Network Working Group C. Donley Internet-Draft D. Kharbanda Intended status: Informational CableLabs Expires: January 3, 2010 J. Brzozowski Y. Lee Comcast Cable J. Weil Cox Communications K. Erichsen L. Howard Time Warner Cable JF. Tremblay Videotron July 2, 2009 Use Cases and Requirements for an IPv6 CPE Router draft-donley-ipv6-cpe-rtr-use-cases-and-reqs-00 Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 3, 2010. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Donley, et al. Expires January 3, 2010 [Page 1] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Donley, et al. Expires January 3, 2010 [Page 2] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 Abstract This document captures use cases and associated requirements for an IPv6 Customer Premises Equipment (CPE) router. Specifically, the current version of this document focuses on the provisioning of an IPv6 CPE router and the provisioning of IPv6 Home Devices attached to it. It also addresses IPv6 traffic forwarding and IPv6 CPE Router security. This document also identifies areas for future consideration. These areas include prefix sub-delegation, IPv6 multicast, transition and tunneling mechanisms, provisioning consistency between DHCPv4 and DHCPv6, and DNS support. This document does not address IPv4 use cases or requirements, as they are widely understood; however, it is expected that IPv6 CPE Routers will also support IPv4. Donley, et al. Expires January 3, 2010 [Page 3] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Conventions used in this document . . . . . . . . . . . . . . 6 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 3. Architecture and Operations . . . . . . . . . . . . . . . . . 7 3.1. Example Network Topology . . . . . . . . . . . . . . . . . 8 4. Use Cases and Requirements . . . . . . . . . . . . . . . . . . 9 4.1. Service Provider IPv6 Provisioning of the CPE Router . . . 9 4.1.1. Description . . . . . . . . . . . . . . . . . . . . . 9 4.1.2. Requirements . . . . . . . . . . . . . . . . . . . . . 9 4.2. Provisioning Home Networks and Attached IPv6 Home Devices . . . . . . . . . . . . . . . . . . . . . . . . . 10 4.2.1. Description . . . . . . . . . . . . . . . . . . . . . 10 4.2.2. Requirements . . . . . . . . . . . . . . . . . . . . . 11 4.3. IPv6 Traffic Forwarding . . . . . . . . . . . . . . . . . 11 4.3.1. Description . . . . . . . . . . . . . . . . . . . . . 11 4.3.2. Requirements . . . . . . . . . . . . . . . . . . . . . 12 4.4. CPE Router Security . . . . . . . . . . . . . . . . . . . 12 4.4.1. Description . . . . . . . . . . . . . . . . . . . . . 12 4.4.2. Requirements . . . . . . . . . . . . . . . . . . . . . 12 5. Summary of Requirements . . . . . . . . . . . . . . . . . . . 13 6. Optional Use Cases and Requirements . . . . . . . . . . . . . 16 6.1. IPv6 Provisioning of IPv6 Home Devices using Stateful DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . 16 6.1.1. Description . . . . . . . . . . . . . . . . . . . . . 16 6.1.2. Requirements . . . . . . . . . . . . . . . . . . . . . 16 7. Future Considerations . . . . . . . . . . . . . . . . . . . . 17 7.1. IPv6 Prefix Sub-delegation . . . . . . . . . . . . . . . . 17 7.2. Provide IPv6 Multicast . . . . . . . . . . . . . . . . . . 17 7.3. Transition and Tunneling Mechanisms . . . . . . . . . . . 17 7.4. Provisioning Consistency Between DHCPv4 and DHCPv6 . . . . 17 7.5. Offer Domain Name Service through an IPv6 CPE Router . . . 17 8. Security Considerations . . . . . . . . . . . . . . . . . . . 18 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 20 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21 11.1. Normative References . . . . . . . . . . . . . . . . . . . 21 11.2. Informative References . . . . . . . . . . . . . . . . . . 22 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23 Donley, et al. Expires January 3, 2010 [Page 4] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 1. Introduction This document enumerates common use cases and requirements for IPv6 CPE Routers. These requirements should be applicable to a wide variety of service provider access networks, including DSL, cable, wireless, fiber-based and other services. This document defines the base level of functionality necessary to provide connectivity to the end-user's network. Vendors and other interested parties are encouraged to incorporate additional functionality into the feature set, as deemed necessary or appropriate. Donley, et al. Expires January 3, 2010 [Page 5] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 Error! Reference source not found.. 