Network Working Group N. Matsuhira Internet-Draft Fujitsu Limited Intended status: Experimental January 6, 2013 Expires: July 10, 2013 Stateless Automatic IPv4 over IPv6 Tunneling with IPv4 Address Sharing draft-matsuhira-sa46t-as-04 Abstract This document specifies Stateless Automatic IPv4 over IPv6 Tunneling with IPv4 Address Sharing (SA46T-AS) base specification. SA46T-AS is basically the same technology with SA46T, however that have IPv4 address sharing capability. SA46T-SA is gateway technology, not protocol. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 10, 2013. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of Matsuhira Expires July 10, 2013 [Page 1]
Internet-Draft SA46T-AS January 2013 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Architecture of SA46T-AS . . . . . . . . . . . . . . . . . . . 3 3. SA46T-AS address format . . . . . . . . . . . . . . . . . . . 5 4. Using SA46T-AS in client server environments . . . . . . . . . 5 4.1. Client environments . . . . . . . . . . . . . . . . . . . 5 4.2. Server environments . . . . . . . . . . . . . . . . . . . 6 4.3. Data Center Environments . . . . . . . . . . . . . . . . . 7 5. Port Number Issue . . . . . . . . . . . . . . . . . . . . . . 8 6. Characteristic . . . . . . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 9.1. Normative References . . . . . . . . . . . . . . . . . . . 9 9.2. References . . . . . . . . . . . . . . . . . . . . . . . . 10 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 10 Matsuhira Expires July 10, 2013 [Page 2]
Internet-Draft SA46T-AS January 2013 1. Introduction This document provides Stateless Automatic IPv4 over IPv6 Tunneling with IPv4 Address Sharing (SA46T-AS) base specification. SA46T-AS is basically the same technology with SA46T [I-D.draft-matsuhira-sa46t-spec] , however that have IPv4 address sharing capability. The basic architecture of the SA46T-AS is the same with SA46T, so SA46T-AS can provide all of SA46T function, such as making bachbone network IPv6 only , or provide many IPv4 network planes over single IPv6 backbone network. SA46T-AS add IPv4 address sharing function to SA46T. So, SA46T-AS enable many host to share single IPv4 global address. SA46T is gateway technology, not protocol. 2. Architecture of SA46T-AS Figure 1 shows SA46T address architecture. SA46T map IPv4 address to SA46T address keeping locator - identifier relation. The n bits identifier part of IPv4 address and n bits identifier part of IPv6 address is the same value, and the 32-n bits locator part in IPv4 address and 128 - n bits locator part in IPv6 address is the same meaning. So, the meaning of routing information is the same between IPv4 space and IPv6 space. Matsuhira Expires July 10, 2013 [Page 3]
Internet-Draft SA46T-AS January 2013 |<------------------------ 128 bits ----------------------------->| |<-------------------- 96 bits ------------------->|<-- 32 bits ->| | : | | +-------:------+ | | IPv4 address | | +-------:------+ | |<-Loc->:<-ID->| | | 32-n : n | | | bits : bits | | | : | | | : | | | : | | 96 - m bits | m bits | 32 bits | +-----------------------+--------------------------+-------:------+ | SA46T address prefix | IPv4 network plane ID | IPv4 address | +-----------------------+--------------------------+-------:------+ |<------------- Locator (128 - n bits ) ------------------>:<-ID->| | : n | | : bits | Figure 1 Figure 2 shows SA46T-AS address architecture. SA46T-AS address consists four parts, SA46T-AS prefix, IPv4 network plane ID, IPv4 address, and Port number. That mean SA46T-AS address consists SA46T address and port number. | | | | | | 80 - m bits | m bits | 32 bits | 16 bits | +----------------------+----------------+----------------+----:----+ | SA46T-AS prefix | IPv4 network | IPv4 address | port | | | plane ID | | number | +----------------------+----------------+----------------+----:----+ |<--------------- Locator (128 -n bits )-------------------->:<-->| | : ID | | (n bits) Figure 2 In SA46T, boundary of locator and identifier is in IPv4 address part, however in SA46T-AS, boundary of locator and identifier is in port number part, that mean, SA46T-AS use upper part of port number as locator, and lower part of port number as identifier. Matsuhira Expires July 10, 2013 [Page 4]
Internet-Draft SA46T-AS January 2013 3. SA46T-AS address format Figure 3 show a example of SA46T-AS address format. In this example, 16bits IPv4 network plane ID is used, that provide 65535 IPv4 network plane. | 3 | 45bits | 16bits | 16 bits| 32bits | 16 bits | +---+------------------+---------+---------+------------+---------+ |001| routing prefix |subnet id| plane ID|IPv4 address| Port # | +---+------------------+---------+----------------------+---------+ <---SA46T address prefix--------> Figure 3 4. Using SA46T-AS in client server environments 4.1. Client environments Figure 4 shows a example of SA46T-AS usage in client environments. In this document, NAPT is IPv4 - IPv4 Netowrk address and port number translator. Coopetation with NAPT, SA46T-AS provide IPv4 address sharing with different users. Matsuhira Expires July 10, 2013 [Page 5]
