<?xml version="1.0"encoding="US-ASCII"?>encoding="UTF-8"?> <!DOCTYPE rfc SYSTEM"rfc2629.dtd"> <?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?> <?rfc subcompact="no" ?> <?rfc toc="yes" ?> <?rfc symrefs="yes" ?> <?rfc sortrefs="yes"?> <?rfc strict="no" ?>"rfc2629-xhtml.ent"> <rfccategory="bcp"xmlns:xi="http://www.w3.org/2001/XInclude" updates="7084" ipr="trust200902"docName="draft-ietf-v6ops-cpe-slaac-renum-08">docName="draft-ietf-v6ops-cpe-slaac-renum-08" number="9096" obsoletes="" submissionType="IETF" category="bcp" consensus="true" xml:lang="en" tocInclude="true" symRefs="true" sortRefs="true" version="3"> <front> <titleabbrev="Reaction toabbrev="CE Requirements for Renumbering Events">Improving the Reaction of Customer Edge Routers to IPv6 Renumbering Events</title> <seriesInfo name="RFC" value="9096"/> <seriesInfo name="BCP" value="234"/> <author fullname="Fernando Gont" initials="F." surname="Gont"> <organization abbrev="SI6 Networks">SI6 Networks</organization> <address> <postal> <extaddr>7mo Piso</extaddr> <street>Segurola y Habana4310, 7mo Piso</street>4310</street> <city>Villa Devoto</city> <region>Ciudad Autonoma de Buenos Aires</region> <country>Argentina</country> </postal> <email>fgont@si6networks.com</email> <uri>https://www.si6networks.com</uri> </address> </author> <author fullname="Jan Zorz" initials="J." surname="Zorz"> <organization abbrev="6connect">6connect</organization> <address><!-- <postal> <street>Frankovo naselje 165</street> <code>4220</code> <city>Skofja Loka</city> <country>Slovenia</country> </postal> --><email>jan@6connect.com</email><!-- <uri>https://www.6connect.com/</uri> --></address> </author> <author initials="R." surname="Patterson" fullname="Richard Patterson"> <organization>Sky UK</organization> <address> <email>richard.patterson@sky.uk</email> </address> </author> <author fullname="Bernie Volz" initials="B" surname="Volz"> <organizationabbrev="Cisco">Cisco Systems, Inc.</organization>abbrev="Individual Contributor">Individual Contributor</organization> <address> <postal><street>300 Beaver Brook Rd</street> <city>Boxborough, MA 01719</city> <country>USA</country><street>116 Hawkins Pond Road</street> <city>Center Harbor</city> <region>NH</region> <code>03226</code> <country>United States of America</country> </postal><email>volz@cisco.com</email><email>bevolz@gmail.com</email> </address> </author><date/><date year="2021" month="August" /> <area>Operations and Management</area> <workgroup>IPv6 Operations Working Group (v6ops)</workgroup><!-- [rfced] Please insert any keywords (beyond those that appear in the title) for use on http://www.rfc-editor.org/search.html. --> <keyword></keyword><keyword>IPv6</keyword> <keyword>problem</keyword> <keyword>address</keyword> <keyword>prefix delegation</keyword> <keyword>DHCPv6</keyword> <keyword>stale prefixes</keyword> <keyword>old prefixes</keyword> <keyword/> <abstract> <t> This document specifies improvements to Customer EdgeRoutersrouters that help mitigate the problems that may arise when network configuration information becomesinvalid,invalid without any explicit signaling of that condition to the local nodes. This document updatesRFC7084.RFC 7084. </t> </abstract> </front> <middle> <section anchor="intro"title="Introduction">numbered="true" toc="default"> <name>Introduction</name> <t>In scenarios where network configuration information becomes invalid without any explicit signaling of that condition (such as when a Customer EdgeRouter(CE) router crashes and reboots without knowledge of thepreviously-employedpreviously employed configuration information), hosts on the local network will continue using stale information for an unacceptably long period of time, thus resulting in connectivity problems. This problem is documented in detail in <xreftarget="RFC8978"/>.</t>target="RFC8978" format="default"/>.