2.1. Terminology Customer - An end user that receives Internet service from the Service Provider. Customer Network - one or more subnets attached to the CPE Router that connect customer IPv6 Home Devices. IPv6 CPE Router - A standalone or embedded IPv6 Internet gateway, intended for home or small office use, that routes IPv6 (and optionally IPv4) traffic from one or more LAN Interfaces to the Internet. IPv6 Home Device - a host device such as a personal computer that supports IPv6, is located in the home or small office, and receives IPv6 Internet connectivity through the IPv6 CPE Router LAN Interface - a layer 3 network interface on a link in the customer network. A LAN Interface could attach to Ethernet, IEEE 802.11, MoCA 1.0/1.1, and other networks. An IPv6 CPE Router may have one or more layer 3 LAN Interfaces Service Provider - A company that offers its customers access to the Internet. In this document, a Service Provider specifically offers Internet access using IPv6, and may also offer IPv4 Internet access. The Service Provider can provide such access over a variety of different transport methods such as DSL, cable, wireless, and others. WAN Interface - the single physical network interface on the standalone CPE Router that is used to connect the router to the access network of the Service Provider. When the CPE Router is embedded in a bridging device that connects to the WAN (e.g. a cable or DSL modem), the CPE Router WAN interface is a logical network interface. Donley, et al. Expires January 3, 2010 [Page 6] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 3. Architecture and Operations An IPv6 CPE Router is a consumer oriented routing device, typically deployed in a home or small office, for the purpose of forwarding layer 3 traffic to IPv6 Home Devices. The IPv6 CPE Router is commonly used as a single point of attachment to a Service Provider network. This document describes a router which primarily operates as the core of the end-user's network. It may support more than one subnet. This IPv6 CPE Router is primarily managed by the end-user and provides configuration management and/or monitoring features that are outside of the scope of this document. The CPE Router is provisioned with a Globally-Unique IPv6 Address (GUA) on its WAN interface by the Service Provider. Service providers may use different provisioning modes such as stateful DHCPv6, PPPoE, and others; this document focuses on stateful DHCPv6 because the use case is well-defined and because some Service Providers are already implementing DHCPv6 provisioning. Also, stateful DHCPv6 is required for prefix delegation. When offering stateful DHCPv6, the Service Provider may use multiple DHCPv6 servers to provide redundancy. In addition to an IA_NA, the CPE Router requests prefix delegation. It also requests configuration information for IPv6 Home Devices through the Container Option for Server Configuration [I-D.ietf-dhc-container-opt" /> or DNS Recursive Name Server, [RFC3646]. The CPE Router assigns at least a /64 from its delegated prefix to each LAN interface. It may optionally also assign a Unique Local Address (ULA) to its LAN Interfaces for communication on the customer network; however, the use of ULAs is beyond the scope of this document. To support customer privacy, the CPE Router may have more than one LAN interface. IPv6 Home Devices acquire IPv6 addresses either through stateless address autoconfiguration (SLAAC) or stateful DHCPv6. It is RECOMMENDED that devices use SLAAC to acquire a GUA. The CPE Router provides configuration information obtained from the Service Provider to the Home Device either through stateless DHCP or the [RFC5006] Recursive DNS Server (RDNSS) option. In some cases, stateful DHCP may optionally be used. Stateful DHCPv6 may be advantageous to support a CPE Router with a public wireless access point, where a Service Provider needs to maintain a mapping between a customer device and a GUA as required by law. The IPv6 CPE Router is responsible for implementing IPv6 routing; that is, the CPE Router must look up the IPv6 Destination address in its routing table to decide to which interface it should send the Donley, et al. Expires January 3, 2010 [Page 7] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 packet. The CPE Router should use basic ingress and egress traffic filters to filter "martian" or obviously spoofed traffic. It should also allow customer-configurable packet filters. 