| draft-ietf-dhc-dhcpv6-stateful-issues-05.txt | draft-ietf-dhc-dhcpv6-stateful-issues-06.txt | |||
|---|---|---|---|---|
| Network Working Group O. Troan | Network Working Group O. Troan | |||
| Internet-Draft B. Volz | Internet-Draft B. Volz | |||
| Updates: 3315,3633 (if approved) Cisco Systems, Inc. | Updates: 3315,3633 (if approved) Cisco Systems, Inc. | |||
| Intended status: Standards Track January 1, 2014 | Intended status: Standards Track M. Siodelski | |||
| Expires: July 5, 2014 | Expires: January 1, 2015 ISC | |||
| June 30, 2014 | ||||
| Issues with multiple stateful DHCPv6 options | Issues with multiple stateful DHCPv6 options | |||
| draft-ietf-dhc-dhcpv6-stateful-issues-05.txt | draft-ietf-dhc-dhcpv6-stateful-issues-06.txt | |||
| Abstract | Abstract | |||
| Dynamic Host Configuration Protocol for IPv6 (DHCPv6) was not written | Dynamic Host Configuration Protocol for IPv6 (DHCPv6) was not written | |||
| with the expectation that additional stateful DHCPv6 options would be | with the expectation that additional stateful DHCPv6 options would be | |||
| developed. IPv6 Prefix Options for Dynamic Host Configuration | developed. IPv6 Prefix Options for Dynamic Host Configuration | |||
| Protocol (DHCP) version 6 shoe-horned the new options for Prefix | Protocol (DHCP) version 6 shoe-horned the new options for Prefix | |||
| Delegation into DHCPv6. Implementation experience of the CPE model | Delegation into DHCPv6. Implementation experience of the CPE model | |||
| described in RFC6204 has shown multiple issues with the DHCPv6 | described in RFC 7084 has shown multiple issues with the DHCPv6 | |||
| protocol in supporting multiple stateful options. This document | protocol in supporting multiple stateful options. This document | |||
| updates RFC3315 and indirectly RFC3633. | updates RFC 3315 and RFC 3633. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 5, 2014. | This Internet-Draft will expire on January 1, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2014 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 14 | skipping to change at page 2, line 15 | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. Handling of multiple IA options types . . . . . . . . . . . . 3 | 4. Handling of multiple IA options types . . . . . . . . . . . . 4 | |||
| 4.1. Advertise Message . . . . . . . . . . . . . . . . . . . . 4 | 4.1. Placement of Status Codes . . . . . . . . . . . . . . . . 5 | |||
| 4.2. Placement of Status Codes . . . . . . . . . . . . . . . . 5 | 4.2. Advertise Message . . . . . . . . . . . . . . . . . . . . 6 | |||
| 4.3. T1/T2 Timers . . . . . . . . . . . . . . . . . . . . . . 5 | 4.3. T1/T2 Timers . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 4.4. Renew Message . . . . . . . . . . . . . . . . . . . . . . 6 | 4.4. Renew Message . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 4.5. Rebind Message . . . . . . . . . . . . . . . . . . . . . 7 | 4.4.1. Updates to RFC 3315 . . . . . . . . . . . . . . . . . 8 | |||
| 4.6. Confirm Message . . . . . . . . . . . . . . . . . . . . . 8 | 4.4.2. Updates to RFC 3633 . . . . . . . . . . . . . . . . . 9 | |||
| 4.7. Release Message . . . . . . . . . . . . . . . . . . . . . 9 | 4.4.3. Creation and Transmission of Renew Messages (unified | |||
| 4.8. Multiple Provisioning Domains . . . . . . . . . . . . . . 9 | text) . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 | 4.4.4. Receipt of Renew Messages (unified text) . . . . . . 11 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 | 4.5. Rebind Message . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 | 4.5.1. Updates to RFC 3315 . . . . . . . . . . . . . . . . . 12 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 4.5.2. Updates to RFC 3633 . . . . . . . . . . . . . . . . . 14 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 10 | 4.5.3. Creation and Transmission of Rebind Messages (unified | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 10 | text) . . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 | 4.5.4. Receipt of Rebind Messages (unified text) . . . . . . 16 | |||
| 4.6. Confirm Message . . . . . . . . . . . . . . . . . . . . . 17 | ||||
| 4.7. Decline Should Not Necessarily Trigger a Release . . . . 18 | ||||
| 4.8. Multiple Provisioning Domains . . . . . . . . . . . . . . 18 | ||||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 | ||||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 19 | ||||
| 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 | ||||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 | ||||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 19 | ||||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 19 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | ||||
| 1. Introduction | 1. Introduction | |||
| DHCPv6 [RFC3315] was not written with the expectation that additional | DHCPv6 [RFC3315] was not written with the expectation that additional | |||
| stateful DHCPv6 options would be developed. DHCPv6 Prefix Delegation | stateful DHCPv6 options would be developed. DHCPv6 Prefix Delegation | |||
| [RFC3633] shoe-horned the new options for Prefix Delegation into | [RFC3633] shoe-horned the new options for Prefix Delegation into | |||
| DHCPv6. Implementation experience of the CPE model described in | DHCPv6. Implementation experience of the CPE model described in | |||
| [RFC6204] has shown multiple issues with the DHCPv6 protocol in | [RFC7084] has shown multiple issues with the DHCPv6 protocol in | |||
| supporting multiple stateful options. | supporting multiple stateful option types, in particular IA_NA and | |||
| IA_PD. | ||||
| This document describes a number of problems encountered with | This document describes a number of problems encountered with | |||
| multiple IA option types into DHCP and recommended changes to the | multiple IA option types and recommended changes to the DHCPv6 | |||
| DHCPv6 protocol specifications. | protocol specifications. | |||
| The intention of this work is to modify the DHCP protocol | The intention of this work is to modify the DHCP protocol | |||
| specification to support multiple IA option types within a single | specification to support multiple IA option types within a single | |||
| DHCP session. This problem can also be solved by implementing a | DHCP session. This problem can also be solved by implementing a | |||
| separate DHCP session (separate client state machine) per IA option | separate DHCP session (separate client state machine) per IA option | |||
| type. This latter approach has a number of issues: additional DHCP | type. This latter approach has a number of issues: additional DHCP | |||
| protocol traffic, 'collisions' between stateless options also | protocol traffic, 'collisions' between stateless options also | |||
| included with the IA options, divergence in that each IA option type | included with the IA options, divergence in that each IA option type | |||
| specification specifies its 'own' version of the DHCP protocol. | specification specifies its 'own' version of the DHCP protocol. | |||
| Note that while IA_TA options may be included with other IA option | ||||
| type requests, these generally are not renewed (there are no T1/T2 | ||||
| times) and have a separate life cycle from IA_NA and IA_PD option | ||||
| types. IA_TA also has limited value when DHCPv6 is used for address | ||||
| assignment, as the privacy issues identified for IPv6 stateless | ||||
| address assignment ([RFC4941]) do not apply to DHCPv6 assignments. | ||||
| The changes described in this document will be incorporated in a new | The changes described in this document will be incorporated in a new | |||
| revision of the DHCPv6 protocol specification [RFC3315]. | revision of the DHCPv6 protocol specification [RFC3315]. | |||