</t> <t>This document specifies improvements toCustomer Edge (CE) RoutersCE routers that help mitigate the aforementioned problem for residential and small office scenarios. It specifies recommendations for the default behavior of CERouters, androuters but does not preclude the availability of configuration knobs that might allow an operator or user tomanually-configuremanually configure the CERouterrouter to deviate from these recommendations. This document updatesRFC7084.RFC 7084. </t> </section> <section anchor="reqs-language"title="Requirements Language"> <t>Thenumbered="true" toc="default"> <name>Requirements Language</name> <t> The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xreftarget='RFC2119' />target="RFC2119"/> <xreftarget='RFC8174' />target="RFC8174"/> when, and only when, they appear in all capitals, as shown here. </t> </section> <section anchor="CPE"title="Improvednumbered="true" toc="default"> <name>Improved Customer Edge RouterBehavior">Behavior</name> <t>This section specifies and clarifies requirements forCustomer Edge RoutersCE routers that can help mitigate the problem discussed in <xreftarget="intro"/>,target="intro" format="default"/>, particularly when they employ prefixes learned viaDHCPv6-PrefixDHCPv6 Prefix Delegation (DHCPv6-PD) <xreftarget="RFC8415"/>target="RFC8415" format="default"/> on theWAN-sideWAN side with Stateless Address Autoconfiguration (SLAAC) <xreftarget="RFC4862"/>target="RFC4862" format="default"/> or DHCPv6 <xreftarget="RFC8415"/>target="RFC8415" format="default"/> on theLAN-side.LAN side. The recommendations in this document help improve robustness at theCustomer Edge RouterCE router (on which the user or ISP may have nocontrol),control) and do not preclude implementation of host-side improvements such as those specified in <xreftarget="I-D.ietf-6man-slaac-renum"/>.</t>target="I-D.ietf-6man-slaac-renum" format="default"/>.</t> <t>This document specifies additional WAN-side prefix-delegation (WPD) requirements to those specified in <xreftarget="RFC7084"/>: <list style="symbols"> <t>WPD-9: CEtarget="RFC7084" format="default"/>: </t> <dl> <dt>WPD-9:</dt> <dd>CE routersSHOULD NOT<bcp14>SHOULD NOT</bcp14> automatically send DHCPv6-PD RELEASE messages uponrebootrestart events. See <xreftarget="dhcpv6-release"/> for further details.</t> <!-- OLD text, changed in response to Ben Kaduk's comments <t>WPD-10: CE Routers MUST by default use a stable IAID value that does not change between CE Router restarts, DHCPv6 client restarts, or interface state changes. e.g., Transient PPP interfaces. See <xref target="dhcpv6-iaid"/>target="dhcpv6-release" format="default"/> for furtherdetails.</t> --> <t>WPD-10: CE Routers MUSTdetails. </dd> <dt>WPD-10:</dt> <dd>CE routers <bcp14>MUST</bcp14> by default use a WAN-sideIAIDIdentity Association IDentifier (IAID) value that is stable between CERouterrouter restarts, DHCPv6 client restarts, or interface state changes (e.g.,Transienttransient PPP interfaces), unless the CERouterrouter employs the IAID techniques discussed inSection 4.5 of<xreftarget="RFC7844"/>.target="RFC7844" sectionFormat="of" section="4.5" format="default"/>. See <xreftarget="dhcpv6-iaid"/>target="dhcpv6-iaid" format="default"/> for further details.</t> </list> </t></dd> </dl> <t>This document also replaces LAN-side requirement L-13 from <xreftarget="RFC7084"/>target="RFC7084" format="default"/> with:<list style="symbols"> <t>L-13: CE</t> <dl> <dt>L-13:</dt> <dd>CE routersMUST<bcp14>MUST</bcp14> signal stale configuration information as specified in <xreftarget="sig-stale-config"/>.</t> </list> </t>target="sig-stale-config" format="default"/>. </dd> </dl> <t>Finally, this document specifies the following additional LAN-side requirements to those from <xreftarget="RFC7084"/>: <list style="symbols"> <t>L-15:target="RFC7084" format="default"/>: </t> <dl> <dt>L-15:</dt> <dd> CE routersMUST NOT<bcp14>MUST NOT</bcp14> advertise prefixes via SLAAC or assign addresses or delegate prefixes via DHCPv6 on theLAN-side, employingLAN side using lifetimes that exceed the remaining lifetimes of the corresponding prefixes learnedfromon theWAN-sideWAN side via DHCPv6-PD. For more details, see <xreftarget="dhcpv6-pd-slaac"/>.</t> <t>L-16: CEtarget="dhcpv6-pd-slaac" format="default"/>. </dd> <dt>L-16: </dt> <dd>CE routersSHOULD<bcp14>SHOULD</bcp14> advertise capped SLAAC optionlifetimes andlifetimes, capped DHCPv6 IA AddressOption and IA Prefix Option lifetimes, as specified in <xref target="lan-lifetimes"/>.</t> </list> </t> <!