3.1. Example Network Topology The following figure illustrates how an IPv6 CPE Router may be deployed in a basic customer network. Many of the use cases will refer to this figure. +-------+-------+ \ | Service | \ | Provider | | ISP | Router | | network +-------+-------+ | | / | Subscriber / | Internet connection / | +------+------+ \ | IPv6 | \ | CPE | \ | Router | / +---+-------+-+ / Home Network 1 | | Home Network 2 | Customer ---+-------------+----+- --+--+-------------+--- | network(s) | | | | \ +----+-----+ +-----+----+ +----+-----+ +-----+----+ \ |IPv6 Home | |IPv6 Home | | IPv6 Home| |IPv6 Home | / | Device | | Device | | Device | | Device | / +----------+ +-----+----+ +----------+ +----------+/ An example of a CPE Router deployment. Donley, et al. Expires January 3, 2010 [Page 8] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 4. Use Cases and Requirements This section presents the use cases and associated requirements for an IPv6 CPE Router. 4.1. Service Provider IPv6 Provisioning of the CPE Router 4.1.1. Description The IPv6 CPE Router acquires a GUA for its WAN interface, and obtains other configuration parameters, as needed. Service Providers may use different provisioning methods depending on the characteristics of the transport method (e.g. cable, DSL, wireless, fiber, etc.) and the Service Provider's provisioning environment. It is RECOMMENDED that the CPE Router to use DHCPv6 to obtain an IPv6 GUA. The CPE Router is required to use DHCPv6 on its WAN interface to obtain a delegated prefix for the customer network on its LAN interfaces. When DHCPv6 is required, the CPE Router is not expected to acquire connectivity information through stateless address autoconfiguration (SLAAC) or stateless DHCPv6. 4.1.2. Requirements 4.1.2.1. Obtain Link-Local Address The CPE Router follows [RFC4862] to obtain a link-local address, join the all-nodes multicast address, and perform Duplicate Address Detection (DAD) on all LAN and WAN interfaces. If the CPE Router determines that the constructed link-local address is already in use, the CPE Router SHOULD terminate IPv6 operation on that interface. 4.1.2.2. Perform router discovery The CPE Router follows [RFC4861] to perform router discovery on its WAN interface. 4.1.2.3. Obtain IPv6 Address and Other Configuration Parameters The CPE Router MUST follow the M and O bits in the RA to assign an IPv6 address to the WAN interface; the prefix advertisement options and associated L bits to identify "on-link" prefixes; and associated A bits to assign a SLAAC address. It is RECOMMENDED that the RA received by the CPE Router have its M bit set to 1. Under this recommendation, the CPE Router uses DHCPv6 as described in [RFC3315] to obtain its IPv6 address and default route for its WAN Interface Donley, et al. Expires January 3, 2010 [Page 9] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 and other configuration information (and ignore the O bit). The CPE Router MUST use the DHCPv6 [RFC3633] IA_PD option to obtain a delegated prefix for the customer network. Because many Internet access topologies for home users require that traffic be sent to the Service Provider's router, if the prefix advertisement has the L bit set to 0, the CPE Router SHOULD identify the prefix as "not-on-link" and forward traffic destined for that prefix to the router. The CPE Router SHOULD request values for the following options through DHCP: Client Identifier, IA_NA, IA_PD, Reconfigure Accept, and Options Request Option for the DNS Recursive Name Server, [RFC3646] and the Container Option for Server Configuration [I-D.ietf-dhc-container-opt]. The CPE Router MAY also accept and