Network Working Group F. Templin Internet-Draft S. Russert Intended status: Informational I. Chakeres Expires: August 5, 2007 S. Yi Boeing Phantom Works February 1, 2007 MANET Autoconfiguration draft-templin-autoconf-dhcp-04.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 5, 2007. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract Mobile Ad-hoc Networks (MANETs) consist of routers operating over wireless channels and may or may not connect to other networks. Routers in MANETs that connect to the Internet must have a way to automatically provision globally routable and unique IP addresses/ prefixes. This document specifies mechanisms for MANET autoconfiguration. Both IPv4 and IPv6 are discussed. Templin, et al. Expires August 5, 2007 [Page 1] Internet-Draft MANET Autoconfiguration February 2007 1. Introduction Mobile Ad-hoc Networks (MANETs) comprise links with asymmetric reachability link characteristics (see: [RFC2461], Section 2.2) that connect MANET Routers (MRs). MRs participate in a routing protocol such that packets can be forwarded via multiple hops across the MANET if necessary. MANETs may connect to other networks via MANET Border Routers (MBRs), and MRs may be multiple IP hops away from their nearest MBR in some scenarios. A MANET may be as large as an Autonomous System (AS) or as small as an individual site, and may contain other MANETs and/or fixed networks. MRs with hosts on downstream-attached links that require global Internet access must have a means to automatically provision global IP addresses/prefixes and/or other configuration information. Conceptually, MRs comprise a router entity and a host entity that are connected via a virtual point-to-point VLAN (e.g., a loopback interface) configured over an imaginary shared link for the MANET. The imaginary shared link provides a conceptual model of a fully- connected shared link to which all MRs attach, and has an associated identifier (e.g., a prefix associated with the imaginary shared link) that "names" the MANET. An MR (and its downstream-attached links) is a "site" unto itself, and a MANET is therefore a "site-of-sites". MANETs that comprise homogeneous link types can configure the routing protocol to operate as a sub-IP layer mechanism such that IP (i.e., Layer-3) sees the MANET as an ordinary shared link the same as for a (bridged) campus LAN. In that case, a single IP hop is sufficient to traverse the MANET. MANETs that comprise heterogeneous link types must configure the routing protocol to operate as a Layer-3 mechanism such that routing protocol operation is based on MANET-Local Addresses (MLAs) or other Layer-3 identifiers that are unique within the MANET to avoid issues associated with bridging media types with dissimilar Layer-2 address formats and maximum transmission units (MTUs). In that case, multiple IP hops may be necessary to traverse the MANET. This document specifies mechanisms and operational practices for MANET autoconfiguration. Operation using standard BOOTP/DHCP [RFC0951][RFC2131][RFC3315][RFC3633] and neighbor discovery [RFC0826][RFC1256][RFC2461][RFC2462] mechanisms is assumed unless otherwise specified. Both IPv4 [RFC0791] and IPv6 [RFC2460] are discussed. Templin, et al. Expires August 5, 2007 [Page 2] Internet-Draft MANET Autoconfiguration February 2007 2. Terminology The terminology in the normative references apply; the following terms are defined within the scope of this document: Mobile Ad-hoc Network (MANET) a connected network region that comprises MANET routers that maintain a routing structure among themselves in a relatively arbitrary fashion over links with asymmetric reachability characteristics (see: [RFC2461], Section 2.2). MANETs may be large as an Autonomous System (AS) or as small as an individual site. Further information on the characteristics of MANETs can be found in [RFC2501]. MANET Interface a MANET router's attachment to a link within the MANET. MANET Router (MR) a node that participates in a routing protocol over its MANET interface(s) and forwards packets on behalf of its downstream- attached nodes and other MRs. Conceptually, an MR comprises a router entity and a host entity connected via a virtual point-to- point VLAN (e.g., a loopback interface) configured over an imaginary shared link for the MANET. An MR (and its downstream- attached links) is a "site" unto itself, and a MANET is therefore a "site-of-sites". For the purpose of this specification, an MR's host