draft-ietf-6man-ipv6-subnet-model-00.txt   draft-ietf-6man-ipv6-subnet-model-01.txt 
Network Working Group H. Singh Network Working Group H. Singh
Internet-Draft W. Beebee Internet-Draft W. Beebee
Intended status: Standards Track Cisco Systems, Inc. Intended status: Standards Track Cisco Systems, Inc.
Expires: November 8, 2008 E. Nordmark Expires: January 11, 2009 E. Nordmark
Sun Microsystems Sun Microsystems
May 7, 2008 July 10, 2008
IPv6 Subnet Model: the Relationship between Links and Subnet Prefixes IPv6 Subnet Model: the Relationship between Links and Subnet Prefixes
draft-ietf-6man-ipv6-subnet-model-00 draft-ietf-6man-ipv6-subnet-model-01
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 8, 2008. This Internet-Draft will expire on January 11, 2009.
Abstract Abstract
IPv6 specifies a model of a subnet that is different than the IPv4 IPv6 specifies a model of a subnet that is different than the IPv4
subnet model. The subtlety of the differences has resulted in subnet model. The subtlety of the differences has resulted in
incorrect implementations that do not interoperate. This document incorrect implementations that do not interoperate. This document
spells out the most important difference; that an IPv6 address isn't spells out the most important difference; that an IPv6 address isn't
automatically associated with an IPv6 on-link prefix. automatically associated with an IPv6 on-link prefix.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Host Behavior Rules . . . . . . . . . . . . . . . . . . . . . . 4 2. Host Behavior and Rules . . . . . . . . . . . . . . . . . . . . 4
3. Observed Incorrect Implementation Behavior . . . . . . . . . . 5 3. Observed Incorrect Implementation Behavior . . . . . . . . . . 5
4. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
8.1. Normative References . . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . . 6
8.2. Informative References . . . . . . . . . . . . . . . . . . 6 8.2. Informative References . . . . . . . . . . . . . . . . . . 6
Appendix A. CHANGE HISTORY . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7
Intellectual Property and Copyright Statements . . . . . . . . . . 8 Intellectual Property and Copyright Statements . . . . . . . . . . 9
1. Introduction 1. Introduction
IPv4 implementations associate a netmask when an IPv4 address is IPv4 implementations typically associate a netmask with an address
assigned to an interface. That netmask together with the IPv4 when an IPv4 address is assigned to an interface. That netmask
address designates an on-link prefix. Addresses that match this together with the IPv4 address designates an on-link prefix.
prefix are viewed as on-link i.e., traffic to these addresses is not Addresses that are covered by this prefix are viewed as on-link i.e.,
sent to a router. See section 3.3.1 in [RFC1122]. Further, note traffic to these addresses is not sent to a router. See section
that implementations of IPv4 point-to-point interfaces might not have 3.3.1 in [RFC1122]. Prior to the deployment of CIDR, an address's
an associated IPv4 subnet prefix. netmask could be derived directly from the address. In the absence
of specifying a specific netmask when assigning a address, some
implementations would fall back to deriving the netmask from the
class of the address.
The behavior of IPv6 as specified in Neighbor Discovery [RFC4861] is The behavior of IPv6 as specified in Neighbor Discovery [RFC4861] is
quite different. The on-link determination is separate from the quite different. The on-link determination is separate from the
address assignment. A host can have IPv6 addresses without any address assignment. A host can have IPv6 addresses without any
related on-link prefixes or have on-link prefixes that are not related on-link prefixes or have on-link prefixes that are not
related to any IPv6 addresses that are assigned to the host. Any related to any IPv6 addresses that are assigned to the host. Any
assigned address on an interface should initially be considered as assigned address on an interface should initially be considered as
having no internal structure as shown in [RFC4291]. having no internal structure as shown in [RFC4291].
In IPv6, by default, a host treats only the link-local prefix as on- In IPv6, by default, a host treats only the link-local prefix as on-
link. link.
The reception of a Prefix Information Option (PIO) with the L-bit set The reception of a Prefix Information Option (PIO) with the L-bit set
[RFC4861] and a non-zero valid lifetime creates an entry (or updates [RFC4861] and a non-zero valid lifetime creates an entry (or updates
the valid lifetime for an existing entry) in the Prefix List. All the valid lifetime for an existing entry) in the Prefix List. All
the prefixes that are on the Prefix List, i.e., have not yet timed the prefixes that are on the Prefix List, i.e., have not yet timed
out, are on-link. out, are on-link.
In addition to the Prefix List, individual addresses are on-link if The on-link definition in the Terminology section of [RFC4861]
they are the target of a Redirect Message indicating on-link, or the defines the complete list of cases where an address is considered on-
source of a valid Neighbor Solicitation or Neighbor Advertisement link. Note, in particular, that Redirect Messages can also indicate
message. Note that Redirect Messages can also indicate an address is an address is off-link. Individual address entries can be expired by
off-link. Individual address entries can be expired by the Neighbor the Neighbor Unreachability Detection mechanism.
