Table 1
The IANA registry for these options is: The IANA registry for these options is:
https://www.iana.org/assignments/icmpv6-parameters [1] https://www.iana.org/assignments/icmpv6-parameters [1]
9. Security Considerations 10. Security Considerations
Because Router Advertisements are required in all IPv6 configuration Because Router Advertisements are required in all IPv6 configuration
scenarios, on IPv6-only networks, Router Advertisements must already scenarios, on IPv6-only networks, Router Advertisements must already
be secured, e.g., by deploying RA guard [RFC6105]. Providing all be secured, e.g., by deploying RA guard [RFC6105]. Providing all
configuration in Router Advertisements increases security by ensuring configuration in Router Advertisements increases security by ensuring
that no other protocols can be abused by malicious attackers to that no other protocols can be abused by malicious attackers to
provide hosts with invalid configuration. provide hosts with invalid configuration.
The security measures that must already be in place to ensure that The security measures that must already be in place to ensure that
Router Advertisements are only received from legitimate sources Router Advertisements are only received from legitimate sources
eliminate the problem of NAT64 prefix validation described in section eliminate the problem of NAT64 prefix validation described in section
3.1 of [RFC7050]. 3.1 of [RFC7050].
10. Acknowledgements 11. Acknowledgements
Thanks to the following people (in alphabetical order) for their Thanks to the following people (in alphabetical order) for their
review and feedback: Mikael Abrahamsson, Mark Andrews, Brian E review and feedback: Mikael Abrahamsson, Mark Andrews, Brian E
Carpenter, Nick Heatley, Martin Hunek, Tatuya Jinmei, Erik Kline, Carpenter, Nick Heatley, Martin Hunek, Tatuya Jinmei, Erik Kline,
Michael Richardson, David Schinazi. Michael Richardson, David Schinazi.
11. References 12. References
11.1. Normative References 12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X.
Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052,
DOI 10.17487/RFC6052, October 2010, DOI 10.17487/RFC6052, October 2010,
<https://www.rfc-editor.org/info/rfc6052>. <https://www.rfc-editor.org/info/rfc6052>.
11.2. Informative References 12.2. Informative References
[I-D.ietf-intarea-provisioning-domains] [I-D.ietf-intarea-provisioning-domains]
Pfister, P., Vyncke, E., Pauly, T., Schinazi, D., and W. Pfister, P., Vyncke, E., Pauly, T., Schinazi, D., and W.
Shao, "Discovering Provisioning Domain Names and Data", Shao, "Discovering Provisioning Domain Names and Data",
draft-ietf-intarea-provisioning-domains-05 (work in draft-ietf-intarea-provisioning-domains-05 (work in
progress), June 2019. progress), June 2019.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "DNS Security Introduction and Requirements", Rose, "DNS Security Introduction and Requirements",
RFC 4033, DOI 10.17487/RFC4033, March 2005, RFC 4033, DOI 10.17487/RFC4033, March 2005,
skipping to change at page 10, line 24 skipping to change at page 11, line 5
[RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D.,
and P. Hoffman, "Specification for DNS over Transport and P. Hoffman, "Specification for DNS over Transport
Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May
2016, <https://www.rfc-editor.org/info/rfc7858>. 2016, <https://www.rfc-editor.org/info/rfc7858>.
[RFC8305] Schinazi, D. and T. Pauly, "Happy Eyeballs Version 2: [RFC8305] Schinazi, D. and T. Pauly, "Happy Eyeballs Version 2:
Better Connectivity Using Concurrency", RFC 8305, Better Connectivity Using Concurrency", RFC 8305,
DOI 10.17487/RFC8305, December 2017, DOI 10.17487/RFC8305, December 2017,
<https://www.rfc-editor.org/info/rfc8305>. <https://www.rfc-editor.org/info/rfc8305>.
11.3. URIs 12.3. URIs
[1] https://www.iana.org/assignments/icmpv6-parameters [1] https://www.iana.org/assignments/icmpv6-parameters
Authors' Addresses Authors' Addresses
Lorenzo Colitti Lorenzo Colitti
Google Google
Roppongi 6-10-1 Roppongi 6-10-1
Minato, Tokyo 106-6126 Minato, Tokyo 106-6126
JP JP
 End of changes. 15 change blocks. 
24 lines changed or deleted 48 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/