draft-ietf-softwire-map-radius-22.txt   draft-ietf-softwire-map-radius-23.txt 
Softwire S. Jiang, Ed. Softwire S. Jiang, Ed.
Internet-Draft Huawei Technologies Co., Ltd Internet-Draft Huawei Technologies Co., Ltd
Intended status: Standards Track Y. Fu, Ed. Intended status: Standards Track Y. Fu, Ed.
Expires: October 7, 2019 CNNIC Expires: November 15, 2019 CNNIC
B. Liu B. Liu
Huawei Technologies Co., Ltd Huawei Technologies Co., Ltd
P. Deacon P. Deacon
IEA Software, Inc. IEA Software, Inc.
C. Xie C. Xie
China Telecom China Telecom
T. Li T. Li
Tsinghua University Tsinghua University
M. Boucadair, Ed. M. Boucadair, Ed.
Orange Orange
April 5, 2019 May 14, 2019
RADIUS Attributes for Address plus Port (A+P) based Softwire Mechanisms RADIUS Attributes for Address plus Port (A+P) based Softwire Mechanisms
draft-ietf-softwire-map-radius-22 draft-ietf-softwire-map-radius-23
Abstract Abstract
IPv4-over-IPv6 transition mechanisms provide IPv4 connectivity IPv4-over-IPv6 transition mechanisms provide IPv4 connectivity
services over IPv6 native networks during the IPv4/IPv6 co-existence services over IPv6 native networks during the IPv4/IPv6 co-existence
period. DHCPv6 options have been defined for configuring clients for period. DHCPv6 options have been defined for configuring clients for
Lightweight 4over6, Mapping of Address and Port with Encapsulation, Lightweight 4over6, Mapping of Address and Port with Encapsulation,
and Mapping of Address and Port using Translation unicast softwire and Mapping of Address and Port using Translation unicast softwire
mechanisms, and also multicast softwires. However, in many networks, mechanisms, and also multicast softwires. However, in many networks,
configuration information is stored in an Authentication, configuration information is stored in an Authentication,
skipping to change at page 2, line 10 skipping to change at page 2, line 10
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 7, 2019. This Internet-Draft will expire on November 15, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 18 skipping to change at page 3, line 18
3.3. Softwire46-Multicast Attribute . . . . . . . . . . . . . 22 3.3. Softwire46-Multicast Attribute . . . . . . . . . . . . . 22
3.3.1. ASM-Prefix64 Attribute . . . . . . . . . . . . . . . 23 3.3.1. ASM-Prefix64 Attribute . . . . . . . . . . . . . . . 23
3.3.2. SSM-Prefix64 Attribute . . . . . . . . . . . . . . . 24 3.3.2. SSM-Prefix64 Attribute . . . . . . . . . . . . . . . 24
3.3.3. U-Prefix64 Attribute . . . . . . . . . . . . . . . . 24 3.3.3. U-Prefix64 Attribute . . . . . . . . . . . . . . . . 24
4. A Sample Configuration Process with RADIUS . . . . . . . . . 24 4. A Sample Configuration Process with RADIUS . . . . . . . . . 24
5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 27 5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 27
6. Security Considerations . . . . . . . . . . . . . . . . . . . 28 6. Security Considerations . . . . . . . . . . . . . . . . . . . 28
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
7.1. New RADIUS Attributes . . . . . . . . . . . . . . . . . . 28 7.1. New RADIUS Attributes . . . . . . . . . . . . . . . . . . 28
7.2. RADIUS Softwire46 Configuration and Multicast Attributes 29 7.2. RADIUS Softwire46 Configuration and Multicast Attributes 29
7.3. Softwire46 Mechanisms and Their Identifying Option Codes 29 7.3. Softwire46 Mechanisms and Their Identifying Option Codes 30
8. Contributing Authors . . . . . . . . . . . . . . . . . . . . 30 8. Contributing Authors . . . . . . . . . . . . . . . . . . . . 30
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 32
10.1. Normative References . . . . . . . . . . . . . . . . . . 32 10.1. Normative References . . . . . . . . . . . . . . . . . . 32
10.2. Informative References . . . . . . . . . . . . . . . . . 33 10.2. Informative References . . . . . . . . . . . . . . . . . 33
Appendix A. DHCPv6 to RADIUS Field Mappings . . . . . . . . . . 35 Appendix A. DHCPv6 to RADIUS Field Mappings . . . . . . . . . . 35
A.1. OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field A.1. OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field
Mappings . . . . . . . . . . . . . . . . . . . . . . . . 35 Mappings . . . . . . . . . . . . . . . . . . . . . . . . 35
A.2. OPTION_S46_BR (90) to Softwire46-BR Field Mappings . . . 35 A.2. OPTION_S46_BR (90) to Softwire46-BR Field Mappings . . . 35
A.3. OPTION_S46_DMR (91) to Softwire46-DMR . . . . . . . . . . 35 A.3. OPTION_S46_DMR (91) to Softwire46-DMR . . . . . . . . . . 35
skipping to change at page 6, line 47 skipping to change at page 6, line 47
This attribute conveys the IPv6 prefixes to be used in [RFC8114] This attribute conveys the IPv6 prefixes to be used in [RFC8114]
to synthesize IPv4-embedded IPv6 addresses. The BNG uses the to synthesize IPv4-embedded IPv6 addresses. The BNG uses the
IPv6 prefixes returned in the RADIUS Softwire46-Multicast IPv6 prefixes returned in the RADIUS Softwire46-Multicast
Attribute to populate the DHCPv6 PREFIX64 Option [RFC8115]. Attribute to populate the DHCPv6 PREFIX64 Option [RFC8115].