entity configures a DHCP client and its router entity configures a DHCP relay. MANET Border Router (MBR) an MR that connects the MANET to other networks. For the purpose of this specification, MBRs are assumed to configure a DHCP relay and/or a DHCP server. MANET Local Address (MLA) a Layer-3 unicast address/prefix configured by an MR that is used for intra-MANET communications, i.e., routable only within the scope of the MANET. For IPv6, Unique Local Addresses (ULAs) [RFC4193][I-D.jelger-autoconf-mla] provide a natural MLA mechanism. Extended Router Advertisement/Solicitation (ERA/ERS) an IP Router Advertisement/Solicitation (RA/RS) message [RFC1256] [RFC2461] with an MLA source address and with destination address set to an MLA or a site-scoped multicast address that spans the MANET via a broadcast/multicast flooding mechanism (see: Section 3.5). Unlike ordinary RA/RS messages, ERA/ERS messages use a non-link-local source address and may travel multiple IP Templin, et al. Expires August 5, 2007 [Page 3] Internet-Draft MANET Autoconfiguration February 2007 hops. 3. MANET Autoconfiguration The following sections specify autoconfiguration mechanisms and operational practices that allow MRs to participate in the routing protocol and obtain addresses/prefixes for Intra-MANET and global Internet communications. 3.1. MANET Router (MR) Operation Each MR configures MLAs on each of its MANET interfaces. For IPv6, MLAs are generated using Unique Local Addresses [RFC4193][I-D.jelger-autoconf-mla] with interface identifiers that are either managed for uniqueness (e.g., per [RFC4291], Appendix A) or self-generated using a suitable random interface identifier generation mechanism that is compatible with EUI-64 format (e.g., Cryptographically Generated Addresses (CGAs) [RFC3972]). For IPv4, MLAs are generated using a corresponding unique local address configuration mechanism. Each MR next engages in the routing protocol and discovers an identifier for the MANET. The identifier could be an IP prefix, a DNS Fully-Qualified Domain Name (FQDN), an IEEE MAC address, etc. but in any case provides a name for the MANET. MRs can discover this identifier by receiving ERAs that contain a prefix associated with the imaginary shared link (see: Section 3.2), via an out-of-band service discovery protocol, via information conveyed in the routing protocol itself, or through some other means associated with the particular link technology. After a MR discovers an identifier for the MANET, the DHCP client associated with its host function sends a DHCP DISCOVER (DHCPv4) or Solicit (DHCPv6) request across the virtual interface to the DHCP relay associated with its router function to request global IP address and/or prefix delegations (see also: Section 3.6). The relay function then forwards the request to or more MBRs, to other known DHCP servers, or to a site-scoped "All-DHCP-Servers" multicast address. For DHCPv4, the MR's relay function writes an MLA from the outgoing MANET interface (i.e., the relay's upstream-attached interface) in the 'giaddr' field and also includes the MLA in a DHCPv4 MLA option (see: Section 3.4). If necessary to identify the downstream-attached virtual interface, the relay also includes a link selection sub- option [RFC3527] with an address from the prefix associated with the MANET's imaginary shared link (if such a prefix is available). Templin, et al. Expires August 5, 2007 [Page 4] Internet-Draft MANET Autoconfiguration February 2007 For DHCPv6, the MR's relay function writes an MLA from the outgoing MANET interface in the "peer-address" field and also writes an address from the prefix associated with the MANET's imaginary shared link in the "link-address" field (if such a prefix is available). The MR can also use DHCP prefix delegation [RFC3633] to obtain prefixes for further sub-delegation to nodes on its downstream- attached links. The DHCP request will elicit a DHCP reply from a server with IP address/prefix delegations. When addresses are delegated, the MR assigns the resulting addresses to the virtual interface that connects its host and router functions, i.e., the addresses are *not* assigned on the upstream MANET interface. When prefixes are delegated, the MR can assign and/or further sub-delegate the prefixes to its downstream-attached links, including physical links and virtual links of the MR itself. If the MANET uses a proactive routing protocol, the MR advertises the delegated addresses/prefixes