rfc9818v1.txt | rfc9818.txt | |||
---|---|---|---|---|
Internet Engineering Task Force (IETF) T. Winters | Internet Engineering Task Force (IETF) T. Winters | |||
Request for Comments: 9818 QA Cafe | Request for Comments: 9818 QA Cafe | |||
Updates: 7084 July 2025 | Updates: 7084 July 2025 | |||
Category: Informational | Category: Informational | |||
ISSN: 2070-1721 | ISSN: 2070-1721 | |||
IPv6 Customer Edge (CE) Routers LAN DHCPv6 Prefix Delegation | DHCPv6 Prefix Delegation on IPv6 Customer Edge (CE) Routers in LANs | |||
Abstract | Abstract | |||
This document defines requirements for IPv6 Customer Edge (CE) | This document defines requirements for IPv6 Customer Edge (CE) | |||
routers to support DHCPv6 Prefix Delegation for distributing | routers to support DHCPv6 Prefix Delegation for distributing | |||
available prefixes that were delegated to a IPv6 CE router. This | available prefixes to LAN devices that were delegated to a IPv6 CE | |||
document updates RFC 7084. | router. This document updates RFC 7084. | |||
Status of This Memo | Status of This Memo | |||
This document is not an Internet Standards Track specification; it is | This document is not an Internet Standards Track specification; it is | |||
published for informational purposes. | published for informational purposes. | |||
This document is a product of the Internet Engineering Task Force | This document is a product of the Internet Engineering Task Force | |||
(IETF). It represents the consensus of the IETF community. It has | (IETF). It represents the consensus of the IETF community. It has | |||
received public review and has been approved for publication by the | received public review and has been approved for publication by the | |||
Internet Engineering Steering Group (IESG). Not all documents | Internet Engineering Steering Group (IESG). Not all documents | |||
skipping to change at line 93 ¶ | skipping to change at line 93 ¶ | |||
prefix delegation requires an IPv6 CE router to sub-delegate IPv6 | prefix delegation requires an IPv6 CE router to sub-delegate IPv6 | |||
prefixes based on a set of rules. If more than one router uses | prefixes based on a set of rules. If more than one router uses | |||
hierarchical prefix delegation, an IPv6 prefix tree is created. When | hierarchical prefix delegation, an IPv6 prefix tree is created. When | |||
no routing protocol is enabled to discover the network topology, it | no routing protocol is enabled to discover the network topology, it | |||
is possible to have an unbalanced prefix delegation tree, which leads | is possible to have an unbalanced prefix delegation tree, which leads | |||
to running out of prefixes. More information on hierarchical prefix | to running out of prefixes. More information on hierarchical prefix | |||
delegation can be found, e.g., in Section 8.5 of CableLabs IPv6 | delegation can be found, e.g., in Section 8.5 of CableLabs IPv6 | |||
eRouter specification [eRouter]. A flat prefix delegation requires | eRouter specification [eRouter]. A flat prefix delegation requires | |||
the router to be provisioned with the initial prefix and to assign | the router to be provisioned with the initial prefix and to assign | |||
/64 prefixes to all other prefix requests from routers in the LAN- | /64 prefixes to all other prefix requests from routers in the LAN- | |||
facing interface. The default configuration of CE router supporting | facing interface. The default configuration of CE routers is | |||
prefix delegation is designed to be a flat model to support zero- | designed to be a flat model to support zero-configuration networking. | |||
configuration networking. | ||||
This document does not cover dealing with multi-provisioned networks | This document does not cover dealing with multi-prefix networks with | |||
with more than one provider. Due to the complexity of a solution | more than one provider. Due to the complexity of a solution that | |||
that would require routing, provisioning, and policy, this is out of | would require routing, provisioning, and policy, this is out of scope | |||
scope of this document. | of this document. | |||