-- XXX: OLD <t>This document specifies additional LAN-side requirements to requirements L-1 through L-14 specified in <xref target="RFC7084"/>: <list style="symbols"> <t>L-15: CE routers MUST NOT advertise prefixes via SLAAC or assign addresses or delegate prefixes via DHCPv6 on the LAN-side, employing lifetimes that exceed the remaining lifetimes of the corresponding prefixes learned from the WAN-side via DHCPv6-PD. For more details, see <xref target="dhcpv6-pd-slaac"/>.</t> <t>L-16: CE routers SHOULD advertise capped SLAACoptionlifetimeslifetimes, and cappedDHCPv6 IA Address Option andIA PrefixOptionoption lifetimes, as specified in <xreftarget="lan-lifetimes"/>.</t> <t>L-17: CE routers MUST signal stale configuration information as specified in <xref target="sig-stale-config"/>.</t> <t>L-18: CE routers SHOULD NOT automatically send DHCPv6-PD RELEASE messages upon reboot events. See <xref target="dhcpv6-release"/> for further details.</t> </list> </t> -->target="lan-lifetimes" format="default"/>. </dd> </dl> <sectiontitle="Automaticanchor="dhcpv6-release" numbered="true" toc="default"> <name>Automatic DHCPv6RELEASEs" anchor="dhcpv6-release">RELEASEs</name> <t> Some CERoutersrouters are known to automatically send DHCPv6-PD RELEASE messages uponrebootrestart events. However, this may inadvertently trigger a flash-renumbering scenario, along with the associated problems discussed in <xreftarget="RFC8978"/>,target="RFC8978" format="default"/>, that this document attempts to mitigate. </t> <t> As a result, requirement WPD-9 from <xreftarget="CPE"/>target="CPE" format="default"/> specifies that CE routersSHOULD NOT<bcp14>SHOULD NOT</bcp14> automatically send DHCPv6-PD RELEASE messages uponrebootrestart events. </t> </section> <sectiontitle="Stabilityanchor="dhcpv6-iaid" numbered="true" toc="default"> <name>Stability ofIAIDs" anchor="dhcpv6-iaid">IAIDs</name> <t> <xreftarget="RFC8415"/>target="RFC8415" format="default"/> requires that the IAID for an IAMUST<bcp14>MUST</bcp14> be consistent across restarts of the DHCP client. However, some popular CERoutersrouters are known to select new randomIAIDs e.g. everytimeIAIDs, e.g., every time the underlying PPP session isestablished.established or when the device is rebooted. This could be the result of extrapolating the behavior described in <xreftarget="RFC7844"/>,target="RFC7844" format="default"/> or simply a consequence of not storing IAIDs on stable storage along withfailingfailure to employ an algorithm that consistently generates the same IAID upon reboots. Thus, requirement WPD-10 from <xreftarget="CPE"/>target="CPE" format="default"/> prevents CERoutersrouters from inadvertently triggering flash-renumbering events on the local network. </t> </section> <sectiontitle="Interface Between WAN-sideanchor="dhcpv6-pd-slaac" numbered="true" toc="default"> <name>Interface between the WAN Side andLAN-side" anchor="dhcpv6-pd-slaac">LAN Side</name> <t>The "Preferred Lifetime" and "Valid Lifetime" of Prefix Information Options (PIOs) <xreftarget="RFC4861"/>target="RFC4861" format="default"/> corresponding to prefixes learned via DHCPv6-PDMUST NOTon the WAN side <bcp14>MUST NOT</bcp14> span past the remaining preferred and valid lifetimes of the corresponding DHCPv6-PD prefixes. This means that the "Preferred Lifetime" and the "Valid Lifetime" advertised in PIOs by the CE routerMUST<bcp14>MUST</bcp14> be dynamically adjusted such that they never span past the remaining preferred and valid lifetimes of the corresponding prefixes delegated via DHCPv6-PD on theWAN-side.</t>WAN side.</t> <t>Similarly, the "preferred-lifetime" and "valid-lifetime" of DHCPv6 IA AddressOptionsoptions and DHCPv6 IA PrefixOptionsoptions employed with DHCPv6 on theLAN-side MUST NOTLAN side <bcp14>MUST NOT</bcp14> span past the remaining preferred and valid lifetimes of the corresponding prefixesleasedlearned via DHCPv6-PD on theWAN-side.WAN side. This means that the "preferred-lifetime" and "valid-lifetime" of DHCPv6 IA AddressOptionsoptions and DHCPv6 IA PrefixOptionsoptions employed with DHCPv6 on theLAN-side MUSTLAN side <bcp14>MUST</bcp14> be dynamically adjusted such that they never span past the remaining preferred and valid lifetimes of the corresponding prefixes delegated to the CE router on theWAN-sideWAN side via DHCPv6-PD.</t><!