All of these attributes are allocated from the RADIUS "Extended Type" All of these attributes are allocated from the RADIUS "Extended Type"
code space per [RFC6929]. code space per [RFC6929].
All of these attribute designs follow [RFC6158] and [RFC6929]. All of these attribute designs follow [RFC6158] and [RFC6929].
This document adheres to [RFC8044] for defining the new attributes. This document adheres to [RFC8044] for defining the new RADIUS
attributes.
3.1. Softwire46-Configuration Attribute 3.1. Softwire46-Configuration Attribute
This attribute is of type "tlv", as defined in the RADIUS Protocol This attribute is of type "tlv", as defined in the RADIUS Protocol
Extensions [RFC6929]. It contains some sub-attributes, with the Extensions [RFC6929]. It contains some sub-attributes, with the
following requirements: following requirements:
The Softwire46-Configuration Attribute MUST contain one or more of The Softwire46-Configuration Attribute MUST contain one or more of
the following attributes: Softwire46-MAP-E, Softwire46-MAP-T, and/ the following attributes: Softwire46-MAP-E, Softwire46-MAP-T, and/
or Softwire46-Lightweight-4over6. or Softwire46-Lightweight-4over6.
skipping to change at page 8, line 22 skipping to change at page 8, line 22
Extended-Type Extended-Type
TBD1 TBD1
Value Value
Contains one or more of the following attributes. Each attribute Contains one or more of the following attributes. Each attribute
type may appear at most once: type may appear at most once:
Softwire46-MAP-E Softwire46-MAP-E
For configuring MAP-E clients. For the construction of For configuring MAP-E clients. For the construction of
this attribute, efer to Section 3.1.1.1. this attribute, refer to Section 3.1.1.1.
Softwire46-MAP-T Softwire46-MAP-T
For configuring MAP-T clients. For the construction of For configuring MAP-T clients. For the construction of
this attribute, refer to Section 3.1.1.2. this attribute, refer to Section 3.1.1.2.
Softwire46-Lightweight-4over6 Softwire46-Lightweight-4over6
For configuring Lightweight 4over6 clients. For the For configuring Lightweight 4over6 clients. For the
construction of this attribute, refer to Section 3.1.1.3. construction of this attribute, refer to Section 3.1.1.3.
The Softwire46-Configuration Attribute is associated with the The Softwire46-Configuration Attribute is associated with the
skipping to change at page 11, line 44 skipping to change at page 11, line 44
+-----------------------+-------+-------+--------------------+ +-----------------------+-------+-------+--------------------+
| Softwire46-BR | 1 | 0 | 1 | | Softwire46-BR | 1 | 0 | 1 |
| Softwire46-Rule | 1 | 1 | 0 | | Softwire46-Rule | 1 | 1 | 0 |
| Softwire46-DMR | 0 | 1 | 0 | | Softwire46-DMR | 0 | 1 | 0 |
| Softwire46-V4V6Bind | 0 | 0 | 1 | | Softwire46-V4V6Bind | 0 | 0 | 1 |
| Softwire46-PORTPARAMS | 0-1 | 0-1 | 0-1 | | Softwire46-PORTPARAMS | 0-1 | 0-1 | 0-1 |
+-----------------------+-------+-------+--------------------+ +-----------------------+-------+-------+--------------------+
Table 2: Softwire46 Sub-Attributes Table 2: Softwire46 Sub-Attributes
The following table defines the meaning of the above table entries. The following table defines the meaning of Table 2 entries.
0 Not Permitted 0 Not Permitted
0+ Optional, zero or more instances of the attribute
may be present.
0-1 Optional, zero or one instance of the attribute 0-1 Optional, zero or one instance of the attribute
may be present. may be present.
1 Mandatory 1 Mandatory
3.1.3. Specification of the Softwire46 Sub-Attributes 3.1.3. Specification of the Softwire46 Sub-Attributes
3.1.3.1. Softwire46-Rule Attribute 3.1.3.1. Softwire46-Rule Attribute
Softwire46-Rule can only be encapsulated in Softwire46-MAP-E Softwire46-Rule can only be encapsulated in Softwire46-MAP-E
(Section 3.1.1.1) or Softwire46-MAP-T (Section 3.1.1.2). Depending (Section 3.1.1.1) or Softwire46-MAP-T (Section 3.1.1.2). Depending
skipping to change at page 12, line 22 skipping to change at page 12, line 22
more Forwarding Mapping Rules (FMRs) MUST be included in one more Forwarding Mapping Rules (FMRs) MUST be included in one
Softwire46-MAP-E or Softwire46-MAP-T. Softwire46-MAP-E or Softwire46-MAP-T.
Each type of Softwire46-Rule also contains a number of sub- Each type of Softwire46-Rule also contains a number of sub-
attributes, including Rule-IPv6-Prefix, Rule-IPv4-Prefix, and EA- attributes, including Rule-IPv6-Prefix, Rule-IPv4-Prefix, and EA-
Length. The structure of the sub-attributes for Softwire46-Rule is Length. The structure of the sub-attributes for Softwire46-Rule is
defined in Section 3.1.4. defined in Section 3.1.4.
Defining multiple TLV-types achieves the same design goals as the Defining multiple TLV-types achieves the same design goals as the
"Softwire46 Rule Flags" defined in Section 4.1 of [RFC7598]. Using "Softwire46 Rule Flags" defined in Section 4.1 of [RFC7598]. Using
TLV-type set to 4 is equivalent to setting the F-flag in the TLV-type set to 5 is equivalent to setting the F-flag in the
OPTION_S46_RULE S46 Rule Flags field. OPTION_S46_RULE S46 Rule Flags field.
