Internet Engineering Task Force (IETF) J. Korhonen, Ed. Request for Comments: 6603 Nokia Siemens Networks Updates: 3633 T. Savolainen Category: Standards Track Nokia ISSN: 2070-1721 S. Krishnan Ericsson O. Troan Cisco Systems, Inc May 2012
Internet Engineering Task Force (IETF) J. Korhonen, Ed. Request for Comments: 6603 Nokia Siemens Networks Updates: 3633 T. Savolainen Category: Standards Track Nokia ISSN: 2070-1721 S. Krishnan Ericsson O. Troan Cisco Systems, Inc May 2012
Prefix Exclude Option for DHCPv6-based Prefix Delegation
基于DHCPv6的前缀委派的前缀排除选项
Abstract
摘要
This specification defines an optional mechanism to allow exclusion of one specific prefix from a delegated prefix set when using DHCPv6-based prefix delegation. The new mechanism updates RFC 3633.
本规范定义了一种可选机制,允许在使用基于DHCPv6的前缀委派时从委派前缀集中排除一个特定前缀。新机制更新了RFC3633。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6603.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6603.
Copyright Notice
版权公告
Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2012 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2 2. Requirements and Terminology ....................................2 3. Problem Background ..............................................3 4. Solution ........................................................3 4.1. Prefix Delegation with Excluded Prefixes ...................3 4.2. Prefix Exclude Option ......................................4 5. Delegating Router Solicitation ..................................6 5.1. Requesting Router ..........................................6 5.2. Delegating Router ..........................................6 6. Requesting Router Initiated Prefix Delegation ...................7 6.1. Requesting Router ..........................................7 6.2. Delegating Router ..........................................8 7. Security Considerations .........................................8 8. IANA Considerations .............................................8 9. Acknowledgements ................................................8 10. References .....................................................9 10.1. Normative References ......................................9 10.2. Informative References ....................................9
1. Introduction ....................................................2 2. Requirements and Terminology ....................................2 3. Problem Background ..............................................3 4. Solution ........................................................3 4.1. Prefix Delegation with Excluded Prefixes ...................3 4.2. Prefix Exclude Option ......................................4 5. Delegating Router Solicitation ..................................6 5.1. Requesting Router ..........................................6 5.2. Delegating Router ..........................................6 6. Requesting Router Initiated Prefix Delegation ...................7 6.1. Requesting Router ..........................................7 6.2. Delegating Router ..........................................8 7. Security Considerations .........................................8 8. IANA Considerations .............................................8 9. Acknowledgements ................................................8 10. References .....................................................9 10.1. Normative References ......................................9 10.2. Informative References ....................................9
This specification defines an optional mechanism and the related DHCPv6 option to allow exclusion of one specific prefix from a delegated prefix set when using DHCPv6-based prefix delegation.
本规范定义了一种可选机制和相关的DHCPv6选项,以允许在使用基于DHCPv6的前缀委派时从委派前缀集中排除一个特定前缀。
The prefix exclusion mechanism is targeted at deployments where DHCPv6-based prefix delegation is used, but a single aggregated route/prefix has to represent one customer, instead of using one prefix for the link between the delegating router and the requesting router and another prefix for the customer network. The mechanism defined in this specification allows a delegating router to use a prefix out of the delegated prefix set on the link through which it exchanges DHCPv6 messages with the requesting router, and is intended for use in networks where each requesting router is on its own layer-2 domain.
前缀排除机制针对使用基于DHCPv6的前缀委派的部署,但单个聚合路由/前缀必须表示一个客户,而不是使用一个前缀表示委派路由器和请求路由器之间的链路,使用另一个前缀表示客户网络。本规范中定义的机制允许授权路由器使用链路上设置的授权前缀中的前缀,通过该前缀与请求路由器交换DHCPv6消息,并用于每个请求路由器位于其自己的第2层域的网络中。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
DHCPv6 Prefix Delegation (DHCPv6-PD) [RFC3633] has an explicit limitation described in Section 12.1 of [RFC3633] that a prefix delegated to a requesting router cannot be used by the delegating router. This restriction implies that the delegating router will have two (non-aggregatable) routes towards a customer: one for the link between the requesting router and the delegating router, and one for the customer site behind the requesting router.
