Internet Engineering Task Force M. Townsley Internet-Draft Cisco Intended status: Informational D. Freedman Expires: September 30, 2011 Claranet March 29, 2011 RADIUS attributes for 6RD client configuration draft-townsley-radext-ipv6-6RD Abstract This document specifies additional RADIUS attributes used to provide 6RD configuration to clients. The attributes, which are used for authorization and accounting, enable assignment of 6RD configuration parameters to be distributed to clients by with DHCP (RFC2131) or PPP (RFC1661) Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on September 30, 2011. Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as Townsley & Freedman Expires September 30, 2011 [Page 1] Internet-Draft 6RD RADIUS attributes March 2011 described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1. 6RD-V4PrefixLength . . . . . . . . . . . . . . . . . . . . 5 3.2. 6RD-BRAddr . . . . . . . . . . . . . . . . . . . . . . . . 5 3.3. 6RD-Prefix . . . . . . . . . . . . . . . . . . . . . . . . 6 3.4. 6RD-Delegated-Prefix . . . . . . . . . . . . . . . . . . . 6 4. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 8 5. Diameter Considerations . . . . . . . . . . . . . . . . . . . 9 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 9.1. Normative References . . . . . . . . . . . . . . . . . . . 13 9.2. Informational References . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 14 Townsley & Freedman Expires September 30, 2011 [Page 2] Internet-Draft 6RD RADIUS attributes March 2011 1. Introduction 6RD as described in [RFC5969], details a mechanism for "rapid deployment" of IPv6 services to clients, using existing IPv4 Infrastructures. [RFC5969] section 7.1.1 describes a mechanism whereby 6RD configuration parameters can be distributed to clients by means of DHCP [RFC2131] This document specifies additional RADIUS attributes used to provide this information to DHCP servers or additional network equipment. Townsley & Freedman Expires September 30, 2011 [Page 3] Internet-Draft 6RD RADIUS attributes March 2011 2. Terminology 6RD IPv6 Prefix An IPv6 prefix selected by the service provider for use by a 6RD domain. There is exactly one 6RD IPv6 prefix for a given 6RD domain. An SP may deploy 6RD with a single 6RD domain or multiple 6RD domains. 6RD Delegated Prefix The IPv6 prefix calculated by the client for use within the customer site by combining the 6RD prefix and the local IPv4 address obtained via IPv4 configuration methods. This prefix can be considered logically equivalent to a DHCPv6 IPv6 delegated prefix [RFC3633]. 6RD domain A service provider may deploy 6RD with a single 6RD domain, or may utilize multiple 6RD domains. Each domain requires a separate 6RD IPv6 prefix. 6RD Border Relay (BR) A 6RD-enabled router managed by the service provider at the edge of a 6RD domain. A Border Relay router provides an endpoint for the 6RD IPv6 in IPv4 tunnel. A 6RD BR may also be referred to simply as a "BR" within the context of 6RD. 6RD BR address The IPv4 address of the 6RD Border Relay for a given 6RD domain. This IPv4 address is used by the client to send packets to a BR in order to reach IPv6 destinations outside of the 6RD domain. Townsley & Freedman Expires September 30, 2011 [Page 4] Internet-Draft 6RD RADIUS attributes March 2011 3. Attributes 3.1. 6RD-V4PrefixLength This attribute indicates the length in bits to be taken from the leftmost side of the client's IPv4 address when generating its 6RD delegated prefix. For example, if this value is 8, 24 bits of the client IPv4 prefix will be used when creating the IPv6 Delegated Prefix, determining the destination IPv4 encapsulation address, etc. If the value is 0, then the whole 32 bits of the IPv4 address is used in the encoding. 0 1 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Bits | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1 Type: TBA1 Length: 4 Bits: The bits field is one octet. 3.2. 