--- 1/draft-ietf-6man-reserved-iids-01.txt 2008-12-03 01:12:03.000000000 +0100 +++ 2/draft-ietf-6man-reserved-iids-02.txt 2008-12-03 01:12:03.000000000 +0100 @@ -1,18 +1,18 @@ Network Working Group S. Krishnan Internet-Draft Ericsson -Intended status: Standards Track July 14, 2008 -Expires: January 15, 2009 +Intended status: Standards Track December 2, 2008 +Expires: June 5, 2009 Reserved IPv6 Interface Identifiers - draft-ietf-6man-reserved-iids-01 + draft-ietf-6man-reserved-iids-02 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that @@ -23,21 +23,21 @@ and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. - This Internet-Draft will expire on January 15, 2009. + This Internet-Draft will expire on June 5, 2009. Abstract Interface Identifiers in IPv6 unicast addresses are used to identify interfaces on a link. They are required to be unique within a subnet. Several RFCs have specified interface identifiers or identifier ranges that have a special meaning attached to them. An IPv6 node autoconfiguring an interface identifier in these ranges will encounter unexpected consequences. Since there is no centralized repository for such reserved identifiers, this document @@ -48,55 +48,56 @@ 1. Requirements notation . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Issues with reusing reserved Interface Identifiers . . . . . . 5 3.1. Possible solutions . . . . . . . . . . . . . . . . . . . . 5 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 7.1. Normative References . . . . . . . . . . . . . . . . . . . 9 7.2. Informative References . . . . . . . . . . . . . . . . . . 9 - Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 10 - Intellectual Property and Copyright Statements . . . . . . . . . . 11 + Appendix A. List of potentially affected RFCs . . . . . . . . . . 10 + Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11 + Intellectual Property and Copyright Statements . . . . . . . . . . 12 1. Requirements notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Introduction An IPv6 unicast address is composed of two parts : A subnet prefix and an interface identifier (IID) that identifies an unique interface within the subnet prefix. The structure of an IPv6 unicast address is depicted in the IPv6 Addressing Architecture [RFC4291] and is replicated here for clarity. | n bits | 128-n bits | - +------------------------------------------------+----------------+ + +-------------------------------+---------------------------------+ | subnet prefix | interface ID | - +------------------------------------------------+----------------+ + +-------------------------------+---------------------------------+ Figure 1: IPv6 Unicast Address Format - For all unicast addresses, except those that start with binary value - 000, interface identifiers are required to be 64 bits long (i.e. - n==64) . If the interface identifiers are generated from an unique - token like an ethernet MAC address, they need to set bit 6 of the - first octet to one. If they are not generated from an unique token - they need to set bit 6 to zero. Examples of mechanisms that generate - interface identifiers without an unique token include - Cryptographically Generated Addresses [RFC3972], Privacy Addresses - [RFC4941], Hash Based Addresses [HBA] etc. Non-unique interface - identifiers can also be allocated using managed address assignment - mechanisms like DHCPv6 [RFC3315]. + For all unicast addresses, except those that start with the binary + value 000, Interface IDs are required to be 64 bits long and to be + constructed in Modified EUI-64 format. If the interface identifiers + are generated from an unique token like an ethernet MAC address, they + need to set bit 6 of the first octet to one. If they are not + generated from an unique token they need to set bit 6 to zero. + Examples of mechanisms that generate interface identifiers without an + unique token include Cryptographically Generated Addresses [RFC3972], + Privacy Addresses [RFC4941], Hash Based Addresses [HBA] etc. Non- + unique interface identifiers can also be allocated using managed + address assignment mechanisms like DHCPv6 [RFC3315]. 3. Issues with reusing reserved Interface Identifiers Let us assume a node comes up with an interface identifier that has been reserved for use in some other capacity. e.g. An IPv6 node that uses temporary IPv6 addresses [RFC4941] comes up with an IID of fdff: ffff:ffff:fff . This node will receive requests from all nodes that are requesting a service from a MobileIPv6 home agent since the above mentioned interface identifier has been reserved in [RFC2526] to serve as a MIPv6 home agents anycast address. At best this is an @@ -107,86 +108,80 @@ configuration or for managed address configuration. 3.1. Possible solutions There are two possible ways to go about avoiding usage of these reserved interface identifiers. One of them would be to add normative reference to each specification that reserves an interface identifier. The other one would be to create an IANA registry for such interface identifiers. There are two disadvantages to the normative reference approach. Firstly, this approach does not scale - well. This is because the number of such specifications can need to + well. This is because the number of such specifications that need to be updated is large. Secondly, the maturity level of the document reserving the IID might be lower than the one prohibited from using it. This will cause a downward reference problem. Therefore the - better solution is to create an IANA registry for this purpose. e.g. - Reserving certain identifiers may be useful in certain protocols such - as PMIP in order to avoid duplicate address detection on point to - point links, but PMIP will be at a lower standardization level than - the address sutoconfiguration standards and hence not referable from - them. + better solution is to create an IANA registry for this purpose. 