| 2. Conventions | 2. Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 3. Terminology | 3. Terminology | |||
| Stateful options Options that require dynamic binding | In addition to the terminology defined in [RFC3315], [RFC3633], and | |||
| state per client on the server. | [RFC7227], the following terminology is used in this document: | |||
| Identity association (IA): A collection of stateful options assigned | Resource (allocable resource): A value (or a collection of values) | |||
| to a client. Each IA has an associated | dynamically assigned to the client by | |||
| IAID. A client may have more than one IA | the server and being carried in the | |||
| assigned to it; for example, one for each | stateful options. An example of the | |||
| of its interfaces. Each IA holds one | resources are: IPv6 address or an | |||
| type of IA option; for example, an | IPv6 prefix. Information about the | |||
| identity association for temporary | resources is transported in stateful | |||
| addresses (IA_TA) holds temporary | options such as IA_NA, for addresses, | |||
| addresses (see "identity association for | and IA_PD, for prefix delegations. | |||
| temporary addresses"). Throughout this | In the future, other types of | |||
| document, "IA" is used to refer to an | resources and stateful options may be | |||
| identity association without identifying | defined. | |||
| the type of stateful option in the IA. | ||||
| Identity association (IA): A collection of stateful options | ||||
| assigned to a client. Each IA has an | ||||
| associated IAID. A client may have | ||||
| more than one IA assigned to it; for | ||||
| example, one for each of its | ||||
| interfaces. Each IA holds one type | ||||
| of IA option; for example, an | ||||
| identity association for temporary | ||||
| addresses (IA_TA) holds temporary | ||||
| addresses (see "identity association | ||||
| for temporary addresses"). | ||||
| Throughout this document, "IA" is | ||||
| used to refer to an identity | ||||
| association without identifying the | ||||
| type of stateful option in the IA. | ||||
| IA option types: This is used to generally mean an | ||||
| IA_NA and/or IA_PD and may also | ||||
| include IA_TA, as well as any future | ||||
| IA options. | ||||
| Stateful options: Options that require dynamic binding | ||||
| state per client on the server. | ||||
| 4. Handling of multiple IA options types | 4. Handling of multiple IA options types | |||
| DHCPv6 was written with the assumption that the only stateful options | DHCPv6 was written with the assumption that the only stateful options | |||
| were for assigning addresses. DHCPv6 PD describes how to extend the | were for assigning addresses. DHCPv6 PD describes how to extend the | |||
| DHCPv6 protocol to handle prefix delegation, but [RFC3633] did not | DHCPv6 protocol to handle prefix delegation, but [RFC3633] did not | |||
| consider how DHCP address assignment and prefix delegation could co- | consider how DHCP address assignment and prefix delegation could co- | |||
| exist. | exist. | |||
| If a client requests multiple IA option types, but the server is | If a client requests multiple IA option types, but the server is | |||
| skipping to change at page 4, line 5 | skipping to change at page 5, line 5 | |||
| several ways. Reset the state machine and continue to send Solicit | several ways. Reset the state machine and continue to send Solicit | |||
| messages, create separate DHCP sessions for each IA option type and | messages, create separate DHCP sessions for each IA option type and | |||
| continue to Solicit for the unfulfilled IA options, or it could | continue to Solicit for the unfulfilled IA options, or it could | |||
| continue with the single session, and include the unfulfilled IA | continue with the single session, and include the unfulfilled IA | |||
| options on subsequent messages to the server. | options on subsequent messages to the server. | |||
| Proposed solution: the client should keep a single session with the | Proposed solution: the client should keep a single session with the | |||
| server and include the missing options on subsequent messages | server and include the missing options on subsequent messages | |||
| (Request, Renew, and Rebind) to the server. | (Request, Renew, and Rebind) to the server. | |||
| 4.1. Advertise Message | 4.1. Placement of Status Codes | |||
| In Reply messages IA specific status codes (i.e., NoAddrsAvail, | ||||
| NotOnlink, NoBinding, NoPrefixAvail) are encapsulated in the IA | ||||
| option. In Advertise messages the Status Code option with the | ||||
| NoAddrsAvail code is in the top-level. That makes sense when the | ||||
| failure case is fatal. With the introduction of multiple IA option | ||||
| types, there might be a case where a server is not willing to offer | ||||
| addresses, but might be willing to offer other stateful option types. | ||||
| While a Status Code option is implicitly bound to a specific type of | ||||
| IA, e.g. NoPrefixAvail is only applicable to IA_PD and NoAddrsAvail | ||||
| is only applicable to IA_NA/IA_TA, it may be problematic to make this | ||||
| assumption for all status codes. Ideally the Status Code option | ||||
| should be encapsulated in the IA option for all DHCP messages. This | ||||
| makes Status Code option placement for Advertise messages identical | ||||
| to Reply messages. | ||||
| However, how a server formats the Advertise message when addresses | ||||
| are not available has been a point of some confusion and | ||||
| implementations seem to vary. | ||||
| Therefore, the Proposed solution is: | ||||
| Clients MUST be prepared to handle each of the following Advertise | ||||
| messages formats when there are no addresses available (even when no | ||||
| IA_PD was in the Solicit): | ||||
| 1. Advertise containing just a top-level Status Code option (of | ||||
| NoAddrsAvail) and no IA_NAs/IA_TAs. | ||||
| 2. Advertise containing the IA_NAs and/or IA_TAs with encapsulated | ||||
| Status Code option (of NoAddrsAvail) and no top-level Status Code | ||||
| option. | ||||
| 3. Advertise containing a top-level Status Code option (of | ||||
| NoAddrsAvail) and IA_NAs and/or IA_TAs with a Status Code option | ||||
| (of NoAddrsAvail). | ||||
| Servers MUST use the Status Code option (of NoAddrsAvail) | ||||
| encapsulated in an IA_NA/IA_TA options and not a top-level Status | ||||
| Code option (of NoAddrsAvail) when no addresses will be assigned (2 | ||||
| in the above list). This means that the Advertise response matches | ||||
| the Reply response with respect to the handling of the NoAddrsAvail | ||||
| status. | ||||
| Replace the following paragraph in RFC 3315, section 17.2.2: | ||||
| If the server will not assign any addresses to any IAs in a | ||||
| subsequent Request from the client, the server MUST send an | ||||
| Advertise message to the client that includes only a Status | ||||
| Code option with code NoAddrsAvail and a status message for | ||||
| the user, a Server Identifier option with the server's DUID, | ||||
| and a Client Identifier option with the client's DUID. | ||||
| With: | ||||
| If the server will not assign any addresses to an IA in a | ||||
| subsequent Request from the client, the server MUST include | ||||
| the IA in the Advertise message with no addresses in the IA | ||||
| and a Status Code option encapsulated in the IA containing | ||||
| status code NoAddrsAvail. | ||||
| 4.2. Advertise Message | ||||
| [RFC3315] specifies that a client must ignore an Advertise message if | [RFC3315] specifies that a client must ignore an Advertise message if | |||
| a server will not assign any addresses to a client. A client | a server will not assign any addresses to a client. A client | |||