Unreachability Detection mechanism.
A host only performs address resolution for IPv6 addresses that are A host only performs address resolution for IPv6 addresses that are
on-link. Packets to any other address are sent to a default router. on-link. Packets to any other address are sent to a default router.
If there is no default router, then the node should send an ICMPv6 If there is no default router, then the node should send an ICMPv6
Destination Unreachable indication as specified in [RFC4861] - more Destination Unreachable indication as specified in [RFC4861] - more
details are provided in the Host Behavior Rules section. (Note that details are provided in the Host Behavior Rules section. (Note that
RFC 4861 changed the behavior when the Default Router List is empty. RFC 4861 changed the behavior when the Default Router List is empty.
The behavior in the old version of Neighbor Discovery [RFC2461] was The behavior in the old version of Neighbor Discovery [RFC2461] was
different when there were no default routers.) different when there were no default routers.)
Failure of host implementations to correctly implement the IPv6 Failure of host implementations to correctly implement the IPv6
subnet model can result in lack of IPv6 connectivity. See the subnet model can result in lack of IPv6 connectivity. See the
Observed Incorrect Implementation Behavior section for details. Observed Incorrect Implementation Behavior section for details.
Host behavior is clarified in the Host Behavior Rules section. Host behavior is clarified in the Host Behavior Rules section.
Finally, this document mainly restates and clarifies [RFC4861].
Finally, this document merely restates and clarifies [RFC4861]. 2. Host Behavior and Rules
2. Host Behavior Rules
A correctly implemented IPv6 host MUST adhere to the following rules: A correctly implemented IPv6 host MUST adhere to the following rules:
1. By default only the link-local prefix is on-link. 1. By default only the link-local prefix is on-link.
2. The configuration of an IPv6 address, whether through IPv6 2. The configuration of an IPv6 address, whether through IPv6
stateless address autoconfiguration [RFC4862], DHCPv6 [RFC3315], stateless address autoconfiguration [RFC4862], DHCPv6 [RFC3315],
or manual configuration MUST NOT imply that any prefix is on- or manual configuration MUST NOT implicitely cause a prefix
link. A host is explicitly told that prefixes or addresses are derived from that address to be treated as on-link. A host
on-link through the means specified in [RFC4861]. Note that this considers a prefix to be on-link only through explicit means,
requirement for manually configured addresses is not explicitly such as those specified in the on-link definition in the
mentioned in [RFC4861]. Terminology section of [RFC4861] or via manual configuration.
Note that the requirement for manually configured addresses is
not explicitly mentioned in [RFC4861].
3. On-link determination SHOULD NOT persist across IPv6 interface 3. If on-link determination persists across IPv6 interface
initializations. Note that section 5.7 of [RFC4862] describes initializations, then lack of IPv6 connectivity can result. For
the use of stable storage for addresses acquired with stateless example, a host receives an RA from a router with on-link prefix
address autoconfiguration with a note that the Preferred and A. The host reboots. During the reboot, the router sends out
Valid Lifetimes must be retained if this approach is used. prefix A with on-link bit set and a zero lifetime to indicate a
However no RFC suggests or recommends retaining the on-link renumbering. The host misses the renumbering. The host comes
prefixes. online. Then, the router sends an RA with no PIO. The host uses
cached on-link prefix A and issues NS's instead of sending
traffic to a default router. The "Observed Incorrect
Implementation Behavior" section below describes how this can
result in lack of IPv6 connectivity.
4. In the absence of other sources of on-link information, including 4. In the absence of other sources of on-link information, including
Redirects, if the RA advertises a prefix with the on-link(L) bit Redirects, if the RA advertises a prefix with the on-link(L) bit
set and later the Valid Lifetime expires, the host MUST then set and later the Valid Lifetime expires, the host MUST then
consider addresses of the prefix to be off-link, as specified by consider addresses of the prefix to be off-link, as specified by
the PIO paragraph of section 6.3.4 of [RFC4861]. the PIO paragraph of section 6.3.4 of [RFC4861].
5. Newer implementations, which are compliant with [RFC4861] MUST 5. Newer implementations, which are compliant with [RFC4861] MUST
adhere to the following rules. Older implementations, which are adhere to the following rules. Older implementations, which are
compliant with [RFC2461] but not [RFC4861] may remain as is. If compliant with [RFC2461] but not [RFC4861] may remain as is. If
skipping to change at page 4, line 49 skipping to change at page 5, line 8
on-link information about any address or prefix: on-link information about any address or prefix:
1. The host MUST NOT assume that all destinations are on-link. 1. The host MUST NOT assume that all destinations are on-link.