DHCPv6前缀委派(DHCPv6 PD)[RFC3633]第12.1节中有一个明确的限制,即委派给请求路由器的前缀不能被委派路由器使用。此限制意味着授权路由器将有两条(不可聚合)通向客户的路由:一条用于请求路由器和授权路由器之间的链路,另一条用于请求路由器后面的客户站点。
There are architectures and link models where a host (e.g., a mobile router, also acting as a requesting router) always has a single (/64) prefix configured on its uplink interface and the delegating router is also the requesting router's first-hop router. Furthermore, it may be required that the prefix configured on the uplink interface has to be aggregatable with the delegated prefixes. This introduces a problem in how to use DHCPv6-PD together with stateless [RFC4862] or stateful [RFC3315] address autoconfiguration on a link where the /64 advertised is also part of the prefix delegated (e.g., /56) to the requesting router.
有一些架构和链路模型,其中主机(例如,移动路由器,也充当请求路由器)总是在其上行链路接口上配置单个(/64)前缀,并且委托路由器也是请求路由器的第一跳路由器。此外,可能需要在上行链路接口上配置的前缀必须能够与委托前缀聚合。这就带来了一个问题,即如何在链路上使用DHCPv6 PD和无状态[RFC4862]或有状态[RFC3315]地址自动配置,其中/64播发也是委托给请求路由器的前缀(例如,/56)的一部分。
This specification defines a new DHCPv6 option, OPTION_PD_EXCLUDE (67), that is used to exclude exactly one prefix from a delegated prefix. The OPTION_PD_EXCLUDE is included in the OPTION_IAPREFIX IAprefix-options field. There can be at most one OPTION_PD_EXCLUDE option in one OPTION_IAPREFIX option. The OPTION_PD_EXCLUDE option allows prefix delegation where a requesting router is delegated a prefix (e.g., /56) and the delegating router uses one prefix (e.g., /64) on the link through which it exchanges DHCPv6 messages with the requesting router with a prefix out of the same delegated prefix set.
本规范定义了一个新的DHCPv6选项option_PD_EXCLUDE(67),该选项用于从委托前缀中仅排除一个前缀。选项_PD_EXCLUDE包含在选项_iaprefixiaprefix options字段中。一个选项中最多可以有一个选项\u PD\u EXCLUDE选项。选项_PD_EXCLUDE选项允许前缀委派,其中请求路由器被委派一个前缀(例如,/56),并且委派路由器在链路上使用一个前缀(例如,/64),通过该前缀,它与请求路由器交换DHCPv6消息,并使用同一委派前缀集中的前缀。
A requesting router includes an OPTION_ORO option with the OPTION_PD_EXCLUDE option code in a Solicit, Request, Renew, or Rebind message to inform the delegating router about the support for the prefix delegation functionality defined in this specification. A delegating router may include the OPTION_PD_EXCLUDE option code in an OPTION_ORO option in a Reconfigure message to indicate that the requesting router should request OPTION_PD_EXCLUDE from the delegating router.
请求路由器在请求、请求、续订或重新绑定消息中包含带有选项“PD”排除选项代码的选项“ORO”选项,以告知委托路由器对本规范中定义的前缀委托功能的支持。委派路由器可在重新配置消息中的选项ORO选项中包含选项_PD _EXCLUDE选项代码,以指示请求路由器应从委派路由器请求选项_PD _EXCLUDE。
The delegating router includes the prefix in the OPTION_PD_EXCLUDE option that is excluded from the delegated prefix set. The requesting router MUST NOT assign the excluded prefix to any of its downstream interfaces.
