Network Working Group N. Matsuhira Internet-Draft Fujitsu Limited Intended status: Experimental July 6, 2012 Expires: January 7, 2013 Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology: Global SA46T Address Format draft-matsuhira-sa46t-gaddr-05 Abstract This document proposes Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology (SA46T) Global Address Format. SA46T can apply to organization's network individually, but if coordination between the organizations made, the total number of times of encapsulations and decapusulations can be reduced. That coordination is achieved by using same SA46T address format, that is Global address. This document proposes SA46T Global address format. SA46T is a gateway technology, not protocol. But SA46T Global Address needs IANA assignment, so this document should be categorized standard track or experimental. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 7, 2013. Matsuhira Expires January 7, 2013 [Page 1] Internet-Draft SA46T gaddr July 2012 Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. SA46T Global Address . . . . . . . . . . . . . . . . . . . . . 5 2.1. Option 1: Allocate new SA46T address prefix . . . . . . . 5 2.2. Option 2: Adjustment with IPv6 address with Embedded IPv4 addresses . . . . . . . . . . . . . . . . . . . . . . 6 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . . 9 6.2. Informative References . . . . . . . . . . . . . . . . . . 10 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 10 Matsuhira Expires January 7, 2013 [Page 2] Internet-Draft SA46T gaddr July 2012 1. Introduction This document proposes Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology (SA46T) Global Address Format. SA46T [I-D.draft-matsuhira-sa46t-spec]can apply to organization's network individually. Figure 1 shows such example. Organization A applies SA46T and makes backbone network to IPv6 only, and this operation has no effect to Organization B and others. <------- Organization A -------> : <------- Organization B -------> : +-------+ : +-------+ |Router +----:----+Router | |(Dual) | : |(Dual) | +---+---+ : +---+---+ | : | +-------+ : | | SA46T | : | +---+---+ : | | : | /-----------------------+-----\ : /-----+-----------------------\ | | : | | | Backbone Network | : | Backbone Network | | (IPv6 only) | : | (Dual Stack) | | | : | | \-----+----------------+------/ : \-----+----------------+------/ | | : | | +-------+ +-------+ : | | | SA46T | | SA46T | : | | +-------+ +-------+ : | | | | : | | /-----+------\ /-----+------\ : /-----+------\ /-----+------\ | | | | : | | | | |Stub Network| |Stub Network| : |Stub Network| |Stub Network| |(IPv4 only) | |(Dual Stack)| : |(IPv4 only) | |(Dual Stack)| | | | | : | | | | \------------/ \------------/ : \------------/ \------------/ : Figure 1 If organization B applies SA46T, network is just like Figure 2. In this network configuration, communication between IPv4 host in organization A and IPv4 host in organization B, IPv4 packet is encapsulated to IPv6 Packet, and decapsulated to IPv4, and Matsuhira Expires January 7, 2013 [Page 3] Internet-Draft SA46T gaddr July 2012 encapsulated to IPv6, and decapsulated to IPv4. There are two times encapsulations, and two times decapusulations. If number of organization which applies SA46T increase, number of encapsulations and decapusulation will increase. <------- Organization A -------> : <------- Organization B -------> : +-------+ : +-------+ |Router +----:----+Router | |(Dual) | : |(Dual) | +-------+ : +-------+ | : | +-------+ : +-------+ | SA46T | : | SA46T | +-------+ : +-------+ | : | /-----------------------+-----\ : /-----+-----------------------\ | | : | | | Backbone Network | : | Backbone Network | | (IPv6 only) | : | (IPv6 only) | | | : | | \-----+----------------+------/ : \-----+----------------+------/ | | : | | +---+---+ +---+---+ : +---+---+ +---+---+ | SA46T | | SA46T | : | SA46T | | SA46T | +---+---+ +---+---+ : +---+---+ +---+---+ | | : | | /-----+------\ /-----+------\ : /-----+------\ /-----+------\ | | | | : | | | | |Stub Network| |Stub Network| : |Stub Network| |Stub Network| | (IPv4 only)| |(Dual Stack)| : |(IPv4 only) | |(Dual Stack)| | | | | : | | | | \------------/ \------------/ : \------------/ \------------/ : Figure 2 But if coordination between the organizations are made, the total number of