IPv6 Maintenance (6man) Working Group Loba Olopade Internet-Draft Virgin Media Updates: 4862 (if approved) October 19, 2020 Intended status: Standards Track Expires: April 22, 2021 Explicit signaling of Stateless Address Autoconfiguration (SLAAC) to Renumbering Events draft-olopade-6man-slaac-signaling-00 Abstract After a renumbering event in an IPv6 network utilizing SLAAC, hosts might continue to use stale addresses, as they are unaware of the changes. Likewise, routers, who may deprecate the use of these prefixes, are unaware of their use on the hosts. This scenario could have an adverse effect on communication with the host. This document proposes changes to the SLAAC algorithm that will explicitly allow routers to learn of these stale prefixes that are still assigned on the network. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on November 19, 2020. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Olopade Expires April 22, 2021 [Page 1] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. SLAAC reaction to new PIOs . . . . . . . . . . . . . . . . . . 3 3.1. Proposed Change . . . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 4 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 4 7.1. Normative References . . . . . . . . . . . . . . . . . . . 4 7.2. Informative References . . . . . . . . . . . . . . . . . . 6 Appendix A. Suggested Garbage collection of stale prefix information . . . . . . . . . . . . . . . . . . . . . . . 6 A.1 Prefix Validation . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7 Olopade Expires April 22, 2021 [Page 2] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 1. Introduction After a renumbering event in an IPv6 network utilizing SLAAC, hosts might continue to use stale addresses, as they are unaware of the changes. Likewise, routers, who may deprecate the use of these prefixes, are unaware of their use on the hosts. This scenario, with its causes and impacts are well documented in [I-D.ietf-v6ops-slaac- renum] and [I-D.linkova-6man-default-addr-selection-update]. A key factor with this issue is the lack of explicit signaling. For various reasons, routers might not explicitly signal the network that there is a renumbering event. Once the renumbering event has occurred, there are no means to learn of the stale prefixes that might still be present on the network. Without a means to do a garbage collection, the network is limited to the aging out process of stale information. Rather than aging out, it would be better for routers to learn of this information, in a proactive manner. Using Neighbor Discovery messages, the router could learn of the stale prefixes. While it is not the objective of this document to propose how the stale prefix information is validated and deprecated, an example of how this might be done is given in Appendix A. 2. Terminology The term "globally reachable" is used in this document as defined in [RFC8190]. The term "Global Unicast Address" (or its acronym "GUA") is used throughout this document to refer to "globally reachable" [RFC8190] addresses. That is, when used throughout this document, GUAs do NOT include Unique Local Addresses (ULAs) [RFC4193]. Similarly, the term "Global Unicast prefix" (or "GUA prefix") is employed throughout this document to refer to network prefixes that specify GUAs, and does NOT include the ULA prefix (FC00::/7) [RFC4193]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. SLAAC reaction to new PIOs In the absence of RA messages to deprecate stale prefixes, when RAs Olopade Expires April 22, 2021 [Page 3] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 are received with new PIO information, SLAAC hosts will form additional IPv6 address on the interface. This could lead to a situation where there are multiple addresses assigned to an interface, while only a subset of them are valid. As previously stated, with the current algorithm, there is no explicit way to inform routers of the stale prefixes that are currently assigned to the interfaces. 3.1. Proposed Change When an address transitions from being tentative to preferred, for each SLAAC assigned GUA address on the interface, the host should send router solicitation messages, using the GUA as the source address. Routers receiving the solicitation messages can deduce the prefixes that are currently assigned to interfaces on the network. They can then determine if these prefixes are still valid, and proceed to deprecate them if they are not. An alternate solution would use unsolicited Neighbor Advertisement, similar to what is proposed in [I-D.ietf-6man-grand-03]. This would still require NA messages for each SLAAC assigned GUA address on the interface. 