| requesting both IA_NA and IA_PD, with a server that only offers one | requesting both IA_NA and IA_PD, with a server that only offers one | |||
| of them, is not supported in the current protocol specification. | of them, is not supported in the current protocol specification. | |||
| Proposed solution: a client SHOULD accept Advertise messages, even | Proposed solution: a client SHOULD accept Advertise messages, even | |||
| when not all IA option types are being offered. A client SHOULD | when not all IA option types are being offered. And, in this case, | |||
| ignore an Advertise message when no bindings at all are being | the client SHOULD include the not offered IA option types in its | |||
| offered. The client SHOULD include the not offered IA option types | Request. A client SHOULD only ignore an Advertise message when no IA | |||
| in its Request. | option includes any offered addresses or delegated prefixes (or any | |||
| future allocable resource). Note that ignored messages MUST still be | ||||
| processed for SOL_MAX_RT and INF_MAX_RT options as specified in | ||||
| [RFC7083]. | ||||
| Replace Section 17.1.3 of [RFC3315]: (existing errata) | Replace Section 17.1.3 of RFC 3315: (existing errata) | |||
| The client MUST ignore any Advertise message that includes a Status | The client MUST ignore any Advertise message that includes a Status | |||
| Code option containing the value NoAddrsAvail, with the exception | Code option containing the value NoAddrsAvail, with the exception | |||
| that the client MAY display the associated status message(s) to the | that the client MAY display the associated status message(s) to the | |||
| user. | user. | |||
| With: | With (this includes the changes made by [RFC7083]): | |||
| The client MUST ignore any Advertise message that contains no | The client MUST ignore any Advertise message that contains no | |||
| bindings (if only IA_NA and/or IA_TA options were requested, | addresses (IAADDR options encapsulated in IA_NA or IA_TA options) | |||
| this is a message that includes a Status Code option containing the | and no delegated prefixes (IAPREFIX options encapsulated in IA_PD | |||
| value NoAddrsAvail), with the exception that the client MAY display | options, see RFC 3633) with the exception that the client | |||
| the associated status message(s) to the user. | MUST process an included SOL_MAX_RT option (RFC 7083), MUST | |||
| process an included INF_MAX_RT option (RFC 7083), and MAY | ||||
| display any associated status message(s) to the user. | ||||
| And, replace: | And, replace: | |||
| - The client MAY choose a less-preferred server if that server | - The client MAY choose a less-preferred server if that server | |||
| has a better set of advertised parameters, such as the | has a better set of advertised parameters, such as the | |||
| available addresses advertised in IAs. | available addresses advertised in IAs. | |||
| With: | With: | |||
| - The client MAY choose a less-preferred server if that server | - The client MAY choose a less-preferred server if that server | |||
| has a better set of advertised parameters, such as the | has a better set of advertised parameters, such as the | |||
| available options advertised in IAs. | available options advertised in IAs. | |||
| It is important to note that the receipt of a Advertisement without | It is important to note that the receipt of an Advertise message | |||
| any bindings does not imply that the client should restart the | without any addresses and delegated prefixes does not imply that the | |||
| Solicit retransmissions timers. Doing so would lead to a Solicit/ | client should restart the Solicit retransmissions timers. Doing so | |||
| Advertisement storm. | would lead to a Solicit/Advertise storm. | |||
| 4.2. Placement of Status Codes | ||||
| In Reply messages IA specific status codes (i.e., NoAddrsAvail, | ||||
| NotOnlink, NoBinding, NoPrefixAvail) are encapsulated in the IA | ||||
| option. In Advertisement messages the Status Code option with the | ||||
| NoAddrsAvail code is in the "global" scope. That makes sense when | ||||
| the failure case is fatal. With the introduction of multiple IA | ||||
| option types, there might be a case where a server is not willing to | ||||
| offer addresses, but might be willing to offer other stateful option | ||||
| types. | ||||
| While a Status Code option is implicitly bound to a specific type of | ||||
| IA, e.g. NoPrefixAvail is only applicable to IA_PD and NoAddrsAvail | ||||
| is only applicable to IA_NA/IA_TA, it may be problematic to make this | ||||
| assumption for all status codes. Ideally the Status Code option | ||||
| should be encapsulated in the IA option for all DHCP messages. This | ||||
| makes Advertisement messages equal to Reply messages. | ||||
| Proposed solution: No change. For backwards compatibility, the | ||||
| NoAddrsAvail Status Code option when no addresses are available will | ||||
| be kept in the global scope for Advertise messages. Other IA option | ||||
| types MUST encapsulate the Status Code option within the IA option. | ||||
| To clarify further: when a client requests both IA_NA and IA_PD, and | ||||
| the server can offer IA_PD but not IA_NA, the server sends an | ||||
| Advertise response containing no IA_NA option, a status code option | ||||
| of NoAddrsAvail, and one or more IA_PD options containing IAPREFIX | ||||
| options. | ||||
| 4.3. T1/T2 Timers | 4.3. T1/T2 Timers | |||
| The T1 and T2 timers determine when the client will contact the | The T1 and T2 timers determine when the client will contact the | |||
| server to extend lifetimes of information received in an IA. How | server to extend lifetimes of information received in an IA. How | |||
| should a client handle the case where multiple IA options have | should a client handle the case where multiple IA options have | |||
| different T1 and T2 timers? | different T1 and T2 timers? | |||
| In a multiple IA option types model, the T1/T2 timers are protocol | In a multiple IA option type model, the T1/T2 timers are protocol | |||
| timers, that should be independent of the IA options themselves. If | timers, that should be independent of the IA options themselves. If | |||
| we were to redo the DHCP protocol from scratch the T1/T2 timers | we were to redo the DHCP protocol from scratch the T1/T2 timers | |||
| should be carried in a separate DHCP option. | should be carried in a separate DHCP option. | |||
| Proposed solution: The server SHOULD set the T1/T2 timers in all IA | Proposed solution: The server SHOULD set the T1/T2 timers in all IA | |||
| options in Reply and Advertise messages to the same value. To deal | options in Reply and Advertise messages to the same value. To deal | |||
| with the case where servers have not yet been updated to do that, | with the case where servers have not yet been updated to do that, | |||
| clients MUST use the shortest (explicit or implicit) T1/T2 timer | clients MUST use the shortest (explicit or implicit) T1/T2 timer | |||
| (larger than 0) in any IA options in the Reply. Longer T1/T2 timers | (larger than 0) in any IA options in the Reply. Longer T1/T2 timers | |||
| are ignored. | are ignored. | |||
| skipping to change at page 6, line 19 | skipping to change at page 8, line 6 | |||
| In a multiple IA option type model, the Renew does not support the | In a multiple IA option type model, the Renew does not support the | |||
| ability for the client to renew one IA option type while requesting | ability for the client to renew one IA option type while requesting | |||
| bindings for other IA option types that were not available when the | bindings for other IA option types that were not available when the | |||