request additional information via DHCP. To facilitate DHCP reconfiguration in response to changes in the Service Provider network, the CPE Router SHOULD support the Reconfigure Key Authentication Protocol, as described in [RFC3315]. In order to protect against malicious traffic, the CPE Router MUST NOT forward any IPv6 traffic between its LAN Interface(s) and its WAN Interface until the router has successfully completed the IPv6 provisioning process. Even if the WAN interface does not have an IPv6 GUA, the CPE Router MAY forward IPv6 traffic between its LAN interfaces. The CPE Router SHOULD forward IPv6 traffic between its LAN interfaces if it has received a delegated prefix. 4.2. Provisioning Home Networks and Attached IPv6 Home Devices 4.2.1. Description The CPE Router distributes configuration information obtained during WAN interface provisioning to IPv6 Home Devices and assists IPv6 Home Devices in obtaining an IPv6 GUA. IPv6 Home Devices can acquire an IPv6 GUA statelessly using SLAAC or statefully using DHCPv6. If SLAAC is used, additional configuration parameters beyond the GUA, such as DNS server address, could be passed to the Home Device using stateless DHCPv6 or RDNSS. It is RECOMMENDED that an IPv6 Home Device acquires an IPv6 GUA using SLAAC and additional information using stateless DHCPv6. Donley, et al. Expires January 3, 2010 [Page 10] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 4.2.2. Requirements 4.2.2.1. Assigning IPv6 Addresses to CPE Router LAN Interfaces The CPE Router SHOULD minimally assign a unique /64 from its received IA_PD to each of its LAN interfaces. 4.2.2.2. Assigning IPv6 Addresses using SLAAC The CPE router acts as a router through each of its LAN interfaces as described in [RFC4861]. Unless the CPE Router is otherwise configured by an administrator, the RA SHOULD set: o the M bit to 0 o the O bit to 1 o a prefix advertisement for the /64 applied to the LAN interface with the A bit set to 1 and the L bit set to 1 4.2.2.3. IPv6 Provisioning using Stateless DHCPv6 On the LAN Interface, the Home Device may request additional provisioning options such as a DNS server address through stateless DHCPv6, as described in [RFC3315] and [RFC3736]. The CPE Router SHOULD serve as a stateless DHCPv6 server. The CPE Router SHOULD pass the additional set of DHCPv6 options received from the DHCP client on its WAN interface from the Service Provider to IPv6 Home Devices. Information received in a Container Option by the DHCP client overrides other information received by the client. The CPE router need not serve as a DHCPv6 Relay Agent. 4.2.2.4. IPv6 Provisioning using RFC 5006 IPv6 CPE Router Router Advertisements MAY include the RDNSS option as specified in [RFC5006]. In that case, the IPv6 CPE Router MUST set the O bit of the RA message to 0. The IPv6 CPE Router SHOULD include information received in the DHCP Container Option for Server Configuration, if sent by the Service Provider during CPE Router WAN Interface provisioning. 4.3. IPv6 Traffic Forwarding 4.3.1. Description The IPv6 CPE Router is responsible for implementing IPv6 routing; that is, the CPE Router must look up the IPv6 Destination address in Donley, et al. Expires January 3, 2010 [Page 11] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 its routing table to decide to which interface it should send the packet. The typical scenario for packets routed to the WAN Interface is that the next-hop router will be the CPE Router's default route, learned via Router Advertisement from the Service Provider router. 4.3.2. Requirements The CPE Router MUST support the Neighbor Discovery (ND) protocol, as described in [RFC4861], on each of its LAN and WAN interfaces. The CPE Router also discovers other devices on the network connected to the WAN interface using ND. Consistent with [RFC4943], unless the L bit in the RA is set to 1, the CPE Router SHOULD assume that such devices are "not-on-link", so traffic for such devices SHOULD be forwarded to the default router. 