Network Working Group F. Templin Internet-Draft S. Russert Intended status: Informational I. Chakeres Expires: June 18, 2007 S. Yi Boeing Phantom Works December 15, 2006 MANET Autoconfiguration draft-templin-autoconf-dhcp-03.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on June 18, 2007. Copyright Notice Copyright (C) The Internet Society (2006). Abstract Mobile Ad-hoc Networks (MANETs) comprise asymmetric reachability link types that connect MANET routers, and connect to the global Internet via zero or more MANET gateways. MANET routers with nodes on downstream-attached links that require global Internet access must have a way to automatically provision globally routable and unique IP addresses/prefixes. This document specifies mechanisms for MANET Templin, et al. Expires June 18, 2007 [Page 1] Internet-Draft MANET Autoconfiguration December 2006 autoconfiguration (AUTOCONF). Solutions for both IPv4 and IPv6 are given. 1. Introduction Mobile Ad-hoc Networks (MANETs) comprise asymmetric reachability link types ([RFC2461], Section 2.2) that connect MANET Routers (MRs). MRs participate in a routing protocol such that packets can be forwarded via multiple hops across the MANET if necessary. MANETs attach to provider networks (and/or the global Internet) via zero or more MANET Gateways (MGs), and MRs may be multiple IP hops away from their nearest MG in some scenarios. MRs with nodes on downstream-attached links that require global Internet access must have a means to delegate global IP addresses/prefixes and/or other configuration information. MRs comprise a router entity and a host entity that are connected via a virtual point-to-point VLAN configured over an imaginary shared link for the MANET (e.g., via a loopback interface). The imaginary shared link provides the appearance of a fully-connected link to which all MRs attach, and has an associated "landmark" prefix that MRs can use to identify the MANET(s) to which they attach. An MR (and its downstream-attached links) is a "site" unto itself, and a MANET is therefore a "site-of-sites". MANETs that comprise homogeneous link types can configure the routing protocol to operate as a Layer-2 mechanism such that Layer-3 (i.e., IP) sees the MANET as a non-broadcast, multiple access (NBMA) link. When a Layer-2 broadcast/multicast flooding mechanism is also used, IP sees the MANET as an ordinary shared link, i.e., the same as for a (bridged) campus LAN. In that case, a single IP hop is sufficient to traverse the MANET. MANETs that comprise heterogeneous link types must configure the routing protocol to operate as a Layer-3 mechanism such that routing protocol operation and packet forwarding are based on Layer-3 MANET- Local Addresses (MLAs) to avoid issues associated with bridging media types with dissimilar Layer-2 address formats and maximum transmission units (MTUs). In that case, multiple IP hops may be necessary to traverse the MANET. This document specifies DHCP and neighbor discovery operation for MANET autoconfiguration as well as details of operation for multiple MGs. Operation using standard BOOTP/DHCP [RFC0951][RFC2131][RFC3315][RFC3633] and neighbor discovery [RFC0826][RFC1256][RFC2461][RFC2462] mechanisms is assumed unless otherwise specified. Solutions for both IPv4 [RFC0791] and IPv6 Templin, et al. Expires June 18, 2007 [Page 2] Internet-Draft MANET Autoconfiguration December 2006 [RFC2460] are given. 2. Terminology The terminology in the normative references apply; the following terms are defined within the scope of this document: Mobile Ad-hoc Network (MANET) a connected network region that comprises MANET routers that maintain a routing structure among themselves in a relatively arbitrary fashion over asymmetric reachability link types ([RFC2461], Section 2.2). Further information on the characteristics of MANETs can be found in [RFC2501]. MANET Interface a MANET router's attachment to a link within the MANET. MANET Router (MR) a node that participates in a routing protocol over its MANET interface(s), connects its downstream-attached links to the MANET and forwards packets on behalf of other MRs. An MR comprises a router entity and a host entity that communicate via a virtual point-to-point VLAN configured over an imaginary shared link for the MANET (e.g., via a loopback interface). An MR (and its downstream-attached links) is a "site" unto itself, and a MANET is therefore a "site-of-sites". For the purpose of this specification, an MR's host entity configures a DHCP client and its router entity configures a DHCP relay. landmark prefix an IP prefix associated with the imaginary shared link that connects MRs in a MANET; used by MRs to identify their current MANET point(s) of attachment and as an identifier for the virtual interface(s) configured over the imaginary link. MANET Gateway (MG) an MR that also provides gateway service to a provider network and/or the global Internet. For the purpose of this specification, MGs configure a DHCP relay and/or a DHCP server. MANET Local Address (MLA) a Layer-3 unicast address/prefix configured by an MR that is used for