委派路由器在选项_PD_EXCLUDE选项中包含从委派前缀集中排除的前缀。请求路由器不得将排除的前缀分配给其任何下游接口。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_PD_EXCLUDE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | prefix-len | IPv6 subnet ID (1 to 16 octets) ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_PD_EXCLUDE | option-len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | prefix-len | IPv6 subnet ID (1 to 16 octets) ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Prefix Exclude Option
前缀排除选项
o option-code: OPTION_PD_EXCLUDE (67).
o 选项代码:选项_PD _EXCLUDE(67)。
o option-len: 1 + length of IPv6 subnet ID in octets. A valid option-len is between 2 and 17.
o 选项len:1+IPv6子网ID的长度(以八位字节为单位)。有效选项len介于2和17之间。
o prefix-len: The length of the excluded prefix in bits. The prefix-len MUST be between 'OPTION_IAPREFIX prefix-length'+1 and 128.
o 前缀len:排除的前缀的长度(以位为单位)。前缀len必须介于“OPTION_IAPREFIX prefix length”+1和128之间。
o IPv6 subnet ID: A variable-length IPv6 subnet ID up to 128 bits.
o IPv6子网ID:长度可变的IPv6子网ID,最多128位。
The IPv6 subnet ID contains prefix-len minus 'OPTION_IAPREFIX prefix-length' bits extracted from the excluded prefix starting from the bit position 'OPTION_IAPREFIX prefix-length'. The extracted subnet ID MUST be left-shifted to start from a full octet boundary, i.e., left-shift of 'OPTION_IAPREFIX prefix-length' mod 8 bits. The subnet ID MUST be zero-padded to the next full octet boundary.
IPv6子网ID包含前缀len减去从位位置“OPTION_IAPREFIX prefix length”开始的排除前缀中提取的“OPTION_IAPREFIX prefix length”位。提取的子网ID必须左移,以从完整的八位字节边界开始,即“OPTION_IAPREFIX prefix length”mod 8位的左移。子网ID必须零填充到下一个完整的八位字节边界。
The encoding of the IPv6 subnet ID can be expressed in a C-like pseudocode as shown below:
IPv6子网ID的编码可以用类似C的伪代码表示,如下所示:
uint128_t p1; // the delegated IPv6 prefix uint128_t p2; // the excluded IPv6 prefix uint16_t a; // the OPTION_IAPREFIX prefix-length uint8_t b; // the excluded IPv6 prefix length uint8_t s;
uint128_t p1; // the delegated IPv6 prefix uint128_t p2; // the excluded IPv6 prefix uint16_t a; // the OPTION_IAPREFIX prefix-length uint8_t b; // the excluded IPv6 prefix length uint8_t s;
// sanity checks
//健康检查
s = 128-a; // size of non-prefix bits assert(b>a); // b must be at least a+1 assert(p1>>s == p2>>s); // p1 and p2 must share a common // prefix of 'a' bits
s = 128-a; // size of non-prefix bits assert(b>a); // b must be at least a+1 assert(p1>>s == p2>>s); // p1 and p2 must share a common // prefix of 'a' bits
// calculate the option content
//计算选项内容
uint16_t c = b-a-1; // the IPv6_subnet_ID_length-1 in bits uint16_t d = (c/8)+1; // the IPv6_subnet_ID_length in octets uint128_t p = p2<<a; // p is the IPv6 subnet ID that has the // common p1 prefix left-shifted out to // a full octet boundary (trailing bits // are zeroed)
uint16_t c = b-a-1; // the IPv6_subnet_ID_length-1 in bits uint16_t d = (c/8)+1; // the IPv6_subnet_ID_length in octets uint128_t p = p2<<a; // p is the IPv6 subnet ID that has the // common p1 prefix left-shifted out to // a full octet boundary (trailing bits // are zeroed)
// populate the option
//填充选项
uint8_t* id = &OPTION_PD_EXCLUDE.IPv6_subnet_ID; OPTION_PD_EXCLUDE.option_len = d+1; OPTION_PD_EXCLUDE.prefix_len = b;
uint8_t* id = &OPTION_PD_EXCLUDE.IPv6_subnet_ID; OPTION_PD_EXCLUDE.option_len = d+1; OPTION_PD_EXCLUDE.prefix_len = b;
while (d-- > 0) { *id++ = p>>120; p <<= 8; }
while (d-- > 0) { *id++ = p>>120; p <<= 8; }
The OPTION_PD_EXCLUDE option MUST only be included in the OPTION_IAPREFIX IAprefix-options [RFC3633] field.
