draft-ietf-v6ops-rfc7084-bis-03.txt   draft-ietf-v6ops-rfc7084-bis-04.txt 
IPv6 Operations (v6ops) J. Palet Martinez IPv6 Operations (v6ops) J. Palet Martinez
Internet-Draft Consulintel, S.L. Internet-Draft Consulintel, S.L.
Obsoletes: 7084 (if approved) June 9, 2017 Obsoletes: 7084 (if approved) June 11, 2017
Intended status: Informational Intended status: Informational
Expires: December 11, 2017 Expires: December 13, 2017
Basic Requirements for IPv6 Customer Edge Routers Basic Requirements for IPv6 Customer Edge Routers
draft-ietf-v6ops-rfc7084-bis-03 draft-ietf-v6ops-rfc7084-bis-04
Abstract Abstract
This document specifies requirements for an IPv6 Customer Edge (CE) This document specifies requirements for an IPv6 Customer Edge (CE)
router. Specifically, the current version of this document focuses router. Specifically, the current version of this document focuses
on the basic provisioning of an IPv6 CE router and the provisioning on the basic provisioning of an IPv6 CE router and the provisioning
of IPv6 hosts attached to it. The document also covers several of IPv6 hosts attached to it and the support of HNCP ([RFC7788]) for
transition technologies, as required in a world where IPv4 addresses automated provisioning of downstream routers. The document also
are no longer available, so hosts in the customer LANs with IPv4-only covers several transition technologies, as required in a world where
or IPv6-only applications or devices, requiring to communicate with IPv4 addresses are no longer available, so hosts in the customer LANs
IPv4-only services at the Internet, are able to do so. The document with IPv4-only or IPv6-only applications or devices, requiring to
obsoletes RFC 7084. communicate with IPv4-only services at the Internet, are able to do
so. The document obsoletes RFC 7084.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 11, 2017. This Internet-Draft will expire on December 13, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 19 skipping to change at page 2, line 20
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Usage Scenarios . . . . . . . . . . . . . . . . . . . . . . . 5 3. Usage Scenarios . . . . . . . . . . . . . . . . . . . . . . . 5
4. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 6 4. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 6
4.1. Current IPv4 End-User Network Architecture . . . . . . . 6 4.1. Current IPv4 End-User Network Architecture . . . . . . . 6
4.2. IPv6 End-User Network Architecture . . . . . . . . . . . 7 4.2. IPv6 End-User Network Architecture . . . . . . . . . . . 7
4.2.1. Local Communication . . . . . . . . . . . . . . . . . 8 4.2.1. Local Communication . . . . . . . . . . . . . . . . . 9
5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 9
5.1. General Requirements . . . . . . . . . . . . . . . . . . 9 5.1. General Requirements . . . . . . . . . . . . . . . . . . 9
5.2. WAN-Side Configuration . . . . . . . . . . . . . . . . . 9 5.2. WAN-Side Configuration . . . . . . . . . . . . . . . . . 10
5.3. LAN-Side Configuration . . . . . . . . . . . . . . . . . 13 5.3. LAN-Side Configuration . . . . . . . . . . . . . . . . . 14
5.4. Transition Technologies Support . . . . . . . . . . . . . 15 5.4. Transition Technologies Support . . . . . . . . . . . . . 16
5.4.1. IPv4 Service Continuity in Customer LANs . . . . . . 16 5.4.1. IPv4 Service Continuity in Customer LANs . . . . . . 16
5.4.1.1. 464XLAT . . . . . . . . . . . . . . . . . . . . . 16 5.4.1.1. 464XLAT . . . . . . . . . . . . . . . . . . . . . 16
5.4.1.2. Dual-Stack Lite (DS-Lite) . . . . . . . . . . . . 16 5.4.1.2. Dual-Stack Lite (DS-Lite) . . . . . . . . . . . . 17
5.4.1.3. Lightweight 4over6 (lw4o6) . . . . . . . . . . . 17 5.4.1.3. Lightweight 4over6 (lw4o6) . . . . . . . . . . . 18
5.4.1.4. MAP-E . . . . . . . . . . . . . . . . . . . . . . 17 5.4.1.4. MAP-E . . . . . . . . . . . . . . . . . . . . . . 18
5.4.1.5. MAP-T . . . . . . . . . . . . . . . . . . . . . . 18 5.4.1.5. MAP-T . . . . . . . . . . . . . . . . . . . . . . 19
5.4.2. Support of IPv6 in IPv4-only WAN access . . . . . . . 18 5.4.2. Support of IPv6 in IPv4-only WAN access . . . . . . . 19
5.4.2.1. 6in4 . . . . . . . . . . . . . . . . . . . . . . 18 5.4.2.1. 6in4 . . . . . . . . . . . . . . . . . . . . . . 19
5.4.2.2. 6rd . . . . . . . . . . . . . . . . . . . . . . . 20 5.4.2.2. 6rd . . . . . . . . . . . . . . . . . . . . . . . 20
5.5. IPv4 Multicast Support . . . . . . . . . . . . . . . . . 21 5.5. IPv4 Multicast Support . . . . . . . . . . . . . . . . . 22
5.6. Security Considerations . . . . . . . . . . . . . . . . . 21 5.6. Security Considerations . . . . . . . . . . . . . . . . . 22
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22
7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 23
8. ANNEX A: Code Considerations . . . . . . . . . . . . . . . . 23 8. ANNEX A: Code Considerations . . . . . . . . . . . . . . . . 23
9. ANNEX B: Changes from RFC7084 . . . . . . . . . . . . . . . . 23 9. ANNEX B: Changes from RFC7084 . . . . . . . . . . . . . . . . 24
10. ANNEX C: Changes from RFC7084-bis-00 . . . . . . . . . . . . 24 10. ANNEX C: Changes from RFC7084-bis-00 . . . . . . . . . . . . 24
11. ANNEX D: Changes from RFC7084-bis-01 . . . . . . . . . . . . 24 11. ANNEX D: Changes from RFC7084-bis-01 . . . . . . . . . . . . 25
12. ANNEX E: Changes from RFC7084-bis-02 . . . . . . . . . . . . 25 12. ANNEX E: Changes from RFC7084-bis-02 . . . . . . . . . . . . 25
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 13. ANNEX F: Changes from RFC7084-bis-03 . . . . . . . . . . . . 25
13.1. Normative References . . . . . . . . . . . . . . . . . . 25 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 26
13.2. Informative References . . . . . . . . . . . . . . . . . 30 14.1. Normative References . . . . . . . . . . . . . . . . . . 26
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 30 14.2. Informative References . . . . . . . . . . . . . . . . . 31
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 31
1. Introduction 1. Introduction
This document defines basic IPv6 features for a residential or small- This document defines basic IPv6 features for a residential or small-
office router, referred to as an "IPv6 CE router", in order to office router, referred to as an "IPv6 CE router", in order to
establish an industry baseline for features to be implemented on such establish an industry baseline for features to be implemented on such
a router. a router.
These routers typically also support IPv4, at least in the LAN side. These routers typically also support IPv4, at least in the LAN side.
