WIKI RFC 6106
From IUCG - Internet Users Contributing Group
This document specifies IPv6 Router Advertisement options to allow IPv6 routers to advertise a list of DNS recursive server addresses and a DNS Search List to IPv6 hosts.
.
Contents |
1. Introduction
The purpose of this document is to standardize an IPv6 Router Advertisement (RA) option for DNS Recursive Server Addresses used for the DNS name resolution in IPv6 hosts. This RA option was specified in an earlier Experimental specification [RFC5006]. This document is also to define a new RA option for Domain Name Search Lists for an enhanced DNS configuration. Thus, this document obsoletes [RFC5006], which only defines the RA option for DNS Recursive Server Addresses.
Neighbor Discovery (ND) for IP version 6 and IPv6 stateless address autoconfiguration provide ways to configure either fixed or mobile nodes with one or more IPv6 addresses, default routers, and some other parameters [RFC4861][RFC4862]. Most Internet services are identified by using a DNS name. The two RA options defined in this document provide the DNS information needed for an IPv6 host to reach Internet services.
It is infeasible to manually configure nomadic hosts each time they connect to a different network. While a one-time static configuration is possible, it is generally not desirable on general- purpose hosts such as laptops. For instance, locally defined name spaces would not be available to the host if it were to run its own name server software directly connected to the global DNS.
The DNS information can also be provided through DHCP [RFC3315][RFC3736][RFC3646]. However, the access to DNS is a fundamental requirement for almost all hosts, so IPv6 stateless autoconfiguration cannot stand on its own as an alternative deployment model in any practical network without any support for DNS configuration.
These issues are not pressing in dual-stack networks as long as a DNS server is available on the IPv4 side, but they become more critical with the deployment of IPv6-only networks. As a result, this document defines a mechanism based on IPv6 RA options to allow IPv6 hosts to perform the automatic DNS configuration.
1.1. Applicability Statements
RA-based DNS configuration is a useful alternative in networks where an IPv6 host's address is autoconfigured through IPv6 stateless address autoconfiguration and where there is either no DHCPv6 infrastructure at all or some hosts do not have a DHCPv6 client. The intention is to enable the full configuration of basic networking information for hosts without requiring DHCPv6. However, when in many networks some additional information needs to be distributed, those networks are likely to employ DHCPv6. In these networks, RA- based DNS configuration may not be needed.
RA-based DNS configuration allows an IPv6 host to acquire the DNS configuration (i.e., DNS recursive server addresses and DNS Search List) for the link(s) to which the host is connected. Furthermore, the host learns this DNS configuration from the same RA message that provides configuration information for the link, thereby avoiding also running DHCPv6.
The advantages and disadvantages of the RA-based approach are discussed in [RFC4339] along with other approaches, such as the DHCP and well-known anycast address approaches.
1.2. Coexistence of RA Options and DHCP Options for DNS Configuration
Two protocols exist to configure the DNS information on a host, the Router Advertisement options described in this document and the DHCPv6 options described in [RFC3646]. They can be used together.
The rules governing the decision to use stateful configuration mechanisms are specified in [RFC4861]. Hosts conforming to this specification MUST extract DNS information from Router Advertisement messages, unless static DNS configuration has been specified by the user. If there is DNS information available from multiple Router Advertisements and/or from DHCP, the host MUST maintain an ordered list of this information as specified in Section 5.3.1.
2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
3. Terminology
This document uses the terminology described in [RFC4861] and [RFC4862]. In addition, four new terms are defined below:
- Recursive DNS Server (RDNSS): Server that provides a recursive DNS resolution service for translating domain names into IP addresses as defined in [RFC1034] and [RFC1035].
- RDNSS Option: IPv6 RA option to deliver the RDNSS information to IPv6 hosts [RFC4861].
- DNS Search List (DNSSL): The list of DNS suffix domain names used by IPv6 hosts when they perform DNS query searches for short, unqualified domain names.