-- XXX This was repeated in the next section, and hence removed from here. <t>CE Routers providing stateful address configuration via DHCPv6 SHOULD set the DHCPv6 IA Address Option preferred-lifetime to the lesser of the remaining preferred lifetime and ND_PREFERRED_LIMIT, and the valid-lifetime of the same option to the lesser of the remaining valid lifetime and ND_VALID_LIMIT. <list style="hanging"> <t hangText="NOTE:"> ND_PREFERRED_LIMIT and ND_VALID_LIMIT are defined in <xref target="parameters"/></t> </list> </t> <t> CE Routers providing DHCPv6-PD on the LAN-side SHOULD set the DHCPv6 IA Prefix Option preferred-lifetime to the lesser of the remaining preferred lifetime and ND_PREFERRED_LIMIT, and the valid-lifetime of the same option to the lesser of the remaining valid lifetime and ND_VALID_LIMIT. </t> --> <t> <list style="hanging"> <t hangText="RATIONALE:"> <list style="symbols"> <t>The<t>RATIONALE:</t> <ul spacing="normal"> <li>The lifetime values employed for the "Preferred Lifetime" (AdvPreferredLifetime) and "Valid Lifetime" (AdvValidLifetime) of SLAAC Prefix Information Options must never be larger than the remaining lifetimesforof the correspondingprefixprefixes (as learned via DHCPv6-PD on theWAN-side).WAN side). This is in line with the requirement fromSection 6.3 of<xreftarget="RFC8415"/>,target="RFC8415" sectionFormat="of" section="6.3" format="default"/>, whichstates that "ifstates:</li></ul> <blockquote>In particular, if the delegated prefix or a prefix derived from it is advertised for stateless address autoconfiguration <xreftarget="RFC4862"/>,target="RFC4862" format="default"/>, the advertised preferred and valid lifetimesMUST NOT<bcp14>MUST NOT</bcp14> exceed the corresponding remaining lifetimes of the delegatedprefix."</t> <t>Theprefix.</blockquote> <ul spacing="normal"> <li>The lifetime values of prefixes advertised on theLAN-sideLAN side via SLAAC must be dynamically updated (rather than staticvalues), otherwisevalues); otherwise, the advertised lifetimes would eventually span past the DHCPv6-PDlifetimes.</t> <t>Thelifetimes.</li> <li>The same considerations apply for thevalid-lifetime"valid-lifetime" andpreferred-lifetime"preferred-lifetime" of IA AddressOptionsoptions and IA PrefixOptionsoptions employed with DHCPv6 on theLAN-side.</t> </list> </t> </list> </t>LAN side.</li> </ul> </section> <sectiontitle="LAN-sideanchor="lan-lifetimes" numbered="true" toc="default"> <name>LAN-Side OptionLifetimes" anchor="lan-lifetimes">Lifetimes</name> <t> CERouters SHOULDrouters <bcp14>SHOULD</bcp14> override the default lifetime values of Neighbor Discovery options that depend in any way on changes in the prefix employed for address configuration on theLAN-side,LAN side, and employ shorter lifetime values to improve the robustness to renumbering events, while complying with the requirements from <xreftarget="dhcpv6-pd-slaac"/>target="dhcpv6-pd-slaac" format="default"/> of this document and the recommendations in <xreftarget="RFC7772"/>.target="RFC7772" format="default"/>. </t> <t>CERouters SHOULDrouters <bcp14>SHOULD</bcp14> set the "Router Lifetime" of RouterLifetimeAdvertisement (RA) messages to ND_PREFERRED_LIMIT.</t> <t>CERouters SHOULDrouters <bcp14>SHOULD</bcp14> also set the PIOPreferred Lifetime"Preferred Lifetime" to the lesser of the remaining preferred lifetime of the corresponding prefix (see <xreftarget="dhcpv6-pd-slaac"/>)target="dhcpv6-pd-slaac" format="default"/>) and ND_PREFERRED_LIMIT, and set the PIOValid Lifetime"Valid Lifetime" to the lesser of the remaining valid lifetime of the corresponding prefix and ND_VALID_LIMIT. Additionally, theRoute Lifetime"Route Lifetime" of Route Information Options (RIOs) <xref target="RFC4191"/>, theLifetime"Lifetime" of Recursive DNSSearch Options (RDNSSO)Server (RDNSS) options <xref target="RFC8106"/>, and theLifetime"Lifetime" of DNS Search ListOptions (DNSSLO)(DNSSL) options <xref target="RFC8106"/>SHOULD<bcp14>SHOULD</bcp14> be set to the lesser of the longestvalid-lifetime inremaining valid lifetime of aDHCPv6 IA Prefix Option (receivedprefix (leased via DHCPv6 on theWAN-side)WAN side) and ND_VALID_LIMIT, if any of these options are included in Router Advertisement messages.