times of encapsulations and decapusulations can be reduced. Figure 3 shows such example. That coordination is achieved by using same SA46T address format. This is the reason for the proposal of SA46T Global address. When most of IPv4 node moves to IPv6 and few IPv6 node exists, such coodination in the Internet scale is useful and efficient to co-existing IPv6 and IPv4. Matsuhira Expires January 7, 2013 [Page 4] Internet-Draft SA46T gaddr July 2012 <------- Organization A -------> : <------- Organization B -------> : +-------+ : +-------+ |Router +----:----+Router | |(IPv6) | : |(IPv6) | +---+---+ : +---+---+ | : | /-----------------------+-----\ : /-----+-----------------------\ | | : | | | Backbone Network | : | Backbone Network | | (IPv6 only) | : | (IPv6 only) | | | : | | \-----+----------------+------/ : \-----+----------------+------/ | | : | | +---+---+ +---+---+ : +---+---+ +---+---+ | SA46T | | SA46T | : | SA46T | | SA46T | +---+---+ +---+---+ : +---+---+ +---+---+ | | : | | /-----+------\ /-----+------\ : /-----+------\ /-----+------\ | | | | : | | | | |Stub Network| |Stub Network| : |Stub Network| |Stub Network| |(IPv4 only) | |(Dual Stack)| : |(IPv4 only) | |(Dual Stack)| | | | | : | | | | \------------/ \------------/ : \------------/ \------------/ : Figure 3 2. SA46T Global Address Figure 4 shows SA46T address architecture[I-D.draft-matsuhira-sa46t-spec]. | 96 - m bits | m bits | 32 bits | +-----------------------+--------------------------+--------------+ | SA46T address prefix | IPv4 network plane ID | IPv4 address | +-----------------------+--------------------------+--------------+ Figure 4 2.1. Option 1: Allocate new SA46T address prefix This option requests special IPv6 address prefix for SA46T. Figure 5 shows SA46T Global Address Format. Matsuhira Expires January 7, 2013 [Page 5] Internet-Draft SA46T gaddr July 2012 | 96 - m bits | m | 32 bits | +--------------------------------------+------+------------------+ | SA46T address prefix |PID* | IPv4 address | +--------------------------------------+------+------------------+ PID: IPv4 network plane ID Figure 5 Table 1 shows SA46T IPv4 network plane ID length (m) and SA46T prefix length and number of plane. +----+---------------+-----------------+ | m | prefix length | number of plane | +----+---------------+-----------------+ | 16 | 80 | 65536 | | 32 | 64 | 4294967296 | +----+---------------+-----------------+ Table 1 Table 2 is an example of SA46T IPv4 network plane ID management table. Value 0 should be assigned to IPv4 Global Internet, and the other are reserved for IPv4 private networks. +----------------+--------------------------------------------+ | plane ID value | assign to | +----------------+--------------------------------------------+ | 0 | Global IPv4 Internet (IPv4 Global address) | | 1 | Reserved | | 2 | Reserved | | .... | .... | +----------------+--------------------------------------------+ Table 2 These value except zero are reserved for stacking IPv4 private network over IPv6 Internet with SA46T. In future, if there are much demand for stacking IPv4 private network, These usage of reserved ID value may be defined. At that time, central coordination or assignment should be discussed too. 2.2. Option 2: Adjustment with IPv6 address with Embedded IPv4 addresses RFC4291 [RFC4291] define IPv6 addresses with Embedded IPv4 addresses. SA46T address is such addresses. Therefore merging SA46T global address into IPv6 addresses with Embedded IPv4 addresses may be possible. Matsuhira Expires January 7, 2013 [Page 6] Internet-Draft SA46T gaddr July 2012 Figure 6 shows IPv4 Compatible IPv6 address, and Figure 7 shows IPv4- Mapped IPv6 address. | 80 bits | 16 | 32 bits | +--------------------------------------+--------------------------+ |0000..............................0000|0000| IPv4 address | +--------------------------------------+----+---------------------+ Figure 6 | 80 bits | 16 | 32 bits | +--------------------------------------+--------------------------+ |0000..............................0000|FFFF| IPv4 address | +--------------------------------------+----+---------------------+ Figure 7 It seem that 80bits prefix (all zero) shows IPv6 addresses with Embedded IPv6 addresses, and continued 16bits shows more detail, 0x0000 means IPv4-Compatible addresses and 0xFFFF means IPv4-Mapped addresses. Adjustment with such format, IPv6 addresses with Embedded IPv4 addresses may redefine such format. Figure 8 shows such format. | 80 bits | 16 | 32 bits | +--------------------------------------+--------------------------+ |0000..............................0000| EID| IPv4 address | +--------------------------------------+----+---------------------+ Figure 8 Where IPv4 Embedded address prefix IPv4 Embedded prefix. 