选项_PD_EXCLUDE选项只能包含在选项_iaprefixiaprefix options[RFC3633]字段中。
Any prefix excluded from the delegated prefix MUST be contained in OPTION_PD_EXCLUDE options within the corresponding OPTION_IAPREFIX.
从委派前缀中排除的任何前缀必须包含在相应选项前缀中的选项\u PD\u EXCLUDE options中。
The prefix included in the OPTION_PD_EXCLUDE option shares the same preferred-lifetime and valid-lifetime as the delegated prefix in the encapsulating OPTION_IAPREFIX option.
包含在选项_PD_EXCLUDE选项中的前缀与封装选项_IAPREFIX选项中的委托前缀共享相同的首选生存期和有效生存期。
The prefix in the OPTION_PD_EXCLUDE option MUST be part of the delegated prefix in the OPTION_IAPREFIX. For example, the requesting
选项_PD_EXCLUDE选项中的前缀必须是选项_IAPREFIX中委托前缀的一部分。例如,请求
router has earlier been assigned a 2001:db8:dead:beef::/64 prefix by the delegating router, and the delegated prefix in the OPTION_IAPREFIX is 2001:db8:dead:bee0::/59. In this case, 2001:db8: dead:beef::/64 is a valid prefix to be used in the OPTION_PD_EXCLUDE option. The OPTION_PD_EXCLUDE option would be encoded as follows:
先前,授权路由器已为路由器分配了一个2001:db8:dead:beef::/64前缀,并且选项中的授权前缀是2001:db8:dead:beef0::/59。在本例中,2001:db8:dead:beef::/64是用于选项\u PD\u EXCLUDE选项的有效前缀。选项_PD_EXCLUDE选项的编码如下:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_PD_EXCLUDE | 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 64 |0|1|1|1|1|0|0|0| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ^ ^ | | | +- 3 zero-padded bits follow | +- using C syntax: 0xef << (59 % 8) Note: 59 mod 8 = 3
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | OPTION_PD_EXCLUDE | 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 64 |0|1|1|1|1|0|0|0| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ^ ^ | | | +- 3 zero-padded bits follow | +- using C syntax: 0xef << (59 % 8) Note: 59 mod 8 = 3
The requesting router locates and selects a delegating router in the same way as described in Section 11 [RFC3633]. This specification only describes the additional steps required by the use of the OPTION_PD_EXCLUDE option.
请求路由器以与第11节[RFC3633]所述相同的方式定位和选择委托路由器。本规范仅描述使用选项_PD_EXCLUDE选项所需的附加步骤。
If the requesting router implements the solution described in Section 4.1, then the requesting router SHOULD include the OPTION_PD_EXCLUDE option code in the OPTION_ORO option in Solicit messages.
如果请求路由器实现第4.1节中描述的解决方案,则请求路由器应在请求消息中的选项_ORO选项中包含选项_PD _EXCLUDE选项代码。
Once receiving Advertise message(s), the requesting router uses the prefix(es) received in OPTION_PD_EXCLUDE, in addition to the advertised prefixes, to choose the delegating router. The requesting router MUST proceed to the Prefix Delegation procedure described in Section 6.1. If the Advertise message did not include the OPTION_PD_EXCLUDE option, then the requesting router MUST fall back to normal behavior, as described in Section 11.1 of [RFC3633].
一旦接收到播发消息,请求路由器除了使用播发前缀外,还使用选项_PD_EXCLUDE中接收的前缀来选择委派路由器。请求路由器必须继续执行第6.1节中描述的前缀委派程序。如果播发消息不包括选项_PD_EXCLUDE选项,则请求路由器必须返回正常行为,如[RFC3633]第11.1节所述。
If the OPTION_ORO option in the Solicit message includes the OPTION_PD_EXCLUDE option code, then the delegating router knows that the requesting router supports the solution defined in this specification. If the Solicit message also contains an IA_PD option, the delegating router can delegate to the requesting router a prefix
如果请求消息中的选项_ORO选项包含选项_PD _EXCLUDE选项代码,则委托路由器知道请求路由器支持本规范中定义的解决方案。如果请求消息还包含IA_PD选项,则委托路由器可以将前缀委托给请求路由器
that includes the prefix already assigned to the requesting router's uplink interface. The delegating router includes the prefix originally, or to be, assigned to the requesting router in the OPTION_PD_EXCLUDE option within the OPTION_IAPREFIX IAprefix-option in the Advertise message.
