| rfc9818v1.txt | rfc9818.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) T. Winters | Internet Engineering Task Force (IETF) T. Winters | |||
| Request for Comments: 9818 QA Cafe | Request for Comments: 9818 QA Cafe | |||
| Updates: 7084 July 2025 | Updates: 7084 July 2025 | |||
| Category: Informational | Category: Informational | |||
| ISSN: 2070-1721 | ISSN: 2070-1721 | |||
| IPv6 Customer Edge (CE) Routers LAN DHCPv6 Prefix Delegation | DHCPv6 Prefix Delegation on IPv6 Customer Edge (CE) Routers in LANs | |||
| Abstract | Abstract | |||
| This document defines requirements for IPv6 Customer Edge (CE) | This document defines requirements for IPv6 Customer Edge (CE) | |||
| routers to support DHCPv6 Prefix Delegation for distributing | routers to support DHCPv6 Prefix Delegation for distributing | |||
| available prefixes that were delegated to a IPv6 CE router. This | available prefixes to LAN devices that were delegated to a IPv6 CE | |||
| document updates RFC 7084. | router. This document updates RFC 7084. | |||
| Status of This Memo | Status of This Memo | |||
| This document is not an Internet Standards Track specification; it is | This document is not an Internet Standards Track specification; it is | |||
| published for informational purposes. | published for informational purposes. | |||
| This document is a product of the Internet Engineering Task Force | This document is a product of the Internet Engineering Task Force | |||
| (IETF). It represents the consensus of the IETF community. It has | (IETF). It represents the consensus of the IETF community. It has | |||
| received public review and has been approved for publication by the | received public review and has been approved for publication by the | |||
| Internet Engineering Steering Group (IESG). Not all documents | Internet Engineering Steering Group (IESG). Not all documents | |||
| skipping to change at line 93 ¶ | skipping to change at line 93 ¶ | |||
| prefix delegation requires an IPv6 CE router to sub-delegate IPv6 | prefix delegation requires an IPv6 CE router to sub-delegate IPv6 | |||
| prefixes based on a set of rules. If more than one router uses | prefixes based on a set of rules. If more than one router uses | |||
| hierarchical prefix delegation, an IPv6 prefix tree is created. When | hierarchical prefix delegation, an IPv6 prefix tree is created. When | |||
| no routing protocol is enabled to discover the network topology, it | no routing protocol is enabled to discover the network topology, it | |||
| is possible to have an unbalanced prefix delegation tree, which leads | is possible to have an unbalanced prefix delegation tree, which leads | |||
| to running out of prefixes. More information on hierarchical prefix | to running out of prefixes. More information on hierarchical prefix | |||
| delegation can be found, e.g., in Section 8.5 of CableLabs IPv6 | delegation can be found, e.g., in Section 8.5 of CableLabs IPv6 | |||
| eRouter specification [eRouter]. A flat prefix delegation requires | eRouter specification [eRouter]. A flat prefix delegation requires | |||
| the router to be provisioned with the initial prefix and to assign | the router to be provisioned with the initial prefix and to assign | |||
| /64 prefixes to all other prefix requests from routers in the LAN- | /64 prefixes to all other prefix requests from routers in the LAN- | |||
| facing interface. The default configuration of CE router supporting | facing interface. The default configuration of CE routers is | |||
| prefix delegation is designed to be a flat model to support zero- | designed to be a flat model to support zero-configuration networking. | |||
| configuration networking. | ||||
| This document does not cover dealing with multi-provisioned networks | This document does not cover dealing with multi-prefix networks with | |||
| with more than one provider. Due to the complexity of a solution | more than one provider. Due to the complexity of a solution that | |||
| that would require routing, provisioning, and policy, this is out of | would require routing, provisioning, and policy, this is out of scope | |||
| scope of this document. | of this document. | |||
