Relay-Supplied DHCPv6 Precedence OptionsCisco Systems, Inc.Cessna Business Park, Varthur HobliSarjapur Marathalli Outer Ring RoadBangaloreKarnataka560103Indiatireddy@cisco.comCisco Systems, Inc.Cessna Business Park, Varthur HobliSarjapur Marthalli Outer Ring RoadBangaloreKarnataka560103Indiapraspati@cisco.comCisco Systems, Inc.170 West Tasman DriveSan JoseCalifornia95134USAdwing@cisco.comMIF Working GroupNetwork configuration of hosts is currently relatively static with
little consideration of dynamic network characteristics. The network
infrastructure is aware of dynamic network characteristics. This
specification extends DHCPv6 so that the DHCPv6 relay agent can
influence a host's configuration.DHCPv6 allows relatively static information to be configured in
hosts, which is somewhat limiting. On a dynamic network, the DHCPv6
relay agent can observe characteristics of a network -- such as IPv6
multihoming which might be temporarily unavailable or need load
balancing of traffic towards each upstream ISPs. By including additional
information in relayed DHCPv6 messages, the DHCPv6 relay agent can
influence the DHCPv6 server to provide answers that are better suited to
the host's configuration on the network.In this document we propose new DHCPv6 options to be added by the
DHCPv6 relay agent when it generates a Relay-Forwarded message. defines default address selection mechanisms
for IPv6 that allow nodes to select appropriate address when faced with
multiple source and/or destination addresses to choose between. An
initial desire is to influence the DHCPv6 server's responses that modify
the host's address policy table based on observed network
characteristics.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .The DHCPv6 extension described in this document is useful with IPv6
multihoming and with IP address-based authentication.In Proxy Mobile IPv6 where
Mobile Node is assigned prefixes from both local access network
and home network. This will allow selected traffic to go through
the Mobile Packet Core and the rest through the Local access
Network. When DHCPv6 Relay Agent is co-located with the mobile
access gateway, the proposal is for the relay agent to influence
the DHCPv6 Server in the home network by adding the Address
Selection option. The relay agent can add an Address Selection
option to the DHCPv6 request suggesting the local access network
address selection policy table overiding the default address
selection parameters and policy table. The DHCPv6 server in the
home network will merge the policy received in Address Selection
option with it's own policy table as explained in section 4.3 of
. This updated
policy table will be provided to the DHCPv6 client (MN) in Address
Selection option (OPTION_ADDRSEL_TABLE). When the DHCPv6 Server is
co-located with the mobile access gateway, the DHCPv6 Server in
the local access network will receive the policy table from the
DHCPv6 server in the home network using DHCPv6
INFORMATION-REQUEST. The DHCPv6 server in local access network
will merge the received policy table with it's local policy table.
The following figure depicts this scenario. Some managed networks authenticate hosts with an authentication
supplicant or for hosts lacking the supplicant perform address-based
authentication. When Address-based authentication is used,
re-authentication occurs for each address obtained by the host,
which can create a lot of authentication transactions. To reduce
this chatter, it can be useful to disable IPv6 Privacy Addresses on those hosts using
address-based authentication. In a managed network, this option will
ensure that temporary addresses are disabled for hosts without
authentication supplicant. This way managed networks can
conditionally disable temporary addresses for only a set of
hosts.The relay agent may be configured with the external prefixes that
will be assigned to the host. In that case, the relay agent would
use the Address Selection option. In the case where the relay agent
is unaware of the external prefixes that will be assigned to the
host, the relay agent uses the Relative Precedence option. Details
for processing those options are described later in the
document.Whenever either of those options is used, a DHCPv6 server that
understands those options will ignore the IA_TA options in the
DHCPv6 request, effectively disabling the use of temporary addresses
for that host.In addition, there are known issues in managing privacy
extensions in certain scenarios. These are described in managing privacy
extensions. In such scenarios, conditionally disabling
temporary addresses allows administrators to better manage
deployments.To realize the functions described above, this document defines new
DHCPv6 option Relay-Supplied Prefix and updates the Address Selection
option defined in .