2. Requirements Language | 2. Requirements Language | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
This document uses these keywords not strictly for the purpose of | This document uses these keywords not strictly for the purpose of | |||
skipping to change at line 124 ¶ | skipping to change at line 123 ¶ | |||
implementers regarding any protocol implementation required to | implementers regarding any protocol implementation required to | |||
produce a successful CE router that interoperates successfully with a | produce a successful CE router that interoperates successfully with a | |||
particular subset of currently deployed and planned common IPv6 | particular subset of currently deployed and planned common IPv6 | |||
access networks. | access networks. | |||
3. Terminology | 3. Terminology | |||
The document makes use of the following terms, some of which are from | The document makes use of the following terms, some of which are from | |||
Section 2 of [RFC8200] | Section 2 of [RFC8200] | |||
IPv6 node: A device that implements IPv6 protocol. | IPv6 node: A device that implements IPv6. | |||
IPv6 router: An IPv6 node that forwards IPv6 packets not explicitly | IPv6 router: An IPv6 node that forwards IPv6 packets not explicitly | |||
addressed to itself. | addressed to itself. | |||
IPv6 host: An IPv6 node that is not a router. | IPv6 host: An IPv6 node that is not a router. | |||
ULA: Unique Local Address, as defined in [RFC4193]. | ULA: Unique Local Address, as defined in [RFC4193]. | |||
GUA: Global Unicast Address, as defined in [RFC4291]. | GUA: Global Unicast Address, as defined in [RFC4291]. | |||
4. IPv6 End-User Network Architecture | 4. IPv6 End-User Network Architecture | |||
The end-user network for IPv6 that is a stub network. Figure 1 | The end-user network for IPv6 contains stub networks. Figure 1 | |||
illustrates the model topology. | illustrates the model topology. | |||
+-----------+ | +-----------+ | |||
| Service | | | Service | | |||
| Provider | | | Provider | | |||
| Router | | | Router | | |||
+-----+-----+ | +-----+-----+ | |||
| | | | |||
| | | | |||
| Customer | | Customer | |||
skipping to change at line 191 ¶ | skipping to change at line 190 ¶ | |||
These requirements are in addition to the ones in Section 4.3 of | These requirements are in addition to the ones in Section 4.3 of | |||
[RFC7084]. | [RFC7084]. | |||
5.1. LAN Prefix Delegation Requirements (LPD) | 5.1. LAN Prefix Delegation Requirements (LPD) | |||
LPD-1: Each IPv6 CE router MUST support IPv6 prefix assignment | LPD-1: Each IPv6 CE router MUST support IPv6 prefix assignment | |||
according to Section 13.3 of [RFC8415] (Identity Association | according to Section 13.3 of [RFC8415] (Identity Association | |||
for Prefix Delegation (IA_PD) option) on its LAN | for Prefix Delegation (IA_PD) option) on its LAN | |||
interface(s). | interface(s). | |||
LPD-2: IPv6 CE routers MUST assign a prefix from the delegated | LPD-2: Each IPv6 CE routers MUST assign a prefix from the delegated | |||
prefix as specified by L-2 in Section 4.3 of [RFC7084]. If | prefix as specified by L-2 in Section 4.3 of [RFC7084]. If | |||
insufficient prefixes are available, the IPv6 CE router MUST | insufficient prefixes are available, the IPv6 CE router MUST | |||
log a system management error. | log a system management error. | |||
LPD-3: The prefix assigned to a link MUST NOT change in the absence | LPD-3: The prefix assigned to a link MUST NOT change in the absence | |||
of a local policy or a topology change. | of a local policy or a topology change. | |||
LPD-4: After LAN link prefix assignments, the IPv6 CE router MUST | LPD-4: After LAN link prefix assignments, the IPv6 CE router MUST | |||
keep the remaining IPv6 prefixes available to other routers | keep the remaining IPv6 prefixes available to other routers | |||
via Prefix Delegation. | via Prefix Delegation. | |||
LPD-5: IPv6 CE routers MUST maintain a local routing table that is | LPD-5: IPv6 CE routers MUST maintain a local routing table that is | |||
dynamically updated with leases and the associated next hops | dynamically updated with leases and the associated next hops | |||