| 2. Requirements Language | 2. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This document uses these keywords not strictly for the purpose of | This document uses these keywords not strictly for the purpose of | |||
| skipping to change at line 124 ¶ | skipping to change at line 123 ¶ | |||
| implementers regarding any protocol implementation required to | implementers regarding any protocol implementation required to | |||
| produce a successful CE router that interoperates successfully with a | produce a successful CE router that interoperates successfully with a | |||
| particular subset of currently deployed and planned common IPv6 | particular subset of currently deployed and planned common IPv6 | |||
| access networks. | access networks. | |||
| 3. Terminology | 3. Terminology | |||
| The document makes use of the following terms, some of which are from | The document makes use of the following terms, some of which are from | |||
| Section 2 of [RFC8200] | Section 2 of [RFC8200] | |||
| IPv6 node: A device that implements IPv6 protocol. | IPv6 node: A device that implements IPv6. | |||
| IPv6 router: An IPv6 node that forwards IPv6 packets not explicitly | IPv6 router: An IPv6 node that forwards IPv6 packets not explicitly | |||
| addressed to itself. | addressed to itself. | |||
| IPv6 host: An IPv6 node that is not a router. | IPv6 host: An IPv6 node that is not a router. | |||
| ULA: Unique Local Address, as defined in [RFC4193]. | ULA: Unique Local Address, as defined in [RFC4193]. | |||
| GUA: Global Unicast Address, as defined in [RFC4291]. | GUA: Global Unicast Address, as defined in [RFC4291]. | |||
| 4. IPv6 End-User Network Architecture | 4. IPv6 End-User Network Architecture | |||
| The end-user network for IPv6 that is a stub network. Figure 1 | The end-user network for IPv6 contains stub networks. Figure 1 | |||
| illustrates the model topology. | illustrates the model topology. | |||
| +-----------+ | +-----------+ | |||
| | Service | | | Service | | |||
| | Provider | | | Provider | | |||
| | Router | | | Router | | |||
| +-----+-----+ | +-----+-----+ | |||
| | | | | |||
| | | | | |||
| | Customer | | Customer | |||
| skipping to change at line 191 ¶ | skipping to change at line 190 ¶ | |||
| These requirements are in addition to the ones in Section 4.3 of | These requirements are in addition to the ones in Section 4.3 of | |||
| [RFC7084]. | [RFC7084]. | |||
| 5.1. LAN Prefix Delegation Requirements (LPD) | 5.1. LAN Prefix Delegation Requirements (LPD) | |||
| LPD-1: Each IPv6 CE router MUST support IPv6 prefix assignment | LPD-1: Each IPv6 CE router MUST support IPv6 prefix assignment | |||
| according to Section 13.3 of [RFC8415] (Identity Association | according to Section 13.3 of [RFC8415] (Identity Association | |||
| for Prefix Delegation (IA_PD) option) on its LAN | for Prefix Delegation (IA_PD) option) on its LAN | |||
| interface(s). | interface(s). | |||
| LPD-2: IPv6 CE routers MUST assign a prefix from the delegated | LPD-2: Each IPv6 CE routers MUST assign a prefix from the delegated | |||
| prefix as specified by L-2 in Section 4.3 of [RFC7084]. If | prefix as specified by L-2 in Section 4.3 of [RFC7084]. If | |||
| insufficient prefixes are available, the IPv6 CE router MUST | insufficient prefixes are available, the IPv6 CE router MUST | |||
| log a system management error. | log a system management error. | |||
| LPD-3: The prefix assigned to a link MUST NOT change in the absence | LPD-3: The prefix assigned to a link MUST NOT change in the absence | |||
| of a local policy or a topology change. | of a local policy or a topology change. | |||
| LPD-4: After LAN link prefix assignments, the IPv6 CE router MUST | LPD-4: After LAN link prefix assignments, the IPv6 CE router MUST | |||
| keep the remaining IPv6 prefixes available to other routers | keep the remaining IPv6 prefixes available to other routers | |||
| via Prefix Delegation. | via Prefix Delegation. | |||
| LPD-5: IPv6 CE routers MUST maintain a local routing table that is | LPD-5: IPv6 CE routers MUST maintain a local routing table that is | |||
| dynamically updated with leases and the associated next hops | dynamically updated with leases and the associated next hops | |||
