Network Working Group B. Sarikaya
Internet-Draft F. Xia
Expires: April 23, 2010 Huawei USA
October 20, 2009
Dual-stack Lite Mobility Solutions
draft-sarikaya-softwire-dslitemobility-01.txt
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 23, 2010.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Sarikaya & Xia Expires April 23, 2010 [Page 1]
Internet-Draft Mobility Solutions October 2009
Abstract
Two solutions are presented to show how to use Dual-Stack Lite
transition technique in mobile networks: one for Proxy Mobile IPv6
and the other for Dual-Stack Mobile IPv6. Proxy Mobile IPv6 allows
IPv4 nodes to receive mobility services using an IPv4 home address.
Mobile node can have IPv4 only operation by sending IPv4 datagrams
which are encapsulated by the Mobile Access Gateway (MAG) at the DS-
lite home router and and tunneled to Local Mobility Anchor (LMA)
which is also DS-lite carrier-grade Network Address Translator (NAT).
In case of client based mobility using DSMIPv6, mobile node is a
dual-stack node and it can receive an IPv4 home address from the home
agent which is co-located with DS-lite carrier-grade NAT. Mobile
node (MN) encapsulates IPv4 datagrams in IPv6 which are decapsulated
at the home agent (HA). Mobile network could be WiMAX network or
3GPP Long Term Evolution network.
Sarikaya & Xia Expires April 23, 2010 [Page 2]
Internet-Draft Mobility Solutions October 2009
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Proxy Mobile IPv6 Solution . . . . . . . . . . . . . . . . . . 5
3.1. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2. Combined Operation of LMA and CGN . . . . . . . . . . . . 7
3.3. Other Considerations . . . . . . . . . . . . . . . . . . . 8
4. Mobile IPv6 Solution . . . . . . . . . . . . . . . . . . . . . 8
4.1. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . 9
4.2. Combined Operation of HA and CGN . . . . . . . . . . . . . 10
4.3. Other Considerations . . . . . . . . . . . . . . . . . . . 10
5. Security Considerations . . . . . . . . . . . . . . . . . . . 11
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
8.1. Normative References . . . . . . . . . . . . . . . . . . . 11
8.2. Informative references . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13
Sarikaya & Xia Expires April 23, 2010 [Page 3]
Internet-Draft Mobility Solutions October 2009
1. Introduction
Dual-stack lite is a new IPv6 transition scheme that is being defined
in IETF [I-D.ietf-softwire-dual-stack-lite]. There is a strong
interest on DS-lite by mobile operators due to the earlier-than-
expected depletion of IPv4 addresses. DS-lite enables sharing of
IPv4 addresses by the nodes by using the same set of IPv4 addresses.
DS-lite network is IPv6 based. This way IPv4 is pushed to the edge.
Hosts can be dual-stack. DS-lite also supports IPv4-only hosts.
Currently only two architectures are defined in DS-lite
[I-D.ietf-softwire-dual-stack-lite]: router-based and host-based. In
router-based architecture IPv4 hosts send and receive IPv4 datagrams
from the DS-lite home router. DS-lite home router is the softwire
initiator and it encapsulates IPv4 datagrams in IPv6 and sends them
to DS-lite carrier-grade NAT which is the softwire concentrator.
Carrier-grade NAT decapsulates the datagrams, does address
translation and then transmits IPv4 datagrams outbound. Inbound IPv4
datagrams receive the reverse treatment. This architecture is
defined to handle installed base of IPv4-only devices.
In host-based architecture, the host is the softwire initiator and it
encapsulates IPv4 datagrams in IPv6 and then sends them to the
carrier-grade NAT which is a softwire concentrator. All the hosts
are assigned the same IPv4 addresses (yet to be defined by IANA).
Carrier-grade NAT decapsulates and then translates IPv4 packet and
sends it out. Inbound IPv4 datagrams go through address translation
and then they are sent to the host using IPv4-in-IPv6 encapsulation.
In this document we present two mobility solutions for DS-lite: Proxy
Mobile IPv6 [RFC5213] and Client Mobile IPv6 [RFC5555]. In Proxy
Mobile IPv6 we use the router-based architecture. Home router is
also PMIPv6 MAG. Carrier-grade NAT should be co-located with LMA.
