Network Working Group Naiming Shen
Internet Draft Cisco Systems
Expiration Date: July 2007
Said Ouissal
Redback Networks
Kishore Seshadri
Mu Security
Tom S. C. Soon
SBC Communications
Dae-Cheol Roh
Korea Telecom
January 2007
DHCP Proxy Server Micro-block Allocation Scheme
For IP Address Pool Management
<draft-shen-dhc-block-alloc-03.txt>
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June, 2007.
Copyright Notice
Copyright (C) The Internet Society (2006).
Shen, et all Expires June 2007 [Page 1]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2006
Abstract
A new DHCP address allocation mechanism called Micro-blocking
is proposed in this document. It is used for DHCP proxy servers or
routers working with DHCP servers to maximize the IP address
allocation efficiency while improve dynamic routing scalability
in provider's networks. A DHCP sub-option within the relay agent
information option 82 is defined in this document. This simple
DHCP extension can be applied as a simple IP address-pool management
among multiple IP devices.
1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [2].
DHCP Server: A DHCP server is an Internet host that returns
configuration parameters to DHCP clients, relay
or proxy servers.
Proxy Server: In this document, the proxy server resides on the
provider's edge router which acts as an intermediary
between the DHCP clients and the DHCP server. The
DHCP proxy server also serves as an Internet gateway
for the DHCP clients. We also use Proxy Router to
reflect the proxy server on an edge router.
Traditional Allocation: An IP address allocation scheme in that
the IP address must reside within the pre-configured
IP subnet "boundary" on the edge routers. Either
the address belongs to a LAN interface IP subnet,
or the address belongs to an IP address pool
configured for the router.
Random Allocation: This scheme is usually applied in the case the
end-user is over point-to-point links. DHCP server
gets out the next unused address to any proxy server
making the request. The addresses within an IP subnet
can be scattered into multiple edge routers in a
random fashion.
2. Introduction
The Dynamic Host Configuration Protocol [1] provides a framework for
passing configuration information to hosts on a TCP/IP network.
DHCP proxy servers are often used on customer edge routers for user
Internet access. With the increase of new IP service requirement,
the set of functionalities of edge routers is moving closer to the
end users. This means the direct customer facing edge router
Shen, et all Expires June 2007 [Page 2]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
function is moving from a few complex devices into many smaller
and simpler layer 3 devices. DHCP proxy is one of those functions.
This document specifies a simple mechanism called Micro-blocking
to increase the IP address allocation efficiency within the network
while also maintaining the network routing scalability and
stability. This extension also reduces the traffic among the DHCP
server and proxy servers. Instead of for DHCP server giving
out one IP address per request, this scheme proposes a way to let
a DHCP server give out a block of IP addresses for the proxy servers
to maintain and manage. A DHCP extension of Sub-option is defined.
This scheme works with allocating IP addresses for clients over
point-to-point circuits as well as multi-access circuits. This
micro-blocking allocation scheme can also be used to dynamically
create sub-interfaces on multi-access media.
This DHCP extension enables DHCP servers and proxy servers to form
an IP address-pool management system. The IP address pool is
centralized on the DHCP server and the IP addresses are
efficiently allocated among multiple DHCP proxy devices.
3. Motivation
Even though the above mentioned trend will enhance the IP service
to the end users, it creates inefficiency in IP address
allocation, since in the traditional allocation mechanism, each
of those smaller edge routers need to have a block of IP address
statically reserved for the maximum number of customers it intends
to serve. This is done either by the configuration on the edge
router or by rules statically defined in the remote device such
as a Radius server. Those IP address blocks can not be shared
with other edge routers even if they are not in use.
One way to get around this IP address allocation inefficiency
is to apply random allocation. This scheme does not reserve blocks
of pre-configured addresses on each edge router, but rather
the proxy server on the edge router gets a new address from
a DHCP server every time it receives a customer request for
allocation. This new address may belong to an IP subnet shared
by multiple edge routers. This scheme maximizes the IP address
allocation efficiency for distributed DHCP proxy devices in
the network.
The problem is that for the random allocation to be useful, the
routing information associated with this scheme also needs to be
propagated throughout the network. This causes the explosion
of routing information in the network since each IP host
entry needs to be carried inside the dynamic routing protocols.
Even though route summary technique can be applied on the
edge routers to reduce the number of routes to be propagated,
Shen, et all Expires June 2007 [Page 3]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
the routing protocols need to constantly re-group the summary
routes due to address changes by end users. This scheme can
create routing scalability issues in the network. Another
issue with the random allocation scheme is that it only works
in the point-to-point circuit, such as PPP, it does not work
in multi-access circuit case.