<list style="hanging"></t> <thangText="NOTES:">indent="3"> NOTE: In scenarios where thevalid-lifetimevalid lifetime and thepreferred-lifetimepreferred lifetime ofthe prefix leasedprefixes learned via DHCPv6 on theWAN-sideWAN side are always larger than ND_VALID_LIMIT and ND_PREFERRED_LIMIT, respectively, the lifetime values advertised on theLAN-sideLAN side will not experience actual changes. </t><t>The<t> The above text refers to the Neighbor DiscoveryOptionsoptions that are typically employed by CERouters.routers. A CERouterrouter may need to apply the same policy for setting the lifetime of other Neighbor Discovery options it employs, if and where applicable. </t></list> </t><t>CERoutersrouters providing stateful address configuration via DHCPv6SHOULD<bcp14>SHOULD</bcp14> set the "preferred-lifetime" of a DHCPv6 IA AddressOption preferred-lifetimeoption to the lesser of the remaining preferred lifetime of the corresponding prefix (see <xreftarget="dhcpv6-pd-slaac"/>)target="dhcpv6-pd-slaac" format="default"/>) and ND_PREFERRED_LIMIT, and set thevalid-lifetime"valid-lifetime" of the same option to the lesser of the remaining valid lifetime of the corresponding prefix and ND_VALID_LIMIT. </t> <t> CERoutersrouters providing DHCPv6-PD on theLAN-side SHOULDLAN side <bcp14>SHOULD</bcp14> set the "preferred-lifetime" of a DHCPv6 IA PrefixOption preferred-lifetimeoption to the lesser of the remaining preferred lifetime of the corresponding prefix (see <xreftarget="dhcpv6-pd-slaac"/>)target="dhcpv6-pd-slaac" format="default"/>) and ND_PREFERRED_LIMIT, and set thevalid-lifetime"valid-lifetime" of the same option to the lesser of the remaining valid lifetime of the corresponding prefix and ND_VALID_LIMIT. </t><t> <list style="hanging"> <t hangText="RATIONALE:"> <list style="symbols"><t>RATIONALE:</t> <ul spacing="normal"> <li> <t>TheValid Lifetime"Valid Lifetime" andPreferred Lifetime"Preferred Lifetime" of PIOs have a direct impact on three different aspects:<list style="symbols"> <t>The</t> <ul spacing="normal"> <li>The amount of time hosts may end up employing stale network configuration information (see <xreftarget="RFC8978"/>).</t> <t>Thetarget="RFC8978" format="default"/>).</li> <li>The amount of time CERoutersrouters need to persist trying to deprecate stale network configuration information(e.g.(e.g., to handle cases where hosts miss RouterAdvertisementsAdvertisement messages and thus still consider the stale information asvalid).</t> <t>Thevalid).</li> <li>The amount of information that CERoutersrouters need to maintainwhen e.g.when, e.g., multiple crash-and-reboot events occur in thetimespantime span represented by the option lifetimes employed on theLAN-side.</t> </list> </t> <t>LAN side.</li> </ul> </li> <li> CERoutersrouters need not employ the (possibly long) WAN-side DHCPv6-PD lifetimes for theValid Lifetime"Valid Lifetime" andPreferred Lifetime"Preferred Lifetime" of PIOs sent in RouterAdvertisementsAdvertisement messages to advertise sub-prefixes of the leased prefix. Instead, CERouters SHOULDrouters <bcp14>SHOULD</bcp14> use shorter values for theValid Lifetime"Valid Lifetime" andPreferred Lifetime"Preferred Lifetime" of PIOs, since subsequent Router Advertisement messages will nevertheless refresh the associated lifetimes, leading to the same effective lifetimes as specified by the WAN-side DHCPv6-PD lifetimes.</t> <t></li> <li> Similarly, CERoutersrouters need not employ the (possibly long) WAN-side DHCPv6-PD lifetimes for thevalid-lifetime"valid-lifetime" andpreferred-lifetime"preferred-lifetime" of IA AddressOptionsoptions and IA PrefixOptionoptions employed by DHCPv6 on theLAN-side,LAN side, since the renewal of bindings by DHCPv6 clients will lead to the same effective lifetimes as specified by the WAN-side DHCPv6-PD lifetimes.</t> </list> </t> </list> </t></li> </ul> </section> <sectiontitle="Signalinganchor="sig-stale-config" numbered="true" toc="default"> <name>Signaling Stale ConfigurationInformation" anchor="sig-stale-config">Information</name> <t>When a CERouterrouter provides LAN-side address-configuration information via SLAAC:<list style="symbols"> <t>A</t> <ul spacing="normal"> <li>A CERouterrouter sending RAs that advertisedynamically-learnedprefixes(e.g.belonging to a dynamically learned prefix (e.g., via DHCPv6-PD)SHOULD<bcp14>SHOULD</bcp14> record, on stable storage, the list of prefixes being advertised via PIOs on each networksegment,segment and the state of the "A" and "L" flags of the correspondingPIOs.</t>PIOs.