| client sent the Request. | client sent the Request. | |||
| Proposed solution: The client should continue with the IA options | Proposed solution: The client should continue with the IA options | |||
| received, while continuing to include the other IA options in | received, while continuing to include the other IA options in | |||
| subsequent messages to the server. The client and server processing | subsequent messages to the server. The client and server processing | |||
| need to be modified. Note that this change makes the server's IA | need to be modified. Note that this change makes the server's IA | |||
| processing of Renew and Rebind similar to the Request processing. | processing of Renew similar to the Request processing. | |||
| Replace Section 18.1.3 of [RFC3315]: | The first two subsections contain the required updates to [RFC3315] | |||
| and [RFC3633] to accommodate this behavior on the client and the | ||||
| server. The remaining two subsections propose a "unified" text to be | ||||
| included in the [I-D.dhcwg-dhc-rfc3315bis], describing the client's | ||||
| and server's behavior for renewing both addresses and prefixes. | ||||
| At time T1 for an IA, the client initiates a Renew/Reply message | 4.4.1. Updates to RFC 3315 | |||
| exchange to extend the lifetimes on any addresses in the IA. The | ||||
| client includes an IA option with all addresses currently assigned | Replace Section 18.1.3 of RFC 3315: | |||
| to the IA in its Renew message. | ||||
| At time T1 for an IA, the client initiates a Renew/Reply message | ||||
| exchange to extend the lifetimes on any addresses in the IA. The | ||||
| client includes an IA option with all addresses currently assigned | ||||
| to the IA in its Renew message. | ||||
| With: | With: | |||
| At time T1 for an IA, the client initiates a Renew/Reply message | At time T1 for an IA, the client initiates a Renew/Reply message | |||
| exchange to extend the lifetimes on any addresses in the IA. The | exchange to extend the lifetimes on any addresses in the IA. The | |||
| client includes an IA option with all addresses currently assigned | client includes an IA option with all addresses currently assigned | |||
| to the IA in its Renew message. The client also includes an IA | to the IA in its Renew message. The client also includes an IA | |||
| option for each binding it desires but has been unable to obtain. | option for each binding it desires but has been unable to obtain. | |||
| Replace Section 18.2.3 of [RFC3315]: | Replace Section 18.2.3 of RFC 3315: | |||
| If the server cannot find a client entry for the IA the server | If the server cannot find a client entry for the IA the server | |||
| returns the IA containing no addresses with a Status Code option | returns the IA containing no addresses with a Status Code option | |||
| set to NoBinding in the Reply message. | set to NoBinding in the Reply message. | |||
| With: | With: | |||
| If the server cannot find a client entry for the IA the server | If the server cannot find a client entry for the IA the server | |||
| creates the bindings for that client according to the server's | creates the bindings for that client according to the server's | |||
| policy and configuration information and records the IAs and | policy and configuration information and returns the IAs and other | |||
| other information requested by the client. | information requested by the client. | |||
| Note that clients that communicate with servers that do not support | Note that clients that communicate with servers that do not support | |||
| this updated Renew processing will receive the NoBinding status for | this updated Renew processing will receive the NoBinding status for | |||
| the IA which had no bindings. The client MUST continue to process | the IA which had no bindings. The client MUST continue to process | |||
| the other IAs in the Reply. The client MAY attempt a Solicit/ | the other IAs in the Reply. The client MAY attempt a | |||
| Advertise/Request/Reply sequence periodically to obtain bindings for | Solicit/Advertise/Request/Reply sequence periodically to obtain | |||
| these IAs. However, it MUST limit the frequency at which is does | bindings for these IAs. However, it MUST limit the frequency at | |||
| this to no more often than the renewal frequency. | which it does this to no more often than the renewal frequency. | |||
| 4.4.2. Updates to RFC 3633 | ||||
| Replace Section 12.2 of RFC 3633: | ||||
| Renew message: If the delegating router cannot find a binding | ||||
| for the requesting router's IA_PD the delegating | ||||
| router returns the IA_PD containing no prefixes | ||||
| with a Status Code option set to NoBinding in the | ||||
| Reply message. | ||||
| With: | ||||
| Renew message: If the delegating router cannot find a binding | ||||
| for the requesting router's IA_PD, the delegating | ||||
| router creates the bindings for that client | ||||
| according to the server's policy and | ||||
| configuration information and returns the IAs and | ||||
| other information requested by the client. | ||||
| 4.4.3. Creation and Transmission of Renew Messages (unified text) | ||||
| To extend the valid and preferred lifetimes for the resources | ||||
| associated with IAs, the client sends a Renew message to the server | ||||
| from which the client obtained the resources. | ||||
| The server controls the time at which the client contacts the server | ||||
| to extend the lifetimes on client's bindings through the T1 and T2 | ||||
| parameters assigned to IAs. The server SHOULD assign the same T1 and | ||||
| T2 value to each binding assigned to the client. In this case the | ||||
| client uses the common T1 or T2 value returned in the IAs to | ||||
| determine the time when it should send Renew or Rebind message to the | ||||
| server. If the server sends different T1/T2 values for different | ||||
| IAs, the client uses the shortest T1/T2 value (larger than 0). T1/T2 | ||||
| values in other IA options are ignored. | ||||
| If T1 or T2 is set to 0 by the server for all IA_NA and IA_PD | ||||
| options, or there are no T1 or T2 times (for an IA_TA), the client | ||||
| may send Renew or Rebind message, respectively, at the client's | ||||
| discretion. | ||||
| At time T1, the client that initiates a Renew/Reply message exchange, | ||||
| includes IA options for all bindings for which it desires to extend | ||||
| lifetimes in its Renew message. For each IA being included, the | ||||
| client includes all resources currently associated with the IA. | ||||
| The client also includes IA option for each binding it desires but | ||||
| has been unable to obtain. For example: a client which has non- | ||||
| temporary addresses assigned but hasn't been delegated a prefix, may | ||||
| include an IA_PD option (in addition to the IA_NA option) in the | ||||
| Renew message to request prefix delegation. | ||||
| The client constructing a Renew message SHOULD NOT include resources | ||||
| in IA options that the client does not have. If the client included | ||||
| a resource it does not have and the server does not allocate this | ||||
| resource for the client, the server will return the resource to the | ||||
| client in the IA with the lifetimes set to 0. This is a signal to | ||||
| the client to not use this resource. The server MAY allocate a | ||||
| different resource to the client and send it in the same IA. | ||||
| The client sets "msg-type" field to RENEW. The client generates a | ||||
| transaction ID and inserts this value in the "transaction-id" field. | ||||
| The client places the identifier of the destination server in a | ||||
| Server Identifier option. | ||||
| The client MUST include a Client Identifier option to identify itself | ||||