into the routing protocol during the duration of the delegation lifetimes. The DHCP server ensures unique IP address/prefix delegations. By assigning global IP addresses/prefixes only on downstream-attached interfaces (and not the upstream MANET interface) there is no requirement for the MR to perform Duplicate Address Detection (DAD) for global addresses on the MANET interface. See Appendix A for further DAD considerations. After the MR configures global IP addresses/prefixes, it can send IP packets with global IP source addresses to off-MANET destinations using any of the MBRs as egress gateways. For MANETs in which MBRs can advertise a 'default' route that propagates throughout the routing protocol, the MR can send the IP packets without encapsulation at the expense of extra TTL (IPv4) or Hop Limit (IPv6) decrementation. For MANETs in which the routing protocol cannot propagate a default route, the MR either: a) encapsulates IP packets with an MLA for an MBR as the destination address in the outer header (i.e., tunnels the packets to the MBR), or b) inserts an IPv4 source routing header (likewise IPv6 routing header) to ensure that the packets will be forwarded through an MBR. 3.2. MANET Border Router Operation MBRs can send periodic and/or solicited ERAs associated with the imaginary shared link for the MANET on their attached MANET links. For IPv6, MBRs can advertise prefixes in ERAs that MRs can consider as an identifier for the MANET. Such prefixes should be advertised as not to be used for on-link determination or StateLess Address AutoConfiguration (SLAAC) [RFC2462] by setting the 'A', 'L' bits in Templin, et al. Expires August 5, 2007 [Page 5] Internet-Draft MANET Autoconfiguration February 2007 Prefix Information Options to 0. (See: Appendix B for further considerations on using SLAAC for MANET Autoconfiguration.) MBRs act as BOOTP/DHCP relays and/or servers for a MR's DHCP requests/replies. For DHCPv4, when a MBR acting as a relay forwards a DHCP request that includes an MLA option, it writes its own address in the 'giaddr' field, i.e., it overwrites the value that was written into 'giaddr' by the MR's relay function. For MANETs in which MRs cannot proactively advertise delegated addresses/prefixes via the routing protocol, the MBR creates a tunnel for each DHCP reply message it processes pertaining to address/prefix delegation with the tunnel's destination address set to the MLA for the MR encoded in the DHCPv4 MLA option or the DHCPv6 "peer-address" field (see: Section 3.4). The MBR then creates entries in its IP forwarding table that point to the tunnel for each delegated IP address/prefix and relays the reply to the MLA for the MR. For MANETs in which MRs will advertise delegated addresses/prefixes via the routing protocol, tunneling from the MBR is not required since standard IP routing within the MANET will direct packets to the correct MR. 3.3. DHCP Server Extensions No MANET autoconfiguration-specific extensions are required for DHCPv6 servers. DHCPv4 servers examine DHCPv4 requests for a DHCPv4 MLA option (see: Section 3.4). If a DHCPv4 MLA option is present, the DHCPv4 server copies the option into the corresponding DHCPv4 reply message(s). 3.4. MLA Encapsulation For DHCPv6, the MLA is encoded directly in the "peer-address" field of DHCPv6 requests/replies. For DHCPv4, a new DHCPv4 option [RFC2132] called the 'MLA option' is required to encode an MLA for DHCP transactions that will traverse a MBR, i.e., so that the MBR has a MANET-relevant address to direct DHCPv4 replies to the correct MR, which may be multiple Layer-3 hops away. The format of the DHCPv4 MLA option is given below: Code Len Ether Type MLA +-----+-----+-----+-----+-----+-----+--- | TBD | n | type | a1 | a2 | ... +-----+-----+-----+-----+-----+-----+--- Templin, et al. Expires August 5, 2007 [Page 6] Internet-Draft MANET Autoconfiguration February 2007 Code a one-octet field that identifies the option type (see: Section 5). Len a one-octet field that encodes the remaining option length. Ether Type a type value from the IANA "ethernet-numbers" registry. MLA a variable-length MANET Local Address (MLA). 