</li> <li> <t>Upon changes to the advertised prefixes, and after bootstrapping, the CERouterrouter advertising prefix information via SLAAC proceeds as follows:<list style="symbols"> <t>Any</t> <ul spacing="normal"> <li>Any prefixes that were previously advertised by the CERouterrouter via PIOs in RA messages, but that have now become stale,MUST<bcp14>MUST</bcp14> be advertised witha PIOPIOs thathashave the "Valid Lifetime" and the "Preferred Lifetime" set to0,0 and the "A" and "L" bits unchanged.</t></li> <li> <t>The aforementionedadvertisement MUSTadvertisements <bcp14>MUST</bcp14> be performed for at least the "Valid Lifetime" previously employed for suchprefix.prefixes. The CERouter MUSTrouter <bcp14>MUST</bcp14> advertise this information with unsolicited RouterAdvertisementsAdvertisement messages, as described inSection 6.2.4 of<xreftarget="RFC4861"/>,target="RFC4861" sectionFormat="of" section="6.2.4" format="default"/>, andMAY<bcp14>MAY</bcp14> advertise this information via unicast RouterAdvertisementsAdvertisement messages when possible and applicable.<list><t>Note:</t> <ul spacing="normal" empty="true"> <li>NOTE: If requirement L-16 (<xreftarget="lan-lifetimes"/>)target="CPE" format="default"/>) is followed, theValid Lifetime"Valid Lifetime" need not besavedsaved, and the stale prefix can simply be advertised for a period ofND_VALID_LIMIT.</t> </list> </t> </list> </t> <t>CE RoutersND_VALID_LIMIT.</li> </ul> </li> </ul> </li> <li>CE routers receiving DHCPv6 IA PrefixDelegationsoptions with a 0valid-lifetime MUST"valid-lifetime" <bcp14>MUST</bcp14> advertise the corresponding sub-prefixes (as they would be generated for the same leased prefix with a non-zero lifetime) witha PIOPIOs with both thePreferred Lifetime"Preferred Lifetime" and theValid Lifetime"Valid Lifetime" set to 0, for at least the WAN-side DHCPv6-PDvalid-lifetime,"valid-lifetime", or for a period of ND_VALID_LIMIT if the recommended lifetimes from <xreftarget="lan-lifetimes"/>target="lan-lifetimes" format="default"/> areemployed.</t> </list> </t>employed.</li> </ul> <t> When a CERouterrouter provides LAN-side DHCPv6 (address assignment or prefix delegation), then:<list style="symbols"> <t>The</t> <ul spacing="normal"> <li>The CERouter SHOULDrouter <bcp14>SHOULD</bcp14> record, on stable storage, the DHCPv6 address and delegated-prefix bindings corresponding to theLAN-side.</t>LAN side.</li> <li> <t>If the CERouterrouter finds that the prefix to be employed for address assignment and/or prefix delegation has changed (e.g., upon a crash-and-reboot event) or the CERouterrouter receives DHCPv6 IA PrefixDelegationsoptions with 0 lifetimes, the CERouter MUST: <list style="symbols"> <t>Inrouter <bcp14>MUST</bcp14>: </t> <ul spacing="normal"> <li>In Replies to DHCPv6 Request, Renew, and Rebind messages, send IA AddressOptionsoptions or IA PrefixOptionsoptions (as appropriate) for any address assignments or prefix delegations for thedeprecatedstale prefixes. The aforementioned optionsMUST<bcp14>MUST</bcp14> be sent with both thevalid-lifetime"valid-lifetime" and thepreferred-lifetime"preferred-lifetime" set to 0, for at least thevalid-lifetime"valid-lifetime" originally employed for them, or for a period of ND_VALID_LIMIT if the recommended lifetimes from <xreftarget="lan-lifetimes"/>target="lan-lifetimes" format="default"/> are employed.</t> <t>Initiate</li> <li><t>Initiate sending Reconfiguremessages (ifmessages, if possible- i.e.,(i.e., client requests Reconfigure support and the CERouterrouter offersit)it), to those clients with address assignments or prefix delegations for thedeprecated prefixes. </t> </list> </t> </list> </t> <t> <list style="hanging"> <t hangText="RATIONALE:"> <list style="symbols"> <t>IPv6stale prefixes.</t> </li> </ul> </li> </ul> <t>RATIONALE:</t> <ul spacing="normal"> <li>IPv6 network renumbering is expected to take place in a plannedmanner,manner with old/stale prefixes beingphased-outphased out via reduced prefix lifetimes while new prefixes (with normal lifetimes) are introduced. However, a number of scenarios may lead to the so-called "flash-renumbering" events, wherethea prefix being employed on a network suddenly becomes invalid and replaced by a new prefix <xreftarget="RFC8978"/>.target="RFC8978" format="default"/>. One such scenario is whena DHCPv6 serveran Internet Service Provider (ISP) employs dynamic prefixes and theCustomer Edge RouterCE router crashes and reboots. The requirements in this section are meant to allowCustomer Edge RoutersCE routers to deprecate stale information in such scenarios.