This document specifies how an IPv6 CE router automatically This document specifies how an IPv6 CE router automatically
provisions its WAN interface, acquires address space for provisioning provisions its WAN interface, acquires address space for provisioning
of its LAN interfaces, and fetches other configuration information of its LAN interfaces, and fetches other configuration information
from the service provider network. Automatic provisioning of more from the service provider network. Automatic provisioning of more
complex topology than a single router with multiple LAN interfaces is complex topology than a single router with multiple LAN interfaces
out of scope for this document. In some cases, manual provisioning may be handled by means of HNCP ([RFC7788]). In some cases, manual
may be acceptable, when intended for a small number of customers. provisioning may be acceptable, when intended for a small number of
customers.
This document doesn't cover the specific details of each possible This document doesn't cover the specific details of each possible
access technology. For example, if the CE is supporting built-in or access technology. For example, if the IPv6 CE is supporting built-
external 3GPP/LTE interfaces, [RFC7849] is a relevant reference. See in or external 3GPP/LTE interfaces, [RFC7849] is a relevant
[RFC4779] for a discussion of options available for deploying IPv6 in reference. See [RFC4779] for a discussion of options available for
wireline service provider access networks. deploying IPv6 in wireline service provider access networks.
This document also covers the IP transition technologies required in This document also covers the IP transition technologies required in
a world where IPv4 addresses are no longer available, so the service a world where IPv4 addresses are no longer available, so the service
providers need to provision IPv6-only WAN access, while at the same providers need to provision IPv6-only WAN access, while at the same
time ensuring that IPv4-only or IPv6-only devices or applications in time ensuring that IPv4-only or IPv6-only devices or applications in
the customer LANs can still reach IPv4-only devices or applications the customer LANs can still reach IPv4-only devices or applications
in Internet, which still don't have IPv6 support. in Internet, which still don't have IPv6 support.
1.1. Requirements Language 1.1. Requirements Language
Take careful note: Unlike other IETF documents, the key words "MUST", Take careful note: Unlike other IETF documents, the key words "MUST",
"MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are not used as "RECOMMENDED", "MAY", and "OPTIONAL" in this document are not used as
described in RFC 2119 [RFC2119]. This document uses these keywords described in RFC 2119 [RFC2119]. This document uses these keywords
not strictly for the purpose of interoperability, but rather for the not strictly for the purpose of interoperability, but rather for the
purpose of establishing industry-common baseline functionality. As purpose of establishing industry-common baseline functionality. As
such, the document points to several other specifications (preferable such, the document points to several other specifications (preferable
in RFC or stable form) to provide additional guidance to implementers in RFC or stable form) to provide additional guidance to implementers
regarding any protocol implementation required to produce a regarding any protocol implementation required to produce a
successful CE router that interoperates successfully with a successful IPv6 CE router that interoperates successfully with a
particular subset of currently deploying and planned common IPv6 particular subset of currently deploying and planned common IPv6
access networks. access networks.
2. Terminology 2. Terminology
End-User Network one or more links attached to the IPv6 CE End-User Network one or more links attached to the IPv6 CE
router that connect IPv6 hosts. router that connect IPv6 hosts.
IPv6 Customer Edge Router a node intended for home or small-office IPv6 Customer Edge Router a node intended for home or small-office
use that forwards IPv6 packets not use that forwards IPv6 packets not
explicitly addressed to itself. The IPv6 explicitly addressed to itself. The IPv6
CE router connects the end-user network to CE router connects the end-user network to
a service provider network. In other a service provider network. In other
documents, the CE is named as CPE (Customer documents, the IPv6 CE is named as CPE
Premises Equipment or Customer Provided (Customer Premises Equipment or Customer
Equipment). In the context of this Provided Equipment). In the context of
document, both terminologies are this document, both terminologies are
synonymous. synonymous.
IPv6 Host any device implementing an IPv6 stack IPv6 Host any device implementing an IPv6 stack
receiving IPv6 connectivity through the receiving IPv6 connectivity through the
IPv6 CE router. IPv6 CE router.
LAN Interface an IPv6 CE router's attachment to a link in LAN Interface an IPv6 CE router's attachment to a link in
the end-user network. Examples are the end-user network. Examples are
Ethernet (simple or bridged), 802.11 Ethernet (simple or bridged), 802.11
wireless, or other LAN technologies. An wireless, or other LAN technologies. An
skipping to change at page 6, line 17 skipping to change at page 6, line 17
For example, an SME may have just 10 employees (micro-SME), which For example, an SME may have just 10 employees (micro-SME), which
commonly will be considered same as a SOHO, but a small SME can have commonly will be considered same as a SOHO, but a small SME can have
up to 50 employees, or 250 for a medium one. Depending on the IPv6 up to 50 employees, or 250 for a medium one. Depending on the IPv6
CE router capabilities or even how it is being configured (for CE router capabilities or even how it is being configured (for
instance, using SLAAC or DHCPv6), it may support even a higher number instance, using SLAAC or DHCPv6), it may support even a higher number
of employees if the traffic in the LANs is low, or switched by of employees if the traffic in the LANs is low, or switched by
another device(s), or the WAN bandwidth requirements are low, etc. another device(s), or the WAN bandwidth requirements are low, etc.
The actual bandwidth capabilities of access with technologies such as The actual bandwidth capabilities of access with technologies such as
FTTH, cable and even 3GPP/LTE, allows the support of such usages, and FTTH, cable and even 3GPP/LTE, allows the support of such usages, and
indeed, is a very common situation that access networks and the CE indeed, is a very common situation that access networks and the IPv6
provided by the service provider are the same for SMEs and CE provided by the service provider are the same for SMEs and
residential users. residential users.
There is also no difference in terms of who actually provides the There is also no difference in terms of who actually provides the
IPv6 CE router. In most of the cases is the service provider, and in IPv6 CE router. In most of the cases is the service provider, and in
fact is responsible, typically, of provisioning/managing at least the fact is responsible, typically, of provisioning/managing at least the
WAN side. However, commonly the user has access to configure the LAN WAN side. However, commonly the user has access to configure the LAN
interfaces, firewall, DMZ, and many other aspects. In fact, in many interfaces, firewall, DMZ, and many other aspects. In fact, in many
cases, the user must supply, or at least can replace the IPv6 CE cases, the user must supply, or at least can replace the IPv6 CE
router, which makes even more relevant that all the IPv6 CE routers, router, which makes even more relevant that all the IPv6 CE routers,
support the same requirements defined in this document. support the same requirements defined in this document.
skipping to change at page 7, line 23 skipping to change at page 7, line 23
from other routers), and advanced end-users can build arbitrary, from other routers), and advanced end-users can build arbitrary,
complex networks using manual configuration of address prefixes complex networks using manual configuration of address prefixes
combined with a dynamic routing protocol. combined with a dynamic routing protocol.
4.2. IPv6 End-User Network Architecture 4.2. IPv6 End-User Network Architecture
The end-user network architecture for IPv6 should provide equivalent The end-user network architecture for IPv6 should provide equivalent
or better capabilities and functionality than the current IPv4 or better capabilities and functionality than the current IPv4
architecture. architecture.