| to the server. The client adds any appropriate options, including | ||||
| one or more IA options. | ||||
| The client MUST include an Option Request option to indicate the | ||||
| options the client is interested in receiving. The client MAY | ||||
| include options with data values as hints to the server about | ||||
| parameter values the client would like to have returned. | ||||
| The client transmits the message according to section 14, using the | ||||
| following parameters: | ||||
| IRT REN_TIMEOUT | ||||
| MRT REN_MAX_RT | ||||
| MRC 0 | ||||
| MRD Remaining time until T2 | ||||
| If the server finds that any resource sent by the client is not | ||||
| appropriate, according to the server's configuration information, the | ||||
| server sends back the IA with the corresponding IA Address (for | ||||
| inappropriate address), IA Prefix option (for inappropriate prefix) | ||||
| or other option appropriate for the type of the resource, with | ||||
| lifetimes set to 0. The client which receives the option with | ||||
| lifetimes set to 0 MUST NOT use the corresponding resource. | ||||
| The message exchange is terminated when time T2 is reached, at which | ||||
| time the client begins a Rebind message exchange. | ||||
| 4.4.4. Receipt of Renew Messages (unified text) | ||||
| When the server receives a Renew message via unicast from a client to | ||||
| which the server has not sent a unicast option, the server discards | ||||
| the Renew message and responds with a Reply message containing a | ||||
| Status Code option with the value UseMulticast, a Server Identifier | ||||
| option containing the server's DUID, the Client Identifier option | ||||
| from the client message, and no other options. | ||||
| When the server receives a Renew message that contains an IA option | ||||
| from a client, it locates the client's binding and verifies that the | ||||
| information in the IA from the client matches the information stored | ||||
| for the client. | ||||
| If the server cannot find a client entry for the IA, the server | ||||
| creates the bindings for that client according to the server's policy | ||||
| and configuration information and returns the IAs and other | ||||
| information requested by the client. For each IA for which the | ||||
| server will not create a binding the server returns an IA option | ||||
| containing a Status Code option set to NoBinding in the Reply | ||||
| message. | ||||
| If the server finds that any resource sent by the client is not | ||||
| appropriate, according to the server's configuration information, the | ||||
| server sends back the IA with the corresponding IA Address (for | ||||
| invalid address), IA Prefix option (for invalid prefix) or any other | ||||
| option appropriate for the type of the resource, with lifetimes set | ||||
| to 0. | ||||
| The server constructs a Reply message by setting the "msg-type" field | ||||
| to REPLY, and copying the transaction ID from the Renew message into | ||||
| the transaction-id field. | ||||
| The server MUST include a Server Identifier option containing the | ||||
| server's DUID and the Client Identifier option from the Renew message | ||||
| in the Reply message. | ||||
| The server includes other options containing configuration | ||||
| information to be returned to the client as described in [RFC3315]. | ||||
| 4.5. Rebind Message | 4.5. Rebind Message | |||
| In the Section 4.4 it has been proposed that the client includes IA | ||||
| options in a Renew message for the bindings it desires but has been | ||||
| unable to obtain by sending a Request message, apart from the IA | ||||
| options for the existing bindings. | ||||
| At time T2 (being a shortest, greater than 0, time across all | ||||
| client's IAs), the client stops sending Renew messages to the server | ||||
| and initiates the Rebind/Reply message exchange with any available | ||||
| server. In this case, it should be possible to continue trying to | ||||
| obtain new bindings using the Rebind message if the client failed to | ||||
| get the response from the server to the Renew message. | ||||
| The Rebind message, as described in [RFC3315] does not explicitly | The Rebind message, as described in [RFC3315] does not explicitly | |||
| specify what a server should do when an IA option which contains no | specify what a server should do when an IA option which contains no | |||
| addresses is present. | addresses is present. | |||
| Replace Section 18.1.4 of [RFC3315]: | Proposed solution: The client should continue with the IA options | |||
| received and it MAY include additional IA options to request creation | ||||
| of additional bindings. | ||||
| At time T2 for an IA (which will only be reached if the server to | The first two subsections contain the required updates to [RFC3315] | |||
| which the Renew message was sent at time T1 has not responded), the | and [RFC3633] to accommodate this behavior on the client and the | |||
| client initiates a Rebind/Reply message exchange with any available | server. The remaining two subsections propose a "unified" text to be | |||
| server. The client includes an IA option with all addresses | included in the [I-D.dhcwg-dhc-rfc3315bis], describing the client's | |||
| currently assigned to the IA in its Rebind message. | and server's behavior with respect to processing different IA option | |||
| types in a single Rebind message. | ||||
| 4.5.1. Updates to RFC 3315 | ||||
| Replace Section 18.1.4 of RFC 3315: | ||||
| At time T2 for an IA (which will only be reached if the server to | ||||
| which the Renew message was sent at time T1 has not responded), | ||||
| the client initiates a Rebind/Reply message exchange with any | ||||
| available server. The client includes an IA option with all | ||||
| addresses currently assigned to the IA in its Rebind message. | ||||
| With: | With: | |||
| At time T2 for an IA (which will only be reached if the server to | At time T2 for an IA (which will only be reached if the server to | |||
| which the Renew message was sent at time T1 has not responded), the | which the Renew message was sent at time T1 has not responded), | |||
| client initiates a Rebind/Reply message exchange with any available | the client initiates a Rebind/Reply message exchange with any | |||
| server. The client includes an IA option with all addresses | available server. The client includes an IA option with all | |||
| currently assigned to the IA in its Rebind message. The client | addresses currently assigned to the IA in its Rebind message. The | |||
| also includes an IA option for each binding it desires but has been | client also includes an IA option (without the IA Address option) | |||
| unable to obtain. | for each binding it desires but has been unable to obtain. | |||
| Replace Section 18.2.4 of [RFC3315] with the following text to | The client constructing a Rebind message SHOULD NOT include | |||
| clarify how the server should handle all of the possible conditions: | addresses in IA options that the client does not have. If the | |||
| client included an address it does not have and the server does | ||||
| not allocate this address for the client, the server will return | ||||
| the IA Address option containing address included by the client in | ||||
| the IA with lifetimes set to 0. This is an indication to the | ||||
| client to not use this address. The server MAY allocate a | ||||
| different address to the client and send it in the same IA. | ||||
| Replace Section 18.2.4 of RFC 3315 with the following text to clarify | ||||
| how the server should handle all of the possible conditions: | ||||
| When the server receives a Rebind message that contains an IA | When the server receives a Rebind message that contains an IA | |||
