Network Working Group Y. Noisette Internet Draft France Telecom R&D Document: draft-noisette-zerouter-frmwk-00.txt A. Williams Motorola February 2003 A framework for Zerouter operations Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [1]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document describes a framework for the operation of Zerouter mechanisms and protocols. It identifies the context in which the solutions specified within the Zerouter approach are likely to find their applicability. More precisely, it identifies the entities in a zerouter mesh and the interaction between zerouter entities and their environment. Table of Contents 1. Introduction................................................2 2. Conventions used in this document...........................2 3. Scope of the document.......................................2 4. Definitions.................................................3 5. Framework for Zerouter operations...........................3 5.1. Interactions with the ISP...................................4 5.2. Interactions with hosts.....................................5 5.3. Interactions with configuration processes...................6 5.4. Standalone zerouter mesh operation..........................6 5.5. Connection to another zerouter mesh.........................7 6. Other concerns..............................................7 6.1. Multi-homed zerouter mesh...................................7 Noisette, Williams Expires August 2003 [Page 1] Internet Draft A framework for Zerouter operations February 2003 7. Security Considerations.....................................8 8. References..................................................8 9. Acknowledgments.............................................8 10. Author's Addresses..........................................9 11. Full Copyright Statement....................................9 1. Introduction IP networks are in widespread in environments like the home or small offices where there is no network administrator. From this standpoint, there is a real need for auto-configuration mechanisms, not only for hosts, but also for the nodes that will constitute the network, which is deployed in such environments. The aim of auto-configuration is to ensure that the network is up and running (addressing, forwarding), providing the necessary functions for the deployment of services for the hosts (naming) In this context, the Zerouter initiative has been set in order to define protocol mechanisms that will allow consistent IPv4/IPv6 addressing and forwarding to be automatically configured in a group of connected routers. The purpose of this document is to describe the framework in which the solutions that will be defined by Zerouter find their applicability. 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [2]. 3. Scope of the document This document only aims at presenting a framework for the applicability of Zerouter protocols and mechanisms. It defines, among others: * the entities with which a Zerouter mesh is likely to interact * the kind and purpose of these interactions * the possible impact of these interactions on the Zerouter mesh/nodes Unless specified otherwise, no assumption is made on the version of the IP protocol deployed in the Zerouter mesh. Noisette, Williams Expires August 2003 [Page 2] Internet Draft A framework for Zerouter operations February 2003 4. Definitions The following definitions are used in the document: * zerouter: a router which implements Zerouter protocols and mechanisms and has them activated on at least one interface. * zerouter mesh: a collection of zerouters that forward unicast and multicast IP packets between client hosts and the internet, and between client hosts connected to different parts of the zerouter mesh. * configuration process: a process, run inside the zerouter mesh, by which configuration of hosts is achieved (possible examples are DHCP, IPv6 address auto-configuration). The following definitions, provided in [ZRTER-REQ], also apply to this document: * zerouter interface : a router interface configured by a zerouter protocol. * zerouter link : a link with one or more zerouter interface attached to. * prefix configuration : attribution of one or several valid IP prefixes to an autoconfigured link. * prefix delegation : delegation of a prefix from a non zerouter host or router to a zerouter. 5. Framework for Zerouter operations The entities that are likely to have interactions with a zerouter mesh are: * ISP: provides connection to the internet and host configuration parameters. * hosts: are connected to a zerouter either directly or through some layer 2 bridging. * configuration process: (see definition above). Such a process can be either located on a non-zerouter node (DHCP server) or be implemented on a zerouter (IPv6 address autoconfiguration). * another zerouter mesh. The following figure represents a zerouter mesh and the possible relations with other entities: Noisette, Williams Expires August 2003 [Page 3] Internet Draft A framework for Zerouter operations February 2003 | | ISP | Zerouter mesh | Client hosts | | | | Host config | | Other host ========================================================> parameters | | config param. | ---------- | | //-- --\\ | | /// \\\ | | / \ | | / +--+ \ | Address Border | | | |=========================> router +--+ | +--+ +--+ \ | |Default route | +---+-+ | / \ | | +--+ | +--+ / \ | | | | \ / +-------------+ | | Other host Address space| | \ / |Configuration|============> delegation | | \+--+ /| Processes | | | config param. ================| | | / +-------------+ | | + host config| \ ++-+/ / | parameters | \ | / | | \\\ | /// | | \|-- --// | | | ---------- | | | | | V | | Possibly other | | zerouter meshes | | | Possible architectures for zerouter meshes are described in [ZRTER- REQ]. 