This document proposes a mechanism to have DHCP servers
dynamically assign IP address to each edge router with a user
defined restriction, which is named Micro-blocking. There are no
pre-defined address blocks on the edge routers or the remote Radius
servers just like the random allocation case, but the address
allocated by the DHCP server follows a user defined IP prefix
pattern. The IP address allocation efficiency is close to the random
allocation scheme, but this technique greatly improves the routing
scalability and stability comparing to the random allocation scheme.
This DHCP Micro-blocking scheme can work for the end users
serviced over point-to-point links, such as PPP, PPPoE or MAC
address based sub-interface which can be setup dynamically; The
scheme can also work with end users serviced over multi-access
links. In the former case, a host route within a micro-block is
used to point to the point-to-point sub-interface. In the latter
case, each sub-interface is dynamically established for the
micro-block addresses on the multi-access LAN. This solution is
more scalable than assigning multiple address blocks on the
same interface.
In the multi-access interface case, the proxy server or router
needs to reserve one IP address in the block to be "on the router".
The proxy server advertises this reserved IP address as the default
gateway address along with the subnet mask of the block to clients.
4. DHCP IP Address Allocation with Micro-blocking
4.1 The Efficiency of the Micro-blocking Scheme
DHCP IP address allocation with Micro-blocking is a scheme to allow
the server allocating a new IP address or a block of IP addresses
based on a user defined small prefix block. The server keeps track
of the edge router that requests the IP address of this prefix
block, then reserves the IP address block for this edge router
instead of assigning IP addresses randomly to the edge routers.
The address allocation efficiency is almost the same as assigning
IP address randomly. In the worst case, the unused addresses on
an edge router is block size minus one. As long as the block size
is small enough, the allocation efficiency is very high.
Since we know a block of addresses is owned by a single edge router,
Shen, et all Expires June 2007 [Page 4]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
there is no need to announce each host route in the dynamic routing.
An IP prefix with the prefix length of the block size is used in
routing information. Depends on the block size it deploys, this
scheme can sharply reduces the dynamic routing information
comparing to the random allocation scheme. Obviously there is
a tradeoff between large and small block size.
For example, assume that the network operator defines the block
size for certain IP address space as 32. The DHCP server will
give out the IP addresses to proxy servers in the blocking fashion.
The maximum unused IP address for this router is 32. If the
edge route serves 5000 clients, the address allocation efficiency
is 99.5% in the worst case. While the dynamic routing information
is reduced by 32 times comparing to the random allocation scheme.
In the random allocation scheme, the router needs to advertise
5000 host routes, it only needs to advertise 156 IP prefixes
in the proposed scheme.
A new sub-option of "micro-blocking" of DHCP option 82 is defined
in this document. Both the DHCP proxy server on the edge router
and the DHCP server have to support this sub-option in order for
the proxy server to get the benefit of the "micro-blocking"
scheme.
4.2 Block and Single Address Fashion
There are two different DHCP "micro-blocking" allocation fashions.
One is called block address allocation fashion, and the other
is called single address allocation scheme. Both of them requires
the block to be reserved for only one proxy server. In the block
address allocation scheme, the DHCP server gives out the entire
block of addresses to the proxy server for every new block address
allocation request. The proxy server needs to manage the assigned
block of address pool on the edge router. In the single address
allocation scheme, the DHCP server gives out one address from
the block at a time. With the block scheme, the release of address
request will release the entire block of addresses on the DHCP
server.
Using the block fashion of Micro-blocking also reduces the
communication between the DHCP server and the proxy servers.
This in term reduces the network bandwidth requirement to the
server and increases the DHCP server scalability.
There is a Flag field in the proposed sub-option with one bit
reserved for the block fashion and one bit for the single address
allocation fashion. In the block fashion, the DHCP server side
only needs a simple change. Instead of giving out one IP address
at a time, it just give out a predefined block at a time. The
same for a release request of the IP addresses. Instead, the proxy
servers need to keep track of the allocated blocks and assign to
Shen, et all Expires June 2007 [Page 5]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
the end users one by one. In the single address fashion, the DHCP
server needs to keep track of the addresses within the block
belonging to each of the proxy servers. The proxy servers do not
need much change for this scheme, except for it may need to inject
the prefixes base on the Micro-blocking addresses.
When the proxy server sends the DHCP address request with the
"micro-blocking" sub-option, it can set either one of the two
fashion bits, or it can set both bits to indicate the capability.
When the DHCP server responds to the request, it MUST only set one
of the two bits. In the block address allocation scheme, the
MUST advertise the first address of the block as the allocated
IP address. The prefix length is the same for both schemes.
