The IESG has approved the following document: - 'Lightweight DHCPv6 Relay Agent' (draft-ietf-dhc-dhcpv6-ldra-03.txt) as a Proposed Standard This document is the product of the Dynamic Host Configuration Working Group. The IESG contact persons are Ralph Droms and Jari Arkko. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-dhc-dhcpv6-ldra/ Technical Summary This document proposes a Lightweight DHCPv6 Relay Agent (LDRA) that is used to insert relay agent options in DHCPv6 message exchanges identifying client-facing interfaces. The LDRA can be implemented in existing access nodes (such as DSLAMs and Ethernet switches) that do not support IPv6 control or routing functions. Working Group Summary This document appeared in the working group at the end of 2008. There has been substantial interest in this document. Document Quality The document has undergone careful review, and the working group is satisfied with its quality. Personnel The document shepherd is Ted Lemon <mellon@nominum.com>. Ralph Droms <rdroms.ietf@gmail.com> is the Responsible AD. RFC Editor Note In section 4, change "must" to "MUST": OLD: DHCP server implementations conforming to this specification must, NEW: DHCP server implementations conforming to this specification MUST, * Section 5.1 OLD: The Relay-Forward message contains relay agent parameters that identify the client-facing interface on which any reply messages should be forwarded. These parameters are link-address, peer-address and Interface-ID. The link-address parameter MUST be set to the unspecified address. The Interface-ID Relay Agent Option MUST be included in the Relay-Forward message. The LDRA MAY insert additional relay agent options. NEW: The Relay-Forward message contains relay agent parameters that identify the client-facing interface on which any reply messages should be forwarded. These parameters are link-address, peer-address and Interface-ID. The link-address parameter MUST be set to the unspecified address. The peer-address parameter MUST be set as specified in Section 6.1. The Interface-ID Relay Agent Option MUST be included in the Relay-Forward message. The LDRA MAY insert additional relay agent options. * Section 6.1 OLD: When a DHCPv6 message (defined in [RFC3315]) is received on any client-facing interface, the LDRA MUST intercept and process the message. The LDRA MUST also prevent the original message from being forwarded on the network facing interface. NEW: The LDRA MUST intercept and process all IP traffic received on any client-facing interface that has: o destination IP address set to All_DHCP_Relay_Agents_and_Servers (FF02::1:2); o protocol type UDP; and o destination port 547 The LDRA MUST also prevent the original message from being forwarded on the network facing interface. * Section 7 OLD: The LDRA intercepts any DHCPv6 message received on client-facing interfaces with a destination IP address of All_DHCP_Relay_Agents_and_Servers (FF02::1:2). The LDRA MUST NOT forward the original client message to a network-facing interface, it MUST process the message and add the appropriate Relay-Forward options as described in previous sections. NEW: The LDRA intercepts any DHCPv6 message received on client-facing interfaces with the traffic pattern specified in Section 6.1. The LDRA MUST NOT forward the original client message to a network-facing interface, it MUST process the message and add the appropriate Relay-Forward options as described in previous sections. * Security Considerations OLD: Although the LDRA only listens to client-originated IPv6 traffic sent to the All_DHCPv6_Servers_and_Relay_Agents address on UDP port 547, the LDRA SHOULD implement some form of rate-limiting on received messages to prevent excessive process utilisation. As DHCP is session-oriented, messages in excess of the rate-limit may be silently discarded. NEW: The security issues pertaining to DHCPv6 relay agents as specified in Section 23 of [RFC3315] are also applicable to LDRAs. Although the LDRA only listens to client-originated IPv6 traffic sent to the All_DHCPv6_Servers_and_Relay_Agents address on UDP port 547, the LDRA SHOULD implement some form of rate-limiting on received messages to prevent excessive process utilisation. As DHCP is session-oriented, messages in excess of the rate-limit may be silently discarded. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