包括已经分配给请求路由器的上行接口的前缀。委派路由器在播发消息的选项_IAPREFIX IAPREFIX选项中的选项_PD_EXCLUDE选项中包含最初分配给或将分配给请求路由器的前缀。
If the OPTION_ORO option in the Solicit message does not include the OPTION_PD_EXCLUDE option code, then the delegating router MUST fall back to normal behavior, as described in Section 11.2 of [RFC3633].
如果请求消息中的选项_ORO选项不包括选项_PD _EXCLUDE选项代码,则委托路由器必须恢复正常行为,如[RFC3633]第11.2节所述。
If the OPTION_ORO option in the Solicit message includes the OPTION_PD_EXCLUDE option code but the delegating router does not support the solution described in this specification, then the delegating router acts as specified in [RFC3633].
如果请求消息中的选项_ORO选项包含选项_PD _EXCLUDE选项代码,但委托路由器不支持本规范中描述的解决方案,则委托路由器按照[RFC3633]中的规定行事。
The procedures described in the following sections are aligned with Section 12 of [RFC3633]. In this specification, we only describe the additional steps required by the use of the OPTION_PD_EXCLUDE option.
以下章节中描述的程序与[RFC3633]第12节一致。在本规范中,我们仅描述使用选项_PD_EXCLUDE选项所需的附加步骤。
The requesting router behavior regarding the use of the OPTION_PD_EXCLUDE option is mostly identical to the steps described in Section 5.1, with the difference being the use of a DHCPv6 Request instead of an Solicit message. The requesting router SHOULD include the OPTION_PD_EXCLUDE option code in the OPTION_ORO option for DHCPv6 messages as described in Section 22.7 of [RFC3315]. The requesting router SHOULD include the OPTION_PD_EXCLUDE option code in the OPTION_ORO option for DHCPv6 messages as described in Section 22.7 of [RFC3315].
关于使用选项_PD_EXCLUDE选项的请求路由器行为与第5.1节中描述的步骤基本相同,区别在于使用DHCPv6请求而不是请求消息。如[RFC3315]第22.7节所述,请求路由器应在DHCPv6消息的选项ORO选项中包含选项_PD _EXCLUDE选项代码。如[RFC3315]第22.7节所述,请求路由器应在DHCPv6消息的选项ORO选项中包含选项_PD _EXCLUDE选项代码。
The requesting router uses a Release message to return the delegated prefix(es) to a delegating router. The prefix(es) to be released MUST be included in the IA_PDs along with the excluded prefix included in the OPTION_PD_EXCLUDE option. The requesting router MUST NOT use the OPTION_PD_EXCLUDE option to introduce an additional excluded prefix in the Release message for which it originally got a valid binding.
请求路由器使用释放消息将委派前缀返回给委派路由器。要发布的前缀必须与选项_PD_EXCLUDE选项中包含的排除前缀一起包含在IA_PDs中。请求路由器不得使用选项_PD _EXCLUDE选项在其最初获得有效绑定的发布消息中引入额外的排除前缀。
The requesting router must create sink routes for the delegated prefixes, minus the excluded prefixes. This may be done by creating sink routes for delegated prefixes and more specific routes for the excluded prefixes.
请求路由器必须为委派的前缀(减去排除的前缀)创建接收器路由。这可以通过为委派前缀创建接收器路由和为排除的前缀创建更具体的路由来实现。
The delegating router behavior regarding the use of the OPTION_PD_EXCLUDE option is more or less identical to the step described in Section 5.2. The only difference is the DHCPv6 messages used to carry the OPTION_PD_EXCLUDE option.
关于使用选项_PD_EXCLUDE选项的委托路由器行为或多或少与第5.2节中描述的步骤相同。唯一的区别是DHCPv6消息用于携带选项_PD_EXCLUDE选项。
The delegating router may mark any prefix(es) in the IA_PD Prefix options in a Release message from a requesting router as 'available', excluding the prefix included in the OPTION_PD_EXCLUDE options. If the Release message contains a 'new' excluded prefix in any OPTION_PD_EXCLUDE option, the delegating router MUST send a Reply message with the Status Code set to NoBinding for that IA_PD option.