intra-MANET communications, i.e., routable only within the scope of the MANET. For IPv6, Unique Local Addresses (ULAs) [RFC4193][I-D.jelger-autoconf-mla] provide a natural MLA mechanism. Templin, et al. Expires June 18, 2007 [Page 3] Internet-Draft MANET Autoconfiguration December 2006 Extended Router Advertisement/Solicitation (ERA/ERS) an IP Router Advertisement/Solicitation (RA/RS) message [RFC1256] [RFC2461] with an MLA source address and with destination address set to an MLA or a site-scoped multicast address that spans the MANET via a broadcast/multicast flooding mechanism (see: Section 3.5). Unlike ordinary RA/RS messages, ERA/ERS messages may travel multiple IP hops. 3. MANET Autoconfiguration The following sections specify autoconfiguration operation for MANETs. In-scope for this specification are "stub" MANETs with zero or more gateways that connect either to the same provider network or to the public Internet using provider-independent addressing. The mechanisms in this specification are also necessary (but may not be sufficient) for supporting multihomed MANETs, MANETs configured as transit networks, default MG selection, etc. 3.1. MANET Router (MR) Operation Each MR configures one or more MLAs on each of its MANET interfaces. For IPv6, MLAs are generated using [RFC4193][I-D.jelger-autoconf-mla] with interface identifiers that are either managed for uniqueness ([RFC4291], Appendix A) or self-generated using a suitable random interface identifier generation mechanism that is compatible with EUI-64 format, e.g., Cryptographically Generated Addresses (CGAs) [RFC3972]. For IPv4, MLAs are generated using a corresponding unique local address configuration mechanism. Each MR next engages in the routing protocol then discovers the MLAs of MGs and a landmark prefix for the MANET's imaginary shared link by either receiving ERAs or through a means outside the scope of this specification, e.g., via an out-of-band service discovery protocol, via information conveyed in the routing protocol itself, etc. MRs can also send a small number of ERSs to elicit immediate ERAs if no unsolicited ERAs are received. After a MR discovers the MLAs of MGs, it selects one or more MGs as default MGs. The MR's DHCP client function then sends a DHCP DISCOVER (DHCPv4) or Solicit (DHCPv6) request to its DHCP relay function across the virtual interface that connects its host and router functions. The relay function then forwards the request to the MLA(s) for one or more MG, to the MLAs of other known DHCP servers within the MANET, or to a site-scoped "All-DHCP-Servers" multicast address. For DHCPv4, the relay writes an MLA from the outgoing MANET interface Templin, et al. Expires June 18, 2007 [Page 4] Internet-Draft MANET Autoconfiguration December 2006 (i.e., the relay's upstream-attached interface) in the 'giaddr' field and also includes the MLA in a DHCPv4 MLA option (see: Section 3.4). If necessary to identify the downstream-attached virtual interface, the relay also includes a link selection sub-option [RFC3527] with an address from the landmark prefix for the MANET's imaginary shared link. For DHCPv6, the relay writes an MLA from the outgoing MANET interface in the "peer-address" field and also writes an address from the landmark prefix for the MANET's imaginary shared link in the "link- address" field. The MR can also use DHCP prefix delegation [RFC3633] to obtain prefixes for further sub-delegation to nodes on its downstream-attached links. The DHCP request will elicit a DHCP reply from a server with IP address/prefix delegations. When addresses are delegated, the MR assigns the resulting addresses to the virtual interface that connects its host and router functions, i.e., the addresses are *not* assigned on a MANET interface. When prefixes are delegated, the MR can further sub-delegate the prefixes to its downstream-attached links, including physical links and virtual links of the MR itself. After the MR configures global IP addresses/prefixes, it can send IP packets with global IP source addresses to off-MANET destinations using any of the MGs in its default MG list as egress gateways. For MANETs in which MGs can inject a 'default' route that propagates throughout the MANET, the MR can send the IP packets without encapsulation at the expense of extra TTL (IPv4) or Hop Limit (IPv6) decrementation. For MANETs in which MGs cannot propagate a default route, the MR either: a) encapsulates IP packets with an MLA for an MG as the destination address in the outer header (i.e., tunnels the packets to the MG), or b) inserts an IPv4 source routing header (likewise IPv6 routing header) to ensure that the packets will be forwarded through an MG. 3.2. MANET Gateway Operation MGs send periodic and/or solicited ERAs on their attached MANET links. For IPv6, MGs advertise prefixes in ERAs that are to be used as landmark prefixes for the MANET (e.g., by setting the 'A', 'L' bits in Prefix Information Options to 0). MGs act as BOOTP/DHCP relays for the DHCP requests/replies exchanged between MRs and DHCP servers. (When the DHCP server function resides on the MG