3.5. MANET Flooding When multicast service discovery is required, Layer-3 MANETs that implement this specification must use a MANET flooding mechanism (e.g., Simplified Multicast Forwarding (SMF) [I-D.ietf-manet-smf]) so that site-scoped multicast messages can be propagated across multiple Layer-3 hops. 3.6. Self-Generated Addresses MR's can self-generate an address (e.g., an IPv6 Cryptographically- Generated Address (CGA) [RFC3972]) then propose the address to the DHCP server. If the DHCP server determines that the self-generated address is unique and can be assigned to MR's virtual interface configured over the imaginary shared link, it will delegate the address for the MR's use. 4. Operation with Multiple MBRs For a set of MANETs and MBRs that attach to the same backbone network, MRs can retain their global IP address/prefix delegations as they move if the backbone network participates with the MBRs and MRs in a localized mobility management scheme, e.g., see: [I-D.templin-autoconf-netlmm-dhcp]. For a set of MBRs that attach to different backbone networks and/or serve different global IP prefixes from within the same network, MRs must configure new global IP addresses/prefixes as they change between different MBRs unless inter-MBR tunnels and routing protocol exchanges are supported, e.g., see: [I-D.templin-autoconf-netlmm-dhcp], Appendix A. Global mobility management mechanisms for MRs that configure new global IP addresses/prefixes as they move between different MBRs are Templin, et al. Expires August 5, 2007 [Page 7] Internet-Draft MANET Autoconfiguration February 2007 beyond the scope of this document. 5. IANA Considerations A new DHCP option code is requested for the DHCP MLA Option in the IANA "bootp-dhcp-parameters" registry. 6. Security Considerations Threats relating to MANET routing protocols also apply to this document. 7. Related Work Telcordia has proposed DHCP-related solutions for the CECOM MOSAIC program. Various IETF AUTOCONF working group proposals have suggested similar mechanisms for address configuration. 8. Acknowledgements The Naval Research Lab (NRL) Information Technology Division uses DHCP in their MANET research testbeds. Many of the ideas on this document originated from IETF AUTOCONF working group discussions on various aspects of autoconfiguration for MANETs. Thomas Henderson provided valuable input; Jinmei Tatuya reminded that address duplication can occur when multiple mechanisms (i.e. manual configuration, stateless and DHCP) are used within the same network. 9. References 9.1. Normative References [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981. [RFC0826] Plummer, D., "Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware", STD 37, RFC 826, November 1982. [RFC0951] Croft, B. and J. Gilmore, "Bootstrap Protocol", RFC 951, September 1985. Templin, et al. Expires August 5, 2007 [Page 8] Internet-Draft MANET Autoconfiguration February 2007 [RFC1256] Deering, S., "ICMP Router Discovery Messages", RFC 1256, September 1991. [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997. [RFC2132] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor Extensions", RFC 2132, March 1997. [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998. [RFC2461] Narten, T., Nordmark, E., and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998. [RFC2462] Thomson, S. and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. 9.2. Informative References [I-D.ietf-manet-smf] Macker, J., "Simplified Multicast Forwarding for MANET", draft-ietf-manet-smf-03 (work in progress), October 2006. [I-D.jelger-autoconf-mla] Jelger, C., "MANET Local IPv6 Addresses", draft-jelger-autoconf-mla-01 (work in progress), October 2006. [I-D.templin-autoconf-netlmm-dhcp] Templin, F., "Network Localized Mobility Management using DHCP", draft-templin-autoconf-netlmm-dhcp-04 (work in progress), October 2006. [I-D.thaler-autoconf-multisubnet-manets] Thaler, D., "Multi-Subnet MANETs", draft-thaler-autoconf-multisubnet-manets-00 (work in progress), February 2006. Templin, et al. Expires August 5, 2007 [Page 9] Internet-Draft MANET Autoconfiguration February 2007 [I-D.thaler-intarea-multilink-subnet-issues] Thaler, D., "Issues With Protocols Proposing Multilink Subnets", draft-thaler-intarea-multilink-subnet-issues-00 (work in progress), March 2006. [RFC2501] Corson, M. and J. Macker, "Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations", RFC 2501, January 1999. [RFC3527] Kinnear, K., Stapp, M., Johnson, R., and J. Kumarasamy, "Link Selection sub-option for the Relay Agent Information Option for DHCPv4", RFC 3527, April 2003. [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. Appendix A. IPv6 Neighbor Discovery and Duplicate Address Detection IPv6 Neighbor Discovery (ND) and Duplicate Address