TLV-Type TLV-Type
4 Basic Mapping Rule only (not to be used for forwarding) 4 Basic Mapping Rule only (not to be used for forwarding)
5 Forwarding Permitted Mapping Rule (may be used for 5 Forwarding Permitted Mapping Rule
forwarding. Can also be a Basic Mapping Rule)
TLV-Length TLV-Length
Indicates the length of this attribute, including Indicates the length of this attribute, including
the TLV-Type, TLV-Length, and TLV-Value fields. the TLV-Type, TLV-Length, and TLV-Value fields.
Data Type Data Type
The attribute Softwire46-Rule is of type tlv (Section 3.13 of The attribute Softwire46-Rule is of type tlv (Section 3.13 of
[RFC8044]). [RFC8044]).
TLV-Value TLV-Value
skipping to change at page 13, line 37 skipping to change at page 13, line 37
specifies the IPv6 address for the Softwire46 Border Relay (BR). specifies the IPv6 address for the Softwire46 Border Relay (BR).
3.1.3.3. Softwire46-DMR Attribute 3.1.3.3. Softwire46-DMR Attribute
Softwire46-DMR may only appear in Softwire46-MAP-T (Section 3.1.1.2). Softwire46-DMR may only appear in Softwire46-MAP-T (Section 3.1.1.2).
There MUST be exactly one Softwire46-DMR included in one Softwire46- There MUST be exactly one Softwire46-DMR included in one Softwire46-
MAP-T. MAP-T.
The structure of Softwire46-DMR is shown below: The structure of Softwire46-DMR is shown below:
TLV-Type TLV-Type
7 7
TLV-Length TLV-Length
4 + length of dmr-ipv6-prefix specified in octets. 4 + length of dmr-ipv6-prefix specified in octets.
Data Type Data Type
The attribute Softwire46-DMR is of type ip6pref (Section 3.10 of The attribute Softwire46-DMR is of type ip6pref (Section 3.10 of
[RFC8044]). [RFC8044]).
TLV-Value TLV-Value
dmr-ipv6-prefix. A variable-length field specifying the IPv6 dmr-ipv6-prefix. A variable-length (dmr-prefix6-len) field
prefix for the BR. This field is right-padded with zeros to specifying the IPv6 prefix for the BR. This field is right-padded
the nearest octet boundary when dmr-prefix6-len is not with zeros to the nearest octet boundary when dmr-prefix6-len
divisible by 8. Prefixes with from 0 to 96 are allowed. is not divisible by 8. Prefixes with from 0 to 96 are allowed.
3.1.3.4. Softwire46-V4V6Bind Attribute 3.1.3.4. Softwire46-V4V6Bind Attribute
Softwire46-V4V6Bind may only be encapsulated in Softwire46- Softwire46-V4V6Bind may only be encapsulated in Softwire46-
Lightweight-4over6 (Section 3.1.1.3). There MUST be exactly one Lightweight-4over6 (Section 3.1.1.3). There MUST be exactly one
Softwire46-V4V6Bind included in each Softwire46-Lightweight-4over6. Softwire46-V4V6Bind included in each Softwire46-Lightweight-4over6.
The structure of Softwire46-V4V6Bind is shown below: The structure of Softwire46-V4V6Bind is shown below:
TLV-Type TLV-Type
skipping to change at page 15, line 35 skipping to change at page 15, line 35
This attribute specifies the number of significant bits in the This attribute specifies the number of significant bits in the
PSID field (also known as 'k'). Refer to Section 3.1.6.2. PSID field (also known as 'k'). Refer to Section 3.1.6.2.
PSID PSID
This attribute specifies PSID value. Refer to Section 3.1.6.3. This attribute specifies PSID value. Refer to Section 3.1.6.3.
3.1.4. Sub-Attributes for Sofwtire46-Rule 3.1.4. Sub-Attributes for Sofwtire46-Rule
There are two types of Softwire46-Rule: the Basic Mapping Rule and There are two types of Softwire46-Rule: the Basic Mapping Rule and
the Forwarding Mapping Rule, indicated by the value in the TLV-Type the Forwarding Mapping Rule, indicated by the value in the TLV-Type
field of Softwire46-Rule (see Section 3.1.3.1). field of Softwire46-Rule (Section 3.1.3.1).
Each type of Softwire46-Rule also contains a number of Sub-attributes Each type of Softwire46-Rule also contains a number of Sub-attributes
as detailed in the following sub-sections. as detailed in the following sub-sections.
3.1.4.1. Rule-IPv6-Prefix Attribute 3.1.4.1. Rule-IPv6-Prefix Attribute
Rule-IPv6-Prefix is REQUIRED for every Softwire46-Rule. There MUST Rule-IPv6-Prefix is REQUIRED for every Softwire46-Rule. There MUST
be exactly one Rule-IPv6-Prefix encapsulated in each type of be exactly one Rule-IPv6-Prefix encapsulated in each type of
Softwire46-Rule. Softwire46-Rule.
skipping to change at page 17, line 39 skipping to change at page 17, line 39
13 13
TLV-Length TLV-Length
6 octets 6 octets
Data Type Data Type
The attribute IPv4-address is of type ipv4addr (Section 3.8 The attribute IPv4-address is of type ipv4addr (Section 3.8
of [RFC8044]). of [RFC8044]).
TLV-Value TLV-Value
32-bits long. Specifies the IPv4 address to appear in 32-bits long. Specifies the IPv4 address (ipv4-address) to
Softwire46-V4V6Bind (Section 3.1.3.4). appear in Softwire46-V4V6Bind (Section 3.1.3.4).
