Hello, folks.
I would like to introduce DHCPv6 proxy agent in a saparate thread.
The following is a rough description regarding the DHCPv6 proxy agent.
Any comments will be appreciated.
1. Motivation
Under the environments where classic bridge technology can not be applicable,
local hosts on the link connected to the ND proxy [RFC4389] can be easily
configured with global addresses through SLAAC.
However, if the service provider provides DHCPv6 service for the internet
connectivity of customer's hosts and is willing to give only /128 addresses
without delegating prefixes, there are no other feasible solutions than 6to6
NAPT for of local hosts to share the Internet connection. To address this
problem, new element called DHCPv6 proxy agent is suggested, which supports
message transactions between hosts in the LAN and remote server in the provider
network using IAID demultiplexing.
2. Behavior Description of DHCPv6 proxy agent
DHCPv6
Proxy Agent
| +-------+ +--------+
local |Ethernet | | Wireless | Access |
+---------+ A +-))) (((-+ +--> rest of network
hosts | | | link | Point |
| +-------+ +--------+
ND Proxy
DHCPv6 proxy agent is devised to proxy DHCPv6 clients on the LAN side links
of the agent. In order to achieve this goal, the proxy agent joins to the
All_DHCP_Relay_Agents_and_Servers (FF02::1:2) mulicast group with the LAN
interface and listen for DHCP messages on UDP port 547.
When an RA message indicating DHCPv6 service for addresses with M flag set
to 1, the ND proxy advertises proxyed RA message derived from the received one
to the LAN. When the proxyed RA message is received at a local host, the host
invokes DHCPv6 client if the host has DHCPv6 client installed.
Then, a solicit message sent by the local host is processed by the proxy
agent as following.
Firstly, it checks with DUID and transcation ID if the solicit message is
arrived for the first time.
If so, it creates new proxy transaction for proxing the solicit message,
which comprise the following elements.
- original transaction related information (IAID, IA-type, DUID, transaction
ID) from the received message.
- proxy transaction related information (proxy IAID, proxy DUID, proxy
transaction ID).
- expire time.
For the new proxy transaction, the agent generates new transaction ID and
chooses a IAID value from pre-configured proxy IAID pool by its policy.
If the solicit message includes multiple IAIDs, the agent should choose same
number of proxy IAID values as original IAIDs.
The proxy DUID is the DUID of the agent which is supposed to be same for all
proxy transactions, which is not a requirement.
The expire time is the time until the proxy transaction is valid and
calculated from MAX timeout value for each type of message as is specified in
RFC3315 5.5.
For example, expire time for the proxyed solicit message is current time
plus 120 seconds(SOL_MAX_RT) plus some marginal delay.
After creating the new proxy transaction, the agent generates new proxy
solicit message by substituting IAID, DUID and transaction ID in the original
message with proxy IAID, proxy DUID and proxy transaction ID respectively.
and sends it through the upstream interface (Wireless link from the above
illustration).
If a retransmitted message sent by the local host is arrived at the proxy
agent, proxy message is generated using existing proxy transaction and expire
time is recalculated by the above rule.
When a reply message for a proxied message is received at the upstream
interface of the proxy agent,
relevant proxy transaction is searched by comparing DUID in the client ID
option and transaction ID in the message with proxy DUID and proxy transaction
ID in existing transactions.
If the match proxy transaction is found, the agent generates new proxy reply
message by substituting IAID, DUID and transaction ID in the original message
with proxy IAID, proxy DUID and proxy transaction ID respectively.
and sends it through the LAN interface. If no match proxy transaction is found,
reply message is silently ignored.
If a binding information is conveyed in the received Reply message, the
agent also populates or refreshes the coresponding proxy binding using the
match proxy transaction, which comprises the following elements.
- original binding related information (IAID, IA-type, DUID)
- proxy binding related information (proxy IAID, proxy DUID, server DUID, IA
address and valid lifetime, ...)
The proxy binding is required since the agent should initiate a proxy
transaction for Confirm message in case that the upstream interace might be
moved to different link, and also be able to forward messages initiated by the
server or the proxy agent to the local hosts.
Joseph
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