Detection (DAD) for MANETs is for further study. In terms of ND, [RFC2461][RFC4291] require that a node configure a link-local address on each of its IPv6-enabled interfaces, and the primary requirement for link-locals seems to be for the purpose of uniquely identifying routers on the link. But, it is for further study as to whether MRs should send RAs on MANET links at all, since the MANET is a peering point between distinct sites and not the link of a single site with a clear set of serving routers and dependent end-hosts. In particular, since MANET interfaces configure MLAs which already provide a statistically-unique identifier, link-local addresses may be of little/no value on MANET interfaces and hence strict enforcement of link-local address uniqueness may not be necessary In terms of DAD, pre-service DAD on a MANET link (such as specified in [RFC2462]) would require either flooding the entire MANET or somehow discovering a targeted region of the MANET on which a node that configures a duplicate address resides and sending a directed DAD message toward that region. But, the control message overhead for such a MANET-wide DAD would be substantial and prone to false- negatives due to packet loss. Note also that link-local addresses Templin, et al. Expires August 5, 2007 [Page 10] Internet-Draft MANET Autoconfiguration February 2007 using Cryptographically Generated Addresses (CGAs) [RFC3972] provide random generation only in 59 bits of the lower 64 bits of the IPv6 address, while MLAs using CGAs also use 40/56 bits of random generation in the upper 64 bits of the IPv6 address. Since such MLAs are highly unlikely to collide, pre-service DAD can be avoided and a passive in-service DAD (e.g., one that monitors routing protocol messages) can be used instead. Statistical properties can assure uniqueness for the MLAs assigned on a MR's MANET interfaces, and careful operational practices can assure uniqueness for the global addresses/prefixes assigned on a MR's downstream-attached links (since the DHCP server assures unique assignments). However, a passive in-service DAD mechanism should still be used to detect duplicates that were assigned via other means, e.g., manual configuration. Appendix B. IPv6 StateLess Address AutoConfiguration (SLAAC) The use of StateLess Address AutoConfiguration (SLAAC) [RFC2462] could be indicated by prefix information options in ERAs with the 'A' bit set to 1. MRs that receive such ERAs could then self-generate an address from the prefix and assign it to the virtual interface configured over the imaginary shared link for the MANET, then use a passive in-service DAD approach to detect duplicates within the MANET. But, if the MANET partitions, DAD might not be able to monitor the routing exchanges occurring in other partitions and address duplication could result. Appendix C. Change Log Changed from -03 to -04: o introduced conceptual "imaginary shared link" as a representation for a MANET. o discussion of autonomous system and site abstractions for MANETs o discussion of autoconfiguration of CGAs o new appendix on IPv6 StateLess Address AutoConfiguration Changes from -02 to -03: o updated terminology based on RFC2461 "asymmetric reachability" link type; IETF67 MANET Autoconf wg discussions. Templin, et al. Expires August 5, 2007 [Page 11] Internet-Draft MANET Autoconfiguration February 2007 o added new appendix on IPv6 Neighbor Discovery and Duplicate Address Detection o relaxed DHCP server deployment considerations allow DHCP servers within the MANET itself Changes from -01 to -02: o minor updates for consistency with recent developments Changes from -00 to -01: o new text on DHCPv6 prefix delegation and multilink subnet considerations. o various editorial changes Authors' Addresses Fred L. Templin Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: fred.l.templin@boeing.com Steven W. Russert Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: steven.w.russert@boeing.com Ian D. Chakeres Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: ian.chakeres@gmail.com Templin, et al. Expires August 5, 2007 [Page 12] Internet-Draft MANET Autoconfiguration February 2007 Seung Yi Boeing Phantom Works P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA Email: seung.yi@boeing.com Templin, et al. Expires August 5, 2007 [Page 13] Internet-Draft MANET Autoconfiguration February 2007 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Templin, et al. Expires August 5, 2007 [Page 14]