| as they are delegated to clients. When a delegated prefix | as they are delegated to clients. Absent explicit | |||
| is released or expires, the associated route MUST be removed | filtering, packets with destination addresses in a delegated | |||
| prefix MUST be forwarded to that prefix regardless of which | ||||
| interface they are received on. When a delegated prefix is | ||||
| released or expires, the associated route MUST be removed | ||||
| from the IPv6 CE router's routing table. A delegated prefix | from the IPv6 CE router's routing table. A delegated prefix | |||
| expires when the valid lifetime assigned in the IA_PD | expires when the valid lifetime assigned in the IA_PD | |||
| expires without being renewed. When a prefix is released or | expires without being renewed. When a prefix is released or | |||
| expires, it MUST be returned the pool of available prefixes. | expires, it MUST be returned the pool of available prefixes. | |||
| LPD-6: By default, the IPv6 CE router filtering rules MUST allow | LPD-6: By default, the IPv6 CE router filtering rules MUST allow | |||
| forwarding of packets with an outer IPv6 header containing a | forwarding of packets with an outer IPv6 header containing a | |||
| source address belonging to Delegated Prefixes, along with | source address belonging to delegated prefixes, along with | |||
| reciprocal packets from the same flow, following the | reciprocal packets from the same flow, following the | |||
| recommendations of [RFC6092]. This updates WPD-5 of | recommendations of [RFC6092]. This updates WPD-5 of | |||
| [RFC7084] to not drop packets from prefixes that have been | [RFC7084] to not drop packets from prefixes that have been | |||
| delegated. IPv6 CE routers MUST continue to drop packets | delegated. IPv6 CE routers MUST continue to drop packets, | |||
| including destination address that is not assigned to the | including destination address, that are not assigned to the | |||
| LAN or delegated. | LAN or delegated. | |||
| LPD-7: The IPv6 CE routers MUST provision IA_PD prefixes with a | LPD-7: The IPv6 CE routers MUST provision IA_PD prefixes with a | |||
| prefix-length of 64 on the LAN-facing interface unless | prefix-length of 64 on the LAN-facing interface unless | |||
| configured to use a different prefix-length by the CE router | configured to use a different prefix-length by the CE router | |||
| administrator. The prefix length of 64 is used as that is | administrator. The prefix-length of 64 is used as that is | |||
| the current prefix length supported by SLAAC [RFC4862]. For | the current prefix-length supported by SLAAC [RFC4862]. For | |||
| hierarchical prefix delegation, a prefix-length shorter than | hierarchical prefix delegation, a prefix-length shorter than | |||
| 64 may be configured. | 64 may be configured. | |||
| LPD-8: IPv6 CE routers configured to generate a ULA prefix as | LPD-8: IPv6 CE routers configured to generate a ULA prefix as | |||
| defined in ULA-1 of Section 4.3 of [RFC7084] MUST continue | defined in ULA-1 of Section 4.3 of [RFC7084] MUST continue | |||
| to provision available GUA IPv6 prefixes. | to provision available GUA IPv6 prefixes. | |||
| LPD-9: If an IPv6 CE router is provisioning both ULA and GUA via | LPD-9: If an IPv6 CE router is provisioning both a ULA and GUA via | |||
| prefix delegation, the GUA SHOULD appear first in the DHCPv6 | prefix delegation, the GUA SHOULD appear first in the DHCPv6 | |||
| packets. | packets. | |||
| LPD-10: IPv6 CE routers MUST NOT delegate prefixes via DHCPv6 on the | LPD-10: IPv6 CE routers MUST NOT delegate prefixes via DHCPv6 on the | |||
| LAN using lifetimes that exceed the remaining lifetimes of | LAN using lifetimes that exceed the remaining lifetimes of | |||
| the corresponding prefixes learned on the WAN. | the corresponding prefixes learned on the WAN. | |||
| 6. Security Considerations | 6. Security Considerations | |||
| This document does not add any new security considerations beyond | This document does not add any new security considerations beyond | |||
| End of changes. 12 change blocks. | ||||
| 21 lines changed or deleted | 23 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||