The end-user network is a stub network. Figure 1 illustrates the The end-user network is a stub network, in the sense that is not
model topology for the end-user network. providing transit to other external networks. However HNCP
([RFC7788]) allows support for automatic provisioning of downstream
routers. Figure 1 illustrates the model topology for the end-user
network.
+-------+-------+ \ +-------+-------+ \
| Service | \ | Service | \
| Provider | | Service | Provider | | Service
| Router | | Provider | Router | | Provider
+-------+-------+ | Network +-------+-------+ | Network
| / | /
| Customer / | Customer /
| Internet Connection / | Internet Connection /
| |
+------+--------+ \ +------+--------+ \
| IPv6 | \ | IPv6 | \
| Customer Edge | \ | Customer Edge | \
| Router | / | Router | /
+---+-------+-+-+ / +---+-------+-+-+ /
Network A | | Network B | End-User Network A | | Network B |
---+-------------+----+- --+--+-------------+--- | Network(s) ---+----------------+-+- --+---+-------------+-- |
| | | | \ | | | | \
+----+-----+ +-----+----+ +----+-----+ +-----+----+ \ +----+-----+ | +----+-----+ +-----+----+ \
|IPv6 Host | |IPv6 Host | | IPv6 Host| |IPv6 Host | / |IPv6 Host | | | IPv6 Host| |IPv6 Host | /
| | | | | | | | / | | | | | | | /
+----------+ +-----+----+ +----------+ +----------+ / +----------+ | +----------+ +----------+ /
| |
+------+--------+ | End-User
| IPv6 | | Network(s)
| Router | \
+------+--------+ \
Network C | \
---+-------------+----+- |
| | |
+----+-----+ +-----+----+ |
|IPv6 Host | |IPv6 Host | /
| | | | /
+----------+ +-----+----+ /
Figure 1: An Example of a Typical End-User Network Figure 1: An Example of a Typical End-User Network
This architecture describes the: This architecture describes the:
o Basic capabilities of an IPv6 CE router o Basic capabilities of an IPv6 CE router
o Provisioning of the WAN interface connecting to the service o Provisioning of the WAN interface connecting to the service
provider provider
o Provisioning of the LAN interfaces o Provisioning of the LAN interfaces
For IPv6 multicast traffic, the IPv6 CE router may act as a Multicast For IPv6 multicast traffic, the IPv6 CE router may act as a Multicast
Listener Discovery (MLD) proxy [RFC4605] and may support a dynamic Listener Discovery (MLD) proxy [RFC4605] and may support a dynamic
multicast routing protocol. multicast routing protocol.
The IPv6 CE router may be manually configured in an arbitrary The IPv6 CE router may be manually configured in an arbitrary
topology with a dynamic routing protocol. Automatic provisioning and topology with a dynamic routing protocol or using HNCP ([RFC7788]).
configuration is described for a single IPv6 CE router only. Automatic provisioning and configuration is described for a single
IPv6 CE router only.
4.2.1. Local Communication 4.2.1. Local Communication
Link-local IPv6 addresses are used by hosts communicating on a single Link-local IPv6 addresses are used by hosts communicating on a single
link. Unique Local IPv6 Unicast Addresses (ULAs) [RFC4193] are used link. Unique Local IPv6 Unicast Addresses (ULAs) [RFC4193] are used
by hosts communicating within the end-user network across multiple by hosts communicating within the end-user network across multiple
links, but without requiring the application to use a globally links, but without requiring the application to use a globally
routable address. The IPv6 CE router defaults to acting as the routable address. The IPv6 CE router defaults to acting as the
demarcation point between two networks by providing a ULA boundary, a demarcation point between two networks by providing a ULA boundary, a
multicast zone boundary, and ingress and egress traffic filters. multicast zone boundary, and ingress and egress traffic filters.
skipping to change at page 10, line 37 skipping to change at page 11, line 25
default router(s) and install a default route(s) in its routing default router(s) and install a default route(s) in its routing
table with the discovered router's address as the next hop. table with the discovered router's address as the next hop.
W-4: The router MUST act as a requesting router for the purposes of W-4: The router MUST act as a requesting router for the purposes of
DHCPv6 prefix delegation ([RFC3633]). DHCPv6 prefix delegation ([RFC3633]).
W-5: The IPv6 CE router MUST use a persistent DHCP Unique Identifier W-5: The IPv6 CE router MUST use a persistent DHCP Unique Identifier
(DUID) for DHCPv6 messages. The DUID MUST NOT change between (DUID) for DHCPv6 messages. The DUID MUST NOT change between
network-interface resets or IPv6 CE router reboots. network-interface resets or IPv6 CE router reboots.
W-6: The WAN interface of the CE router SHOULD support a Port W-6: The WAN interface of the IPv6 CE router SHOULD support a Port
Control Protocol (PCP) client as specified in [RFC6887] for use Control Protocol (PCP) client as specified in [RFC6887] for use
by applications on the CE router. The PCP client SHOULD follow by applications on the IPv6 CE router. The PCP client SHOULD
the procedure specified in Section 8.1 of [RFC6887] to discover follow the procedure specified in Section 8.1 of [RFC6887] to
its PCP server. This document takes no position on whether discover its PCP server. This document takes no position on
such functionality is enabled by default or mechanisms by which whether such functionality is enabled by default or mechanisms
users would configure the functionality. Handling PCP requests by which users would configure the functionality. Handling PCP
from PCP clients in the LAN side of the CE router is out of requests from PCP clients in the LAN side of the IPv6 CE router
scope. is out of scope.
Link-layer requirements: Link-layer requirements:
WLL-1: If the WAN interface supports Ethernet encapsulation, then WLL-1: If the WAN interface supports Ethernet encapsulation, then
the IPv6 CE router MUST support IPv6 over Ethernet [RFC2464]. the IPv6 CE router MUST support IPv6 over Ethernet [RFC2464].
WLL-2: If the WAN interface supports PPP encapsulation, the IPv6 CE WLL-2: If the WAN interface supports PPP encapsulation, the IPv6 CE
router MUST support IPv6 over PPP [RFC5072]. router MUST support IPv6 over PPP [RFC5072].
WLL-3: If the WAN interface supports PPP encapsulation, in a dual- WLL-3: If the WAN interface supports PPP encapsulation, in a dual-
skipping to change at page 11, line 35 skipping to change at page 12, line 24
WAA-4: The IPv6 CE router MUST be able to support the following WAA-4: The IPv6 CE router MUST be able to support the following
DHCPv6 options: Identity Association for Non-temporary DHCPv6 options: Identity Association for Non-temporary
Address (IA_NA), Reconfigure Accept [RFC3315], and Address (IA_NA), Reconfigure Accept [RFC3315], and
DNS_SERVERS [RFC3646]. The IPv6 CE router SHOULD be able to DNS_SERVERS [RFC3646]. The IPv6 CE router SHOULD be able to
support the DNS Search List (DNSSL) option as specified in support the DNS Search List (DNSSL) option as specified in
[RFC3646]. [RFC3646].
