Internet Engineering Task Force Jun-ichiro itojun Hagino
INTERNET-DRAFT IIJ Research Laboratory
Expires: January 13, 2001 Kazu YAMAMOTO
IIJ Research Laboratory
July 13, 2000
A RADIUS attribute for IPv6 dialup PPP with static address assignment
draft-itojun-ipv6-dialup-radius-00.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups
may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than as ``work in progress.''
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Distribution of this memo is unlimited.
The internet-draft will expire in 6 months. The date of expiration will
be January 13, 2001.
Abstract
The memo defines RADIUS [Rigney, 2000] attribute for supporting IPv6
dialup PPP with static address assignment.
1. Usage model
In this document we cover the following cases in IPv6 dialup PPP
operation. No other cases are addressed in the document. Please refer
to [Hagino, 2000] for more about requirements in/categorization of IPv6
dialup PPP operation,
o The downstream customer is a "static client", i.e. their computers
does not change the geographical location.
o Address space is statically assigned to the downstream customer. In
this document, we assume that we have assigned 3ffe:0501:ffff::/48 to
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 1]
DRAFT Radius for IPv6 dialup PPP July 2000
the downstream customer.
o The /48 Address space is assigned for the network cloud behind the
customer router. It should be noted that ISP router will have no idea
about the network topology in the customer site. In the following
diagram, Lx denotes an IPv6 link-local address, and Gx denotes an IPv6
global address.
ISP router --- RADIUS server
|La
| ppp link
|Lb
Customer router
|Gb
(((3ffe:0501:ffff::/48 cloud)))
o Routing can be statically configured, or dynamic routing protocol like
RIPng [Malkin, 1997] should be used.
o We carry IPv6 packets using IPv6 PPP [Haskin, 1998] . No IPv6-over-
IPv4 tunnelling is used.
o IPv4 PPP address allocation issue is outside of the scope of the
document. We can safely ignore it without loss of generality, thanks
to multiprotocol nature of PPP.
2. RADIUS attribute for carrying IPv6 address space information
To exchange the information about customer IPv6 address space between
the ISP router and RADIUS server, we need a common RADIUS attribute for
IPv6 address space. The attribute is defined as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | MUST BE ZERO | Prefixlen |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 address prefix |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 address prefix (cont'd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 address prefix (cont'd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 address prefix (cont'd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
o Type: TBD
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 2]
DRAFT Radius for IPv6 dialup PPP July 2000
o Length: 20
o Prefixlen: IPv6 prefix length for the IPv6 address space. Between 0
to 128 (in decimal). For normal use, 48 (in decimal).
o IPv6 address prefix: Binary representation of IPv6 address, in network
byte order. Bits outside of prefix length must be zero.
For example, if we exchange "3ffe:0501:ffff::/48" with it, the attribute
will look like follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | 20 | 0x00 | 48 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x3f 0xfe 0x05 0x01 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0xff 0xff 0x00 0x00 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x00 0x00 0x00 0x00 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x00 0x00 0x00 0x00 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
3. Scenario
3.1. Contract
The ISP and the downstream customer will sign a IPv6 dialup PPP
contract. The ISP will assign the downstream customer a global IPv6
address space. The ISP will inform the downstream customer of the
following items:
o The phone number which the customer should dial (the number reaches
ISP router), and
o The global IPv6 address space (3ffe:0501:ffff::/48).
The customer and ISP will exchange PPP authentication information in
secrecy.
3.2. ISP configuration
The ISP will put the following information into RADIUS database.
o Account name of the user (which is the key for looking up RADIUS
database),
o PPP authentication information, and
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 3]
DRAFT Radius for IPv6 dialup PPP July 2000
o The global IPv6 address space assigned to the customer
(3ffe:0501:ffff::/48).
3.3. Customer site configuration
The customer will configure the customer site using the address space
assigned. Customer installs default routing entry toward the ISP
router.