3.1.5.2. Bind-IPv6-Prefix Attribute 3.1.5.2. Bind-IPv6-Prefix Attribute
The Bind-IPv6-Prefix is used by the CE to identify the correct IPv6 The Bind-IPv6-Prefix is used by the CE to identify the correct IPv6
prefix to be used as the tunnel source. prefix to be used as the tunnel source.
The structure of Bind-IPv6-Prefix is shown below: The structure of Bind-IPv6-Prefix is shown below:
TLV-Type TLV-Type
14 14
skipping to change at page 20, line 25 skipping to change at page 20, line 25
TLV-Value TLV-Value
Contains the PSID (16-bits) right justified, and the unused bits Contains the PSID (16-bits) right justified, and the unused bits
in this field MUST be set to zero. in this field MUST be set to zero.
The PSID value algorithmically identifies a set of ports The PSID value algorithmically identifies a set of ports
assigned to a CE. The first k bits on the left of this assigned to a CE. The first k bits on the left of this
2-octet field is the PSID value. The remaining (16-k) bits 2-octet field is the PSID value. The remaining (16-k) bits
on the right are padding zeros. on the right are padding zeros.
3.2. Softwire46-Priority Attribute 3.2. Softwire46-Priority Attribute
The Softwire46-Priority Attribute includes an orderd list of The Softwire46-Priority Attribute includes an ordered list of
Softwire64 mechanisms allowing the client to prioritize which Softwire64 mechanisms allowing the client to prioritize which
mechanism to use, corresponding to OPTION_S46_PRIORITY defined in mechanism to use, corresponding to OPTION_S46_PRIORITY defined in
[RFC8026]. The following requirements apply: [RFC8026]. The following requirements apply:
The Softwire46-Priority Attribute MAY appear in an Access-Accept The Softwire46-Priority Attribute MAY appear in an Access-Accept
packet. It MAY also appear in an Access-Request packet. packet. It MAY also appear in an Access-Request packet.
The Softwire46-Priority Attribute MAY appear in a CoA-Request The Softwire46-Priority Attribute MAY appear in a CoA-Request
packet. packet.
skipping to change at page 21, line 16 skipping to change at page 21, line 16
241 (To be confirmed by IANA) 241 (To be confirmed by IANA)
Length Length
Indicates the length of this attribute, Indicates the length of this attribute,
including the Type, Length, Extended-Type and Value fields. including the Type, Length, Extended-Type and Value fields.
Extended-Type Extended-Type
TBD5 TBD5
TLV-Value TLV-Value
The attribute include one or more Softwire46-Option-Code TLVs: The attribute includes one or more Softwire46-Option-Code TLVs:
A Softwire46-Priority Attribute MUST contain at least one A Softwire46-Priority Attribute MUST contain at least one
Softwire46-Option-Code TLV (Section 3.2.1). Softwire46-Option-Code TLV (Section 3.2.1).
Softwire46 mechanisms are prioritized in the appearance order Softwire46 mechanisms are prioritized in the appearance order
of the in the Softwire46-Priority Attribute. of the in the Softwire46-Priority Attribute.
The Softwire46-Priority Attribute is associated with the following The Softwire46-Priority Attribute is associated with the following
identifier: 241.Extended-Type (TBD5). identifier: 241.Extended-Type (TBD5).
3.2.1. Softwire46-Option-Code 3.2.1. Softwire46-Option-Code
skipping to change at page 21, line 46 skipping to change at page 21, line 46
TLV-Length TLV-Length
6 octets 6 octets
Data Type Data Type
The attribute Softwire46-Option-Code is of type integer The attribute Softwire46-Option-Code is of type integer
(Section 3.1 of [RFC8044]). (Section 3.1 of [RFC8044]).
TLV-Value TLV-Value
A 32-bit IANA-registered option code representing a Softwire46 A 32-bit IANA-registered option code representing a Softwire46
mechanism. The codes and their corresponding Softwire46 mechanism (Softwire46-option-code). The codes and their
mechanisms are listed in Section 7.3. corresponding Softwire46 mechanisms are listed in Section 7.3.
3.3. Softwire46-Multicast Attribute 3.3. Softwire46-Multicast Attribute
The Softwire46-Multicast Attribute conveys the IPv6 prefixes to be The Softwire46-Multicast Attribute conveys the IPv6 prefixes to be
used to synthesize multicast and unicast IPv4-embedded IPv6 addresses used to synthesize multicast and unicast IPv4-embedded IPv6 addresses
as per [RFC8114]. This attribute is of type "tlv" and contains as per [RFC8114]. This attribute is of type "tlv" and contains
additional TLVs. The following requirements apply: additional TLVs. The following requirements apply:
The BNG SHALL use the IPv6 prefixes returned in the RADIUS The BNG SHALL use the IPv6 prefixes returned in the RADIUS
Softwire46-Multicast Attribute to populate the DHCPv6 PREFIX64 Softwire46-Multicast Attribute to populate the DHCPv6 PREFIX64
Option [RFC8115]. Option [RFC8115].
This attribute MAY be used in Access-Request packets as a hint to This attribute MAY be used in Access-Request packets as a hint to
the RADIUS server. For example, if the BNG is pre-configured for the RADIUS server. For example, if the BNG is pre-configured for
Softwire46-Multicast, these prefixes MAY be inserted in the Softwire46-Multicast, these prefixes MAY be inserted in the
attribute. The RADIUS server MAY ignore the hint sent by the BNG, attribute. The RADIUS server MAY ignore the hint sent by the BNG,
and it MAY assign a different Softwire46-Multicast Attribute. and it MAY assign a different Softwire46-Multicast Attribute.
The Softwire46-Multicast Attribute MAY appear in an Access-Request The Softwire46-Multicast Attribute MAY appear in an Access-
packet. Request, Access-Accept, CoA-Request, and Accounting-Request
The Softwire46-Multicast Attribute MAY appear in an Access-Accept
packet.
