Autonomic IPv6 Edge Prefix
Management in Large-scale NetworksHuawei Technologies Co., LtdQ14, Huawei Campus, No.156 Beiqing RoadHai-Dian District, Beijing, 100095P.R. Chinajiangsheng@huawei.comHuawei Technologies Co., LtdQ14, Huawei Campus, No.156 Beiqing RoadHai-Dian District, Beijing, 100095P.R. Chinaduzongpeng@huawei.comDepartment of Computer ScienceUniversity of AucklandPB 92019Auckland1142New Zealandbrian.e.carpenter@gmail.comChina TelecomNo.118, Xizhimennei StreetBeijing100035P. R. Chinasunqiong@ctbri.com.cn
Operations and Management
ANIMA WGAutonomic Networking, Prefix ManagementThis document describes an autonomic solution for IPv6 prefix
management at the edge of large-scale ISP networks. An important purpose
of the document is to use it for validation of the design of various
components of the autonomic networking infrastructure.This document proposes an autonomic solution for IPv6 prefix
management in large-scale networks. The background to Autonomic
Networking (AN) is described in and . A generic autonomic signaling protocol (GRASP)
is specified by and would be
used by the proposed autonomic prefix management solution. An important
purpose of the present document is to use it for validation of the
design of GRASP and other components of the autonomic networking
infrastructure described in .This document is not intended to solve all cases of IPv6 prefix
management. In fact, it assumes that the network's main infrastructure
elements already have addresses and prefixes. The document is dedicated
to how to make IPv6 prefix management at the edges of large-scale
networks as autonomic as possible. It is specifically written for
service provider (ISP) networks. Although there are similarities between
ISPs and large enterprise networks, the requirements for the two use
cases differ.However, the solution is designed in a general way. Its use for a
broader scope than edge prefixes, including some or all infrastructure
prefixes, is left for future discussion.Note in draft: This version is preliminary. In particular, many
design details may be subject to change until the Anima specifications
become agreed.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
when they appear in ALL CAPS. When these words
are not in ALL CAPS (such as "should" or "Should"), they have their
usual English meanings, and are not to be interpreted as key words.This document uses terminology defined in .The autonomic networking use case considered here is autonomic IPv6
prefix management at the edge of large-scale ISP networks.Although DHCPv6 Prefix Delegation
supports automated delegation of IPv6 prefixes from one router to
another, prefix management is still largely depending on human planning.
In other words, there is no basic information or policy to support
autonomic decisions on the prefix length that each router should request
or be delegated, according to its role in the network. Roles could be
locally defined or could be generic (edge router, interior router,
etc.). Furthermore, IPv6 prefix management by humans tends to be rigid
and static after initial planning.The problem to be solved by autonomic networking is how to
dynamically manage IPv6 address space in large-scale networks, so that
IPv6 addresses can be used efficiently. Here, we limit the problem to
assignment of prefixes at the edge of the network, close to access
routers that support individual fixed-line subscribers, mobile
customers, and corporate customers. We assume that the core
infrastructure of the network has already been established with
appropriately assigned prefixes. The AN approach discussed in this
document is based on the assumption that there is a generic discovery
and negotiation protocol that enables direct negotiation between
intelligent IP routers. GRASP is intended to be such a
protocol.The intended experience is, for the administrator(s) of a
large-scale network, that the management of IPv6 address space at the
edge of the network can be run with minimum efforts, as devices at the
edge are added and removed and as customers of all kinds join and
leave the network. In the ideal scenario, the administrator(s) only
have to specify a single IPv6 prefix for the whole network and the
initial prefix length for each device role. As far as users are
concerned, IPv6 prefix assignment would occur exactly as it does in
any other network.The actual prefix usage needs to be logged for potential offline
management operations including audit and security incident
tracing.For specific purposes of address management, a few parameters are
involved on each edge device (some of them can be pre-configured
before they are connected). They include:Identity, authentication and authorization of this device. This
is expected to use the autonomic networking secure bootstrap
process , following
which the device could safely take part in autonomic
operations.Role of this device.An IPv6 prefix length for this device.An IPv6 prefix that is assigned to this device and its
downstream devices.A few parameters are involved in the network as a whole. They
are:Identity of a trust anchor, which is a certification authority
(CA) maintained by the network administrator(s), used during the
secure bootstrap process.Total IPv6 address space available for edge devices. It is one
(or several) IPv6 prefix(es).The initial prefix length for each device role.This section identifies those of the above parameters that do not
need external information in order for the devices concerned to set
them to a reasonable value after bootstrap or after a network
disruption. There are few of these:Role of this device.Default IPv6 prefix length for this device.Identity of this device.The device may be shipped from the manufacturer with
pre-configured role and default prefix length, which could be
modified by an autonomic mechanism.This section identifies those parameters that might need operational
input in order for the devices concerned
to set them to a non-default value.Non-default value for the IPv6 prefix length for this device.