ISP router --- RADIUS server
.La
.
. ^ default route
|Lb |
Customer router
|Gb
(((3ffe:0501:ffff::/48 cloud)))
3.4. Establishing a PPP connection
On PPP link establishment, the following events would happen.
o The customer router calls up the ISP router.
o The customer router authenticates itself to the ISP router. The ISP
router contacts RADIUS server for authentication information, to check
if the user is legitimate.
o If the user is found to be legitimate, the PPP link will be
established between the routers. IPV6CP [Haskin, 1998] is used to
avoid duplicated link-local address on the PPP link.
o The ISP router will grab information on IPv6 address space from RADIUS
database (NOTE: the ISP router can grab the authentiation information
and the IPv6 address space information, in a single query).
If we use static routing the ISP router is configured with a routing
entry for the address space, pointing to the customer router. ISP
router advertises the routing information to the ISP backbone, if
necessary.
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 4]
DRAFT Radius for IPv6 dialup PPP July 2000
ISP router --- RADIUS server
|La |
| v 3ffe:0501:ffff::/48
|
| ^ default route
|Lb |
Customer router
|Gb
(((3ffe:0501:ffff::/48 cloud)))
If we use dynamic routing, instead of configuring a static routing
entry, the ISP router is configured to accept legitimate IPv6 routing
announcements (that is, 3ffe:0501:ffff::/48) from the customer router.
The ISP router advertises default route, and possibly more specific
routes, to the customer router. The customer router will advertise
3ffe:0501:ffff::/48 to the ISP router (NOTE: the IPv6 address prefix is
pre-configured to the customer router. The customer router knows the
prefix as the ISP gave the information at the contract time).
3.5. Tearing down
On PPP link disconnection, the following events would happen.
o The customer router, or the ISP router, wishes to disconnect the PPP
connection.
o PPP link will be teared down using normal PPP disconnection procedure.
o The ISP router removes the routing entry for the global IPv6 address
space for the customer.
4. Discussions
It is possible to use the proposed attribute for non-dialup IPv6 PPP
connections, to ease management in the ISP side.
It is possible to define the proposed RADIUS attribute as a vendor-type
attribute under "Vendor-Specific" type (26). The authors are not sure
which is the way to go.
5. Security considerations
The document talks about no security issues.
References
Rigney, 2000.
C. Rigney, S. Willens, A. Rubens, and W. Simpson, "Remote Authentication
Dial In User Service (RADIUS)" in RFC2865 (June 2000).
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 5]
DRAFT Radius for IPv6 dialup PPP July 2000
ftp://ftp.isi.edu/in-notes/rfc2865.txt.
Hagino, 2000.
Jun-ichiro Hagino, "Requirements for IPv6 dialup PPP operation" in
draft-itojun-ipv6-dialup-requirement-00.txt (July 2000). work in
progress material.
Malkin, 1997.
G. Malkin and R. Minnear, "RIPng for IPv6" in RFC2080 (January 1997).
ftp://ftp.isi.edu/in-notes/rfc2080.txt.
Haskin, 1998.
D. Haskin and E. Allen, "IP Version 6 over PPP" in RFC2472 (December
1998). ftp://ftp.isi.edu/in-notes/rfc2472.txt.
Change history
None.
Acknowledgements
(to be filled)
Author's address
Jun-ichiro itojun HAGINO
Research Laboratory, Internet Initiative Japan Inc.
Takebashi Yasuda Bldg.,
3-13 Kanda Nishiki-cho,
Chiyoda-ku,Tokyo 101-0054, JAPAN
Tel: +81-3-5259-6350
Fax: +81-3-5259-6351
Email: itojun@iijlab.net
Kazu YAMAMOTO
Research Laboratory, Internet Initiative Japan Inc.
(for postal address, see above)
Email: kazu@iijlab.net
HAGINO and YAMAMOTO Expires: January 13, 2001 [Page 6]