80 bits long, value is zero. EID Embedded ID. Indicates Type of IPv6 addresses with Embedded IPv4 address. This value MUST be globally unique. See below for more detail. Matsuhira Expires January 7, 2013 [Page 7] Internet-Draft SA46T gaddr July 2012 IPv4 address IPv4 address Table 3 shows EID value of proposed IPv6 addresses with Embedded IPv4 addresses and the detail usage. EID = 0x0000 shows this IPv6 addresses with Embedded IPv4 address is the IPv4-Compatible IPv6 address, and EID=0xFFFF shows this IPv6 addresses with Embedded IPv4 address is the IPv4-Mapped address. In this proposal, EID value except 0x0000 and 0xFFFF is for SA46T usage, and EID=0x0001 shows this IPv6 addresses is used for SA46T for IPv4 Internet, that mean, IPv4 address is limited for global and inhibit for private address. In this proposal, EID value except 0x0000, 0x0001 and 0xFFFF are reserved for SA46T. These value are reserved for stacking IPv4 private network over IPv6 Internet with SA46T. In future, if there is much demand for stacking IPv4 private network, these usage of reserved EID value may be defined. At that time, central coordination or assignment should be discussed too. +--------+---------------------------------------------------------+ | EID | detail | +--------+---------------------------------------------------------+ | 0x0000 | IPv4 Compatible IPv6 address | | 0x0001 | SA46T address for IPv4 Internet (IPv4 Global Addresses) | | 0x0002 | Reserved for SA46T | | .... | .... | | 0xFFFE | Reserved for SA46T | | 0xFFFF | IPv4-Mapped IPv6 address | +--------+---------------------------------------------------------+ Table 3 3. IANA Considerations This document may requests IANA to assign IPv6 prefix for SA46T Global address. This document proposes two option. One is New IPv6 address prefix for SA46T. Another is adjustment with IPv6 address with Embedded IPv4 addresses. The Well-known preifx 0000::/8 is reserved by IETF [RFC4291]. If new IPv6 address prefix for SA46T is allocated from 0000::/8 space by IETF, this document request no actions for IANA. And also, if Matsuhira Expires January 7, 2013 [Page 8] Internet-Draft SA46T gaddr July 2012 adjustment with IPv6 adddress with Embedded IPv4 addresses is approved by IETF, this document request no actions for IANA. Note to RFC Editor: this section may be removed on publication as an RFC. 4. Security Considerations SA46T uses automatic Encapsulation / Decapsulation technologies. Security consideration related tunneling technologies are discussed in RFC2893 [RFC2893], RFC2267 [RFC2267], etc. 5. Acknowledgements This document is based on Naoki Matsuhira's original ideas and an individual effort of the author. Review and encouragement have been provided by many others. Particulary Akira Kato at WIDE Project / Keio University and Masanobu Katoh at Fujitsu. Originally, SA46T is an abbreviation for "Stateless Automatic IPv4 over IPv6 Tunneling". Now, SA46T is an abbreviation for "Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology". This change was made in response to the indication from the softwire WG chair at 4th softwire interim meeting in September 2011. 6. References 6.1. Normative References [I-D.draft-matsuhira-sa46t-spec] Matsuhira, N., "Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology: Specification", July 2012. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. Matsuhira Expires January 7, 2013 [Page 9] Internet-Draft SA46T gaddr July 2012 6.2. Informative References [RFC2267] Ferguson, P. and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", RFC 2267, January 1998. [RFC2893] Gilligan, R. and E. Nordmark, "Transition Mechanisms for IPv6 Hosts and Routers", RFC 2893, August 2000. Author's Address Naoki Matsuhira Fujitsu Limited 1-1, Kamikodanaka 4-chome, Nakahara-ku Kawasaki, 211-8588 Japan Phone: +81-44-754-3466 Email: matsuhira@jp.fujitsu.com Matsuhira Expires January 7, 2013 [Page 10]