This needs to be decided based on the role of this device.The initial prefix length for each device role.Whether to allow the device to request more address space.The policy when to request more address space, for example,
if the address usage reaches a certain limit or percentage.This section briefly compares the above use case with current
solutions. Currently, the address management is still largely
dependent on human planning. It is rigid and static after initial
planning. Address requests will fail if the configured address space
is used up.Some autonomic and dynamic address management functions may be
achievable by extending the existing protocols, for example,
extending DHCPv6-PD to request IPv6 prefixes according to the device
role. However, defining uniform device roles may not be a practical
task. Some functions are not suitable to be achieved by any existing
protocols.Using a generic autonomic discovery and negotiation protocol
instead of specific solutions has the advantage that additional
parameters can be included in the autonomic solution without
creating new mechanisms. This is the principal argument for a
generic approach.This section identifies those of the above parameters that need
external information from neighbor devices (including the upstream
devices). In many cases, two-way dialogue with neighbor devices is
needed to set or optimize them.Identity of a trust anchor.The device will need to discover a device, from which it can
acquire IPv6 address space.The initial prefix length for each device role, particularly
for its own downstream devices.The default value of the IPv6 prefix length may be overridden
by a non-default value.The device will need to request and acquire IPv6 prefix that
is assigned to this device and its downstream devices.The device may respond to prefix delegation request from its
downstream devices.The device may require to be assigned more IPv6 address
space, if it used up its assigned IPv6 address space.This section discusses what role devices should play in
monitoring, fault diagnosis, and reporting.The actual address assignments need to be logged for the
potential offline management operations.In general, the usage situation of address space should be
reported to the network administrators, in an abstract way, for
example, statistics or visualized report.A forecast of address exhaustion should be reported.This section introduces an autonomic edge prefix management solution.
It uses the generic discovery and negotiation protocol defined by . The relevant options are defined
in .The procedures described below are carried out by an Autonomic
Service Agent (ASA) in each device that participates in the solution. We
will refer to this as the PrefixManager ASA.If the device containing an PrefixManager ASA has used up its
address pool, it can request more space according to its requirements.
It should decide the length of the requested prefix by the
mechanism described in .An PrefixManager ASA that needs additional address space should
firstly discover peers that may be able to provide extra address
space. The ASA should send out a GRASP Discovery message that contains
an PrefixManager Objective option in order to discover peers also
supporting that option. Then it should choose one such peer, most
likely the first to respond.If the GRASP discovery Response message carries a divert option
pointing to an off-link PrefixManager ASA, the requesting ASA may
initiate negotiation with that ASA diverted device to find out whether
it can provide the requested length prefix.In any case, the requesting ASA will act as a GRASP negotiation
initiator by sending a GRASP Request message with an PrefixManager
Objective option. The ASA indicates in this option both the length of
the requested prefix and whether the ASA supports the DHCPv6 Prefix
Delegation (PD) function . This starts a
GRASP negotiation process.During the subsequent negotiation, the ASA will decide at each step
whether to accept the offered prefix. That decision, and the decision
to end negotiation, is an implementation choice.The ASA could alternatively initiate rapid mode GRASP discovery
with an embedded negotiation request, if it is implemented.A device that receives a Discovery message with an PrefixManager
Objective option should respond with a GRASP Response message if it
contains an PrefixManager ASA. Further details of the discovery
process are described in .