4. IANA Considerations This document has no actions for IANA. 5. Security Considerations It is not believed that this introduces any additional security risk. 6. Acknowledgments The author would like to acknowledge Jen Linkova, Fernando Gont, Jan Zorz and Richard Patterson for the work they have previously done on this issue. 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Olopade Expires April 22, 2021 [Page 4] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, . [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, DOI 10.17487/RFC4861, September 2007, . [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, DOI 10.17487/RFC4862, September 2007, . [RFC8028] Baker, F. and B. Carpenter, "First-Hop Router Selection by Hosts in a Multi-Prefix Network", RFC 8028, DOI 10.17487/RFC8028, November 2016, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8190] Bonica, R., Cotton, M., Haberman, B., and L. Vegoda, "Updates to the Special-Purpose IP Address Registries", BCP 153, RFC 8190, DOI 10.17487/RFC8190, June 2017, . [RFC8504] Chown, T., Loughney, J., and T. Winters, "IPv6 Node Requirements", BCP 220, RFC 8504, DOI 10.17487/RFC8504, January 2019, . Olopade Expires April 22, 2021 [Page 5] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 7.2. Informative References [I-D.ietf-v6ops-cpe-slaac-renum] Gont, F., Zorz, J., Patterson, R., and B. Volz, "Improving the Reaction of Customer Edge Routers to Renumbering Events", draft-ietf-v6ops-cpe-slaac-renum-02 (work in progress), May 2020. [I-D.ietf-v6ops-slaac-renum] Gont, F., Zorz, J., and R. Patterson, "Reaction of Stateless Address Autoconfiguration (SLAAC) to Flash- Renumbering Events", draft-ietf-v6ops-slaac-renum-04 (work in progress), September 2020. [I-D.ietf-6man-slaac-renum] Gont, F., Zorz, J., and R. Patterson, "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events", draft-ietf-6man-slaac-renum-01 (work in progress), September 2020. [I-D.linkova-6man-default-addr-selection-update] Linkova, J., "Default Address Selection and Subnet Renumbering", draft-linkova-6man-default-addr-selection-00 (work in progress), March 2017. [I-D.ietf-6man-grand-03] Linkova, J., "Gratuitous Neighbor Discovery: Creating Neighbor Cache Entries on First-Hop Routers", draft-ietf-6man-grand-03 (work in progress), March 2017. Appendix A. Suggested Garbage collection of stale prefix information Consider a scenario where a service provider is using non-persistent prefixes. If the router were to reboot, for whatever reason, then the a new PD is assigned to the router. The router will then start to include the new PIOs in its RA messages. At this point, hosts on the LAN will assign additional IPv6 addresses from the new prefix, on their interface. Using the proposed algorithm, the router will receive RS messages from hosts with source address from the stale prefixes. Upon receipt of the RS messages, the router can proceed to create a neighbor cache for the address. Before creating the neighbor cache, it should validate that the prefix is valid for the LAN interface. Olopade Expires April 22, 2021 [Page 6] Internet-Draft Explicit Signaling for SLAAC October 19, 2020 Once validated, the neighbor cache entry can be created. A list of unmanaged on-link prefixes should also be maintained. These prefixes should not be included in its RA messages. If the prefix validation is not successful, the router should deprecate the prefix in its RA messages. A.1 Prefix Validation Routers should maintain a list for "unmanaged on-link prefixes". These are prefixes that the router has determined are on-link, but are not included in its RA messages. The list may be maintained by static configuration, dynamic methods or both. To validate a prefix, the router may do the following o Check if the prefix is included in the list of unmanaged on-link prefixes for the received interface. If not included, continue with other validation steps. Otherwise, conclude the validation with a success. o Use a protocol (e.g. DHCPv6 leasequery) to check who the prefix is assigned to. If assigned to itself, it should begin to include the prefix in its RA messages and conclude the validation process with a success. o Send a RS message on the interface, and listen to see if the prefix is included in received RA messages. RS messages must be sent with unspecified source address, so that hosts will not change the IsRouter flag for the router. If the prefix is included, the unmanaged on-link list should be updated, and the validation concluded as successful. Authors' Addresses Loba Olopade Virgin Media Email: loba.olopade@virginmedia.co.uk Olopade Expires April 22, 2021 [Page 7]