Proxy Mobile IPv6 IPv4 support [I-D.ietf-netlmm-pmip6-ipv4-support]
allows IPv4-only mobile nodes to receive IPv4 home addresses and then
PMIPv6 handles their mobility. PMIPv6 also allows IPv4 transport
between MAG and LMA. For DS-lite PMIPv6 scenario the solution in
this document covers the case of IPv4 local link operation but IPv4
transport between MAG and LMA is not supported in DS-lite since DS-
lite network is IPv6 only.
For client Mobile IPv6, we use the host-based architecture of DS-
lite. In this case MN is the softwire initiator and it encapsulates
IPv4 datagrams in IPv6 and sends them to the carrier-grade NAT which
is co-located with the home agent. Home agent receives the
encapsulated datagram and depsulates and then hands it to the NAT
box. IPv4 datagram is translated and then sent out. Inbound
Sarikaya & Xia Expires April 23, 2010 [Page 4]
Internet-Draft Mobility Solutions October 2009
datagrams are first address translated. HA then searches its binding
cache and finds IPv6 care-of address and then encapsulates the
datagram and sends it to MN.
Client Mobile IPv6 defines other scenarios as well in [RFC5555].
IPv4-only scenario and its variations such as mobile node behind a
NAT which could be located at the home router and therefore requires
NAT traversal mechanisms and home agent behind NAT but home agent has
a globally unique IPv4 address. Using DS-lite host-based
architecture, the need for these more complicated operations is
eliminated.
2. Terminology
This document uses the terminology defined in
[I-D.ietf-softwire-dual-stack-lite], [RFC5121] and [3GPP23402].
3. Proxy Mobile IPv6 Solution
MN is IPv4-only host. MAG functionality of PMIPv6 is hosted in
ASN-GW and LMA is in the CSN in WiMAX architecture [WiMAXnwg]. MAG
is at the Serving Gateway and LMA at the Packet Data Network Gateway
in 3GPP architecture [3GPP23402]. DS-lite needs to be supported in
these networks, i.e. R3 between ASN-GW and LMA in WiMAX and S8
between the serving gateway and PDN Gateway in LTE are IPv6-only.
ASN-GW/Serving Gateway is DS-lite home router and LMA/PDN Gateway is
DS-lite carrier-grade NAT [I-D.ietf-softwire-dual-stack-lite].
PMIPv6 IPv4 MN operation is shown in Figure 1. MN first gets an IPv4
home address (IPv4-MN-HoA, a private address from RFC 1918) assigned
using DHCPv4. MN sends IPv4 datagrams on the wireless link. MAG
tunnels (IPv4-in-IPv6) the datagrams to LMA. MAG has no NAT
functionality. The tunnel end points are Proxy-CoA and LMAA which
are both IPv6 addresses. LMA keeps Proxy Mobile IPv6 MN state in the
binding cache and also has NAT functionality.
Sarikaya & Xia Expires April 23, 2010 [Page 5]
Internet-Draft Mobility Solutions October 2009
MN MAG LMA
| | |
|------->| | DHCP DISCOVER
| |------->| PBU
| |<-------| PBA (IPv4 HoA)
|<-------| | DHCP Offer
|------->| | DHCP Request
|<-------| | DHCP Ack
|------->| | IPv4 Datagram1
| |--------|
| |------->| IPv4 Datagram2
| |--------|---> IPv4 Datagram3
| | |
| |--------|<--- IPv4 Datagram4
| |<-------| IPv4 Datagram5
| |--------|
|------->| | IPv4 Datagram6
Figure 1: PMIPv6 IPv4 MN
3.1. Scenarios
Scenario in Figure 1 has these steps:
1. MN sends DHCPDISCOVER to DHCP Proxy at MAG. MAG sends PBU to LMA
and asks for an IPv4 HoA to be assigned to this MN. LMA sends
back PBA with the assigned IPv4-HoA. PBU and PBA are IPv6
messages as defined in [RFC5213]. DHCP Proxy sends IPv4 HoA to
MN using DHCPOFFER. MN and DHCP Proxy exchange DHCPREQUEST and
DHCPACK.
2. MN sends IPv4 datagram1 to MAG. Destination address is CN
address (128.0.0.1). Source address is IPv4 HoA (10.0.0.1).