</t> <t>The</li> <li>The recommendations in this section expand from requirement L-13 inSection 4.3 of<xreftarget="RFC7084"/>,target="RFC7084" sectionFormat="of" section="4.3" format="default"/> andSection 6.3 of<xreftarget="RFC8415"/>.</t> <t>Hosttarget="RFC8415" sectionFormat="of" section="6.3" format="default"/>.</li> <li>Hosts configuring addresses via SLAAC on the local network may employ addresses configured for the previously advertised prefixes for at most the "Valid Lifetime" of the correspondingPIOPIOs of the last received Router Advertisementmessage.messages. Since Router Advertisement messages may be lost or fail to be received for various reasons,Customer Edge RoutersCE routers need to try to deprecate stale prefixes for a period of time equal to the "Valid Lifetime" of the PIO employed when originally advertising theprefix.</t> <t>The requirementprefix.</li> <li>The requirements in this sectionis conveyed as a "SHOULD" (as opposed to a "MUST"), since the requirementto store information on stable storage are conveyed as "<bcp14>SHOULD</bcp14>" (as opposed to "<bcp14>MUST</bcp14>"), since they may represent a challenge for someimplementations.</t> <t>Advertisingimplementations.</li> <li>Advertising DHCPv6-leased prefixes with zero lifetimes on theLAN-sideLAN side would handle the case where a CERouterrouter has no stable storage but receives the prefixes via DHCPv6 with 0lifetimes.</t> <t>Thelifetimes.</li> <li>The above text does not include DHCPv6 Advertise messages sent in response to DHCPv6 Solicit messages, sinceSection 18.3.9 of<xreftarget="RFC8415"/>target="RFC8415" sectionFormat="of" section="18.3.9" format="default"/> requires that a DHCPv6 server that is not going to assign an address or delegated prefix received as a hint in the Solicit messageMUST NOT<bcp14>MUST NOT</bcp14> include that address or delegated prefix in the Advertise message. Additionally, any subsequent Request messages will trigger the response specified in thissection,section and therefore cause the address or prefix to bedeprecated.</t> </list> </t> </list> </t>deprecated.</li> </ul> </section> </section> <sectiontitle="Recommendedanchor="parameters" numbered="true" toc="default"> <name>Recommended Option Lifetimes ConfigurationValues" anchor="parameters"> <t> <list style="symbols"> <t>ND_PREFERRED_LIMIT:Values</name> <ul spacing="normal"> <li>ND_PREFERRED_LIMIT: 2700 seconds (45minutes)</t> <t>ND_VALID_LIMIT:minutes)</li> <li>ND_VALID_LIMIT: 5400 seconds (90minutes)</t> </list> </t> <t> <list style="hanging"> <t hangText="RATIONALE:"> <vspace blankLines="0" /> Theseminutes)</li> </ul> <t>RATIONALE:</t> <ul empty="false"> <li>These values represent a trade-off among a number of factors, including responsiveness and possible impact on the battery life of connected devices <xreftarget="RFC7772"/>. </t> <t>ND_PREFERRED_LIMITtarget="RFC7772" format="default"/>. </li> <li>ND_PREFERRED_LIMIT is set according to the recommendations in <xreftarget="RFC7772"/>target="RFC7772" format="default"/> forRouter Lifetime,the "Router Lifetime", following the rationale fromSection 3.2 of<xreftarget="RFC8978"/>.</t> <t>ND_VALID_LIMITtarget="RFC8978" sectionFormat="of" section="3.2" format="default"/>.</li> <li>ND_VALID_LIMIT is set to 2 * ND_PREFERRED_LIMIT to provide some additional leeway before configuration information is finally discarded by thehost.</t> </list> </t>hosts.</li> </ul> </section> <sectiontitle="IANA Considerations">numbered="true" toc="default"> <name>IANA Considerations</name> <t> This document has noactions for IANA.IANA actions. </t> </section> <sectiontitle="Security Considerations">numbered="true" toc="default"> <name>Security Considerations</name> <t>This document discusses a problem that mayarisearise, e.g., in scenarios where dynamic IPv6 prefixes are employed, and it proposes improvements toCustomer Edge RoutersCE routers <xreftarget="RFC7084"/>target="RFC7084" format="default"/> to mitigate the problem for residential or small office scenarios. It does not introduce new securityissues, and thusissues; thus, the same security considerations as for <xreftarget="RFC4861"/>,target="RFC4861" format="default"/>, <xreftarget="RFC4862"/>,target="RFC4862" format="default"/>, <xreftarget="RFC7084"/>,target="RFC7084" format="default"/>, and <xreftarget="RFC8415"/>target="RFC8415" format="default"/> apply.