WAA-5: The IPv6 CE router SHOULD implement the Network Time WAA-5: The IPv6 CE router SHOULD implement the Network Time
Protocol (NTP) as specified in [RFC5905] to provide a time Protocol (NTP) as specified in [RFC5905] to provide a time
reference common to the service provider for other reference common to the service provider for other
protocols, such as DHCPv6, to use. If the CE router protocols, such as DHCPv6, to use. If the IPv6 CE router
implements NTP, it requests the NTP Server DHCPv6 option implements NTP, it requests the NTP Server DHCPv6 option
[RFC5908] and uses the received list of servers as primary [RFC5908] and uses the received list of servers as primary
time reference, unless explicitly configured otherwise. LAN time reference, unless explicitly configured otherwise. LAN
side support of NTP is out of scope for this document. side support of NTP is out of scope for this document.
WAA-6: If the IPv6 CE router receives a Router Advertisement WAA-6: If the IPv6 CE router receives a Router Advertisement
message (described in [RFC4861]) with the M flag set to 1, message (described in [RFC4861]) with the M flag set to 1,
the IPv6 CE router MUST do DHCPv6 address assignment the IPv6 CE router MUST do DHCPv6 address assignment
(request an IA_NA option). (request an IA_NA option).
WAA-7: If the IPv6 CE router does not acquire a global IPv6 WAA-7: If the IPv6 CE router does not acquire a global IPv6
address(es) from either SLAAC or DHCPv6, then it MUST create address(es) from either SLAAC or DHCPv6, then it MUST create
a global IPv6 address(es) from its delegated prefix(es) and a global IPv6 address(es) from its delegated prefix(es) and
configure those on one of its internal virtual network configure those on one of its internal virtual network
interfaces, unless configured to require a global IPv6 interfaces, unless configured to require a global IPv6
address on the WAN interface. address on the WAN interface.
WAA-8: The CE router MUST support the SOL_MAX_RT option [RFC7083] WAA-8: The IPv6 CE router MUST support the SOL_MAX_RT option
and request the SOL_MAX_RT option in an Option Request [RFC7083] and request the SOL_MAX_RT option in an Option
Option (ORO). Request Option (ORO).
WAA-9: As a router, the IPv6 CE router MUST follow the weak host WAA-9: As a router, the IPv6 CE router MUST follow the weak host
(Weak End System) model [RFC1122]. When originating packets (Weak End System) model [RFC1122]. When originating packets
from an interface, it will use a source address from another from an interface, it will use a source address from another
one of its interfaces if the outgoing interface does not one of its interfaces if the outgoing interface does not
have an address of suitable scope. have an address of suitable scope.
WAA-10: The IPv6 CE router SHOULD implement the Information Refresh WAA-10: The IPv6 CE router SHOULD implement the Information Refresh
Time option and associated client behavior as specified in Time option and associated client behavior as specified in
[RFC4242]. [RFC4242].
skipping to change at page 12, line 41 skipping to change at page 13, line 31
WPD-3: The IPv6 CE router MUST be prepared to accept a delegated WPD-3: The IPv6 CE router MUST be prepared to accept a delegated
prefix size different from what is given in the hint. If the prefix size different from what is given in the hint. If the
delegated prefix is too small to address all of its delegated prefix is too small to address all of its
interfaces, the IPv6 CE router SHOULD log a system management interfaces, the IPv6 CE router SHOULD log a system management
error. [RFC6177] covers the recommendations for service error. [RFC6177] covers the recommendations for service
providers for prefix allocation sizes. providers for prefix allocation sizes.
WPD-4: By default, the IPv6 CE router MUST initiate DHCPv6 prefix WPD-4: By default, the IPv6 CE router MUST initiate DHCPv6 prefix
delegation when either the M or O flags are set to 1 in a delegation when either the M or O flags are set to 1 in a
received Router Advertisement (RA) message. Behavior of the received Router Advertisement (RA) message. Behavior of the
CE router to use DHCPv6 prefix delegation when the CE router IPv6 CE router to use DHCPv6 prefix delegation when the IPv6
has not received any RA or received an RA with the M and the CE router has not received any RA or received an RA with the
O bits set to zero is out of scope for this document. M and the O bits set to zero is out of scope for this
document.
WPD-5: Any packet received by the CE router with a destination WPD-5: Any packet received by the IPv6 CE router with a destination
address in the prefix(es) delegated to the CE router but not address in the prefix(es) delegated to the IPv6 CE router but
in the set of prefixes assigned by the CE router to the LAN not in the set of prefixes assigned by the IPv6 CE router to
must be dropped. In other words, the next hop for the the LAN must be dropped. In other words, the next hop for
prefix(es) delegated to the CE router should be the null the prefix(es) delegated to the IPv6 CE router should be the
destination. This is necessary to prevent forwarding loops null destination. This is necessary to prevent forwarding
when some addresses covered by the aggregate are not loops when some addresses covered by the aggregate are not
reachable [RFC4632]. reachable [RFC4632].
(a) The IPv6 CE router SHOULD send an ICMPv6 Destination (a) The IPv6 CE router SHOULD send an ICMPv6 Destination
Unreachable message in accordance with Section 3.1 of Unreachable message in accordance with Section 3.1 of
[RFC4443] back to the source of the packet, if the [RFC4443] back to the source of the packet, if the
packet is to be dropped due to this rule. packet is to be dropped due to this rule.
WPD-6: If the IPv6 CE router requests both an IA_NA and an IA_PD WPD-6: If the IPv6 CE router requests both an IA_NA and an IA_PD
option in DHCPv6, it MUST accept an IA_PD option in DHCPv6 option in DHCPv6, it MUST accept an IA_PD option in DHCPv6
Advertise/Reply messages, even if the message does not Advertise/Reply messages, even if the message does not
skipping to change at page 16, line 12 skipping to change at page 16, line 47
IPv6-only or dual-stack in the WAN. Consequently, transition IPv6-only or dual-stack in the WAN. Consequently, transition
technologies to resolve both issues should be taken in consideration. technologies to resolve both issues should be taken in consideration.
5.4.1. IPv4 Service Continuity in Customer LANs 5.4.1. IPv4 Service Continuity in Customer LANs
5.4.1.1. 464XLAT 5.4.1.1. 464XLAT
464XLAT [RFC6877] is a technique to provide IPv4 access service to 464XLAT [RFC6877] is a technique to provide IPv4 access service to
IPv6-only edge networks without encapsulation. IPv6-only edge networks without encapsulation.
The CE router SHOULD support CLAT functionality. If 464XLAT is The IPv6 CE router SHOULD support CLAT functionality. If 464XLAT is
supported, it MUST be implemented according to [RFC6877]. The supported, it MUST be implemented according to [RFC6877]. The
following CE Requirements also apply: following CE Requirements also apply:
464XLAT requirements: 464XLAT requirements:
464XLAT-1: The IPv6 CE router MUST perform IPv4 Network Address 464XLAT-1: The IPv6 CE router MUST perform IPv4 Network Address
Translation (NAT) on IPv4 traffic translated using the Translation (NAT) on IPv4 traffic translated using the
CLAT, unless a dedicated /64 prefix has been acquired CLAT, unless a dedicated /64 prefix has been acquired
using DHCPv6-PD [RFC3633]. using DHCPv6-PD [RFC3633].