The Softwire46-Multicast Attribute MAY appear in a CoA-Request
packet. packet.
The Softwire46-Multicast Attribute MAY appear in an Accounting-
Request packet.
The Softwire46-Multicast Attribute MUST NOT appear in any other The Softwire46-Multicast Attribute MUST NOT appear in any other
RADIUS packet. RADIUS packet.
The Softwire46-Multicast Attribute MAY contain ASM-Prefix64 (see The Softwire46-Multicast Attribute MAY contain ASM-Prefix64
Section 3.3.1). (Section 3.3.1), SSM-Prefix64 (Section 3.3.2), and U-Prefix64
(Section 3.3.3).
The Softwire46-Multicast Attribute MAY contain SSM-Prefix64 (see
Section 3.3.2).
The Softwire46-Multicast Attribute MAY contain U-Prefix64 (see
Section 3.3.3).
The Softwire46-Multicast Attribute MUST include ASM-Prefix64 or The Softwire46-Multicast Attribute MUST include ASM-Prefix64 or
SSM-Prefix64, and it MAY include both. SSM-Prefix64, and it MAY include both.
The U-Prefix64 MUST be present when SSM-Prefix64 is present. The U-Prefix64 MUST be present when SSM-Prefix64 is present.
U-Prefix64 MAY be present when ASM-Prefix64 is present. U-Prefix64 MAY be present when ASM-Prefix64 is present.
The Softwire46-Multicast Attribute is structured as follows: The Softwire46-Multicast Attribute is structured as follows:
Type Type
skipping to change at page 24, line 42 skipping to change at page 24, line 42
TLV-Length TLV-Length
4 + length of unicast-prefix. As specified in [RFC6052], 4 + length of unicast-prefix. As specified in [RFC6052],
the unicast-prefix prefix-length MUST be set to 32, 40, 48, the unicast-prefix prefix-length MUST be set to 32, 40, 48,
56, 64, or 96. 56, 64, or 96.
Data Type Data Type
The attribute U-Prefix64 is of type ipv6prefix (Section 3.10 of The attribute U-Prefix64 is of type ipv6prefix (Section 3.10 of
[RFC8044]). [RFC8044]).
TLV-Value TLV-Value
This field identifies the IPv6 unicast prefix to This field identifies the IPv6 unicast prefix (u-prefix64) to
be used in SSM mode for constructing the IPv4-embedded IPv6 be used in SSM mode for constructing the IPv4-embedded IPv6
addresses representing the IPv4 multicast sources in the IPv6 addresses representing the IPv4 multicast sources in the IPv6
domain. It may also be used to extract the IPv4 address from the domain. It may also be used to extract the IPv4 address from the
received multicast data flows. received multicast data flows.
4. A Sample Configuration Process with RADIUS 4. A Sample Configuration Process with RADIUS
Figure 2 illustrates how the RADIUS and DHCPv6 protocols interwork to Figure 2 illustrates how the RADIUS and DHCPv6 protocols interwork to
provide CE with softwire configuration information. provide CE with softwire configuration information.
skipping to change at page 26, line 14 skipping to change at page 26, line 14
3. The AAA server authenticates the request. If this is successful, 3. The AAA server authenticates the request. If this is successful,
and suitable configuration is available, an Access-Accept message and suitable configuration is available, an Access-Accept message
is sent to the BNG containing the requested is sent to the BNG containing the requested
Softwire46-Configuration Attribute or Softwire46-Multicast Softwire46-Configuration Attribute or Softwire46-Multicast
Attribute. It is the responsibility of the AAA server to ensure Attribute. It is the responsibility of the AAA server to ensure
the consistency of the provided configuration. the consistency of the provided configuration.
4. The BNG maps the received softwire configuration into the 4. The BNG maps the received softwire configuration into the
corresponding fields in the DHCPv6 softwire configuration corresponding fields in the DHCPv6 softwire configuration
option(s). Theses are included in the DHCPv6 Advertise message option(s). These are included in the DHCPv6 Advertise message
which is sent to the CE. which is sent to the CE.
5. The CE send a DHCPv6 Request message. In the ORO, the option 5. The CE sends a DHCPv6 Request message. In the ORO, the option
code(s) of any of the required softwire options that were code(s) of any of the required softwire options that were
received in the Advertise message are included. received in the Advertise message are included.
6. The BNG sends a Reply message to the client containing the 6. The BNG sends a Reply message to the client containing the
softwire container options enumerated in the ORO. softwire container options enumerated in the ORO.
The authorization operation could also be done independently, after The authorization operation could also be done independently, after
the authentication process. In this case, steps 1-5 are completed as the authentication process. In this case, steps 1-5 are completed as
above, then the following steps are performed: above, then the following steps are performed:
skipping to change at page 26, line 50 skipping to change at page 26, line 50
softwire container options enumerated in the ORO. softwire container options enumerated in the ORO.