Destination TCP port is 80 and source port is 10000. MAG
encapsulates Datagram1 in IPv4 in IPv6 Datagram2. Destination
address is LMAA (2001:0:0:2::1) and source address is Proxy-CoA
(2001:0:0:1::1). LMA decapsulates the datagram and searches the
binding cache for the destination IPv4 address (128.0.0.1). If
not found, LMA next invokes its NAT function. The NAT determines
that TCP source port 10000 should be translated to TCP source
port 5000 and IP source address 10.0.0.1 to 129.0.0.1. This new
IPv4 datagram is IPv4 Datagram3 shown in Figure 1. LMA sends
IPv4 datagram3 on its WAN interface.
3. IPv4 Datagram 4 is received on LMA's network interface. IPv4
destination address is 129.0.0.1, source address is 128.0.0.1,
TCP destination port is 5000 and source port is 80. First
carrier-grade NAT operation takes place: destination address is
changed to MN' IPv4 HoA 10.0.0.1, TCP destination port to 10000.
Sarikaya & Xia Expires April 23, 2010 [Page 6]
Internet-Draft Mobility Solutions October 2009
Next, LMA searches the destination address in its binding cache
and finds the MN and its latest MAG address, Proxy-CoA which is
2001:0:0:1::1. LMA encapsulates IPv4 datagram as an IPv6
datagram5 with IPv6 source address 2001:0:0:2::1 and IPv6
destination address 2001:0:0:1::1 and sends it on the tunnel.
MAG receives IPv6 datagram 5 and decapsulates it obtaining IPv4
Datagram 6 with IPv4 destination address 128.0.0.1, IPv4 source
address 10.0.0.1, TCP destination port 10000, source port 80.
MAG/ASN-GW forwards IPv4 Datagram6 to MN.
4. MN handoffs and gets connected to a different MAG. IPv4 default
router address of MN MUST be used as the DHCP server ID on any of
the links. After handoff, MN sends DHCPREQUEST message for
renewing its IPv4-HoA. The new MAG (ASN-GW or Serving Gateway)
sends PBU to LMA and receives IPv4-HoA in PBA. MAG returns this
address in DHCPACK.
3.2. Combined Operation of LMA and CGN
CGN keeps track of all the sessions of IPv4 MNs using a NAT table.
The NAT table has entries like:
- IPv4 header fields of source and destination address and protocol
fields
- Transport header fields of source and destination ports
- CGN also adds to NAT table IPv6 address of MAG to which MN is
connected.
If GRE tunneling is used CGN must add GRE keys to NAT table.
IPv4 header fields and transport header fields can be obtained from
the inner header of IPv6 encapsulated IPv4 datagram but IPv6 address
of MAG is the source address of the outer IPv6 header. For the
datagrams coming from MAGs, CGN needs to access the encapsulated
packet so that it can determine IPv6 address of MAG this MN belongs
and place it in the NAT table. This requires LMA pass the full
datagram to CGN by not removing the outer header. GRE keys (uplink
and downlink) if received in the GRE header must also be passed to
CGN to be placed in the NAT Table.
For datagrams received from the network CGN receives IPv4 datagram
first. CGN looks up in the NAT table and finds the matching entry.
CGN changes destination IPv4 address and destination port. When CGN
passes the new datagram to LMA, CGN must also pass IPv6 address of
MAG or GRE keys associated with this MN. LMA can identify MN
uniquely using this additional information (IPv6 address of MAG or
GRE keys). MNs with the same private address connected to different
MAGs are identified using IPv6 address of MAG and MNs with the same
private address connected to the same MAG are identified using GRE
Sarikaya & Xia Expires April 23, 2010 [Page 7]
Internet-Draft Mobility Solutions October 2009
keys.
3.3. Other Considerations
MAG to LMA tunnel may use GRE tunneling for several purposes, e.g. to
separate the flows from different MNs with the same private home
address [I-D.ietf-netlmm-grekey-option].
Proxy Mobile IPv6 scenario uses legacy IPv4 private addresses and
each MN is assigned a different address. There is no limitation on
the use of ports due to MNs sharing the same IPv4 address. All
considerations related to the use of private addresses apply here
also.
Since DS-lite network is IPv6 based IPv4 transport between MAG and
LMA is not needed. This simplifies IPv4 support in Proxy Mobile
IPv6.
When MN sends a DNS query to find the destination address in IPv4,
MAG MUST proxy IPv4 DNS queries. MAG MUST conform to the DNS Proxy
Implementation guidelines in [RFC5625].