itself, the MG acts as a DHCP server.) For DHCPv4, when a MG acting as a relay forwards a MR's DHCP request that includes an MLA option, it writes its own address in the 'giaddr' field, i.e., it overwrites the value that was written into 'giaddr' by the MR's relay Templin, et al. Expires June 18, 2007 [Page 5] Internet-Draft MANET Autoconfiguration December 2006 function. For each DHCP reply message it processes pertaining to address/prefix delegation, the MG creates a tunnel (if necessary) with the tunnel's destination address set to the MLA for the MR encoded in the DHCPv4 MLA option or the DHCPv6 "peer-address" field (see: Section 3.4). The MG then creates entries in its IP forwarding table that point to the tunnel for each delegated IP address/prefix and relays the reply to the MLA for the MR. For MANETs in which MRs will inject delegated addresses/prefixes into the routing protocol, tunneling from the MG is not necessary since standard IP routing within the MANET will direct packets to the correct MR. 3.3. DHCP Server Deployments and Extensions DHCP servers can reside on provider networks, the Internet or on the MGs themselves; they can also reside on some non-MG node within the MANET. DHCPv4 servers examine DHCPv4 requests for a DHCPv4 MLA option (see: Section 3.4). If a DHCPv4 MLA option is present, the DHCPv4 server copies the option into the corresponding DHCPv4 reply message(s). No MANET-specific extensions are required for DHCPv6 servers. 3.4. MLA Encapsulation For DHCPv6, the MLA is encoded directly in the "peer-address" field of DHCPv6 requests/replies. For DHCPv4, a new DHCPv4 option [RFC2132] called the 'MLA option' is required to encode an MLA for DHCP transactions that will traverse a MG, i.e., so that the MG has a MANET-relevant address to direct DHCPv4 replies to the correct MR, which may be multiple Layer-3 hops away. The format of the DHCPv4 MLA option is given below: Code Len Ether Type MLA +-----+-----+-----+-----+-----+-----+--- | TBD | n | type | a1 | a2 | ... +-----+-----+-----+-----+-----+-----+--- Code a one-octet field that identifies the option type (see: Section 5). Templin, et al. Expires June 18, 2007 [Page 6] Internet-Draft MANET Autoconfiguration December 2006 Len a one-octet field that encodes the remaining option length. Ether Type a type value from the IANA "ethernet-numbers" registry. MLA a variable-length MANET Local Address (MLA). 3.5. MANET Flooding MRs and MGs in Layer-3 MANETs that implement this specification require a MANET flooding mechanism (e.g., Simplified Multicast Forwarding (SMF) [I-D.ietf-manet-smf]) so that site-scoped multicast messages can be propagated across multiple Layer-3 hops. 4. Operation with Multiple MGs MGs are associated with landmark prefixes that identify the MANET's point of attachment to a provider network. For a set of MGs that attach to the same provider network, MRs can retain their global IP address/prefix delegations as they move between different MGs if the landmark prefix stays the same and if the network participates with the MGs and MRs in a localized mobility management scheme, e.g., see: [I-D.templin-autoconf-netlmm-dhcp]. For a set of MGs that attach to different provider networks and/or serve different global IP prefixes from within the same provider network, MRs must configure new global IP addresses/prefixes as they change between different MGs unless inter-MG tunnels and routing protocol exchanges are supported, e.g., see: [I-D.templin-autoconf-netlmm-dhcp], Appendix A. Global mobility management mechanisms for MRs that configure new global IP addresses/prefixes as they move between different MGs are beyond the scope of this document. 5. IANA Considerations A new DHCP option code is requested for the DHCP MLA Option in the IANA "bootp-dhcp-parameters" registry. 6. Security Considerations Threats relating to MANET routing protocols also apply to this Templin, et al. Expires June 18, 2007 [Page 7] Internet-Draft MANET Autoconfiguration December 2006 document. 7. Related Work Telcordia has proposed DHCP-related solutions for the CECOM MOSAIC program. Various proposals targeted for the IETF AUTOCONF working group have suggested stateless mechanisms for address configuration. 8. Acknowledgements The Naval Research Lab (NRL) Information Technology Division uses DHCP in their MANET research testbeds. Many of the ideas on this document originated from IETF Autoconf working group discussions on various aspects of autoconfiguration for MANETs. The following individuals (in chronological order) have provided valuable input: Thomas Henderson. 9. References 9.1. Normative References [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981. [RFC0826] Plummer, D., "Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware", STD 37, RFC 826, November 1982. [RFC0951] Croft, B. and J. Gilmore, "Bootstrap Protocol", RFC 951, September 1985. [RFC1256] Deering, S., "ICMP Router Discovery Messages", RFC 1256, September 1991. [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997. [RFC2132] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor Extensions", RFC 2132, March 1997. [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998. Templin, et al. Expires June 18, 2007 [Page 8] Internet-Draft MANET Autoconfiguration December 2006 [RFC2461] Narten, T., Nordmark, E., and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998. [RFC2462] Thomson, S. and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. 