These DHCPv6 options are added by the DHCPv6 relay agent when it relays
a DHCPv6 message, and both MAY appear together in the same DHCPv6
message.Relay-Supplied Prefix option carries host and network information
observed by the DHCPv6 relay agent such as host does not support 802.1x
supplicant and will be subjected to web-authentication. The Address
Selection option allows prioritizing among a list of prefixes the DHCPv6
relay agent expects the DHCPv6 server to provide to the host.The layout of the Address Selection option is below:The fields are described below:OPTION_ADDRSEL_TABLE defined in Option LengthMust be 0 and ignored by the server.A value of 1 indicates that the relay agent wants
the DHCPv6 server to ignore any IA_TA options in the DHCPv6
request, as if the IA_TA options were not present. This
effectively disables privacy extensions . A value of 0 indicates the IA_TA
options, if present in the DHCPv6 request, are processed normally
by the DHCPv6 server. This value has no impact on destination
prefixes.This flag MUST be set to 0 and ignored by the
DHCPv6 serverThis flag MUST be set to 0 and ignored by the
DHCPv6 server.Zero or more Address Selection
Policy Table options defined in .The Relay-Supplied Prefix option is defined below:Length of the option.8-bit unsigned integer.Must be 0 and ignored by the server.The Policy Flag is defined below, and the actions taken by the
DHCPv6 server based on this flag are described in .DHCPv6 relay agents that implement this specification MUST be
configurable for sending the Address Selection option and the
Relay-Supplied Prefix option. Relay agents SHOULD have separate
configuration for each option to determine if it is to be added to
DHCPv6 request. A relay agent will include these options in the option
payload of a Request message. DHCPv6 relay agent should set Address
Selection option when there is a need to change the label/precedence
value for prefixes in scenario's discussed in and/or disable IPv6 temporary
addresses for the host. Discussion: To reduce end-user configuration of the DHCPv6 relay
agent, the DHCPv6 relay agent can use the mechanism specified in
to automatically learn the IPv6
prefixes that will be delegated to DHCPv6 clients. DHCPv6 relay
agent in future can use leasequery-like capability discussed in
section 3.2 of RFC to learn the
prefix information from DHCPv6 server.DHCPv6 relay agent should set Relay-Supplied Prefix option when
it receives DHCPv6 request from a host with specific characteristics
like authenticated using address based mechanism. Relative Precedence
option is used when the relay agent is unaware of the external prefixes
to be assigned to the host.Upon receiving a DHCPv6 request containing the Address Selection
option or the Relay-Supplied Prefix Option, the DHCPv6 server processing
is described below:Address Selection option - The DHCPv6 server should send a reply to
the host with the prefixes received from DHCPv6 relay agent along with
Precedence. The DHCPv6 server will merge the policy received in
Address Selection option with it's own policy table as explained in
section 4.3 of .If the option has "N" bit set to 1, the server SHOULD ignore the
IA_TA options in the DHCPv6 request, effectively disabling the use of
temporary addresses for that prefix. The DHCPv6 server will ignore the
"N" bit for destination prefixes.Note : If DHCPv6 servers receives both options with conflicting
flags IPV6_DIS_TEMP_ADDR and "N" bit then it SHOULD treat it as
mis-configuration on the relay agent and discard these options.The Relay-Supplied Prefix Option contains flags that defines the
characteristics of the host. IPV6_DIS_TEMP_ADDR - This flag indicates that Temporary IPv6
address allocation is to be disabled for the host. The DHCPv6
server should ignore any IA_TA options in the DHCPv6 request.Relay-Supplied Prefix is exchanged only between the DHCPv6 relay
agent and DHCPv6 server and Address Selection option can originate
either from the server or the relay agent, section 21.1 of provides details on securing DHCPv6 messages
sent between servers and relay agents. And, section 23 of provides general DHCPv6 security
considerations.It is possible for a DHCPv6 client to include the Relay-Supplied
Prefix option or the Address Selection options, which would be received
by a DHCPv6 server. This would cause the DHCPv6 client to receive a
different DHCPv6 response than it would have otherwise received. .IANA is requested to assign option code to OPTION_RS_PREFIX from the
option-code space as defined in section "DHCPv6 Options" of .[Note to RFC Editor: Please remove this section prior to
publication.]Added Proxy Mobile IPv6 with traffic offload use-case in
Section 3.1.Updated Section 3.2.1 to highlight the ability to disable
temporary addresses selectively.Updated usecase in section 3.1Changed Absolute Precedence Option