授权路由器可以将来自请求路由器的释放消息中的IA_PD prefix选项中的任何前缀标记为“可用”,不包括包含在选项_PD_EXCLUDE选项中的前缀。如果释放消息在任何选项\u PD\u EXCLUDE选项中包含“new”excluded前缀,则授权路由器必须发送一条回复消息,该消息的状态代码设置为NoBinding(无绑定)。
Security considerations for DHCPv6 are described in Section 23 of [RFC3315]. For DHCPv6 Prefix Delegation, they are described in Section 15 of [RFC3633]. In particular, RFC 3633 provides recommendations for protection against prefix delegation attacks. This specification does not add any new security considerations beyond those provided by RFC 3633.
[RFC3315]第23节描述了DHCPv6的安全注意事项。对于DHCPv6前缀委托,请参见[RFC3633]第15节。特别是,RFC3633提供了防止前缀委派攻击的建议。除RFC 3633提供的安全注意事项外,本规范未添加任何新的安全注意事项。
A new DHCPv6 Option Code has been reserved from the "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)" registry for DHCP Option Codes.
已从“IPv6动态主机配置协议(DHCPv6)”注册表中为DHCP选项代码保留了新的DHCPv6选项代码。
OPTION_PD_EXCLUDE (67)
选项_PD_排除(67)
The authors would like to thank Ralph Droms, Frank Brockners, Ted Lemon, Julien Laganier, Fredrik Garneij, Sri Gundavelli, Mikael Abrahamsson, Behcet Sarikaya, Jyrki Soini, Deng Hui, Stephen Jacob, Hemant Singh, Gaurav Halwasia, Lorenzo Colitti, and Tomasz Mrugalski for their valuable comments and discussions.
作者要感谢拉尔夫·德罗姆斯、弗兰克·布罗克内斯、特德·莱蒙、朱利安·拉加尼尔、弗雷德里克·加内伊、斯里·冈达维利、米凯尔·阿布拉罕松、贝塞特·萨里卡亚、杰尔基·索尼尼、邓晖、斯蒂芬·雅各布、赫曼特·辛格、戈拉夫·哈尔瓦西亚、洛伦佐·科利蒂和托马斯·姆鲁加尔斯基的宝贵评论和讨论。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3315]Droms,R.,Ed.,Bound,J.,Volz,B.,Lemon,T.,Perkins,C.,和M.Carney,“IPv6的动态主机配置协议(DHCPv6)”,RFC3315,2003年7月。
[RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003.
[RFC3633]Troan,O.和R.Droms,“动态主机配置协议(DHCP)版本6的IPv6前缀选项”,RFC 3633,2003年12月。
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, September 2007.
[RFC4862]Thomson,S.,Narten,T.,和T.Jinmei,“IPv6无状态地址自动配置”,RFC 48622007年9月。
Authors' Addresses
作者地址
Jouni Korhonen (editor) Nokia Siemens Networks Linnoitustie 6 FI-02600 Espoo Finland
Jouni Korhonen(编辑)诺基亚西门子网络公司Linnoitustie 6 FI-02600 Espoo芬兰
EMail: jouni.nospam@gmail.com
EMail: jouni.nospam@gmail.com
Teemu Savolainen Nokia Hermiankatu 12 D FI-33720 Tampere Finland
Teemu Savolainen诺基亚Hermiankatu 12 D FI-33720坦佩雷芬兰
EMail: teemu.savolainen@nokia.com
EMail: teemu.savolainen@nokia.com
Suresh Krishnan Ericsson 8400 Decarie Blvd. Town of Mount Royal, QC Canada
苏雷什·克里希南·爱立信德卡里大道8400号。加拿大皇家山镇
EMail: suresh.krishnan@ericsson.com
EMail: suresh.krishnan@ericsson.com
Ole Troan Cisco Systems, Inc Oslo Norway
挪威奥斯陆Ole Troan思科系统公司
EMail: ot@cisco.com
EMail: ot@cisco.com