9.2. Informative References [I-D.ietf-manet-smf] Macker, J., "Simplified Multicast Forwarding for MANET", draft-ietf-manet-smf-03 (work in progress), October 2006. [I-D.jelger-autoconf-mla] Jelger, C., "MANET Local IPv6 Addresses", draft-jelger-autoconf-mla-01 (work in progress), October 2006. [I-D.templin-autoconf-netlmm-dhcp] Templin, F., "Network Localized Mobility Management using DHCP", draft-templin-autoconf-netlmm-dhcp-04 (work in progress), October 2006. [I-D.thaler-autoconf-multisubnet-manets] Thaler, D., "Multi-Subnet MANETs", draft-thaler-autoconf-multisubnet-manets-00 (work in progress), February 2006. [I-D.thaler-intarea-multilink-subnet-issues] Thaler, D., "Issues With Protocols Proposing Multilink Subnets", draft-thaler-intarea-multilink-subnet-issues-00 (work in progress), March 2006. [RFC2501] Corson, M. and J. Macker, "Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations", RFC 2501, January 1999. [RFC3527] Kinnear, K., Stapp, M., Johnson, R., and J. Kumarasamy, "Link Selection sub-option for the Relay Agent Information Option for DHCPv4", RFC 3527, April 2003. Templin, et al. Expires June 18, 2007 [Page 9] Internet-Draft MANET Autoconfiguration December 2006 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. Appendix A. IPv6 Neighbor Discovery and Duplicate Address Detection IPv6 Neighbor Discovery (ND) and Duplicate Address Detection (DAD) for MANETs is for further study. In terms of ND, [RFC2461][RFC4291] require that a node configure a link-local address on each of its IPv6-enabled interfaces, but the primary use for link-locals seems to be for the purpose of uniquely identifying routers on the link. Also, it is an open question as to whether MRs should send RAs on MANET links at all, since the MANET is a peering point between distinct sites and not the link of a single site with a clear set of serving routers and dependent end-hosts. In particular, since MANET interfaces configure MLAs which already provide a statistically- unique identifier, link-local addresses may be of little/no value on MANET interfaces and hence strict enforcement of link-local address uniqueness may not be necessary. In terms of DAD, in-service DAD upon link change is problematic, since MANET links are constantly changing due to node mobility. Also, pre-service DAD on a MANET link would require either flooding the entire MANET or somehow discovering a targeted region of the MANET on which a node that configures a duplicate address resides and sending a directed DAD message toward that region. In both instances, the overhead for performing DAD is substantial and prone to false-negatives due to packet loss. Note also that link-local addresses using Cryptographically Generated Addresses (CGAs) [RFC3972] provide random generation only in 59 bits of the lower 64 bits of the IPv6 address, while MLAs using CGAs also use 40/56 bits of random generation in the upper 64 bits of the IPv6 address. Since such MLAs are highly unlikely to collide, pre-service DAD and in- service DAD based on link change can be avoided and a passive DAD, e.g., one that monitors routing protocol messages, can be used instead. Note also that no DAD is required for the global addresses/prefixes delegated to MRs as long as the addresses are configured on the MR's downstream-attached links (and not the MANET link) and as long as standard DAD procedures are observed on the downstream-attached links themselves. Templin, et al. Expires June 18, 2007 [Page 10] Internet-Draft MANET Autoconfiguration December 2006 Appendix B. Change Log Changes from -02 to -03: o updated terminology based on RFC2461 "asymmetric reachability" link type; IETF67 MANET Autoconf wg discussions. o added new appendix on IPv6 Neighbor Discovery and Duplicate Address Detection o relaxed DHCP server deployment considerations allow DHCP servers within the MANET itself Changes from -01 to -02: o minor updates for consistency with recent developments Changes from -00 to -01: o new text on DHCPv6 prefix delegation and multilink subnet considerations. o various editorial changes Authors' Addresses Fred L. Templin Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: fred.l.templin@boeing.com Steven W. Russert Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: steven.w.russert@boeing.com Templin, et al. Expires June 18, 2007 [Page 11] Internet-Draft MANET Autoconfiguration December 2006 Ian D. Chakeres Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: ian.chakeres@gmail.com Seung Yi Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: seung.yi@boeing.com Templin, et al. Expires June 18, 2007 [Page 12] Internet-Draft MANET Autoconfiguration December 2006 Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Templin, et al. Expires June 18, 2007 [Page 13]