Network Working Group B. Volz
Request for Comments: 4649 Cisco Systems, Inc.
Category: Standards Track August 2006
Network Working Group B. Volz
Request for Comments: 4649 Cisco Systems, Inc.
Category: Standards Track August 2006
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Relay Agent Remote-ID Option
IPv6(DHCPv6)中继代理远程ID选项的动态主机配置协议
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
Abstract
摘要
This memo defines a new Relay Agent Remote-ID option for the Dynamic Host Configuration Protocol for IPv6 (DHCPv6). This option is the DHCPv6 equivalent for the Dynamic Host Configuration Protocol for IPv4 (DHCPv4) Relay Agent Option's Remote-ID suboption as specified in RFC 3046.
此备忘录为IPv6(DHCPv6)的动态主机配置协议定义了一个新的中继代理远程ID选项。此选项相当于RFC 3046中指定的IPv4(DHCPv4)中继代理选项的远程ID子选项的动态主机配置协议DHCPv6。
Table of Contents
目录
1. Introduction ....................................................2
2. Requirements Terminology ........................................2
3. The Relay Agent Remote-ID Option ................................2
4. DHCPv6 Relay Agent Behavior .....................................3
5. DHCPv6 Server Behavior ..........................................3
6. Security Considerations .........................................3
7. IANA Considerations .............................................4
8. Acknowledgements ................................................4
9. References ......................................................4
9.1. Normative References .......................................4
9.2. Informative References .....................................4
1. Introduction ....................................................2
2. Requirements Terminology ........................................2
3. The Relay Agent Remote-ID Option ................................2
4. DHCPv6 Relay Agent Behavior .....................................3
5. DHCPv6 Server Behavior ..........................................3
6. Security Considerations .........................................3
7. IANA Considerations .............................................4
8. Acknowledgements ................................................4
9. References ......................................................4
9.1. Normative References .......................................4
9.2. Informative References .....................................4
DHCPv6 [1] provides IP addresses and configuration information for IPv6 clients. It includes a relay agent capability, in which processes within the network infrastructure receive multicast messages from clients and relay them to DHCPv6 servers. In some network environments, it will be useful for the relay agent to add information to the DHCPv6 message before relaying it.
DHCPv6[1]为IPv6客户端提供IP地址和配置信息。它包括中继代理功能,其中网络基础结构中的进程从客户端接收多播消息,并将其中继到DHCPv6服务器。在某些网络环境中,中继代理在中继DHCPv6消息之前将信息添加到DHCPv6消息中会很有用。
The information that relay agents supply can also be used in the server's decision making about the addresses, delegated prefixes [4], and configuration parameters that the client is to receive.
中继代理提供的信息也可用于服务器对客户机将要接收的地址、委托前缀[4]和配置参数的决策。
The memo specifies the DHCPv6 equivalent of the DHCPv4 Relay Agent option's Remote-ID suboption as specified in [2]. The motivation and usage scenarios are provided in [2].
备忘录指定了与DHCPv4中继代理选项的远程ID子选项相当的DHCPv6,如[2]中所述。[2]中提供了动机和使用场景。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [3].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[3]中所述进行解释。
This option may be added by DHCPv6 relay agents that terminate switched or permanent circuits and have mechanisms to identify the remote host end of the circuit.
DHCPv6中继代理可添加此选项,该代理终止交换或永久电路,并具有识别电路远程主机端的机制。
The format of the DHCPv6 Relay Agent Remote-ID option is shown below:
DHCPv6中继代理远程ID选项的格式如下所示:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_REMOTE_ID | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| enterprise-number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. remote-id .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_REMOTE_ID | option-len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| enterprise-number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. remote-id .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code OPTION_REMOTE_ID (37)
选项代码选项\u远程\u ID(37)
option-len 4 + the length, in octets, of the remote-id field. The minimum option-len is 5 octets.
选项len 4+远程id字段的长度(以八位字节为单位)。最小选项len为5个八位字节。
enterprise-number The vendor's registered Enterprise Number as registered with IANA [5].
企业编号供应商在IANA注册的注册企业编号[5]。
remote-id The opaque value for the remote-id.
remote id远程id的不透明值。
The definition of the remote-id carried in this option is vendor specific. The vendor is indicated in the enterprise-number field. The remote-id field may be used to encode, for instance:
此选项中包含的远程id的定义是特定于供应商的。供应商在“企业编号”字段中指明。远程id字段可用于编码,例如:
o a "caller ID" telephone number for dial-up connection o a "user name" prompted for by a Remote Access Server o a remote caller ATM address o a "modem ID" of a cable data modem o the remote IP address of a point-to-point link o a remote X.25 address for X.25 connections o an interface or port identifier
o 用于拨号连接的“呼叫者ID”电话号码o远程访问服务器提示的“用户名”o远程呼叫者ATM地址o电缆数据调制解调器的“调制解调器ID”o点到点链路的远程IP地址o用于X.25连接的远程X.25地址o接口或端口标识符
Each vendor must ensure that the remote-id is unique for its enterprise-number, as the octet sequence of enterprise-number followed by remote-id must be globally unique. One way to achieve uniqueness might be to include the relay agent's DHCP Unique Identifier (DUID) [1] in the remote-id.