as they are delegated to clients. When a delegated prefix | as they are delegated to clients. Absent explicit | |||
is released or expires, the associated route MUST be removed | filtering, packets with destination addresses in a delegated | |||
prefix MUST be forwarded to that prefix regardless of which | ||||
interface they are received on. When a delegated prefix is | ||||
released or expires, the associated route MUST be removed | ||||
from the IPv6 CE router's routing table. A delegated prefix | from the IPv6 CE router's routing table. A delegated prefix | |||
expires when the valid lifetime assigned in the IA_PD | expires when the valid lifetime assigned in the IA_PD | |||
expires without being renewed. When a prefix is released or | expires without being renewed. When a prefix is released or | |||
expires, it MUST be returned the pool of available prefixes. | expires, it MUST be returned the pool of available prefixes. | |||
LPD-6: By default, the IPv6 CE router filtering rules MUST allow | LPD-6: By default, the IPv6 CE router filtering rules MUST allow | |||
forwarding of packets with an outer IPv6 header containing a | forwarding of packets with an outer IPv6 header containing a | |||
source address belonging to Delegated Prefixes, along with | source address belonging to delegated prefixes, along with | |||
reciprocal packets from the same flow, following the | reciprocal packets from the same flow, following the | |||
recommendations of [RFC6092]. This updates WPD-5 of | recommendations of [RFC6092]. This updates WPD-5 of | |||
[RFC7084] to not drop packets from prefixes that have been | [RFC7084] to not drop packets from prefixes that have been | |||
delegated. IPv6 CE routers MUST continue to drop packets | delegated. IPv6 CE routers MUST continue to drop packets, | |||
including destination address that is not assigned to the | including destination address, that are not assigned to the | |||
LAN or delegated. | LAN or delegated. | |||
LPD-7: The IPv6 CE routers MUST provision IA_PD prefixes with a | LPD-7: The IPv6 CE routers MUST provision IA_PD prefixes with a | |||
prefix-length of 64 on the LAN-facing interface unless | prefix-length of 64 on the LAN-facing interface unless | |||
configured to use a different prefix-length by the CE router | configured to use a different prefix-length by the CE router | |||
administrator. The prefix length of 64 is used as that is | administrator. The prefix-length of 64 is used as that is | |||
the current prefix length supported by SLAAC [RFC4862]. For | the current prefix-length supported by SLAAC [RFC4862]. For | |||
hierarchical prefix delegation, a prefix-length shorter than | hierarchical prefix delegation, a prefix-length shorter than | |||
64 may be configured. | 64 may be configured. | |||
LPD-8: IPv6 CE routers configured to generate a ULA prefix as | LPD-8: IPv6 CE routers configured to generate a ULA prefix as | |||
defined in ULA-1 of Section 4.3 of [RFC7084] MUST continue | defined in ULA-1 of Section 4.3 of [RFC7084] MUST continue | |||
to provision available GUA IPv6 prefixes. | to provision available GUA IPv6 prefixes. | |||
LPD-9: If an IPv6 CE router is provisioning both ULA and GUA via | LPD-9: If an IPv6 CE router is provisioning both a ULA and GUA via | |||
prefix delegation, the GUA SHOULD appear first in the DHCPv6 | prefix delegation, the GUA SHOULD appear first in the DHCPv6 | |||
packets. | packets. | |||
LPD-10: IPv6 CE routers MUST NOT delegate prefixes via DHCPv6 on the | LPD-10: IPv6 CE routers MUST NOT delegate prefixes via DHCPv6 on the | |||
LAN using lifetimes that exceed the remaining lifetimes of | LAN using lifetimes that exceed the remaining lifetimes of | |||
the corresponding prefixes learned on the WAN. | the corresponding prefixes learned on the WAN. | |||
6. Security Considerations | 6. Security Considerations | |||
This document does not add any new security considerations beyond | This document does not add any new security considerations beyond | |||
End of changes. 12 change blocks. | ||||
21 lines changed or deleted | 23 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. |