4.4. CPE Router Security 4.4.1. Description It is considered a best practice to filter obviously malicious traffic (e.g. spoofed packets, "martian" addresses, etc.). Thus, the IPv6 CPE Router should support basic stateless egress and ingress filters. The CPE router should also offer mechanisms to filter traffic entering the customer network; however, the method by which vendors implement configurable packet filtering is beyond the scope of this document. 4.4.2. Requirements The CPE Router SHOULD support [I-D.ietf-v6ops-cpe-simple-security]. The CPE Router MUST support ingress filtering in accordance with [RFC2827] (BCP 38). Donley, et al. Expires January 3, 2010 [Page 12] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 5. Summary of Requirements GEN-REQ1: The CPE Router SHOULD support the following RFCs: * [RFC2710] Multicast Listener Discovery (MLD) for IPv6 * [RFC3315] Dynamic Host Configuration Protocol for IPv6 (DHCPv6) * [RFC3633] IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6 * [RFC3646] DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) * [RFC4075] Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6. * [RFC4242] Information Refresh Time Option for Dynamic Host Configuration Protocol for IPv6 (DHCPv6). * [RFC4291] IP Version 6 Addressing Architecture * [RFC4861] Neighbor Discovery for IP version 6 (IPv6) * [RFC4862] IPv6 Stateless Address Autoconfiguration CRP-REQ1: If the CPE Router determines that the constructed link- local address is already in use, the CPE Router SHOULD terminate IPv6 operation on that interface. CRP-REQ2: The CPE Router MUST follow the M and O bits in the RA to assign an IPv6 address to the WAN interface; the prefix advertisement options and associated L bits to identify "on-link" prefixes; and associated A bits to assign a SLAAC address. CRP-REQ3: The CPE Router MUST use the DHCPv6 [RFC3633] IA_PD option to obtain a delegated prefix for the customer network. CRP-REQ4: The CPE Router SHOULD request values for the following options through DHCP: Client Identifier, IA_NA, IA_PD, Reconfigure Accept, and Options Request Option for the DNS Recursive Name Server, [RFC3646] and the Container Option for Server Configuration [I-D.ietf-dhc-container-opt]. CRP-REQ5: The CPE Router MAY also accept and request additional information via DHCP. Donley, et al. Expires January 3, 2010 [Page 13] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 CRP-REQ6: To facilitate DHCP reconfiguration in response to changes in the Service Provider network, the CPE Router SHOULD support the Reconfigure Key Authentication Protocol, as described in [RFC3315] CRP-REQ7: In order to protect against malicious traffic, the CPE Router MUST NOT forward any IPv6 traffic between its LAN Interface(s) and its WAN Interface until the router has successfully completed the IPv6 provisioning process. CRP-REQ8: Even if the WAN interface does not have an IPv6 GUA, the CPE Router SHOULD forward IPv6 traffic between its LAN interfaces. CRP-REQ9: The CPE Router SHOULD forward IPv6 traffic between its LAN interfaces if it has received a delegated prefix. SHP-REQ1: The CPE Router SHOULD minimally assign a unique /64 from its received IA_PD to each of its LAN interfaces. SHP-REQ2: Unless the CPE Router is otherwise configured by an administrator, the RA SHOULD set: * the M bit to 0 * the O bit to 1 * a prefix advertisement for the /64 applied to the LAN interface with the A bit set to 1 and the L bit set to 1 SHP-REQ3: The CPE Router SHOULD serve as a stateless DHCPv6 server. SHP-REQ4: The CPE Router SHOULD pass the additional set of DHCPv6 options received from the DHCP client on its WAN interface from the Service Provider to IPv6 Home Devices. SHP-REQ5: IPv6 CPE Router Router Advertisements MAY include the RDNSS option as specified in [RFC5006]. In that case, the IPv6 CPE Router MUST set the O bit of the RA message to 0. SHP-REQ6: The IPv6 CPE Router SHOULD include information received in the DHCP Container Option for Server Configuration, if sent by the Service Provider during CPE Router WAN Interface provisioning.. Donley, et al. Expires January 3, 2010 [Page 14] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 TF-REQ1: The CPE Router MUST support the Neighbor Discovery (ND) protocol, as described in [RFC4861], on each of its LAN and WAN interfaces. TF-REQ2: Consistent with [RFC4943], unless the L bit in the RA is set to 1, the CPE Router SHOULD assume that such devices are "not- on-link", so traffic for such devices SHOULD be forwarded to the default router. S-REQ1: The CPE Router SHOULD support [I-D.ietf-v6ops-cpe-simple-security]. S-REQ2: The CPE Router MUST support ingress filtering in accordance with The CPE Router MUST support ingress filtering in accordance with [RFC2827](BCP 38) Donley, et al. Expires January 3, 2010 [Page 15] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 6. Optional Use Cases and Requirements 6.1. IPv6 Provisioning of IPv6 Home Devices using Stateful DHCPv6 6.1.1. Description The default provisioning mode for IPv6 Home Devices is to use SLAAC; however, in some cases, stateful provisioning may be required. In such cases, the CPE Router could also support stateful DHCPv6. It is preferable for the Service Provider to delegate a prefix to the CPE Router, rather than have the CPE Router relay DHCP messages to the Service Provider's provisioning infrastructure. 6.1.2. Requirements The CPE Router MAY serve as a stateful DHCPv6 server. When configured to enable stateful DHCPv6, the CPE Router SHOULD generate Router Advertisements (RA) on its LAN Interfaces as per [RFC4862], setting the M bit to indicate DHCP. Per [RFC3315], the CPE Router SHOULD assign an IA_NA and pass values for the additional set of DHCPv6 options received from the Service Provider through the [I-D.ietf-dhc-container-opt]Container Option or the DNS Recursive Name Server option as specified in [RFC3646], and may send values for additional options. The CPE router need not serve as a DHCPv6 Relay Agent. The CPE Router is not expected to implement: o Support for transmission of Reconfigure messages on the LAN Interface. o Any relay agent functions. o Any DHCP authentication mechanisms. o The server unicast option. o Processing for user class or vendor class options received from clients. Donley, et al. Expires January 3, 2010 [Page 16] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 7. Future Considerations This section presents additional use cases and associated requirements for an IPv6 CPE Router that should be given future consideration. 7.1. IPv6 Prefix Sub-delegation In advanced home networks, users may deploy multiple routers. To support those users or those deployment scenarios, the IPv6 CPE Router should have a mechanism to sub-delegate an IA_PD received from the Service Provider. The exact mechanism is left for future consideration. 7.2. Provide IPv6 Multicast IPv6 Multicast support will facilitate Service Provider delivery of live multimedia content to IPv6 Home Devices. CPE Router support for IPv6 Multicast should be considered in the future. 7.3. Transition and Tunneling Mechanisms As networks transition from IPv4 to IPv6, transition mechanisms may be required to continue providing customers with Internet service. In the future, the CPE Router may need to support some of these transition mechanisms, such as softwire [I-D.ietf-softwire-hs- framework-l2tpv2], Dual Stack Lite [I-D.ietf-softwire-dual-stack- lite], or NAT64. 7.4. Provisioning Consistency Between DHCPv4 and DHCPv6 In order to simplify DHCP provisioning for Service Providers, devices using DHCP should use the same client identifier, whether using DHCPv4 or DHCPv6. Accordingly, a CPE Router that supports IPv4 should support [RFC 4361] Client Identifiers for DHCPv4. Since this draft does not discuss DHCPv4 provisioning, this requirement is left for future working group consideration. 7.5. Offer Domain Name Service through an IPv6 CPE Router In an IPv6 environment, DNS will be an essential service for customers. The CPE Router should be able to provide DNS service to consumer devices, either through a DNS proxy, recursive resolvers, or some other option. The use cases for DNS support have not yet been defined, and should be considered in the future. Donley, et al. Expires January 3, 2010 [Page 17] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 8. Security Considerations IPv6 CPE Router security considerations are addressed in [draft-ietf-v6ops-simple-security]. Donley, et al. Expires January 3, 2010 [Page 18] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 9. IANA Considerations This document does not register any values in IANA registries. Donley, et al. Expires