4. Mobile IPv6 Solution
Dual-stack MN can get an IPv4 home address by sending an IPv6 Binding
Update to the Home Agent. MN MUST include IPv4 home address option
defined in [RFC5555] in the BU and set the address to 0.0.0.0. HA
assigns an IPv4 home address and returns it in a BA. MN tunnels
(IPv4-in-IPv6) datagrams to HA. HA has NAT functionality.
HA is a standalone entity in WiMAX [WiMAXnwg], HA MUST be dual-stack
and col-located with DS-lite carrier-grade NAT. MN is the softwire
initiator. PDN Gateway is the home agent in LTE [3GPP23402], co-
located with DS-lite carrier-grade NAT
[I-D.ietf-softwire-dual-stack-lite]. PDN gateway MUST be dual-stack.
Sarikaya & Xia Expires April 23, 2010 [Page 8]
Internet-Draft Mobility Solutions October 2009
MN DHCP HA
| | |
|------->| | DHCP Information Request
|<-------| | DHCP Information Reply
|---------------->| BU
|<----------------| BA (IPv4 HoA)
|-----------------|
|-IPv6 Datagram1->|
|-----------------|---> IPv4 Datagram2
| | |
|-----------------|<--- IPv4 Datagram3
|<-IPv6 Datagram4-|
|-----------------|
Figure 2: Mobile IPv6 Dual-Stack Lite MN
4.1. Scenarios
The scenario in Figure 2 has the following steps:
1. MN enters the network. MN autoconfigures IPv6 care-of address
(2001:0:0:1::1). MN needs to be assigned an IPv6 HA address
(2001:0:0:2::1) and an IPv6 home address. MN sends DHCP
Information Request message to DHCP Proxy/Server
[I-D.ietf-mip6-hiopt]. DHCP Proxy/Server will send Reply message
with IPv6 and IPv4 address of IPv6 HA and Home Network Prefix
values for MN (see also Section 4.8.4.1.1 of Stage 3 document for
WiMAX [WiMAXnwg]).
2. MN registers its CoA by sending a BU to HA. MN adds IPv4 Home
Address option and sets IPv4 Home Address field to 0.0.0.0. HA
sends BA with IPv4 Address Acknowledgement option. HA assigns an
IPv4 HoA to MN (a.b.c.d) and sets this value in IPv4 Home Address
field. HA creates a binding in its binding cache for both MN
IPv6 HoA and IPv4 HoA.
3. Note that 3GPP also supports dynamic home address configuration
for MN [3GPP24303]. Static allocation, e.g. DHCP server
returning IPv4 HoA in its reply message to DHCP Information
Request message is possible but dynamic allocation is the
preferred way.
4. MN sends IPv4 datagrams encapsulated in IPv6. MN acts as
Softwire Initiator (SI) of the Softwire NAT (SNAT). In IPv6
header, the source address is IPv6 care-of address
(2001:0:0:1::1) and destination address is IPv6 HA address (2001:
0:0:2::1). TCP destination port is 80 and source port is 10000.
IPv4 packet's source address MUST be IPv4 home address (a.b.c.d)
[RFC3775]. Destination address is CN's IPv4 address (128.0.0.1).
Sarikaya & Xia Expires April 23, 2010 [Page 9]
Internet-Draft Mobility Solutions October 2009
The encapsulated datagram is sent over the tunnel to HA whose
IPv6 address is 2001:0:0:2::1. HA decapsulates the datagram and
hands in the resulting IPv4 datagram to SNAT softwire
concentrator (SC) for translation. Based on the translation
table, SC generates IPv4 datagram 2. IPv4 destination address is
128.0.0.1, source address is 129.0.0.1, TCP source port is 5000
and destination port is 80.
5. SNAT SC receives a datagram whose source address is 128.0.0.1,
destination address is 129.0.0.1, TCP destination port is 5000
and source port is 80. After NAT translation, the header changes
to: IPv4 destination address a.b.c.d, source address 128.0.0.1,
TCP destination port is 10000 and source port is 80. HA receives
IPv4 datagram. It searches the binding cache for the destination
address. It finds the binding cache entry containing IPv6 home
address, IPv6 care-of address. HA encapsulates IPv4 datagram in
IPv6 header. The source address is IPv6 HA address
2001:0:0:2::1, destination address is IPv6 MN care-of address
2001:0:0:1::1. The resulting IPv6 datagram 4 is sent over HA to
MN tunnel. MN decapsulates IPv6 datagram 4 and obtains IPv4
datagram. IPv4 datagram destination address is a.b.c.d, source
address is 128.0.0.1, TCP destination port is 10000, source port
is 80.