| option from a client, it locates the client's binding and verifies | option from a client, it locates the client's binding and verifies | |||
| that the information in the IA from the client matches the | that the information in the IA from the client matches the | |||
| information stored for that client. | information stored for that client. | |||
| If the server finds the addresses in the IA for the client and the | If the server finds the addresses in the IA for the client and the | |||
| server determines that the addresses in the IA are appropriate for | server determines that the addresses in the IA are appropriate for | |||
| the link to which the client's interface is attached according to | the link to which the client's interface is attached according to | |||
| the server's explicit configuration information, the server SHOULD | the server's explicit configuration information, the server SHOULD | |||
| skipping to change at page 8, line 9 | skipping to change at page 13, line 35 | |||
| determines that the addresses in the IA are not appropriate for the | determines that the addresses in the IA are not appropriate for the | |||
| link to which the client's interface is attached according to the | link to which the client's interface is attached according to the | |||
| server's explicit configuration information, the server MAY send a | server's explicit configuration information, the server MAY send a | |||
| Reply message to the client containing the client's IA, with the | Reply message to the client containing the client's IA, with the | |||
| lifetimes for the addresses in the IA set to zero. This Reply | lifetimes for the addresses in the IA set to zero. This Reply | |||
| constitutes an explicit notification to the client that the | constitutes an explicit notification to the client that the | |||
| addresses in the IA are no longer valid. In this situation, if the | addresses in the IA are no longer valid. In this situation, if the | |||
| server does not send a Reply message it silently discards the | server does not send a Reply message it silently discards the | |||
| Rebind message. | Rebind message. | |||
| If the server cannot find a client entry for the IA and the server | If the server cannot find a client entry for the IA and the IA is | |||
| determines that the addresses in the IA are appropriate for the | empty (i.e. contains no addresses), the server MAY assign the | |||
| link to which the client's interface is attached according to the | addresses to this IA and send a Reply message to the client with | |||
| server's explicit configuration information, and the addresses are | this IA containing allocated addresses with lifetimes and T1/T2 | |||
| not in use, the server MAY assign the addresses to the client and | times. In the case when the client included addresses in the IA, | |||
| send a Reply message to the client with new lifetimes and T1/T2 | included addresses are appropriate for the link to which the | |||
| times for the bindings. If the server cannot assign the addresses | client's interface is attached according to the server's explicit | |||
| to the client, the server returns the IA containing no addresses | configuration information and they are not in use, the server MAY | |||
| with a Status Code option set to NoBinding in the Reply message. | allocate these addresses to the client. If the server does not | |||
| allocate addresses to the client, the server returns the IA | ||||
| containing only Status Code option set to NoBinding in the Reply | ||||
| message. | ||||
| Note: A server SHOULD NOT provide additional bindings to the client | When the server creates new bindings for the IA it is possible that | |||
| as the client could accept a Reply from a different server (this is | other servers also create bindings as a result of receiving the | |||
| the same issue as in the Discussion under the Rapid Commit option, | same Rebind message. This is the same issue as in the Discussion | |||
| see section 22.14). | under the Rapid Commit option, see section 22.14. Therefore, the | |||
| server SHOULD only create new bindings during processing of a | ||||
| Rebind message if the server is configured to respond with a Reply | ||||
| message to a Solicit message containing the Rapid Commit option. | ||||
| The server constructs a Reply message by setting the "msg-type" | The server constructs a Reply message by setting the "msg-type" | |||
| field to REPLY, and copying the transaction ID from the Rebind | field to REPLY, and copying the transaction ID from the Rebind | |||
| message into the transaction-id field. | message into the transaction-id field. | |||
| The server MUST include a Server Identifier option containing the | The server MUST include a Server Identifier option containing the | |||
| server's DUID and the Client Identifier option from the Rebind | server's DUID and the Client Identifier option from the Rebind | |||
| message in the Reply message. | message in the Reply message. | |||
| The server includes other options containing configuration | The server includes other options containing configuration | |||
| information to be returned to the client as described in section | information to be returned to the client as described in section | |||
| 18.2. | 18.2. | |||
| 4.5.2. Updates to RFC 3633 | ||||
| Replace Section 12.2 of RFC 3633: | ||||
| Rebind message: If the delegating router cannot find a binding | ||||
| for the requesting router's IA_PD and the | ||||
| delegating router determines that the prefixes in | ||||
| the IA_PD are not appropriate for the link to | ||||
| which the requesting router's interface is | ||||
| attached according to the delegating routers | ||||
| explicit configuration, the delegating router MAY | ||||
| send a Reply message to the requesting router | ||||
| containing the IA_PD with the lifetimes of the | ||||
| prefixes in the IA_PD set to zero. This Reply | ||||
| constitutes an explicit notification to the | ||||
| requesting router that the prefixes in the IA_PD | ||||
| are no longer valid. If the delegating router is | ||||
| unable to determine if the prefix is not | ||||
| appropriate for the link, the Rebind message is | ||||
| discarded. | ||||
| with: | ||||
| Rebind message: If the delegating router cannot find a binding | ||||
| for the requesting router's IA_PD and the | ||||
| delegating router determines that the prefixes in | ||||
| the IA_PD are not appropriate for the link to | ||||
| which the requesting router's interface is | ||||
| attached according to the delegating routers | ||||
| explicit configuration, the delegating router MAY | ||||
| send a Reply message to the requesting router | ||||
| containing the IA_PD with the lifetimes of the | ||||
| prefixes in the IA_PD set to zero. This Reply | ||||
| constitutes an explicit notification to the | ||||
| requesting router that the prefixes in the IA_PD | ||||
| are no longer valid. If the delegating router is | ||||
| unable to determine if the prefix is not | ||||
| appropriate for the link, the Rebind message is | ||||
| discarded. If the IA_PD contains no prefixes or | ||||
| the prefixes are appropriate for the link to | ||||
| which the requesting router's interface is | ||||
| attached according to the delegating router's | ||||
| explicit configuration information and if | ||||
| prefixes are not in use, the delegating router | ||||
| MAY assign prefixes to this IA_PD. | ||||
| 4.5.3. Creation and Transmission of Rebind Messages (unified text) | ||||
| At time T2 for an IA (which will only be reached if the server to | ||||
| which the Renew message was sent at time T1 has not responded), the | ||||