每个供应商必须确保远程id对于其企业编号是唯一的,因为企业编号的八位字节序列后跟远程id必须是全局唯一的。实现唯一性的一种方法可能是在远程id中包含中继代理的DHCP唯一标识符(DUID)[1]。
DHCPv6 relay agents may be configured to include a Remote-ID option in relayed (RELAY-FORW) DHCPv6 messages.
DHCPv6中继代理可以配置为在中继(relay-FORW)DHCPv6消息中包括远程ID选项。
This option provides additional information to the DHCPv6 server. The DHCPv6 server, if it is configured to support this option, may use this information to select parameters specific to particular users, hosts, or subscriber modems. The combined enterprise-number and remote-id SHOULD be considered an opaque value, with policies based on exact string match only; that is, the remote-id field SHOULD NOT be internally parsed by the server.
此选项向DHCPv6服务器提供附加信息。如果DHCPv6服务器配置为支持此选项,则可以使用此信息选择特定于特定用户、主机或订户调制解调器的参数。组合的企业编号和远程id应视为不透明值,策略仅基于精确的字符串匹配;也就是说,服务器不应在内部解析远程id字段。
There is no requirement that a server return this option and its data in a RELAY-REPLY message.
不要求服务器在中继回复消息中返回此选项及其数据。
See [1] section 21.1, on securing DHCPv6 messages sent between servers and relay agents, and section 23, on general DHCPv6 security considerations. [2] discusses how this information can be used to enhance trust in some environments.
参见[1]第21.1节,关于保护服务器和中继代理之间发送的DHCPv6消息,以及第23节,关于一般DHCPv6安全注意事项。[2] 讨论如何在某些环境中使用此信息增强信任。
Note that even if the DHCP server trusts the relay agent not to modify information provided in this option, the confidence in that information is no higher than the confidence that the relay agent has in the information it puts in the option. For example, in some protocols it may be possible for a DHCP client to spoof or otherwise choose port identifiers, caller ID information, or other information carried in this option. Sites should consider such possible spoofing and how likely it is in their environment when deciding what uses of this option are appropriate.
请注意,即使DHCP服务器信任中继代理不修改此选项中提供的信息,该信息的可信度也不高于中继代理对其放入选项中的信息的可信度。例如,在某些协议中,DHCP客户端可能会欺骗或以其他方式选择端口标识符、呼叫方ID信息或此选项中包含的其他信息。网站应该考虑这种可能的欺骗行为,以及在决定该选项的使用情况是否合适时,环境欺骗的可能性。
IANA has assigned the DHCPv6 option code 37 for the Relay Agent Remote-ID Option.
IANA已为中继代理远程ID选项分配DHCPv6选项代码37。
Thanks to Michael Patrick for [2], from which I've liberally borrowed text.
感谢Michael Patrick的[2],我从中大量借用了文本。
[1] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003.
[1] Droms,R.,Bound,J.,Volz,B.,Lemon,T.,Perkins,C.,和M.Carney,“IPv6的动态主机配置协议(DHCPv6)”,RFC3315,2003年7月。
[2] Patrick, M., "DHCP Relay Agent Information Option", RFC 3046, January 2001.
[2] Patrick,M.,“DHCP中继代理信息选项”,RFC 3046,2001年1月。
[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[3] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[4] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003.
[4] Troan,O.和R.Droms,“动态主机配置协议(DHCP)版本6的IPv6前缀选项”,RFC 3633,2003年12月。
[5] IANA, "Private Enterprise Numbers", <http://www.iana.org/assignments/enterprise-numbers>.
[5] IANA,“私营企业编号”<http://www.iana.org/assignments/enterprise-numbers>.
Author's Address
作者地址
Bernard Volz Cisco Systems, Inc. 1414 Massachusetts Ave. Boxborough, MA 01719 USA
伯纳德·沃兹思科系统公司,美国马萨诸塞州博克斯伯勒马萨诸塞大道1414号,邮编01719
Phone: +1 978 936 0382
EMail: volz@cisco.com
Phone: +1 978 936 0382
EMail: volz@cisco.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).
RFC编辑器功能的资金由IETF行政支持活动(IASA)提供。