Lightweight DHCPv6 Relay Agent
RFC 6221

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>,
    dhc mailing list <dhcwg@ietf.org>,
    dhc chair <dhc-chairs@tools.ietf.org>
Subject: Protocol Action: 'Lightweight DHCPv6 Relay Agent' to Proposed Standard (draft-ietf-dhc-dhcpv6-ldra-03.txt)

The IESG has approved the following document:
- 'Lightweight DHCPv6 Relay Agent'
  (draft-ietf-dhc-dhcpv6-ldra-03.txt) as a Proposed Standard

This document is the product of the Dynamic Host Configuration Working
Group.

The IESG contact persons are Ralph Droms and Jari Arkko.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-dhc-dhcpv6-ldra/


Technical Summary

	This document proposes a Lightweight DHCPv6 Relay Agent (LDRA)
	that is used to insert relay agent options in DHCPv6 message
	exchanges identifying client-facing interfaces.  The LDRA can
	be implemented in existing access nodes (such as DSLAMs and
	Ethernet switches) that do not support IPv6 control or routing
	functions.

Working Group Summary

	This document appeared in the working group at the end of
	2008.  There has been substantial interest in this document.

Document Quality

	The document has undergone careful review, and the working
	group is satisfied with its quality.

Personnel
 
        The document shepherd is Ted Lemon <mellon@nominum.com>.  Ralph
        Droms <rdroms.ietf@gmail.com> is the Responsible AD.

RFC Editor Note

In section 4, change "must" to "MUST":

OLD:

   DHCP server implementations conforming to this specification must,

NEW:

   DHCP server implementations conforming to this specification MUST,


* Section 5.1

OLD:
   The Relay-Forward message contains relay agent parameters that
   identify the client-facing interface on which any reply messages
   should be forwarded.  These parameters are link-address, peer-address
   and Interface-ID.  The link-address parameter MUST be set to the
   unspecified address.  The Interface-ID Relay Agent Option MUST be
   included in the Relay-Forward message.  The LDRA MAY insert
   additional relay agent options.


NEW:
   The Relay-Forward message contains relay agent parameters that
   identify the client-facing interface on which any reply messages
   should be forwarded.  These parameters are link-address, peer-address
   and Interface-ID.  The link-address parameter MUST be set to the
   unspecified address.  The peer-address parameter MUST be set as
   specified in Section 6.1. The Interface-ID Relay Agent Option MUST be
   included in the Relay-Forward message.  The LDRA MAY insert
   additional relay agent options.

* Section 6.1

OLD:
   When a DHCPv6 message (defined in [RFC3315]) is received on any
   client-facing interface, the LDRA MUST intercept and process the
   message.  The LDRA MUST also prevent the original message from being
   forwarded on the network facing interface.


NEW:

   The LDRA MUST intercept and process all IP traffic received on any
   client-facing interface that has:

   o  destination IP address set to All_DHCP_Relay_Agents_and_Servers
      (FF02::1:2);

   o  protocol type UDP; and

   o  destination port 547

   The LDRA MUST also prevent the original message from being
   forwarded on the network facing interface.

* Section 7

OLD:
   The LDRA intercepts any DHCPv6 message received on client-facing
   interfaces with a destination IP address of
   All_DHCP_Relay_Agents_and_Servers (FF02::1:2).  The LDRA MUST NOT
   forward the original client message to a network-facing interface, it
   MUST process the message and add the appropriate Relay-Forward
   options as described in previous sections.

NEW:
   The LDRA intercepts any DHCPv6 message received on client-facing
   interfaces with the traffic pattern specified in Section 6.1.
   The LDRA MUST NOT forward the original client message to a
   network-facing interface, it MUST process the message and add the
   appropriate Relay-Forward options as described in previous sections.

* Security Considerations

OLD:
   Although the LDRA only listens to client-originated IPv6 traffic sent
   to the All_DHCPv6_Servers_and_Relay_Agents address on UDP port 547,
   the LDRA SHOULD implement some form of rate-limiting on received
   messages to prevent excessive process utilisation.  As DHCP is
   session-oriented, messages in excess of the rate-limit may be
   silently discarded.

NEW:
   The security issues pertaining to DHCPv6 relay agents as specified in
   Section 23 of [RFC3315] are also applicable to LDRAs. Although the
   LDRA only listens to client-originated IPv6 traffic sent
   to the All_DHCPv6_Servers_and_Relay_Agents address on UDP port 547,
   the LDRA SHOULD implement some form of rate-limiting on received
   messages to prevent excessive process utilisation.  As DHCP is
   session-oriented, messages in excess of the rate-limit may be
   silently discarded.