| client initiates a Rebind/Reply message exchange with any available | ||||
| server. For each IA being included, the client stores all resources | ||||
| currently associated with the IA. | ||||
| The client also includes IA option for each binding it desires but | ||||
| has been unable to obtain. For example: a client which has non- | ||||
| temporary addresses assigned but has not been delegated a prefix, may | ||||
| include an IA_PD option (in addition to the IA_NA option) in the | ||||
| Rebind message to request the prefix delegation. | ||||
| The client constructing a Rebind message SHOULD NOT include resources | ||||
| in IA options that the client does not have. If the client included | ||||
| a resource it does not have and the server does not allocate this | ||||
| resource for the client, the server will return the appropriate | ||||
| option containing the resource (e.g. IA Address, IA Prefix) with the | ||||
| lifetimes set to 0. This is an indication to the client to not use | ||||
| this resource. The server MAY allocate a different resource to the | ||||
| client and send it in the same IA. | ||||
| The client sets the "msg-type" field to REBIND. The client generates | ||||
| a transaction ID and inserts this value in the "transaction-id" | ||||
| field. | ||||
| The client MUST include a Client Identifier option to identify itself | ||||
| to the server. The client adds any appropriate options, including | ||||
| one or more IA options. The client MUST include the list of | ||||
| resources the client currently has associated with the IAs in the | ||||
| Rebind message. | ||||
| The client MUST include an Option Request option to indicate the | ||||
| options that client is interested in receiving. The client MAY | ||||
| include options with data values as hints to the server about | ||||
| parameter values the client would like to have returned. | ||||
| The client transmits the message according to Section 14, using the | ||||
| following parameters: | ||||
| IRT REB_TIMEOUT | ||||
| MRT REB_MAX_RT | ||||
| MRC 0 | ||||
| MRD Remaining time until valid lifetimes of all addresses or | ||||
| prefixes in the IA have expired | ||||
| The message exchange is terminated when the valid lifetimes of all | ||||
| the resources assigned to the IA expire, at which time the client has | ||||
| several alternative actions to choose from; for example: | ||||
| - The client may choose to use a Solicit message to locate a new | ||||
| DHCP server and send a Request for the expired IA to the new | ||||
| server. | ||||
| - The client may have other resources in other IAs, so the client | ||||
| may choose to discard the expired IA and use the other IAs. | ||||
| 4.5.4. Receipt of Rebind Messages (unified text) | ||||
| When the server receives a Rebind message that contains an IA option | ||||
| from a client, it locates the client's binding and verifies that the | ||||
| information in the IA from the client matches the information stored | ||||
| for that client. | ||||
| If the server finds the resource in the IA for the client and the | ||||
| server determines that the resources in the IA are appropriate for | ||||
| the link to which the client's interface is attached according to the | ||||
| server's explicit configuration information, the server SHOULD send | ||||
| back the IA to the client with new lifetimes and T1/T2 times. | ||||
| If the server cannot find a client entry for the IA and the server | ||||
| determines that the resources in the IA are not appropriate for the | ||||
| link to which the client's interface is attached according to the | ||||
| server's explicit configuration information, the server MAY send a | ||||
| Reply message to the client containing the client's IA, with the | ||||
| lifetimes for the resources in the IA set to zero. This Reply | ||||
| constitutes an explicit notification to the client that the resources | ||||
| in the IA are no longer valid. In this situation, if the server does | ||||
| not send a Reply message it silently discards the Rebind message. | ||||
| If the server cannot find a client entry for the IA and the IA is | ||||
| empty (i.e. contains no resources), the server MAY assign the | ||||
| resources to this IA and send a Reply message to the client with this | ||||
| IA containing allocated resources with lifetimes and T1/T2 times. In | ||||
| the case when the client included resources in the IA, included | ||||
| resources are appropriate for the link to which the client's | ||||
| interface is attached according to the server's explicit | ||||
| configuration information and they are not in use, the server MAY | ||||
| allocate these resources to the client. If the server does not | ||||
| allocate resources to the client, the server returns the IA | ||||
| containing only Status Code option set to NoBinding in the Reply | ||||
| message. | ||||
| When the server creates new bindings for the IA it is possible that | ||||
| other servers also create bindings as a result of receiving the same | ||||
| Rebind message. This is the same issue as in the Discussion under | ||||
| the Rapid Commit option, see section 22.14 of [RFC3315]. Therefore, | ||||
| the server SHOULD only create new bindings during processing of a | ||||
| Rebind message if the server is configured to respond with a Reply | ||||
| message to a Solicit message containing the Rapid Commit option. | ||||
| The server constructs a Reply message by setting the "msg-type" field | ||||
| to REPLY, and copying the transaction ID from the Rebind message into | ||||
| the transaction-id field. | ||||
| The server MUST include a Server Identifier option containing the | ||||
| server's DUID and the Client Identifier option from the Rebind | ||||
| message in the Reply message. | ||||
| The server includes other options containing configuration | ||||
| information to be returned to the client as described in section | ||||
| 18.2. | ||||
| 4.6. Confirm Message | 4.6. Confirm Message | |||
| The Confirm message, as described in [RFC3315], is specific to | The Confirm message, as described in [RFC3315], is specific to | |||
| address assignment. It allows a server without a binding reply to | address assignment. It allows a server without a binding to reply to | |||
| the message, under the assumption that the server only needs | the message, under the assumption that the server only needs | |||
| knowledge about the prefix(es) on the link, to inform the client that | knowledge about the prefix(es) on the link, to inform the client that | |||
| the address is likely valid or not. This message is sent when e.g. | the address is likely valid or not. This message is sent when e.g. | |||
| the client has moved and needs to validate its addresses. Not all | the client has moved and needs to validate its addresses. Not all | |||
| bindings can be validated by servers and the Confirm message provides | bindings can be validated by servers and the Confirm message provides | |||
| for this by specifying that a server that is unable to determine the | for this by specifying that a server that is unable to determine the | |||
| on-link status MUST NOT send a Reply. | on-link status MUST NOT send a Reply. | |||
| Note: Confirm has a specific meaning and does not overload Renew/ | Note: Confirm has a specific meaning and does not overload Renew/ | |||
| Rebind. It also is lower processing cost as the server does NOT need | Rebind. It also is lower processing cost as the server does NOT need | |||
| to extend lease times or otherwise send back other configuration | to extend lease times or otherwise send back other configuration | |||
| options. | options. | |||
| Proposed solution: Allow and specify the Confirm message for other IA | The Confirm message is used by the client to verify that it has not | |||