464XLAT-2: The CE router MUST implement [RFC7050] in order to 464XLAT-2: The IPv6 CE router MUST implement [RFC7050] in order to
discover the PLAT-side translation IPv4 and IPv6 discover the PLAT-side translation IPv4 and IPv6
prefix(es)/suffix(es). In environments with PCP support, prefix(es)/suffix(es). In environments with PCP support,
the CE SHOULD follow [RFC7225] to learn the PLAT-side the IPv6 CE SHOULD follow [RFC7225] to learn the PLAT-
translation IPv4 and IPv6 prefix(es)/suffix(es) used by side translation IPv4 and IPv6 prefix(es)/suffix(es) used
an upstream PCP-controlled NAT64 device. by an upstream PCP-controlled NAT64 device.
5.4.1.2. Dual-Stack Lite (DS-Lite) 5.4.1.2. Dual-Stack Lite (DS-Lite)
Dual-Stack Lite [RFC6333] enables both continued support for IPv4 Dual-Stack Lite [RFC6333] enables both continued support for IPv4
services and incentives for the deployment of IPv6. It also services and incentives for the deployment of IPv6. It also
de-couples IPv6 deployment in the service provider network from the de-couples IPv6 deployment in the service provider network from the
rest of the Internet, making incremental deployment easier. Dual- rest of the Internet, making incremental deployment easier. Dual-
Stack Lite enables a broadband service provider to share IPv4 Stack Lite enables a broadband service provider to share IPv4
addresses among customers by combining two well-known technologies: addresses among customers by combining two well-known technologies:
IP in IP (IPv4-in-IPv6) and Network Address Translation (NAT). It is IP in IP (IPv4-in-IPv6) and Network Address Translation (NAT). It is
expected that DS-Lite traffic is forwarded over the CE router's expected that DS-Lite traffic is forwarded over the IPv6 CE router's
native IPv6 WAN interface, and not encapsulated in another tunnel. native IPv6 WAN interface, and not encapsulated in another tunnel.
The IPv6 CE router SHOULD implement DS-Lite functionality. If The IPv6 CE router SHOULD implement DS-Lite functionality. If
DS-Lite is supported, it MUST be implemented according to [RFC6333]. DS-Lite is supported, it MUST be implemented according to [RFC6333].
This document takes no position on simultaneous operation of Dual- This document takes no position on simultaneous operation of Dual-
Stack Lite and native IPv4. The following CE router requirements Stack Lite and native IPv4. The following IPv6 CE router
also apply: requirements also apply:
DS-Lite requirements: DS-Lite requirements:
DSLITE-1: The CE router MUST support configuration of DS-Lite via DSLITE-1: The IPv6 CE router MUST support configuration of DS-Lite
the DS-Lite DHCPv6 option [RFC6334]. The IPv6 CE router via the DS-Lite DHCPv6 option [RFC6334]. The IPv6 CE
MAY use other mechanisms to configure DS-Lite parameters. router MAY use other mechanisms to configure DS-Lite
parameters. Such mechanisms are outside the scope of this
Such mechanisms are outside the scope of this document. document.
DSLITE-2: The CE router MUST support the DHCPv6 S46 priority option DSLITE-2: The IPv6 CE router MUST support the DHCPv6 S46 priority
described in [RFC8026]. option described in [RFC8026].
DSLITE-3: The IPv6 CE router MUST NOT perform IPv4 Network Address DSLITE-3: The IPv6 CE router MUST NOT perform IPv4 Network Address
Translation (NAT) on IPv4 traffic encapsulated using DS- Translation (NAT) on IPv4 traffic encapsulated using DS-
Lite. Lite.
DSLITE-4: If the IPv6 CE router is configured with an IPv4 address DSLITE-4: If the IPv6 CE router is configured with an IPv4 address
on its WAN interface, then the IPv6 CE router SHOULD on its WAN interface, then the IPv6 CE router SHOULD
disable the DS-Lite Basic Bridging BroadBand (B4) element. disable the DS-Lite Basic Bridging BroadBand (B4) element.
5.4.1.3. Lightweight 4over6 (lw4o6) 5.4.1.3. Lightweight 4over6 (lw4o6)
skipping to change at page 17, line 30 skipping to change at page 18, line 17
Lw4o6 [RFC7596] specifies an extension to DS-Lite, which moves the Lw4o6 [RFC7596] specifies an extension to DS-Lite, which moves the
NAPT function from the DS-Lite tunnel concentrator to the tunnel NAPT function from the DS-Lite tunnel concentrator to the tunnel
client located in the IPv6 CE router, removing the requirement for a client located in the IPv6 CE router, removing the requirement for a
CGN function in the tunnel concentrator and reducing the amount of CGN function in the tunnel concentrator and reducing the amount of
centralized state. centralized state.
The IPv6 CE router SHOULD implement lw4o6 functionality. If DS-Lite The IPv6 CE router SHOULD implement lw4o6 functionality. If DS-Lite
is implemented, lw4o6 MUST be supported as well. If lw4o6 is is implemented, lw4o6 MUST be supported as well. If lw4o6 is
supported, it MUST be implemented according to [RFC7596]. This supported, it MUST be implemented according to [RFC7596]. This
document takes no position on simultaneous operation of lw4o6 and document takes no position on simultaneous operation of lw4o6 and
native IPv4. The following CE router Requirements also apply: native IPv4. The following IPv6 CE router Requirements also apply:
Lw4o6 requirements: Lw4o6 requirements:
LW4O6-1: The CE router MUST support configuration of lw4o6 via the LW4O6-1: The IPv6 CE router MUST support configuration of lw4o6 via
lw4o6 DHCPv6 options [RFC7598]. The IPv6 CE router MAY use the lw4o6 DHCPv6 options [RFC7598]. The IPv6 CE router MAY
other mechanisms to configure lw4o6 parameters. Such use other mechanisms to configure lw4o6 parameters. Such
mechanisms are outside the scope of this document. mechanisms are outside the scope of this document.
LW4O6-2: The CE router MUST support the DHCPv6 S46 priority option LW4O6-2: The IPv6 CE router MUST support the DHCPv6 S46 priority
described in [RFC8026]. option described in [RFC8026].
LW4O6-3: The CE router MUST support the DHCPv4-over-DHCPv6 (DHCP LW4O6-3: The IPv6 CE router MUST support the DHCPv4-over-DHCPv6
4o6) transport described in [RFC7341]. (DHCP 4o6) transport described in [RFC7341].
LW4O6-4: The CE router MAY support Dynamic Allocation of Shared IPv4 LW4O6-4: The IPv6 CE router MAY support Dynamic Allocation of Shared
Addresses as described in [RFC7618]. IPv4 Addresses as described in [RFC7618].
5.4.1.4. MAP-E 5.4.1.4. MAP-E
MAP-E [RFC7597] is a mechanism for transporting IPv4 packets across MAP-E [RFC7597] is a mechanism for transporting IPv4 packets across
an IPv6 network using IP encapsulation, including a generic mechanism an IPv6 network using IP encapsulation, including a generic mechanism
for mapping between IPv6 addresses and IPv4 addresses as well as for mapping between IPv6 addresses and IPv4 addresses as well as
transport-layer ports. transport-layer ports.