</t> </section> </middle> <back> <displayreference target="I-D.ietf-6man-slaac-renum" to="6MAN-SLAAC-RENUM"/> <references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4191.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8106.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8415.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4861.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4862.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7772.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7844.xml"/> </references> <references> <name>Informative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7084.xml"/> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-6man-slaac-renum.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8978.xml"/> </references> </references> <sectiontitle="Acknowledgments">numbered="false" toc="default"> <name>Acknowledgments</name> <t>The authors would like to thankOwen DeLong, Philip Homburg, Erik Kline, and Ted Lemon,<contact fullname="Owen DeLong"/>, <contact fullname= "Philip Homburg"/>, <contact fullname="Erik Kline"/>, and <contact fullname="Ted Lemon"/> for their valuable help in improving this document via successive detailed reviews. </t> <t>The authors would like to thankMikael Abrahamsson, Luis Balbinot, Tim Chown, Brian Carpenter, Lorenzo Colitti, Alejandro D'Egidio, Gert Doering, Fernando Frediani, Guillermo Gont, Steinar Haug, Nick Hilliard, Lee Howard, Christian Huitema, Sheng Jiang, Benjamin Kaduk, Suresh Krishnan, Warren Kumari, Albert Manfredi, Olorunloba Olopade, Jordi<contact fullname="Mikael Abrahamsson"/>, <contact fullname="Luis Balbinot"/>, <contact fullname="Brian Carpenter"/>, <contact fullname="Tim Chown"/>, <contact fullname="Lorenzo Colitti"/>, <contact fullname="Alejandro D'Egidio"/>, <contact fullname="Gert Doering"/>, <contact fullname="Fernando Frediani"/>, <contact fullname="Guillermo Gont"/>, <contact fullname="Steinar Haug"/>, <contact fullname="Nick Hilliard"/>, <contact fullname="Lee Howard"/>, <contact fullname="Christian Huitema"/>, <contact fullname="Sheng Jiang"/>, <contact fullname="Benjamin Kaduk"/>, <contact fullname="Suresh Krishnan"/>, <contact fullname="Warren Kumari"/>, <contact fullname="Albert Manfredi"/>, <contact fullname="Olorunloba Olopade"/>, <contact fullname="Jordi PaletMartinez, Richard Patterson, Pete Resnick, Michael Richardson, Mark Smith, Job Snijders, Sander Steffann, Tarko Tikan, Ole Troan, Loganaden Velvindron, Eric Vyncke, Robert Wilton, Timothy Winters, Christopher Wood, and Chongfeng Xie,Martinez"/>, <contact fullname="Pete Resnick"/>, <contact fullname="Michael Richardson"/>, <contact fullname="Mark Smith"/>, <contact fullname="Job Snijders"/>, <contact fullname="Sander Steffann"/>, <contact fullname="Tarko Tikan"/>, <contact fullname="Ole Troan"/>, <contact fullname="Loganaden Velvindron"/>, <contact fullname="Éric Vyncke"/>, <contact fullname="Robert Wilton"/>, <contact fullname="Timothy Winters"/>, <contact fullname="Christopher Wood"/>, and <contact fullname="Chongfeng Xie"/> for providing valuable comments on earlier draft versions of this document.</t> <t>Fernando would also like to thankBrian Carpenter<contact fullname="Brian Carpenter"/> who, over the years, has answered many questions and provided valuable comments that have benefited his protocol-related work.</t> </section></middle> <back> <references title="Normative References"> <?rfc include="reference.RFC.2119" ?> <?rfc include="reference.RFC.8174" ?> <?rfc include="reference.RFC.4191" ?> <?rfc include="reference.RFC.8106" ?> <?rfc include="reference.RFC.8415" ?> <?rfc include="reference.RFC.4861" ?> <?rfc include="reference.RFC.4862" ?> <?rfc include="reference.RFC.7772" ?> <?rfc include="reference.RFC.7844" ?> </references> <references title="Informative References"> <?rfc include="reference.RFC.7084" ?> <?rfc include="reference.I-D.ietf-6man-slaac-renum" ?> <?rfc include="reference.RFC.8978" ?> </references></back> </rfc>