In addition to the above, the following points need to be considered: In addition to the above, the following points need to be considered:
o In both the configuration message flows described above the o In both the configuration message flows described above the
Message-authenticator (type 80) [RFC2869] SHOULD be used to Message-authenticator (type 80) [RFC2869] SHOULD be used to
protect both Access-Request and Access-Accept messages. protect both Access-Request and Access-Accept messages.
o If the BNG does not receive the corresponding o If the BNG does not receive the corresponding
Softwire46-Configuration Attribute in the Access-Accept message it Softwire46-Configuration Attribute in the Access-Accept message it
MAY fallback to creating the DHCPv6 softwire configuration options MAY fall back to creating the DHCPv6 softwire configuration
using pre-configured Softwire46 configuration, if this is present. options using pre-configured Softwire46 configuration, if this is
present.
o If the BNG receives an Access-Reject from the AAA server, then o If the BNG receives an Access-Reject from the AAA server, then
Softwire46 configuration MUST NOT be supplied to the client. Softwire46 configuration MUST NOT be supplied to the client.
o As specified in [RFC8415], Section 18.2.5, "Creation and o As specified in [RFC8415], Section 18.2.5, "Creation and
Transmission of Rebind Messages", if the DHCPv6 server to which Transmission of Rebind Messages", if the DHCPv6 server to which
the DHCPv6 Renew message was sent at time T1 has not responded by the DHCPv6 Renew message was sent at time T1 has not responded by
time T2, the CE (DHCPv6 client) SHOULD enter the Rebind state and time T2, the CE (DHCPv6 client) SHOULD enter the Rebind state and
attempt to contact any available server. In this situation, a attempt to contact any available server. In this situation, a
secondary BNG receiving the DHCPv6 message MUST initiate a new secondary BNG receiving the DHCPv6 message MUST initiate a new
Access-Request message towards the AAA server. The secondary BNG Access-Request message towards the AAA server. The secondary BNG
includes the Softwire46-Configuration Attribute in this Access- includes the Softwire46-Configuration Attribute in this Access-
Request message. Request message.
o For Lightweight 4over6, the subscriber's binding state needs to be o For Lightweight 4over6, the subscriber's binding state needs to be
synchronized between the clients and the lwAFTR/BR. This can be synchronized between the clients and the lwAFTR/BR. This can be
achieved in two ways: static pre-configuring of the bindings on achieved in two ways: static pre-configuration of the bindings on
both the AAA server and lwAFTR, or on-demand whereby the AAA both the AAA server and lwAFTR, or on-demand whereby the AAA
server updates the lwAFTR with the subscriber's binding state as server updates the lwAFTR with the subscriber's binding state as
it is created or deleted. it is created or deleted.
In some deployments, the DHCP server may use the Accounting-Request In some deployments, the DHCP server may use the Accounting-Request
to report to a AAA server the softwire configuration returned to a to report to a AAA server the softwire configuration returned to a
requesting host. It is the responsibility of the DHCP server to requesting host. It is the responsibility of the DHCP server to
ensure the consistency of the configuration provided to requesting ensure the consistency of the configuration provided to requesting
hosts. Reported data to a AAA server may be required for various hosts. Reported data to a AAA server may be required for various
operational purposes (e.g., regulatory). operational purposes (e.g., regulatory).
skipping to change at page 27, line 43 skipping to change at page 27, line 43
This document specifies three new RADIUS attributes, and their This document specifies three new RADIUS attributes, and their
formats are as follows: formats are as follows:
o Softwire46-Configuration Attribute: 241.TBD1 o Softwire46-Configuration Attribute: 241.TBD1
o Softwire46-Priority Attribute: 241.TBD5 o Softwire46-Priority Attribute: 241.TBD5
o Softwire46-Multicast Attribute: 241.TBD6 o Softwire46-Multicast Attribute: 241.TBD6
The following table describes which attributes may be found, in which Table 3 describes which attributes may be found, in which kinds of
kinds of packets and in what quantity. packets and in what quantity.
Request Accept Reject Challenge Accounting # Attribute Request Accept Reject Challenge Acct CoA- # Attribute
Request Req Req
0-1 0-1 0 0 0-1 241.TBD1 Softwire46- 0-1 0-1 0 0 0-1 0-1 241.TBD1 Softwire46-
Configuration Configuration
0-1 0-1 0 0 0-1 241.TBD5 Softwire46- 0-1 0-1 0 0 0-1 0-1 241.TBD5 Softwire46-
Priority Priority
0-1 0-1 0 0 0-1 241.TBD6 Softwire46- 0-1 0-1 0 0 0-1 0-1 241.TBD6 Softwire46-
Multicast Multicast
Table 3: Table of Attributes
6. Security Considerations 6. Security Considerations
Known security vulnerabilities of the RADIUS protocol are discussed Known security vulnerabilities of the RADIUS protocol are discussed
in [RFC2607], [RFC2865], and[RFC2869]. Use of IPsec [RFC4301] for in [RFC2607], [RFC2865], and[RFC2869]. Use of IPsec [RFC4301] for
providing security when RADIUS is carried in IPv6 is discussed in providing security when RADIUS is carried in IPv6 is discussed in
[RFC3162]. [RFC3162].
Specific security considerations for interactions between the MAP CE Specific security considerations for interactions between the MAP CE
and the BNG are discussed in [RFC7597] and [RFC7599]. Security and the BNG are discussed in [RFC7597] and [RFC7599]. Security
skipping to change at page 30, line 12 skipping to change at page 30, line 20
Attribute". The registration procedure for this registry is Attribute". The registration procedure for this registry is
Standards Action as defined in [RFC8126]. Standards Action as defined in [RFC8126].
This document requests IANA to register the three option codes of the This document requests IANA to register the three option codes of the
Softwire46 mechanisms permitted to be included in the Softwire46 mechanisms permitted to be included in the
Softwire46-Priority Attribute. The value of option code corresponds Softwire46-Priority Attribute. The value of option code corresponds
to the TLV-Type defined in Section 3.1.1. Additional options may be to the TLV-Type defined in Section 3.1.1. Additional options may be
added to this list in the future using the IETF Review process added to this list in the future using the IETF Review process
described in Section 4.8 of [RFC8126]. described in Section 4.8 of [RFC8126].