| option types. The server performs the same test as for addresses on | moved to a different link. For IAs with addresses, the mechanism | |||
| the delegated prefixes (see [RFC3315], section 18.2.2). | used to verify if a client has moved or not, is by matching the | |||
| link's on-link prefix(es) (typically a /64) against the prefix-length | ||||
| Replace Section 12.1 of [RFC3633]: | first bits of the addresses provided by the client in the IA_NA or | |||
| IA_TA IA-types. As a consequence Confirm can only be used when the | ||||
| If such verification is needed the requesting router MUST initiate | client has an IA with address(es) (IA_NA or IA_TA). | |||
| a Rebind/Reply message exchange as described in section 18.1.4, | ||||
| "Creation and Transmission of Rebind Messages" of RFC 3315, with | ||||
| the exception that the retransmission parameters should be set as | ||||
| for the Confirm message, described in section 18.1.2, "Creation | ||||
| and Transmission of Confirm Messages" of RFC 3315. The requesting | ||||
| router includes any IA_PDs, along with prefixes associated with | ||||
| those IA_PDs in its Rebind message. | ||||
| ... | ||||
| The Confirm and Decline message types are not used with Prefix | ||||
| Delegation. | ||||
| With: | ||||
| If such verification is needed the requesting router MUST initiate | A client MUST have a binding including an IA with addresses to use | |||
| a Confirm message exchange as described in section 18.1.2, | the Confirm message. A client with IAs with addresses as well as | |||
| "Creation and Transmission of Confirm Messages" of RFC 3315. The | other IA-types MAY, depending on the IA-type, use the Confirm message | |||
| requesting router includes any IA_PDs, along with prefixes | to detect if the client has moved to a different link. A client that | |||
| associated with those IA_PDs in its Confirm message. | does not have a binding with an IA with addresses MUST use the Rebind | |||
| message instead. | ||||
| ... | IA_PD requires verification that the server has the binding for the | |||
| IAs. In that case a client MUST use the Rebind message in place of | ||||
| the Confirm message and it MUST include all of its bindings, even | ||||
| address IAs. | ||||
| The Decline message type is not used with Prefix Delegation. | 4.7. Decline Should Not Necessarily Trigger a Release | |||
| 4.7. Release Message | Some clients will send a Release message for other bindings they may | |||
| have received after they determine a conflict and have correctly sent | ||||
| a Decline message for the conflicting address(es). | ||||
| A client can release any individual lease at any time. A client can | It is recommended that a client SHOULD NOT send a Release message for | |||
| get "back" a lease by using a Renew message. It MAY do this at any | other bindings it may have received just because it sent a Decline | |||
| time, though must avoid creating a Renew storm. E.g. wait until T1. | message. The client should retain the non-conflicting bindings. | |||
| 4.8. Multiple Provisioning Domains | 4.8. Multiple Provisioning Domains | |||
| This document has assumed that all DHCP servers on a network are in a | This document has assumed that all DHCP servers on a network are in a | |||
| single provisioning domain and thus should be "equal" in the service | single provisioning domain and thus should be "equal" in the service | |||
| that they offer. This was also assumed by [RFC3315] and [RFC3633]. | that they offer. This was also assumed by [RFC3315] and [RFC3633]. | |||
| One could envision a network where the DHCP servers are in multiple | One could envision a network where the DHCP servers are in multiple | |||
| provisioning domains, and it may be desirable to have the DHCP client | provisioning domains, and it may be desirable to have the DHCP client | |||
| obtain different IA types from different provisioning domains. How a | obtain different IA types from different provisioning domains. How a | |||
| skipping to change at page 10, line 17 | skipping to change at page 19, line 17 | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This specification does not require any IANA actions. | This specification does not require any IANA actions. | |||
| 6. Security Considerations | 6. Security Considerations | |||
| There are no new security considerations pertaining to this document. | There are no new security considerations pertaining to this document. | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| Thanks to many people that contributed to identify the issues in this | ||||
| document, including Ralph Droms, John, Brzozowski, Ted Lemon, Hemant | ||||
| Singh, Wes Beebee, Gaurau Halwasia, Bud Millword, Tim Winters, and | ||||
| Rob Shakir. | ||||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., | [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., | |||
| and M. Carney, "Dynamic Host Configuration Protocol for | and M. Carney, "Dynamic Host Configuration Protocol for | |||
| IPv6 (DHCPv6)", RFC 3315, July 2003. | IPv6 (DHCPv6)", RFC 3315, July 2003. | |||
| [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic | [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic | |||
| Host Configuration Protocol (DHCP) version 6", RFC 3633, | Host Configuration Protocol (DHCP) version 6", RFC 3633, | |||
| December 2003. | December 2003. | |||
| [RFC7083] Droms, R., "Modification to Default Values of SOL_MAX_RT | ||||
| and INF_MAX_RT", RFC 7083, November 2013. | ||||
| 8.2. Informative References | 8.2. Informative References | |||
| [RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O. | [I-D.dhcwg-dhc-rfc3315bis] | |||
| Troan, "Basic Requirements for IPv6 Customer Edge | Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A., | |||
| Routers", RFC 6204, April 2011. | Richardson, M., Jiang, S., and T. Lemon, "Dynamic Host | |||
| Configuration Protocol for IPv6 (DHCPv6) bis", draft- | ||||
| dhcwg-dhc-rfc3315bis-01 (work in progress), May 2014. | ||||
| [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy | ||||
| Extensions for Stateless Address Autoconfiguration in | ||||
| IPv6", RFC 4941, September 2007. | ||||
| [RFC7084] Singh, H., Beebee, W., Donley, C., and B. Stark, "Basic | ||||
| Requirements for IPv6 Customer Edge Routers", RFC 7084, | ||||
| November 2013. | ||||
| [RFC7227] Hankins, D., Mrugalski, T., Siodelski, M., Jiang, S., and | ||||
| S. Krishnan, "Guidelines for Creating New DHCPv6 Options", | ||||
| BCP 187, RFC 7227, May 2014. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Ole Troan | Ole Troan | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Philip Pedersens vei 20 | Philip Pedersens vei 20 | |||
| N-1324 Lysaker | N-1324 Lysaker | |||
| Norway | Norway | |||
| Email: ot@cisco.com | Email: ot@cisco.com | |||
| skipping to change at page 11, line 4 | skipping to change at page 20, line 22 | |||
| Authors' Addresses | Authors' Addresses | |||
| Ole Troan | Ole Troan | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Philip Pedersens vei 20 | Philip Pedersens vei 20 | |||
| N-1324 Lysaker | N-1324 Lysaker | |||
| Norway | Norway | |||
| Email: ot@cisco.com | Email: ot@cisco.com | |||
| Bernie Volz | Bernie Volz | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| 1414 Massachusetts Ave | 1414 Massachusetts Ave | |||
| Boxborough, MA 01719 | Boxborough, MA 01719 | |||
| USA | USA | |||
| Email: volz@cisco.com | Email: volz@cisco.com | |||
| Marcin Siodelski | ||||
| ISC | ||||
| 950 Charter Street | ||||
| Redwood City, CA 94063 | ||||
| USA | ||||
| Email: msiodelski@gmail.com | ||||
| End of changes. 47 change blocks. | ||||
| 174 lines changed or deleted | 617 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||