The CE router SHOULD support MAP-E functionality. If MAP-E is The IPv6 CE router SHOULD support MAP-E functionality. If MAP-E is
supported, it MUST be implemented according to [RFC7597]. The supported, it MUST be implemented according to [RFC7597]. The
following CE Requirements also apply: following CE Requirements also apply:
MAP-E requirements: MAP-E requirements:
MAPE-1: The CE router MUST support configuration of MAP-E via the MAPE-1: The IPv6 CE router MUST support configuration of MAP-E via
MAP-E DHCPv6 options [RFC7598]. The IPv6 CE router MAY use the MAP-E DHCPv6 options [RFC7598]. The IPv6 CE router MAY
other mechanisms to configure MAP-E parameters. Such use other mechanisms to configure MAP-E parameters. Such
mechanisms are outside the scope of this document. mechanisms are outside the scope of this document.
MAPE-2: The CE router MUST support the DHCPv6 S46 priority option MAPE-2: The IPv6 CE router MUST support the DHCPv6 S46 priority
described in [RFC8026]. option described in [RFC8026].
5.4.1.5. MAP-T 5.4.1.5. MAP-T
MAP-T [RFC7599] is a mechanism similar to MAP-E, differing from it in MAP-T [RFC7599] is a mechanism similar to MAP-E, differing from it in
that MAP-T uses IPv4-IPv6 translation, rather than encapsulation, as that MAP-T uses IPv4-IPv6 translation, rather than encapsulation, as
the form of IPv6 domain transport. the form of IPv6 domain transport.
The CE router SHOULD support MAP-T functionality. If MAP-T is The IPv6 CE router SHOULD support MAP-T functionality. If MAP-T is
supported, it MUST be implemented according to [RFC7599]. The supported, it MUST be implemented according to [RFC7599]. The
following CE Requirements also apply: following IPv6 CE Requirements also apply:
MAP-T requirements: MAP-T requirements:
MAPT-1: The CE router MUST support configuration of MAP-T via the MAPT-1: The CE router MUST support configuration of MAP-T via the
MAP-E DHCPv6 options [RFC7598]. The IPv6 CE router MAY use MAP-E DHCPv6 options [RFC7598]. The IPv6 CE router MAY use
other mechanisms to configure MAP-E parameters. Such other mechanisms to configure MAP-E parameters. Such
mechanisms are outside the scope of this document. mechanisms are outside the scope of this document.
MAPT-2: The CE router MUST support the DHCPv6 S46 priority option MAPT-2: The IPv6 CE router MUST support the DHCPv6 S46 priority
described in [RFC8026]. option described in [RFC8026].
5.4.2. Support of IPv6 in IPv4-only WAN access 5.4.2. Support of IPv6 in IPv4-only WAN access
5.4.2.1. 6in4 5.4.2.1. 6in4
6in4 [RFC4213] specifies a tunneling mechanism to allow end-users to 6in4 [RFC4213] specifies a tunneling mechanism to allow end-users to
manually configure IPv6 support via a service provider's IPv4 network manually configure IPv6 support via a service provider's IPv4 network
infrastructure. infrastructure.
The CE router MAY support 6in4 functionality. 6in4 used for a The IPv6 CE router MAY support 6in4 functionality. 6in4 used for a
manually configured tunnel requires a subset of the 6rd parameters manually configured tunnel requires a subset of the 6rd parameters
(delegated prefix and remote IPv4 end-point). The on-wire and (delegated prefix and remote IPv4 end-point). The on-wire and
forwarding plane is identical for both mechanisms, however 6in4 forwarding plane is identical for both mechanisms, however 6in4
doesn't support mesh traffic and requires manually provisioning. doesn't support mesh traffic and requires manually provisioning.
Thus, if the device supports either 6rd or 6in4, it's commonly a Thus, if the device supports either 6rd or 6in4, it's commonly a
minor UI addition to support both. If 6in4 is supported, it MUST be minor UI addition to support both. If 6in4 is supported, it MUST be
implemented according to [RFC4213]. The following CE Requirements implemented according to [RFC4213]. The following CE Requirements
also apply: also apply:
6in4 requirements: 6in4 requirements:
6IN4-1: The IPv6 CE router SHOULD support 6in4 automated 6IN4-1: The IPv6 CE router SHOULD support 6in4 automated
configuration by means of the 6rd DHCPv4 Option 212. If the configuration by means of the 6rd DHCPv4 Option 212. If the
CE router has obtained an IPv4 network address through some IPv6 CE router has obtained an IPv4 network address through
other means such as PPP, it SHOULD use the DHCPINFORM some other means such as PPP, it SHOULD use the DHCPINFORM
request message [RFC2131] to request the 6rd DHCPv4 Option. request message [RFC2131] to request the 6rd DHCPv4 Option.
The IPv6 CE router MAY use other mechanisms to configure The IPv6 CE router MAY use other mechanisms to configure
6in4 parameters. Such mechanisms are outside the scope of 6in4 parameters. Such mechanisms are outside the scope of
this document. this document.
6IN4-2: If the IPv6 CE router is capable of automated configuration 6IN4-2: If the IPv6 CE router is capable of automated configuration
of IPv4 through IPCP (i.e., over a PPP connection), it MUST of IPv4 through IPCP (i.e., over a PPP connection), it MUST
support user-entered configuration of 6in4. support user-entered configuration of 6in4.
6IN4-3: If the CE router supports configuration mechanisms other 6IN4-3: If the IPv6 CE router supports configuration mechanisms
than the 6rd DHCPv4 Option 212 (user-entered, TR-069 other than the 6rd DHCPv4 Option 212 (user-entered, TR-069
[TR-069], etc.), the CE router MUST support 6in4 in "hub and [TR-069], etc.), the IPv6 CE router MUST support 6in4 in
spoke" mode. 6in4 in "hub and spoke" requires all IPv6 "hub and spoke" mode. 6in4 in "hub and spoke" requires all
traffic to go to the 6rd Border Relay, which in this case is IPv6 traffic to go to the 6rd Border Relay, which in this
the tunnel-end-point. In effect, this requirement removes case is the tunnel-end-point. In effect, this requirement
the "direct connect to 6rd" route defined in Section 7.1.1 removes the "direct connect to 6rd" route defined in
of [RFC5969]. Section 7.1.1 of [RFC5969].
6IN4-4: A CE router MUST allow 6in4 and native IPv6 WAN interfaces 6IN4-4: The IPv6 CE router MUST allow 6in4 and native IPv6 WAN
to be active alone as well as simultaneously in order to interfaces to be active alone as well as simultaneously in
support coexistence of the two technologies during an order to support coexistence of the two technologies during
incremental transition period such as a transition from 6in4 an incremental transition period such as a transition from
to native IPv6. 6in4 to native IPv6.