5.1. Interactions with the ISP The relationship between the zerouter mesh and the ISP is an important one since configuration information is likely to be provided by the ISP to the mesh. Firstly, the zerouter mesh directly exploits some information provided by the ISP. The best example of this is address space delegation. Indeed, a zerouter connected to an ISP receives available address space from this ISP and injects that address space into the zerouter mesh. That address space is available for use throughout the collection of communication zerouters, inside a given zerouter mesh, in order to: * configure a network prefix on each zerouter interface. When distributing the prefixes, two adjacent zerouters must use the same network prefix on the common link, from a given address space. Noisette, Williams Expires August 2003 [Page 4] Internet Draft A framework for Zerouter operations February 2003 * configure an address on each zerouter interface for each network prefix shared on the corresponding link. Delegation of address space can occur in a number of ways: * a global prefix may be explicitly delegated (more likely in IPv6), * a single global address is delegated (more likely in IPv4 with the use of NAT in the zerouter mesh), * a prefix may be computed (e.g. 6to4). Second, some information are provided by the ISP, that are not directly concerning the zerouter mesh, but are very important for hosts configuration. These information are destined to be exploited either directly by hosts or by some configuration process other than zerouter (typically DHCP). The zerouter mesh must convey transparently host configuration parameters from the ISP either directly to hosts or to configuration processes. Examples are DNS server IP address, DNS default domain name and other DHCP options. It may also be useful in some cases to provide information from the zerouter mesh to the ISP. One possible example of this is prefix delegation. A border router to a zerouter mesh may indicate requirements for prefix size upstream to the ISP. This could be triggered by the kind of prefix delegation mechanism, which will be deployed on the link to the ISP (especially if it is based on negotiation). If such a process is needed, things will have to be kept as simple as possible, in order to fit in the goals pursued by zerouter. Finally, other recommended ISP or border router behaviour may need to be specified. For instance, from the routing perspective, the internal structure of the zerouter mesh is not visible to the ISP, hence the ISP should route all packets destined for address space delegated to the mesh into the zerouter mesh. Moreover, filtering policies should be set up by the ISP in order to prevent private address space leaking and transit. 5.2. Interactions with hosts As far as hosts are concerned, there is no real information that is to be furnished by hosts to the zerouter mesh at this stage. On the other hand, the zerouter mesh provides configuration information to attached client hosts and forwards IP packets on their behalf. Client hosts use existing IETF mechanisms (e.g. DHCP, stateless auto-conf) to acquire configuration information. Noisette, Williams Expires August 2003 [Page 5] Internet Draft A framework for Zerouter operations February 2003 Zerouter protocols are responsible for providing appropriate addressing and routing information to the host configuration protocol: * IPv4 address, subnet mask * IPv6 prefix+length * default route This information will need to be combined with the ISP to client parameters to provide sufficiently complete host configuration. 5.3. Interactions with configuration processes Configuration information supplied to a client may be a combination of ISP supplied parameters and parameters agreed upon by zerouters in a mesh. Host configuration parameters supplied by the ISP must be passed through the zerouter mesh to the configuration process. Therefore, the relationship between the zerouter mesh and configuration process is quite simple. The zerouter mesh is responsible for ensuring that all ISP supplied host configuration parameters are available to hosts attached to the zerouter mesh. Examples of configuration processes are DHCP (with the options for host configuration), IPv6 address auto-configuration, but also any forthcoming solution that could be specified in the future to ease hosts configuration. 5.4. Standalone zerouter mesh operation It should be possible to operate a zerouter mesh stand-alone(i.e. when not connected to an disconnected ISP). This implies that site- scoped IPv6 or private IPv4 addressing be employed throughout the mesh and that no host configuration parameters will be supplied by an ISP. A mechanism must then be available to provide these address spaces to the zerouter mesh, which will exploit them just like it would with an address space delegated from an ISP. When a connection to an ISP becomes available, delegated global address space and configuration parameters should be made available to hosts. In the case of IPv4, replacing the private address space with a globally delegated prefix could be a disruptive operation. Further, if only a single IPv4 address is provided, private addressing and NAT may continue to be employed. In the case of IPv6, site-local prefixes and global address prefixes can co-exist simultaneously. Site-local prefixes may be deprecated over time if necessary. From a forwarding perspective, there is no impact on the behavior of the zerouter mesh. This one must ensure that forwarding of unicast Noisette, Williams Expires August 2003 [Page 6] Internet Draft A framework for Zerouter operations February 2003 and multicast IP packets between client hosts connected to different parts of the zerouter mesh is achieved. 