3769
INFORMATIONAL
Requirements for IPv6 Prefix Delegation
Authors: S. Miyakawa, R. Droms
Date: June 2004
Area: int
Working Group: ipv6
Stream: IETF
Abstract
This document describes requirements for how IPv6 address prefixes should be delegated to an IPv6 subscriber's network (or "site"). This memo provides information for the Internet community.
RFC 3769
INFORMATIONAL
Network Working Group S. Miyakawa
Request for Comments: 3769 NTT Communications Corporation
Category: Informational R. Droms
Cisco
June 2004
<span class="h1">Requirements for IPv6 Prefix Delegation</span>
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2004).
Abstract
This document describes requirements for how IPv6 address prefixes
should be delegated to an IPv6 subscriber's network (or "site").
<span class="h2"><a class="selflink" id="section-1" href="#section-1">1</a>. Introduction</span>
With the deployment of IPv6 [<a href="#ref-1" title=""Internet Protocol, Version 6 (IPv6) Specification"">1</a>], several Internet Service Providers
are ready to offer IPv6 access to the public. In conjunction with
widely deployed "always on" media such as ADSL and the expectation
that customers will be assigned a /48 IPv6 unicast address prefix
(see <a href="./rfc3513">RFC 3513</a> [<a href="#ref-3" title=""Internet Protocol Version 6 (IPv6) Addressing Architecture"">3</a>] and <a href="./rfc3177#section-3">section 3 of RFC 3177</a> [<a href="#ref-2" title=""IAB/IESG Recommendations on IPv6 Address"">2</a>]), an efficient
mechanism for delegating address prefixes to the customer's sites is
needed. The delegation mechanism will be intended to automate the
process of informing the customer's networking equipment of the
prefixes to be used at the customer's site.
This document clarifies the requirements for IPv6 address prefix
delegation from the ISP to the site.
<span class="grey">Miyakawa & Droms Informational [Page 1]</span><span id="page-2" ></span>
<span class="grey"><a href="./rfc3769">RFC 3769</a> Requirements IPv6 Prefix Delegation June 2004</span>
<span class="h2"><a class="selflink" id="section-2" href="#section-2">2</a>. Scenario and terminology</span>
The following figure illustrates a likely example for the
organization of a network providing subscription IPv6 service:
/------\
/ \
+ |
/ \ /
+---------------+ +--------+/ \------/
|ISP Edge Router|Point-to-point|Customer+
| +--------------+ Router | Customer networks
| (PE) | link | (CPE) +
+---------------+ +--------+\ /------\
\ / \
+ |
\ /
\------/
Figure 1: Illustration of ISP-customer network architecture
Terminology:
PE: Provider edge device; the device connected to the service
provider's network infrastructure at which the link to the
customer site is terminated
CPE: Customer premises equipment; the device at the customer site at
which the link to the ISP is terminated
<span class="h2"><a class="selflink" id="section-3" href="#section-3">3</a>. Requirements for Prefix Delegation</span>
The purpose of the prefix delegation mechanism is to delegate and
manage prefixes to the CPE automatically.
<span class="h3"><a class="selflink" id="section-3.1" href="#section-3.1">3.1</a>. Number and Length of Delegated Prefixes</span>
The prefix delegation mechanism should allow for delegation of
prefixes of lengths between /48 and /64, inclusively. Other lengths
should also be supported. The mechanism should allow for delegation
of more than one prefix to the customer.
<span class="grey">Miyakawa & Droms Informational [Page 2]</span><span id="page-3" ></span>
<span class="grey"><a href="./rfc3769">RFC 3769</a> Requirements IPv6 Prefix Delegation June 2004</span>
<span class="h3"><a class="selflink" id="section-3.2" href="#section-3.2">3.2</a>. Use of Delegated Prefixes in Customer Network</span>
The prefix delegation mechanism must not prohibit or inhibit the
assignment of longer prefixes, created from the delegated prefixes,
to links within the customer network. The prefix delegation
mechanism is not required to report any prefix delegations within the
customer's network back to the ISP.
<span class="h3"><a class="selflink" id="section-3.3" href="#section-3.3">3.3</a>. Static and Dynamic Assignment</span>
The prefix delegation mechanism should allow for long-lived static
pre-assignment of prefixes and for automated, possibly short-lived,
on-demand, dynamic assignment of prefixes to a customer.
<span class="h3"><a class="selflink" id="section-3.4" href="#section-3.4">3.4</a>. Policy-based Assignment</span>
The prefix delegation mechanism should allow for the use of policy in
assigning prefixes to a customer. For example, the customer's
identity and type of subscribed service may be used to determine the
address block from which the customer's prefix is selected, and the
length of the prefix assigned to the customer.