6. MN handoffs and gets connected to a different ASN-GW. MN gets
another IPv6 care-of address, possibly using stateless address
configuration or using DHCPv6. MN sends a BU to HA to register
its new care-of address. MN MUST include IPv4 Home Address
option. IPv4 home address field must be set to a.b.c.d. MN
receives a BA.
4.2. Combined Operation of HA and CGN
Similar considerations described above in Section 3.2 apply here also
for the combined operation of HA and CGN.
4.3. Other Considerations
One important aspect of DS Lite operation is that all MNs share the
same IPv4 home address of a.b.c.d. This address is to be assigned by
IANA. The disambiguation at SNAT SC is done using the tunnel
endpoints.
Due to the sharing of the same IPv4 address, there is a restriction
on the number of ports each MN can use. If at a given moment 100 MNs
are sharing the same address the number of ports available to each MN
is approximately 650. However if the ports are allocated dynamically
the number of ports each MN gets may be increased depending on the
usage at each MN.
Sarikaya & Xia Expires April 23, 2010 [Page 10]
Internet-Draft Mobility Solutions October 2009
The fact that DS-lite network is IPv6 based and Mobile IPv6 hosts are
capable of encapsulating/decapsulating IPv4 datagrams in IPv6 several
scenarios in dual-stack Mobile IPv6 are not needed. This simplifies
the client Mobile IPv6 operation for dual-stack MN.
5. Security Considerations
This document does not by itself introduce any security issues.
6. IANA Considerations
None.
7. Acknowledgements
TBD.
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
June 1999.
[I-D.ietf-softwire-dual-stack-lite]
Durand, A., Droms, R., Haberman, B., Woodyatt, J., Lee,
Y., and R. Bush, "Dual-stack lite broadband deployments
post IPv4 exhaustion",
draft-ietf-softwire-dual-stack-lite-01 (work in progress),
July 2009.
[RFC5555] Soliman, H., "Mobile IPv6 Support for Dual Stack Hosts and
Routers", RFC 5555, June 2009.
[RFC5625] Bellis, R., "DNS Proxy Implementation Guidelines",
BCP 152, RFC 5625, August 2009.
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K.,
and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
[I-D.ietf-netlmm-pmip6-ipv4-support]
Sarikaya & Xia Expires April 23, 2010 [Page 11]
Internet-Draft Mobility Solutions October 2009
Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy
Mobile IPv6", draft-ietf-netlmm-pmip6-ipv4-support-17
(work in progress), September 2009.
[RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support
in IPv6", RFC 3775, June 2004.
8.2. Informative references
[RFC5121] Patil, B., Xia, F., Sarikaya, B., Choi, JH., and S.
Madanapalli, "Transmission of IPv6 via the IPv6
Convergence Sublayer over IEEE 802.16 Networks", RFC 5121,
February 2008.
[I-D.ietf-netlmm-grekey-option]
Muhanna, A., Khalil, M., Gundavelli, S., and K. Leung,
"GRE Key Option for Proxy Mobile IPv6",
draft-ietf-netlmm-grekey-option-09 (work in progress),
May 2009.
[I-D.ietf-mip6-hiopt]
Jang, H., Yegin, A., Chowdhury, K., and J. Choi, "DHCP
Options for Home Information Discovery in MIPv6",
draft-ietf-mip6-hiopt-17 (work in progress), May 2008.
[3GPP23402]
"3GPP TS 23.402. Architecture enhancements for non-3GPP
accesses.", June 2009.
[3GPP24303]
"3GPP TS 24.303. Mobility Management Using Dual-Stack
Mobile IPv6.", March 2009.
[WiMAXnwg]
"WiMAX Forum Networking Working Group Stage 3
Specification Release 1.5.", March 2009.
Sarikaya & Xia Expires April 23, 2010 [Page 12]
Internet-Draft Mobility Solutions October 2009
Authors' Addresses
Behcet Sarikaya
Huawei USA
1700 Alma Dr. Suite 500
Plano, TX 75075
Phone: +1 972-509-5599
Email: sarikaya@ieee.org
Frank Xia
Huawei USA
1700 Alma Dr. Suite 500
Plano, TX 75075
Phone: +1 972-509-5599
Email: xiayangsong@huawei.com
Sarikaya & Xia Expires April 23, 2010 [Page 13]