When this ASA receives a subsequent Request message it should conduct
a GRASP negotiation sequence, using Negotiate, Confirm-waiting, and
Negotiation-ending messages as appropriate. The Negotiate messages
carry an PrefixManager Objective option. This will indicate whether
the sending device supports the PD function. More importantly, it will
indicate the prefix and its length offered to the requesting ASA. As
described in , negotiation
will continue until either end stops it with a Negotiation-ending
message. If the negotiation succeeds, the prefix providing ASA will
remove the negotiated prefix from its pool, and the requesting ASA
will add it. If the negotiation fails, the party sending the
Negotiation-ending message may include an error code string.During the negotiation, the ASA will decide at each step how large
a prefix to offer. That decision, and the decision to end negotiation,
is an implementation choice.The ASA could alternatively negotiate in response to rapid mode
GRASP discovery, if it is implemented.This specification is independent of whether the PrefixManager ASAs
are all embedded in routers, but that would be a rather natural
scenario. A gateway router in a hierarchical network topology normally
provides prefixes for routers within its subnet, and it is likely to
contain the first PrefixManager ASA discovered by its downstream
routers. However, the GRASP discovery model, including its Redirect
feature, means that this is not an exclusive scenario, and a
downstream PrefixManager ASA could negotiate a new prefix with a
router other than its upstream router.A resource shortage may cause the gateway router to request more
resource in turn from its own upstream device. This would be another
independent GRASP discovery and negotiation process. During the
processing time, the gateway router should send a Confirm-waiting
Message to the initial requesting router, to extend its timeout. When
the new resource becomes available, the gateway router responds with a
GRASP Negotiate message with a prefix length matching the request.The algorithm to choose which prefixes to assign on the prefix
providing devices is an implementation choice.Upon receiving a GRASP Negotiation-ending message that indicates
that an acceptable prefix length is available, the requesting device
may request the prefix using DHCPv6 PD, if both ASAs have indicated
that they are within a device that supports PD. Otherwise, it is
permissible for the initiating ASA to use the negotiated prefix
without further messages.[Author's note: It is not intended to undermine DHCPv6 PD. But in
fact, if PD is not supported and the GRASP negotiation has succeeded,
there should be no problem with this and it seems consistent as a
solution.]Within the autonomic prefix management, all the prefix assignment
is done by devices without human intervention. It is therefore
important to record all the prefix assignment history. However, the
logging and reporting process is out of scope for this
specification.This section defines the GRASP options that are used to support
autonomic prefix management.The PrefixManager Objective option is a GRASP objective option
conforming to . Its name is
"PrefixManager" (see ) and it carries up to
three data items as its value: the PD support flag, the prefix length,
and the actual prefix bits. The format of the PrefixManager Objective
option is described as follows in CBOR data definition language (CDDL)
:An implementation of a prefix manager MUST include default settings of
all necessary parameters. However, within a single administrative domain, the
network operator MAY change default parameters for all devices with a certain role.
Thus it would be possible to apply an intended policy for every device in a simple way,
without traditional configuration files.For example, the network operator could change the default prefix
length for each type of role. A prefix management parameters objective, which contains
mapping information of device roles and their default prefix
lengths, MAY be flooded in the network, through the Autonomic Control
Plane (ACP) .
The objective is defined in CDDL as follows:The 'any' object would be the relevant parameter definitions (such
as the example below) transmitted as a CBOR object in an appropriate
format.This could be flooded to all nodes, and any PrefixManager ASA that
did not receive it for some reason could obtain a copy using GRASP
unicast synchronization. Upon receiving the prefix management parameters, every
device can decide its default prefix length by matching its own
role.The parameters comprise
mapping information of device roles and their default prefix lengths
in an autonomic domain. For example, suppose an IPRAN operator wants to
configure the prefix length of RNC Site Gateway (RSG) as 34, the
prefix length of Aggregation Site Gateway (ASG) as 44, and the prefix
length of Cell Site Gateway (CSG) as 56. This could be described
in the value of the PrefixManager.Params objective as:This example is expressed in JSON notation , which is easy to represent in CBOR.An alternative would be to express the parameters in YANG using the YANG-to-CBOR mapping
.Relevant security issues are discussed in . The preferred security model is
that devices are trusted following the secure bootstrap procedure and that a secure
Autonomic Control Plane (ACP) is in place.It is RECOMMENDED that DHCPv6 PD, if used, should be operated using
DHCPv6 authentication or Secure DHCPv6.This document defines two new GRASP Objective Option names,
"PrefixManager" and "PrefixManager.Params". The IANA is requested to add these to the GRASP
Objective Names Table registry defined by (if approved).Valuable comments were received from Michael Behringer, Joel Halpern,
and Chongfeng Xie.This document was produced using the xml2rfc tool .draft-jiang-anima-prefix-management-00: original version,
2014-10-25.draft-jiang-anima-prefix-management-01: add intent example and
coauthor Zongpeng Du, 2015-05-04.draft-jiang-anima-prefix-management-02: update references and the
format of the prefix management intent, 2015-10-14.draft-ietf-anima-prefix-management-00: WG adoption, clarify scope and
purpose, update text to match latest GRASP spec, 2016-01-11.draft-ietf-anima-prefix-management-01: minor update, 2016-07-08.draft-ietf-anima-prefix-management-02: replaced intent discussion by parameter setting, 2017-01-10.draft-ietf-anima-prefix-management-03: corrected object format, improved parameter setting example, 2017-03-10.