4. IANA Considerations This document requests the creation of an IANA registry for reserved IPv6 Interface Identifiers. Initial values for the reserved IPv6 Interface Identifiers are given below. +-----------------------------------------+-------------------------+ | Interface Identifier Range | Description | +-----------------------------------------+-------------------------+ | 0000:0000:0000:0000-0000:0000:0000:0000 | Subnet-Router Anycast | | | [RFC4291] | | | | - | fdff:ffff:ffff:ff80-fdff:ffff:ffff:fffd | Reserved Subnet Anycast | - | | [RFC2526] | - | | | - | fdff:ffff:ffff:fffe-fdff:ffff:ffff:fffe | MobileIPv6 Home Agents | - | | Anycast [RFC2526] | - | | | - | fdff:ffff:ffff:ffff-fdff:ffff:ffff:ffff | Reserved Subnet Anycast | - | | [RFC2526] | + | FDFF:FFFF:FFFF:FF80-FDFF:FFFF:FFFF:FFFF | Reserved Subnet Anycast | + | | Addresses[RFC2526] | +-----------------------------------------+-------------------------+ Table 1: Current Assignments It is possible that implementations might predate a specific assignment from this registry and hence not be cognizant of the reserved nature of the interface identifier. Hence. future assignments from this registry are discouraged but in exceptional circumstances are to be made through Standards Action [RFC5226]. Assignments consist of a single interface identifier or a range of interface identifiers. - NOTE: Please note that the address ::/128 (all zeros in the interface - identifier field) is used as an unspecified address and ::/0 (again - all zeros in the interface identifier field) is used as a default - route indicator as specified in [RFC5156]. These do not necessarily - conflict with the reserved interface identifiers defined here, since - the reserved identifiers defined in this document are used for - avoiding conflicts with stateless address autoconfiguration that uses - a 64 bit prefix length. + NOTE: Please note that the address :: (all zeros in the interface + identifier field) is used as the unspecified address. In addition, + many IETF protocols and data formats prescribe that the unused bits + in prefixes be set to 0. Hence, prefixes with prefix lengths up to + 64 are usually stored and transmitted with an interface identifier + part of all zeros. This includes ::/0, used as a default route + indicator, as specified in [RFC5156]. These uses do not conflict + with the reserved interface identifiers defined here, since the + reserved identifiers defined in this document are used for avoiding + conflicts with stateless address autoconfiguration that utilizes a 64 + bit prefix length. 5. Acknowledgements The author would like to thank Alain Durand, Alex Petrescu, Bernie Volz, Bob Hinden, Christian Huitema, Fred Templin, Jordi Palet Martinez, Pekka Savola, Remi Denis-Courmount, Tim Enos, Alex - Petrescu, Ed Jankiewicz and Brian Carpenter for reviewing this - document and suggesting changes. + Petrescu, Ed Jankiewicz, Brian Carpenter, Alfred Hoenes, Jari Arkko, + Pasi Eronen, Tim Polk, Lars Eggert, Derek Atkins and Robert Sparks + for reviewing this document and suggesting changes. 6. Security Considerations - Information that creates or updates a registration needs to be - authenticated and authorized. By utilizing one of the reserved - interface identifiers an IPv6 node might receive requests that it is - not authorized to receive. + By utilizing one of the reserved interface identifiers, an IPv6 node + might receive requests that it is not authorized to receive. + Information that creates or updates a registration in this registry + needs to be authenticated and authorized by the IANA based on the + instructions set forth by [RFC5226]. 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2526] Johnson, D. and S. Deering, "Reserved IPv6 Subnet Anycast Addresses", RFC 2526, March 1999. @@ -194,36 +189,60 @@ [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. 7.2. Informative References [HBA] Bagnulo, M., "Hash Based Addresses (HBA)", - draft-ietf-shim6-hba-02 (work in progress), October 2006. + draft-ietf-shim6-hba-05 (work in progress), October 2006. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005. [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy Extensions for Stateless Address Autoconfiguration in IPv6", RFC 4941, September 2007. [RFC5156] Blanchet, M., "Special-Use IPv6 Addresses", RFC 5156, April 2008. +Appendix A. List of potentially affected RFCs + + The following RFCs that generate interface identifiers need to be + updated if they wish to avoid conflicts with the reserved interface + identifier ranges. + + o RFC2590 - Transmission of IPv6 Packets over Frame Relay Networks + + o RFC3315 - Dynamic Host Configuration Protocol for IPv6 (DHCPv6) + + o RFC3972 - Cryptographically Generated Addresses (CGA) + + o RFC4489 - A Method for Generating Link-Scoped IPv6 Multicast + Addresses + + o RFC4862 - IPv6 Stateless Address Autoconfiguration + + o RFC4941 - Privacy Extensions for Stateless Address + Autoconfiguration in IPv6 + + o RFC5072 - IP Version 6 over PPP + + o RFC4982 - Support for Multiple Hash Algorithms in CGAs + Author's Address Suresh Krishnan Ericsson 8400 Decarie Blvd. Town of Mount Royal, QC Canada Phone: +1 514 345 7900 x42871 Email: suresh.krishnan@ericsson.com