5.5. Connection to another zerouter mesh The expected result, when connecting two zerouter meshes, is a merging of the two networks. This is the logical behavior implied by the autoconfiguration of zerouters. Therefore, the merging of two zerouter meshes should lead to a single zerouter mesh operating as any other. However, during the merging, some mechanisms must allow for redundancy and conflict detection. Notably, if private address space is used in both meshes (RFC 1918 or IPv6 site-locals), the mechanism must prevent any conflict and organize the address space between the former two zerouter meshes. If the two zerouter meshes have a connection to an ISP, this leads to a multi-homing situation (see multi-homed zerouter mesh). 6. Other concerns 6.1. Multi-homed zerouter mesh A multi-homed situation can be encountered when a zerouter mesh has more than one connection to ISPs or for instance when two zerouter meshes are merging (each one having its own connection to an ISP). When operating in a multi-homed context, a zerouter mesh is likely to behave with each ISP as described in section 5.1. This means that: * prefixes learnt from both ISP are spread in the mesh and used for the mesh and host addressing. * other configuration parameters are conveyed through the mesh and delivered to configuration processes inside the zerouter mesh. From a forwarding perspective, being multi-homed has a certain impact, as both ISP could announce themselves as default routes. This could lead to an ambiguous situation. Solutions developed in Zerouter are to rely on what will be defined in the multi6 WG for this situation. The possible solution may require a specific mechanism that will allow for negotiation between border zerouters, on the default route to be chosen. Also, ISP could force the routes for certain services they provide and they want absolutely to be routed in their network. Close to this thread is the question of transit. In any case, a zerouter mesh must not inadvertently transit traffic between two different ISPs. The fact is that policies are to be set up on the ISPs' side that will prevent this kind of situation from happening. Moreover, the zerouter is not supposed to announce any prefix to any ISP, as these ones are already aware of the prefix to route into the mesh (as they have furnished the address space). Noisette, Williams Expires August 2003 [Page 7] Internet Draft A framework for Zerouter operations February 2003 7. Security Considerations As described in section 5.5, connection two zerouter meshes will result by default in a merging of the two networks. However, it might be desirable for users to connect two zerouter meshes while keeping them distinct. In this case, the principle is that the integrity of the two zerouters must be kept intact. No spread of any information or parameter must intervene, that will modify the topology or configuration of either zerouter mesh. To keep two meshes distinct, there needs to be some kind of protocol identifier that can distinguish between two instances of the zerouter protcols running on the same link. In addition, there needs to be security measures like authentication of protocol messages and possibly privacy measures built into the protocols. The only right which could be allowed would be to enable each zerouter mesh to announce its address space to the other, in order to establish punctual connectivity. Announcing its own address space only prevents any transit situation from happening. To be efficient, this must be completed by filters that will discard any traffic coming from the vis-à-vis zerouter mesh, whose destination is not in the address space deployed in the mesh and/or whose source is not in the address space announced by the peer zerouter mesh. 8. References [RFC 1918] Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, E. Lear, "Address Allocation for Private Internets",RFC 1918, BCP 5, February 1996. [RFC 2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997 [RFC 2462] S. Thomson and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998. [ZRTER-ARCH] O. Marce, D. Galand, "Architecture for Zerouter", draft-marce-zerouter-archi-00.txt, December 2002. [ZRTER-REQ] J. Linton, G. Chelius, "Zerouter protocol requirements", draft-linton-zerouter-requirements-00.txt, December 2002 9. Acknowledgments Noisette, Williams Expires August 2003 [Page 8] Internet Draft A framework for Zerouter operations February 2003 Thanks to people from Zerouter mailing list for the fruitful discussions which have lead to the writing of this document. 10. Author's Addresses Yoann Noisette France Telecom R & D 42, rue des Coutures - BP 6243 14066 CAEN cedex 4 - FRANCE Email: yoann.noisette@france.telecom.com Aidan Williams Motorola Australian Research Centre Locked Bag 5028 Botany, NSW 1455 Australia Phone: +61 2 9666 0500 EMail: Aidan.Williams@motorola.com URI: http://www.motorola.com.au/marc/ 11. Full Copyright Statement "Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Noisette, Williams Expires August 2003 [Page 9]