<span class="h3"><a class="selflink" id="section-3.5" href="#section-3.5">3.5</a>. Expression of Requirements or Preferences by the CPE</span>
The CPE must be able to express requirements or preferences in its
request to the PE. For example, the CPE should be able to express a
preference for a prefix length.
<span class="h3"><a class="selflink" id="section-3.6" href="#section-3.6">3.6</a>. Security and Authentication</span>
The prefix delegation mechanism must provide for reliable
authentication of the identity of the customer to which the prefixes
are to be assigned, and must provide for reliable, secure
transmission of the delegated prefixes to the customer.
The prefix delegation should provide for reliable authentication of
the identity of the service provider's edge router.
<span class="h3"><a class="selflink" id="section-3.7" href="#section-3.7">3.7</a>. Accounting</span>
The prefix delegation mechanism must allow for the ISP to obtain
accounting information about delegated prefixes from the PE.
<span class="h3"><a class="selflink" id="section-3.8" href="#section-3.8">3.8</a>. Hardware technology Considerations</span>
The prefix delegation mechanism should work on any hardware link
technology between the PE and the CPE and should be hardware
technology independent. The mechanism must work on shared links.
<span class="grey">Miyakawa & Droms Informational [Page 3]</span><span id="page-4" ></span>
<span class="grey"><a href="./rfc3769">RFC 3769</a> Requirements IPv6 Prefix Delegation June 2004</span>
The mechanism should work with all hardware technologies with either
an authentication mechanism or without, but ISPs would like to take
advantage of the hardware technology's authentication mechanism if it
exists.
<span class="h2"><a class="selflink" id="section-4" href="#section-4">4</a>. Security considerations</span>
<a href="#section-3.6">Section 3.6</a> specifies security requirements for the prefix delegation
mechanism. For point to point links, where one trusts that there is
no man in the middle, or one trusts layer two authentication,
authentication may not be necessary.
A rogue PE can issue bogus prefixes to a requesting router. This may
cause denial of service due to unreachability.
A rogue CPE may be able to mount a denial of service attack by
repeated requests for delegated prefixes that exhaust the PE's
available prefixes.
<span class="h2"><a class="selflink" id="section-5" href="#section-5">5</a>. Acknowledgments</span>
The authors would like to express thanks to Randy Bush, Thomas
Narten, Micheal Py, Pekka Savola, Dave Thaler, as well as other
members of the IPv6 working group and the IESG for their review and
constructive comments. The authors would also like to thank the
people in the IPv6 operation group of the Internet Association of
Japan and NTT Communications IPv6 project, especially Toshi Yamasaki
and Yasuhiro Shirasaki for their original discussion and suggestions.
<span class="h2"><a class="selflink" id="section-6" href="#section-6">6</a>. Informative References</span>
[<a id="ref-1">1</a>] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6)
Specification", <a href="./rfc2460">RFC 2460</a>, December 1998.
[<a id="ref-2">2</a>] IAB and IESG, "IAB/IESG Recommendations on IPv6 Address", <a href="./rfc3177">RFC</a>
<a href="./rfc3177">3177</a>, September 2001.
[<a id="ref-3">3</a>] Hinden, R. and S. Deering, "Internet Protocol Version 6 (IPv6)
Addressing Architecture", <a href="./rfc3513">RFC 3513</a>, April 2003.
<span class="grey">Miyakawa & Droms Informational [Page 4]</span><span id="page-5" ></span>
<span class="grey"><a href="./rfc3769">RFC 3769</a> Requirements IPv6 Prefix Delegation June 2004</span>
<span class="h2"><a class="selflink" id="section-7" href="#section-7">7</a>. Authors' Addresses</span>
Shin Miyakawa
NTT Communications Corporation
Tokyo
Japan
Phone: +81-3-6800-3262
EMail: [email protected]
Ralph Droms
Cisco
1414 Massachusetts Avenue
Boxborough, MA 01719
USA
Phone: +1 978.936.1674
EMail: [email protected]
<span class="grey">Miyakawa & Droms Informational [Page 5]</span><span id="page-6" ></span>
<span class="grey"><a href="./rfc3769">RFC 3769</a> Requirements IPv6 Prefix Delegation June 2004</span>
<span class="h2"><a class="selflink" id="section-8" href="#section-8">8</a>. Full Copyright Statement</span>
Copyright (C) The Internet Society (2004). This document is subject
to the rights, licenses and restrictions contained in <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a>, and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a> and <a href="https://www.rfc-editor.org/bcp/bcp79">BCP 79</a>.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
<a href="http://www.ietf.org/ipr">http://www.ietf.org/ipr</a>.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
[email protected].
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Miyakawa & Droms Informational [Page 6]
Annotations
Select text to annotate