January 3, 2010 [Page 19] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 10. Acknowledgements Thanks to the following people (in alphabetical order) for their guidance and feedback: Scott Beuker, Rex Bullinger, Alain Durand, Katsunori Fukuoka, Kevin Johns, Stephen Kramer, Victor Kuarsingh, Jean-Francois Mule, John Pomeroy, Matt Schmitt, Cor Zwart This draft is based in part on CableLabs' eRouter specification. The authors wish to acknowledge the additional contributors from the eRouter team: Ben Bekele, Amol Bhagwat, Ralph Brown, Eduardo Cardona, Margo Dolas, Toerless Eckert, Doc Evans, Roger Fish, Michelle Kuska, Diego Mazzola, John McQueen, Harsh Parandekar, Michael Patrick, Saifur Rahman, Lakshmi Raman, Ryan Ross, Ron da Silva, Madhu Sudan, Dan Torbet, Greg White Donley, et al. Expires January 3, 2010 [Page 20] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 11. References 11.1. Normative References [I-D.ietf-dhc-container-opt] Droms, R., "Container Option for Server Configuration", draft-ietf-dhc-container-opt-05 (work in progress), March 2009. [I-D.ietf-v6ops-cpe-simple-security] Woodyatt, J., "Recommended Simple Security Capabilities in Customer Premises Equipment for Providing Residential IPv6 Internet Service", draft-ietf-v6ops-cpe-simple-security-00 (work in progress), June 2007. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", BCP 38, RFC 2827, May 2000. [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003. [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. [RFC3646] Droms, R., "DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, December 2003. [RFC3736] Droms, R., "Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6", RFC 3736, April 2004. [RFC4075] Kalusivalingam, V., "Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6", RFC 4075, May 2005. [RFC4242] Venaas, S., Chown, T., and B. Volz, "Information Refresh Time Option for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 4242, November 2005. Donley, et al. Expires January 3, 2010 [Page 21] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, September 2007. [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, September 2007. [RFC5006] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, "IPv6 Router Advertisement Option for DNS Configuration", RFC 5006, September 2007. 11.2. Informative References [I-D.ietf-softwire-dual-stack-lite] Durand, A., Droms, R., Haberman, B., and J. Woodyatt, "Dual-stack lite broadband deployments post IPv4 exhaustion", draft-ietf-softwire-dual-stack-lite-00 (work in progress), March 2009. [I-D.ietf-softwire-hs-framework-l2tpv2] Storer, B., Pignataro, C., Santos, M., Stevant, B., and J. Tremblay, "Softwire Hub & Spoke Deployment Framework with L2TPv2", draft-ietf-softwire-hs-framework-l2tpv2-13 (work in progress), April 2009. [RFC4361] Lemon, T. and B. Sommerfeld, "Node-specific Client Identifiers for Dynamic Host Configuration Protocol Version Four (DHCPv4)", RFC 4361, February 2006. [RFC4943] Roy, S., Durand, A., and J. Paugh, "IPv6 Neighbor Discovery On-Link Assumption Considered Harmful", RFC 4943, September 2007. Donley, et al. Expires January 3, 2010 [Page 22] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 Authors' Addresses Chris Donley CableLabs 858 Coal Creek Circle Louisville, CO 80027 USA Email: c.donley@cablelabs.com Deepak Kharbanda CableLabs 858 Coal Creek Circle Louisville, CO 80027 USA Email: d.kharbanda@cablelabs.com John Jason Brzozowski Comcast Cable 1360 Goshen Parkway West Chester, PA 19473 USA Email: john_brzozowski@cable.comcast.com Yiu Lee Comcast Cable 1500 Market St Philadelphia, PA 19102 USA Email: yiu_lee@cable.comcast.com Jason Weil Cox Communications 5575 Peachtree Dunwoody Road Atlanta, GA 30342 USA Email: jason.weil@cox.com Donley, et al. Expires January 3, 2010 [Page 23] Internet-Draft IPv6 CPE Router Use Cases and Reqs July 2009 Kirk Erichsen Time Warner Cable 12101 Airport Way Broomfield, CO 80021 USA Email: kirk.erichsen@twcable.com Lee Howard Time Warner Cable 13241 Woodland Park Rd Herndon, VA 20171 USA Email: william.howard@twcable.com Jean-Francois Tremblay Videotron 300 Viger Ave E Montreal, PQ PQ H2X 3W4 CA Email: trembjfr@videotron.com Donley, et al. Expires January 3, 2010 [Page 24]