6IN4-5: Each packet sent on a 6in4 or native WAN interface MUST be 6IN4-5: Each packet sent on a 6in4 or native WAN interface MUST be
directed such that its source IP address is derived from the directed such that its source IP address is derived from the
delegated prefix associated with the particular interface delegated prefix associated with the particular interface
from which the packet is being sent (Section 4.3 of from which the packet is being sent (Section 4.3 of
[RFC3704]). [RFC3704]).
6IN4-6: The CE router MUST allow different as well as identical 6IN4-6: The IPv6 CE router MUST allow different as well as identical
delegated prefixes to be configured via each (6in4 or delegated prefixes to be configured via each (6in4 or
native) WAN interface. native) WAN interface.
6IN4-7: In the event that forwarding rules produce a tie between 6IN4-7: In the event that forwarding rules produce a tie between
6in4 and native IPv6, by default, the IPv6 CE router MUST 6in4 and native IPv6, by default, the IPv6 CE router MUST
prefer native IPv6. prefer native IPv6.
5.4.2.2. 6rd 5.4.2.2. 6rd
6rd [RFC5969] specifies an automatic tunneling mechanism tailored to 6rd [RFC5969] specifies an automatic tunneling mechanism tailored to
advance deployment of IPv6 to end users via a service provider's IPv4 advance deployment of IPv6 to end users via a service provider's IPv4
network infrastructure. Key aspects include automatic IPv6 prefix network infrastructure. Key aspects include automatic IPv6 prefix
delegation to sites, stateless operation, simple provisioning, and delegation to sites, stateless operation, simple provisioning, and
service that is equivalent to native IPv6 at the sites that are service that is equivalent to native IPv6 at the sites that are
served by the mechanism. It is expected that such traffic is served by the mechanism. It is expected that such traffic is
forwarded over the CE router's native IPv4 WAN interface and not forwarded over the IPv6 CE router's native IPv4 WAN interface and not
encapsulated in another tunnel. encapsulated in another tunnel.
The CE router MAY support 6rd functionality. If 6rd is supported, it The IPv6 CE router MAY support 6rd functionality. If 6rd is
MUST be implemented according to [RFC5969]. The following CE supported, it MUST be implemented according to [RFC5969]. The
Requirements also apply: following CE Requirements also apply:
6rd requirements: 6rd requirements:
6RD-1: The IPv6 CE router MUST support 6rd configuration via the 6rd 6RD-1: The IPv6 CE router MUST support 6rd configuration via the 6rd
DHCPv4 Option 212. If the CE router has obtained an IPv4 DHCPv4 Option 212. If the IPv6 CE router has obtained an
network address through some other means such as PPP, it IPv4 network address through some other means such as PPP, it
SHOULD use the DHCPINFORM request message [RFC2131] to SHOULD use the DHCPINFORM request message [RFC2131] to
request the 6rd DHCPv4 Option. The IPv6 CE router MAY use request the 6rd DHCPv4 Option. The IPv6 CE router MAY use
other mechanisms to configure 6rd parameters. Such other mechanisms to configure 6rd parameters. Such
mechanisms are outside the scope of this document. mechanisms are outside the scope of this document.
6RD-2: If the IPv6 CE router is capable of automated configuration 6RD-2: If the IPv6 CE router is capable of automated configuration
of IPv4 through IPCP (i.e., over a PPP connection), it MUST of IPv4 through IPCP (i.e., over a PPP connection), it MUST
support user-entered configuration of 6rd. support user-entered configuration of 6rd.
6RD-3: If the CE router supports configuration mechanisms other than 6RD-3: If the IPv6 CE router supports configuration mechanisms other
the 6rd DHCPv4 Option 212 (user-entered, TR-069 [TR-069], than the 6rd DHCPv4 Option 212 (user-entered, TR-069
etc.), the CE router MUST support 6rd in "hub and spoke" [TR-069], etc.), the IPv6 CE router MUST support 6rd in "hub
mode. 6rd in "hub and spoke" requires all IPv6 traffic to go and spoke" mode. 6rd in "hub and spoke" requires all IPv6
to the 6rd Border Relay. In effect, this requirement removes traffic to go to the 6rd Border Relay. In effect, this
the "direct connect to 6rd" route defined in Section 7.1.1 of requirement removes the "direct connect to 6rd" route defined
[RFC5969]. in Section 7.1.1 of [RFC5969].
6RD-4: A CE router MUST allow 6rd and native IPv6 WAN interfaces to 6RD-4: The IPv6 CE router MUST allow 6rd and native IPv6 WAN
be active alone as well as simultaneously in order to support interfaces to be active alone as well as simultaneously in
coexistence of the two technologies during an incremental order to support coexistence of the two technologies during
transition period such as a transition from 6rd to native an incremental transition period such as a transition from
IPv6. 6rd to native IPv6.
6RD-5: Each packet sent on a 6rd or native WAN interface MUST be 6RD-5: Each packet sent on a 6rd or native WAN interface MUST be
directed such that its source IP address is derived from the directed such that its source IP address is derived from the
delegated prefix associated with the particular interface delegated prefix associated with the particular interface
from which the packet is being sent (Section 4.3 of from which the packet is being sent (Section 4.3 of
[RFC3704]). [RFC3704]).
6RD-6: The CE router MUST allow different as well as identical 6RD-6: The IPv6 CE router MUST allow different as well as identical
delegated prefixes to be configured via each (6rd or native) delegated prefixes to be configured via each (6rd or native)
WAN interface. WAN interface.
6RD-7: In the event that forwarding rules produce a tie between 6rd 6RD-7: In the event that forwarding rules produce a tie between 6rd
and native IPv6, by default, the IPv6 CE router MUST prefer and native IPv6, by default, the IPv6 CE router MUST prefer
native IPv6. native IPv6.
5.5. IPv4 Multicast Support 5.5. IPv4 Multicast Support
Actual deployments support IPv4 multicast for services such as IPTV. Actual deployments support IPv4 multicast for services such as IPTV.
In the transition phase it is expected that multicast services will In the transition phase it is expected that multicast services will
still be provided using IPv4 to the customer LANs. still be provided using IPv4 to the customer LANs.
In order to support the delivery of IPv4 multicast services to IPv4 In order to support the delivery of IPv4 multicast services to IPv4
clients over an IPv6 multicast network, the CE router SHOULD support clients over an IPv6 multicast network, the IPv6 CE router SHOULD
[RFC8114] and [RFC8115]. support [RFC8114] and [RFC8115].
5.6. Security Considerations 5.6. Security Considerations
It is considered a best practice to filter obviously malicious It is considered a best practice to filter obviously malicious
traffic (e.g., spoofed packets, "Martian" addresses, etc.). Thus, traffic (e.g., spoofed packets, "Martian" addresses, etc.). Thus,
the IPv6 CE router ought to support basic stateless egress and the IPv6 CE router ought to support basic stateless egress and
ingress filters. The CE router is also expected to offer mechanisms ingress filters. The IPv6 CE router is also expected to offer
to filter traffic entering the customer network; however, the method mechanisms to filter traffic entering the customer network; however,
by which vendors implement configurable packet filtering is beyond the method by which vendors implement configurable packet filtering
the scope of this document. is beyond the scope of this document.