- DNSSL Option: IPv6 RA option to deliver the DNSSL information to IPv6 hosts.
- DNS Repository: Two data structures for managing DNS Configuration Information in the IPv6 protocol stack in addition to Neighbor Cache and Destination Cache for Neighbor Discovery [RFC4861]. The first data structure is the DNS Server List for RDNSS addresses and the second is the DNS Search List for DNS search domain names.
- Resolver Repository: Configuration repository with RDNSS addresses and a DNS Search List that a DNS resolver on the host uses for DNS name resolution; for example, the Unix resolver file (i.e., /etc/ resolv.conf) and Windows registry.
4. Overview
This document standardizes the ND option called the RDNSS option defined in [RFC5006] that contains the addresses of recursive DNS servers. This document also defines a new ND option called the DNSSL option for the Domain Search List. This is to maintain parity with the DHCPv6 options and to ensure that there is necessary functionality to determine the search domains.
The existing ND message (i.e., Router Advertisement) is used to carry this information. An IPv6 host can configure the IPv6 addresses of one or more RDNSSes via RA messages. Through the RDNSS and DNSSL options, along with the prefix information option based on the ND protocol ([RFC4861] and [RFC4862]), an IPv6 host can perform the network configuration of its IPv6 address and the DNS information simultaneously without needing DHCPv6 for the DNS configuration. The RA options for RDNSS and DNSSL can be used on any network that supports the use of ND.
This approach requires the manual configuration or other automatic mechanisms (e.g., DHCPv6 or vendor proprietary configuration mechanisms) to configure the DNS information in routers sending the advertisements. The automatic configuration of RDNSS addresses and a DNS Search List in routers is out of scope for this document.
5. Neighbor Discovery Extension
The IPv6 DNS configuration mechanism in this document needs two new ND options in Neighbor Discovery: (i) the Recursive DNS Server (RDNSS) option and (ii) the DNS Search List (DNSSL) option.
5.1. Recursive DNS Server Option
The RDNSS option contains one or more IPv6 addresses of recursive DNS servers. All of the addresses share the same Lifetime value. If it is desirable to have different Lifetime values, multiple RDNSS options can be used. Figure 1 shows the format of the RDNSS option.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | : Addresses of IPv6 Recursive DNS Servers : | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Recursive DNS Server (RDNSS) Option Format
Fields:
- Type: 8-bit identifier of the RDNSS option type as assigned by the IANA: 25
- Length: 8-bit unsigned integer. The length of the option (including the Type and Length fields) is in units of 8 octets. The minimum value is 3 if one IPv6 address is contained in the option. Every additional RDNSS address increases the length by 2. The Length field is used by the receiver to determine the number of IPv6 addresses in the option.
- Lifetime: 32-bit unsigned integer. The maximum time, in seconds (relative to the time the packet is sent), over which this RDNSS address MAY be used for name resolution. Hosts MAY send a Router Solicitation to ensure the RDNSS information is fresh before the interval expires. In order to provide fixed hosts with stable DNS service and allow mobile hosts to prefer local RDNSSes to remote RDNSSes, the value of Lifetime SHOULD be bounded as MaxRtrAdvInterval <= Lifetime <= 2*MaxRtrAdvInterval where MaxRtrAdvInterval is the Maximum RA Interval defined in [RFC4861]. A value of all one bits (0xffffffff) represents infinity. A value of zero means that the RDNSS address MUST no longer be used.
- Addresses of IPv6 Recursive DNS Servers : One or more 128-bit IPv6 addresses of the recursive DNS servers. The number of addresses is determined by the Length field. That is, the number of addresses is equal to (Length - 1) / 2.
5.2. DNS Search List Option
The DNSSL option contains one or more domain names of DNS suffixes.
All of the domain names share the same Lifetime value. If it is desirable to have different Lifetime values, multiple DNSSL options can be used. Figure 2 shows the format of the DNSSL option.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | : Domain Names of DNS Search List : | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: DNS Search List (DNSSL) Option Format