Table 3 shows the option codes required, and the Softwire46 Table 4 shows the option codes required, and the Softwire46
mechanisms that they represent. The option code for DS-Lite is mechanisms that they represent. The option code for DS-Lite is
derived from the IANA allocated RADIUS Attribute Type value for DS- derived from the IANA allocated RADIUS Attribute Type value for DS-
Lite [RFC6519]. The option codes for MAP-E, MAP-T, and Lightweight Lite [RFC6519]. The option codes for MAP-E, MAP-T, and Lightweight
4over6 need to be assigned. The option codes for MAP-E, MAP-T, and 4over6 need to be assigned. The option codes for MAP-E, MAP-T, and
Lightweight 4over6 should also be used as the TLV-Type values for the Lightweight 4over6 should also be used as the TLV-Type values for the
MAP-E, MAP-T, and Lightweight 4over6 attributes defined in MAP-E, MAP-T, and Lightweight 4over6 attributes defined in
Section 3.1.1. Section 3.1.1.
+-----------+--------------------+-----------+ +-----------+--------------------+-----------+
|Option Code|Softwire46 Mechanism| Reference | |Option Code|Softwire46 Mechanism| Reference |
+-----------+--------------------+-----------+ +-----------+--------------------+-----------+
| TBD2 | MAP-E | RFC7597 | | TBD2 | MAP-E | RFC7597 |
| TBD3 | MAP-T | RFC7599 | | TBD3 | MAP-T | RFC7599 |
| TBD4 | Lightweight 4over6 | RFC7596 | | TBD4 | Lightweight 4over6 | RFC7596 |
| 144 | DS-Lite | RFC6519 | | 144 | DS-Lite | RFC6519 |
+--------------------------------+-----------+ +--------------------------------+-----------+
Table 3: Option Codes to S46 Mechanisms Table 4: Option Codes to S46 Mechanisms
8. Contributing Authors 8. Contributing Authors
Qiong Sun Qiong Sun
China Telecom China Telecom
Beijing China Beijing China
Email: sunqiong@ctbri.com.cn Email: sunqiong@ctbri.com.cn
Qi Sun Qi Sun
Tsinghua University Tsinghua University
Department of Computer Science, Tsinghua University Department of Computer Science, Tsinghua University
skipping to change at page 32, line 11 skipping to change at page 32, line 11
Lothberg, Wojciech Dec, Ian Farrer, Suresh Krishnan, Qian Wang, Wei Lothberg, Wojciech Dec, Ian Farrer, Suresh Krishnan, Qian Wang, Wei
Meng, Cui Wang, Alan Dekok, Stefan Winter, and Yu Tianpeng to this Meng, Cui Wang, Alan Dekok, Stefan Winter, and Yu Tianpeng to this
document. document.
This document was merged with draft-sun-softwire-lw4over6-radext-01 This document was merged with draft-sun-softwire-lw4over6-radext-01
and draft-wang-radext-multicast-radius-ext-00, thanks to everyone who and draft-wang-radext-multicast-radius-ext-00, thanks to everyone who
contributed to this document. contributed to this document.
This document was produced using the xml2rfc tool [RFC7991]. This document was produced using the xml2rfc tool [RFC7991].
Many thanks to Al Morton and Bernie Volz for the review.
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
skipping to change at page 35, line 14 skipping to change at page 35, line 14
Appendix A. DHCPv6 to RADIUS Field Mappings Appendix A. DHCPv6 to RADIUS Field Mappings
The following sections detail the mappings between the softwire The following sections detail the mappings between the softwire
DHCPv6 option fields and the relevant RADIUS attributes as defined in DHCPv6 option fields and the relevant RADIUS attributes as defined in
this document. this document.
A.1. OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field Mappings A.1. OPTION_S46_RULE (89) to Softwire46-Rule Sub-TLV Field Mappings
+---------------------+----------------------+----------------------+ +---------------------+----------------------+----------------------+
| OPTION_S46_RULE | Softwire46-Rule Name | TLV Field | | OPTION_S46_RULE | Softwire46-Rule Name | TLV Subfield |
| Field | | | | Field | | |
+---------------------+----------------------+----------------------+ +---------------------+----------------------+----------------------+
| flags | N/A | TLV-type (TBD7, | | flags | N/A | TLV-type (TBD7, |
| | | TBD8) | | | | TBD8) |
| ea-len | EA-Length | EA-len | | ea-len | EA-Length | EA-len |
| prefix4-len | Rule-IPv4-Prefix | ruleprefix4-len | | prefix4-len | Rule-IPv4-Prefix | Prefix-Length |
| ipv4-prefix | Rule-IPv4-Prefix | rule-ipv4-prefix | | ipv4-prefix | Rule-IPv4-Prefix | rule-ipv4-prefix |
| prefix6-len | Rule-IPv6-Prefix | ruleprefix6-len | | prefix6-len | Rule-IPv6-Prefix | Prefix-Length |
| ipv6-prefix | Rule-IPv6-Prefix | rule-ipv6-prefix | | ipv6-prefix | Rule-IPv6-Prefix | rule-ipv6-prefix |
+---------------------+----------------------+----------------------+ +---------------------+----------------------+----------------------+
A.2. OPTION_S46_BR (90) to Softwire46-BR Field Mappings A.2. OPTION_S46_BR (90) to Softwire46-BR Field Mappings
+---------------------+---------------------+ +---------------------+------------------------+
| OPTION_S46_BR Field | Softwire46-BR Field | | OPTION_S46_BR Field | Softwire46-BR Subfield |
+---------------------+---------------------+ +---------------------+------------------------+
| br-ipv6-address | br-ipv6-address | | br-ipv6-address | br-ipv6-address |