Security requirements: Security requirements:
S-1: The IPv6 CE router SHOULD support [RFC6092]. In particular, S-1: The IPv6 CE router SHOULD support [RFC6092]. In particular,
the IPv6 CE router SHOULD support functionality sufficient for the IPv6 CE router SHOULD support functionality sufficient for
implementing the set of recommendations in [RFC6092], implementing the set of recommendations in [RFC6092],
Section 4. This document takes no position on whether such Section 4. This document takes no position on whether such
functionality is enabled by default or mechanisms by which functionality is enabled by default or mechanisms by which
users would configure it. users would configure it.
S-2: The IPv6 CE router SHOULD support ingress filtering in S-2: The IPv6 CE router SHOULD support ingress filtering in
accordance with BCP 38 [RFC2827]. Note that this requirement accordance with BCP 38 [RFC2827]. Note that this requirement
was downgraded from a MUST from RFC 6204 due to the difficulty was downgraded from a MUST from RFC 6204 due to the difficulty
of implementation in the CE router and the feature's redundancy of implementation in the IPv6 CE router and the feature's
with upstream router ingress filtering. redundancy with upstream router ingress filtering.
S-3: If the IPv6 CE router firewall is configured to filter incoming S-3: If the IPv6 CE router firewall is configured to filter incoming
tunneled data, the firewall SHOULD provide the capability to tunneled data, the firewall SHOULD provide the capability to
filter decapsulated packets from a tunnel. filter decapsulated packets from a tunnel.
6. Acknowledgements 6. Acknowledgements
Thanks to James Woodyatt, Mohamed Boucadair, Masanobu Kawashima, Thanks to James Woodyatt, Mohamed Boucadair, Masanobu Kawashima,
Mikael Abrahamsson, Barbara Stark and Ole Troan for their review and Mikael Abrahamsson, Barbara Stark, Ole Troan and Brian Carpenter for
comments. their review and comments.
This document is an update of RFC7084, whose original authors were: This document is an update of RFC7084, whose original authors were:
Hemant Singh, Wes Beebee, Chris Donley and Barbara Stark. The rest Hemant Singh, Wes Beebee, Chris Donley and Barbara Stark. The rest
of the text on this section and the Contributors section, are the of the text on this section and the Contributors section, are the
original acknowledgements and Contributors sections of the earlier original acknowledgements and Contributors sections of the earlier
version of this document. version of this document.
Thanks to the following people (in alphabetical order) for their Thanks to the following people (in alphabetical order) for their
guidance and feedback: guidance and feedback:
skipping to change at page 24, line 35 skipping to change at page 25, line 22
8. Included non-normative reference to [RFC7849] to clarify that the 8. Included non-normative reference to [RFC7849] to clarify that the
details of the connectivity to 3GPP/LTE networks is out of the details of the connectivity to 3GPP/LTE networks is out of the
scope. scope.
9. Split of transition in two sub-sections for the sake of clarity. 9. Split of transition in two sub-sections for the sake of clarity.
11. ANNEX D: Changes from RFC7084-bis-01 11. ANNEX D: Changes from RFC7084-bis-01
Section to be removed for WGLC. Significant updates are: Section to be removed for WGLC. Significant updates are:
1. G-5 added in order to comply with [RFC7608]. 1. G-6 added in order to comply with [RFC7608].
2. LW4O6-5 removed. 2. LW4O6-5 removed.
3. MAPE-3 removed. 3. MAPE-3 removed.
4. MAPT-3 removed. 4. MAPT-3 removed.
5. Included non-normative reference to [RFC7849] to clarify that the 5. Included non-normative reference to [RFC7849] to clarify that the
details of the connectivity to 3GPP/LTE networks is out of the details of the connectivity to 3GPP/LTE networks is out of the
scope. scope.
skipping to change at page 25, line 13 skipping to change at page 25, line 44
6. Split of transition in two sub-sections for the sake of clarity. 6. Split of transition in two sub-sections for the sake of clarity.
12. ANNEX E: Changes from RFC7084-bis-02 12. ANNEX E: Changes from RFC7084-bis-02
Section to be removed for WGLC. Significant updates are: Section to be removed for WGLC. Significant updates are:
1. LW4O6-5 removed, was a mistake due to copy-paste from DS-LITE. 1. LW4O6-5 removed, was a mistake due to copy-paste from DS-LITE.
2. Removed citation to individual I-Ds for DHCPv6 options. 2. Removed citation to individual I-Ds for DHCPv6 options.
13. References 13. ANNEX F: Changes from RFC7084-bis-03
13.1. Normative References Section to be removed for WGLC. Significant updates are:
1. Clarifications on text regarding downstream routers support.
14. References
14.1. Normative References
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122, Communication Layers", STD 3, RFC 1122,
DOI 10.17487/RFC1122, October 1989, DOI 10.17487/RFC1122, October 1989,
<http://www.rfc-editor.org/info/rfc1122>. <http://www.rfc-editor.org/info/rfc1122>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 30, line 21 skipping to change at page 31, line 10
Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients
over an IPv6 Multicast Network", RFC 8114, over an IPv6 Multicast Network", RFC 8114,
DOI 10.17487/RFC8114, March 2017, DOI 10.17487/RFC8114, March 2017,
<http://www.rfc-editor.org/info/rfc8114>. <http://www.rfc-editor.org/info/rfc8114>.
[RFC8115] Boucadair, M., Qin, J., Tsou, T., and X. Deng, "DHCPv6 [RFC8115] Boucadair, M., Qin, J., Tsou, T., and X. Deng, "DHCPv6
Option for IPv4-Embedded Multicast and Unicast IPv6 Option for IPv4-Embedded Multicast and Unicast IPv6
Prefixes", RFC 8115, DOI 10.17487/RFC8115, March 2017, Prefixes", RFC 8115, DOI 10.17487/RFC8115, March 2017,
<http://www.rfc-editor.org/info/rfc8115>. <http://www.rfc-editor.org/info/rfc8115>.
13.2. Informative References 14.2. Informative References
[RFC7157] Troan, O., Ed., Miles, D., Matsushima, S., Okimoto, T., [RFC7157] Troan, O., Ed., Miles, D., Matsushima, S., Okimoto, T.,
and D. Wing, "IPv6 Multihoming without Network Address and D. Wing, "IPv6 Multihoming without Network Address
Translation", RFC 7157, DOI 10.17487/RFC7157, March 2014, Translation", RFC 7157, DOI 10.17487/RFC7157, March 2014,
<http://www.rfc-editor.org/info/rfc7157>. <http://www.rfc-editor.org/info/rfc7157>.
[RFC7550] Troan, O., Volz, B., and M. Siodelski, "Issues and [RFC7550] Troan, O., Volz, B., and M. Siodelski, "Issues and
Recommendations with Multiple Stateful DHCPv6 Options", Recommendations with Multiple Stateful DHCPv6 Options",
RFC 7550, DOI 10.17487/RFC7550, May 2015, RFC 7550, DOI 10.17487/RFC7550, May 2015,
<http://www.rfc-editor.org/info/rfc7550>. <http://www.rfc-editor.org/info/rfc7550>.
 End of changes. 65 change blocks. 
161 lines changed or deleted 188 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/