LDRA

LDRA

RFC 6221 introduces Lightweight DHCPv6 Relay Agent (LDRA). The Relay Agent inserts options in DHCPv6 messages. The LDRA can be implemented in DSLAM in ADSL or OLT in GPON access environment, and Ethernet switches in Metro Ethernet environment. The LDRA does not have any IPv6 routing capabilities. Recently, I came across this functionality and this article explains the LDRA function in GPON environment.

The following diagram represents the topology. The link names would be helpful while describing the DHCPv6 messages.

There are 2 types of DHCPv6 Relay messages-

1. Relay-Forward message

The Relay-Forward message is created by a DHCPv6 Relay Agent to forward messages between clients and servers. The Relay-Forward message contains relay agent parameters. These parameters are Link-Address, Peer-Address and Interface-ID.

The LDRA sets the Link-Address to Unspecified address (::) and Peer-Address is set to the Link-Local Address of the client. However, the BRAS (also acting as a Relay Agent) sets the Link-Address to the Link-B IPv6 address and Peer-Address is unchanged. The Interface-ID option is inserted by the LDRA. This is a configurable value. It is used to identify the client-facing interface.

2. Relay-Reply message

The Relay-Reply message is created by the DHCPv6 server in response to the Relay-Forward message. The DHCPv6 server uses the same Link-Address, Peer-Address and Interface-ID options received in the Relay-Forward message.

Operation

The LDRA must implement a configuration setting for all client-facing interfaces and mark them as "Trusted" or "Untrusted". If an Untrusted interface receives Relay-Forward messages, the LDRA must drop them.

The LDRA intercepts the DHCPv6 messages from the client and inserts the options it is configured to include in the Relay-Forward message. The original DHCPv6 Solicit message is encapsulated in the Relay Message Option of the Relay-Forward message.

The LDRA receives the Relay-Reply message on the network-facing interface and intercepts it. It validates the message-

    • The Interface-ID option should be present and it must correspond to a valid client-facing interface
    • The Relay-Reply Peer-Address and the Destination IPv6 address are same
    • The Link-Address must be Unspecified address

If the message is valid, the LDRA should forward the packet to the correct client-facing interface using the destination link-layer address.

The following diagram shows the end-to-end packet flow for the above topology.