4.3 Micro-blocking Scheme
When the edge router receives a user DHCP request, it will relay
this request and include the option 82 [3] with a sub-option of
"micro-blocking" to indicate that it has the support for
"micro-blocking" feature. It can set either or both of the Block
Bit and Single Address Bit in the Flag field. The DHCP server has
to match the capability of the proxy server in terms of the
block or single address fashions.
Assume the network uses the block fashion. The DHCP server will
allocate an unused new block of addresses for the proxy server.
The DHCP sends back the response with the option 82 and sub-option
of "micro-blocking" and fills in the prefix length of the block.
It also sets the Block Bit in the Flag field. It MUST NOT set
the Single Address Bit in this case. Upon receipt of the response
from the DHCP server, the proxy router can inject the prefix with
the prefix length into the dynamic routing information on the
router. The proxy server needs to manage the allocation of this
block of addresses on the router. When subsequent client requests
arrive, it will give out the unused addresses in that block. When
all the addresses in the blocks are used, the proxy server needs
to make another "block" request upon receiving new request from
clients.
If the network uses the single address fashion, the DHCP server
looks to see if there is already a new block reserved for that
proxy router. If it exists, it will allocate an unused address to
the proxy router. If it can't find one, it will allocate a new
block for this proxy router and give out the first address on
this block. The DHCP sends back the response with the option 82
and sub-option of "micro-blocking" and fills in the prefix length
of the block. It sets the Single Address Bit of the Flag field.
It MUST NOT set the Block Bit of the Flag field in this case.
Upon receipt of the response from the DHCP server, the proxy
router can inject the prefix with the prefix length into
Shen, et all Expires June 2007 [Page 6]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
the dynamic routing information if it has not already done so.
When the last address of the block is released, the proxy router
can withdraw the prefix from the routing protocols.
5. Micro-blocking Sub-option
The format of the Micro-blocking sub-option of DHCP option 82
is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SubOpt | Length | Flag | Prefix-Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
SubOpt - TBD. The sub-option code requires IANA allocation.
Length - Micro-blocking sub-option length of 4 octets.
Flag - Sub-option flag bits. Only two bits are defined in this
document, ranges from the right most to left most position.
Bits Description
1 Support Block Allocation fashion.
2 Support Single Address Allocation fashion.
Prefix-Length - The Prefix Length of the allocated address block.
The sub-option has the length of 4 octets. The prefix length for
IPv4 prefixes range from 0 to 32 and for IPv6 prefixes range from
0 to 128. When DHCP proxy router sends request with this
sub-option, it MUST set one or both of the first two Flag bits to
indicate the capability of the proxy router. It MUST set the
prefix length to be zero and be ignored by DHCP server upon
receipt. When the DHCP server respond to the request, it SHOULD
NOT include the "micro-blocking" sub-option if the proxy router
did not include this sub-option in the DHCP request. If the DHCP
server supports "micro-blocking" feature and the proxy router
has the capability, the server MUST include this sub-option and
select one of the two schemes indicated by the proxy router in
the flag field. It MUST set the prefix length field according to
the configured block size. The "micro-blocking" size has to be a
number with power of 2.
6. IANA Considerations
Shen, et all Expires June 2007 [Page 7]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
IANA is requested to assign a sub-option code to the Micro-blocking
sub-option in the DHCP option 82.
7. Security Considerations
This document does not introduce new security issues.
8. Acknowledgments
The authors would like to thank Diamantis Kourkouzelis, Arunkumar
Desigan Mutharansanallur, Mike Sinwald and Jun Zhuang for their
discussion and comments of this document.
9. References
[1] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
March 1997.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[3] Patrick, M., "DHCP Relay Agent Information Option", RFC 3046,
January 2001.
10. Author Information
Naiming Shen
Cisco Systems
225 West Tasman Drive
San Jose, CA 95134
USA
E-mail: naiming@cisco.com
Said Ouissal
Redback Networks, Inc.
250 Holger Way
San Jose, CA 95134
E-mail: souissal@redback.com
Kishore Seshadri
Mu Security
686 W. Maude Avenue, Suite #104
Sunnyvale, CA 94085
E-mail: kishore@musecurity.com
Shen, et all Expires June 2007 [Page 8]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
Tom S. C. Soon
SBC Labs Inc.
SBC Communications
4698 Willow Road
Pleasaton, CA 94588
USA
E-mail: tom_soon@labs.sbc.com
Dae-Cheol Roh
Telecommunications Network Lab.
Korea Telecom
E-mail: phantom@kt.co.kr
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Shen, et all Expires June 2007 [Page 9]
�
INTERNET DRAFT DHCP Micro-Block Allocation January 2007
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Shen, et all Expires June 2007 [Page 10]