Internet-Draft SA46T-AS January 2013 +--------------+ | | +---------+ +--------+ +---------+ | +----|SA46T-AS |--| NAPT |--+--| Clients | | | +---------+ +--------+ | +---------+ | | | +---------+ | | +--| Clients | | Backbone | | +---------+ | | : | | | +---------+ | Network | +--| Clients | | | +---------+ | | | | +---------+ +--------+ +---------+ | +----|SA46T-AS |--| NAPT |--+--| Clients | | | +---------+ +--------+ | +---------+ | | | +---------+ | | +--| Clients | | | | +---------+ | | : | | | +---------+ | | +--| Clients | | | +---------+ : : : : : | | +---------+ +--------+ +---------+ | +----|SA46T-AS |--| NAPT |--+--| Clients | | | +---------+ +--------+ | +---------+ | | | +---------+ | | +--| Clients | | | | +---------+ | | : | | | +---------+ | | +--| Clients | | | +---------+ +--------------+ Figure 4 4.2. Server environments Figure 5 shows an example of SA46T-AS usage in server environments. In this example, server terminate SA46T-AS tunnel. This case, Server require at least one port number per server, that mean, 128bits host route advertise for server access via IPv4. This case, full access is provided via IPv6. Matsuhira Expires July 10, 2013 [Page 6]
Internet-Draft SA46T-AS January 2013 +--------------+ | | +------------+ | +----|Server with | | | |SA46T-AS | | Backbone | |function | | | +------------+ | | +------------+ | Network +----|Server with | | | |SA46T-AS | | | |function | | | +------------+ : : : | | +------------+ | +----|Server with | | | |SA46T-AS | | | |function | | | +------------+ +--------------+ Figure 5 4.3. Data Center Environments Figure 6 shows an example of SA46T-AS usage in Data Center environments. In this example, SA46T-AS is used only in Data Center Backend Network closely. Client which is connected via backbone network does not know the exists of SA46T-AS. SA46T-AS can provide at least one port number per server, this case, 128bits host route is advertised, however this route in advertised only in data center backbone network. Ofcource, IPv6 address may allocated to the server, so full access is provided via IPv6. Matsuhira Expires July 10, 2013 [Page 7]
Internet-Draft SA46T-AS January 2013 . +--------+ . +-------+ | | +-------+ . | | +-----------------+ | +--+ | . | |-|Server w/SA46T-AS| | | | Data | . | Data | +-----------------+ |Backbone+--+Center | +----------+ |Center | +-----------------+ | | | +--| SA46T-AS |--+ |-|Server w/SA46T-AS| | | |Front | +----------+ |Backend| +-----------------+ |Network | |Network| . |Network| +-----------------+ | | | | +----------+ | |-|Server w/SA46T-AS| | | | +--| SA46T-AS |--+ | +-----------------+ | | | | +----------+ | | +-----------------+ : : : : . | |-|Server w/SA46T-AS| | | | | . | | +-----------------+ | | | | . | | : | | | | . | | +-----------------+ | | | | . | |-|Server w/SA46T-AS| | | +-------+ . | | +-----------------+ +--------+ . +-------+ . -Normal IPv4 communication->.<----- SA46T-AS -----> . communication . ------- Normal IPv6 communication -----------------> . Figure 6 5. Port Number Issue SA46T-AS require port number of transport layer. SA46T-AS can not support ICMPv4 [RFC0792]. The function provided by ICMPv4 does not work in SA46T-AS environments, such as Path MTU Discovery [RFC1191], ping command, etc. SA46T-AS can not also support IPv4 ESP[RFC4303] because transport header is encrypted. 6. Characteristic SA46T has following useful characteristics. o Reduce backbone network operation cost with IPv6 single stack ( at least less than Dual Stack) Matsuhira Expires July 10, 2013 [Page 8]
Internet-Draft SA46T-AS January 2013 o Can allocate IPv4 address to stub networks, which used in backbone network before installing SA46T o Less configuration o No need for special protocol o No dependent Layer 2 network o Can Stack IPv4 Private networks o Easy stop IPv4 operation in stub network for future ( just remove SA46T) o Provide redundancy Moreover, SA46T-AS add following characteristsics to SA46T. o Provide IPv4 address sharig function 7. IANA Considerations This document makes no request of IANA. Note to RFC Editor: this section may be removed on publication as an RFC. 8. Security Considerations SA46T-AS use automatic tunneling technologies. Security consideration related tunneling technologies are discussed in RFC2893 [RFC2893], RFC2267 [RFC2267], etc. 9. References 9.1. Normative References [I-D.draft-matsuhira-sa46t-spec] Matsuhira, N., "Stateless Automatic IPv4 over IPv6 Tunneling: Specification". [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Matsuhira Expires July 10, 2013 [Page 9]
Internet-Draft SA46T-AS January 2013 9.2. References [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, RFC 792, September 1981. [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, November 1990. [RFC2267] Ferguson, P. and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", RFC 2267, January 1998. [RFC2893] Gilligan, R. and E. Nordmark, "Transition Mechanisms for IPv6 Hosts and Routers", RFC 2893, August 2000. [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005. Author's Address Naoki Matsuhira Fujitsu Limited 1-1, Kamikodanaka 4-Chome, Nakahara-ku Kawasaki, 211-8588 Japan Phone: +81-44-754-3466 Fax: Email: matsuhira@jp.fujitsu.com Matsuhira Expires July 10, 2013 [Page 10]