2. The host MUST NOT perform address resolution for non-link- 2. The host MUST NOT perform address resolution for non-link-
local addresses. local addresses.
3. Since the host cannot assume the destination is on-link, and 3. Since the host cannot assume the destination is on-link, and
off-link traffic cannot be sent to a default router (since off-link traffic cannot be sent to a default router (since
the Default Router List is empty), address resolution cannot the Default Router List is empty), address resolution cannot
be performed. This case is analogous to the behavior be performed. This case is specified in the last paragraph
specified in the last paragraph of section 7.2.2 of of section 4 of [RFC4943]: when there is no route to
[RFC4861]: when address resolution fails, the host SHOULD destination, the host should send an ICMPv6 Destination
send an ICMPv6 Destination Unreachable indication as Unreachable indication (for example, a locally delivered
specified in [RFC4861]. The specified behavior MAY be error message) as specified in the Terminology section of
extended to cover this case where address resolution cannot [RFC4861].
be performed.
On-link information concerning particular addresses and prefixes On-link information concerning particular addresses and prefixes
can make those specific addresses and prefixes on-link, but does can make those specific addresses and prefixes on-link, but does
not change the default behavior mentioned above for addresses and not change the default behavior mentioned above for addresses and
prefixes not specified. [RFC4943] provides justification for prefixes not specified. [RFC4943] provides justification for
these rules. these rules.
3. Observed Incorrect Implementation Behavior 3. Observed Incorrect Implementation Behavior
One incorrect implementation behavior illustrates the severe One incorrect implementation behavior illustrates the severe
skipping to change at page 5, line 38 skipping to change at page 5, line 44
4. Conclusion 4. Conclusion
This document clarifies and summarizes the relationship between links This document clarifies and summarizes the relationship between links
and subnet prefixes described in [RFC4861]. Configuration of an IPv6 and subnet prefixes described in [RFC4861]. Configuration of an IPv6
address does not imply the existence of corresponding on-link address does not imply the existence of corresponding on-link
prefixes. One should also look at API considerations for prefix prefixes. One should also look at API considerations for prefix
length as described in last paragraph of section 4.2 of [RFC4903]. length as described in last paragraph of section 4.2 of [RFC4903].
5. Security Considerations 5. Security Considerations
As this document merely restates and clarifies [RFC4861], it does not This document mainly restates and clarifies [RFC4861]. It does not
introduce any new security issues. introduce any new security issues.
6. IANA Considerations 6. IANA Considerations
None. None.
7. Acknowledgements 7. Acknowledgements
Thanks (in alphabetical order) to Adeel Ahmed, Jari Arkko, Ralph Thanks (in alphabetical order) to Adeel Ahmed, Jari Arkko, Ralph
Droms, Alun Evans, Dave Forster, Prashanth Krishnamurthy, Suresh Droms, Alun Evans, Dave Forster, Prashanth Krishnamurthy, Suresh
skipping to change at page 7, line 5 skipping to change at page 7, line 9
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862, September 2007. Address Autoconfiguration", RFC 4862, September 2007.
[RFC4903] Thaler, D., "Multi-Link Subnet Issues", RFC 4903, [RFC4903] Thaler, D., "Multi-Link Subnet Issues", RFC 4903,
June 2007. June 2007.
[RFC4943] Roy, S., Durand, A., and J. Paugh, "IPv6 Neighbor [RFC4943] Roy, S., Durand, A., and J. Paugh, "IPv6 Neighbor
Discovery On-Link Assumption Considered Harmful", Discovery On-Link Assumption Considered Harmful",
RFC 4943, September 2007. RFC 4943, September 2007.
Appendix A. CHANGE HISTORY
[NOTE TO RFC EDITOR: PLEASE REMOVE THIS SECTION UPON PUBLICATION.]
Changes in draft-ietf-6man-ipv6-subnet-model-01.txt since -00.txt
are:
o Changed Introduction section to remove any mention of src address
of ND message as a means for on-link determination. Also reworded
first paragrpah of Introduction section.
o Reworded bullet 2 of section 2 and added text to clarify on-link
definition.
o Added text to bullet 3 of section 2 to make explicit that this is
a new rule.
o Reworded bullet 5 of section 2 to clearly explain where ICMPv6
Destination Unreachable is sent to.
Authors' Addresses Authors' Addresses
Hemant Singh Hemant Singh
Cisco Systems, Inc. Cisco Systems, Inc.
1414 Massachusetts Ave. 1414 Massachusetts Ave.
Boxborough, MA 01719 Boxborough, MA 01719
USA USA
Phone: +1 978 936 1622 Phone: +1 978 936 1622
Email: shemant@cisco.com Email: shemant@cisco.com
 End of changes. 17 change blocks. 
43 lines changed or deleted 70 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/