+---------------------+---------------------+ +---------------------+------------------------+
A.3. OPTION_S46_DMR (91) to Softwire46-DMR A.3. OPTION_S46_DMR (91) to Softwire46-DMR
+---------------------+----------------------+ +---------------------+-------------------------+
| OPTION_S46_BR Field | Softwire46-DMR Field | | OPTION_S46_BR Field | Softwire46-DMR Subfield |
+---------------------+----------------------+ +---------------------+-------------------------+
| dmr-prefix6-len | dmr-prefix6-len | | dmr-prefix6-len | dmr-prefix6-len |
| dmr-ipv6-prefix | dmr-ipv6-prefix | | dmr-ipv6-prefix | dmr-ipv6-prefix |
+---------------------+----------------------+ +---------------------+-------------------------+
A.4. OPTION_S46_V4V6BIND (92) to Softwire46-V4V6Bind A.4. OPTION_S46_V4V6BIND (92) to Softwire46-V4V6Bind
+-----------------------+------------------------+------------------+ +-----------------------+------------------------+------------------+
| OPTION_S46_V4V6BIND | Softwire46-V4V6Bind | TLV Field | | OPTION_S46_V4V6BIND | Softwire46-V4V6Bind | TLV Subfield |
| Field | Name | | | Field | Name | |
+-----------------------+------------------------+------------------+ +-----------------------+------------------------+------------------+
| ipv4-address | IPv4-address | ipv4-address | | ipv4-address | IPv4-address | ipv4-address |
| bindprefix6-len | Bind-IPv6-Prefix | bind6prefix-len | | bindprefix6-len | Bind-IPv6-Prefix | Prefix-Length |
| bind-ipv6-prefix | Bind-IPv6-Prefix | bind-ipv6-prefix | | bind-ipv6-prefix | Bind-IPv6-Prefix | bind-ipv6-prefix |
+-----------------------+------------------------+------------------+ +-----------------------+------------------------+------------------+
A.5. OPTION_S46_PORTPARAMS (93) to Softwire46-PORTPARAMS Field Mappings A.5. OPTION_S46_PORTPARAMS (93) to Softwire46-PORTPARAMS Field Mappings
+--------------------------+--------------------------+-------------+ +--------------------------+--------------------------+-------------+
| OPTION_S46_PORTPARAMS | Softwire46-PORTPARAMS | TLV Field | | OPTION_S46_PORTPARAMS | Softwire46-PORTPARAMS | TLV |
| Field | Name | | | Field | Name | Subfield |
+--------------------------+--------------------------+-------------+ +--------------------------+--------------------------+-------------+
| offset | PSID-offset | PSID-Offset | | offset | PSID-offset | PSID-Offset |
| PSID-len | PSID-len | PSID-len | | PSID-len | PSID-len | PSID-len |
| PSID | PSID | PSID | | PSID | PSID | PSID |
+--------------------------+--------------------------+-------------+ +--------------------------+--------------------------+-------------+
A.6. OPTION_S46_PRIORITY (111) to Softwire46-PORTPARAMS Field Mappings A.6. OPTION_S46_PRIORITY (111) to Softwire46-PORTPARAMS Field Mappings
+---------------------------+-------------------------------------+ +---------------------------+---------------------------------------+
| OPTION_S46_PRIORITY Field | Softwire46-Priority Attribute Field | | OPTION_S46_PRIORITY Field | Softwire46-Priority Attribute |
+---------------------------+-------------------------------------+ | | Subfield |
| s46-option-code | Softwire46-option-code | +---------------------------+---------------------------------------+
+---------------------------+-------------------------------------+ | s46-option-code | Softwire46-option-code |
+---------------------------+---------------------------------------+
A.7. OPTION_V6_PREFIX64 (113) to Softwire46-Multicast Attribute Field A.7. OPTION_V6_PREFIX64 (113) to Softwire46-Multicast Attribute Field
Mappings Mappings
+--------------------+------------------------------+---------------+ +--------------------+------------------------------+---------------+
| OPTION_V6_PREFIX64 | Softwire46-Multicast | TLV Field | | OPTION_V6_PREFIX64 | Softwire46-Multicast | TLV Subfield |
| Field | Attribute TLV Name | | | Field | Attribute TLV Name | |
+--------------------+------------------------------+---------------+ +--------------------+------------------------------+---------------+
| asm-length | ASM-Prefix64 | Prefix-Length | | asm-length | ASM-Prefix64 | Prefix-Length |
| ASM_mPrefix64 | ASM-Prefix64 | ASM Prefix64 | | ASM_mPrefix64 | ASM-Prefix64 | asm-prefix64 |
| ssm-length | SSM-Prefix64 | Prefix-Length | | ssm-length | SSM-Prefix64 | Prefix-Length |
| SSM_mPrefix64 | SSM-Prefix64 | SSM Prefix64 | | SSM_mPrefix64 | SSM-Prefix64 | ssm-prefix64 |
| unicast-length | U-Prefix64 | Prefix-Length | | unicast-length | U-Prefix64 | Prefix-Length |
| uPrefix64 | U-Prefix64 | Unicast | | uPrefix64 | U-Prefix64 | u-prefix64 |
| | | Prefix64 |
+--------------------+------------------------------+---------------+ +--------------------+------------------------------+---------------+
Authors' Addresses Authors' Addresses
Sheng Jiang Sheng Jiang
Huawei Technologies Co., Ltd Huawei Technologies Co., Ltd
Q14, Huawei Campus, No.156 Beiqing Road Q14, Huawei Campus, No.156 Beiqing Road
Hai-Dian District, Beijing, 100095 Hai-Dian District, Beijing, 100095
P.R. China P.R. China
 End of changes. 46 change blocks. 
96 lines changed or deleted 86 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/