6RD-BRAddr This attribute indicates the IPv4 address of the 6RD Border Relay (which may be anycast) 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Address +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Address (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Townsley & Freedman Expires September 30, 2011 [Page 5] Internet-Draft 6RD RADIUS attributes March 2011 Figure 2 Type: TBA2 Length: 6 Address: The Address field is four octets. 3.3. 6RD-Prefix This attribute indicates the service provider's (SP) 6RD IPv6 prefix. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Prefix (variable) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Prefix (variable) (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3 Type: TBA3 Length: This attribute is of variable length, up to 18 octets. Prefix: The prefix field is of variable length, up to 16 octets. 3.4. 6RD-Delegated-Prefix This attribute reports on the 6RD Delegated IPv6 Prefix and is intended for Accounting purposes. Townsley & Freedman Expires September 30, 2011 [Page 6] Internet-Draft 6RD RADIUS attributes March 2011 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Prefix (variable) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Prefix (variable) (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4 Type: TBA4 Length: This attribute is of variable length, up to 18 octets. Prefix: The prefix field is of variable length, up to 16 octets. Townsley & Freedman Expires September 30, 2011 [Page 7] Internet-Draft 6RD RADIUS attributes March 2011 4. Table of Attributes The following table provides a guide to which attributes may be found in which kinds of packets, and in what quantity. Request Accept Reject Challenge Accounting # Attribute Request 0 1 0 0 1 TBA1 6RD-V4PrefixLength 0 1 0 0 1 TBA2 6RD-BRAddr 0 1 0 0 1 TBA3 6RD-Prefix 0 0 0 0 1 TBA4 6RD-Delegated-Prefix Figure 5 Townsley & Freedman Expires September 30, 2011 [Page 8] Internet-Draft 6RD RADIUS attributes March 2011 5. Diameter Considerations Given that the Attributes defined in this document are allocated from the standard RADIUS type space, no special handling is required by Diameter [RFC3588] entities. Townsley & Freedman Expires September 30, 2011 [Page 9] Internet-Draft 6RD RADIUS attributes March 2011 6. IANA Considerations This document requires the assignment of three new RADIUS Attribute TYpes in the "Radius Types" registry (currently located at http://www.iana.org/assignments/radius-types) for the following attributes: o 6RD-V4PrefixLength o 6RD-BRAddr o 6RD-Prefix o 6RD-Delegated-Prefix Townsley & Freedman Expires September 30, 2011 [Page 10] Internet-Draft 6RD RADIUS attributes March 2011 7. Security Considerations This document describes the use of RADIUS for the purposes of authentication, authorization and accounting for the purpose of providing 6RD configuration parameters to clients via DHCP servers or other existing network equipment. Known security vulnerabilities of the RADIUS protocol apply to the attributes defined in this document. Townsley & Freedman Expires September 30, 2011 [Page 11] Internet-Draft 6RD RADIUS attributes March 2011 8. Acknowledgements This memo is based on existing work [I-D.townsley-ipv6-6rd] which describes possible provisioning of 6RD configuration parameters. Townsley & Freedman Expires September 30, 2011 [Page 12] Internet-Draft 6RD RADIUS attributes March 2011 9. References 9.1. Normative References [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. [RFC5969] Townsley, W. and O. Troan, "IPv6 Rapid Deployment on IPv4 Infrastructures (6rd) -- Protocol Specification", RFC 5969, August 2010. 9.2. Informational References [I-D.townsley-ipv6-6rd] Townsley, M. and O. Troan, "IPv6 via IPv4 Service Provider Networks", draft-townsley-ipv6-6rd-01 (work in progress), July 2009. [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003. Townsley & Freedman Expires September 30, 2011 [Page 13] Internet-Draft 6RD RADIUS attributes March 2011 Authors' Addresses Mark Townsley Cisco Systems Paris France Phone: +33 15 804 3483 Email: townsley@cisco.com David Freedman Claranet London UK Email: david.freedman@uk.clara.net Townsley & Freedman Expires September 30, 2011 [Page 14]