Internet DRAFT - draft-xli-softwire-map-testing
draft-xli-softwire-map-testing
Network Working Group X. Li
Internet-Draft C. Bao
Intended status: Informational G. Han
Expires: April 20, 2018 CERNET Center/Tsinghua
University
W. Dec
Cisco Systems
October 17, 2017
MAP Interoperability Testing Results
draft-xli-softwire-map-testing-09
Abstract
This document presents the testing results of a unified code
accommodating encapsulation and translation modes of Mapping of
Address and Port (MAP). Experiments show that the unified MAP CE is
not only supporting MAP-E and MAP-T modes, but also backward
compatible with AFTR of dual-stack lite and stateless/stateful NAT64.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 20, 2018.
Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
Li, et al. Expires April 20, 2018 [Page 1]
Internet-Draft MAP Interoperability Testing Results October 2017
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Testing Topology . . . . . . . . . . . . . . . . . . . . . 3
2. MAP specifications . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Mapping Rules and the Address Formats . . . . . . . . . . 3
2.2. Port Mapping Algorithm . . . . . . . . . . . . . . . . . . 4
2.3. Forwarding Modes . . . . . . . . . . . . . . . . . . . . . 4
2.4. Implementation . . . . . . . . . . . . . . . . . . . . . . 5
3. MAP Testing . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1. MAP-T . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2. MAP-E . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.3. 1:1 mode MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . 6
3.4. Mixed MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . . 7
4. Backward Compatibility Testing . . . . . . . . . . . . . . . . 8
4.1. AFTR of dual-stack lite . . . . . . . . . . . . . . . . . 8
4.2. NAT64 with double translation . . . . . . . . . . . . . . 9
5. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 9
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 10
9. Normative References . . . . . . . . . . . . . . . . . . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11
Li, et al. Expires April 20, 2018 [Page 2]
Internet-Draft MAP Interoperability Testing Results October 2017
1. Introduction
Generic mechanism for mapping between an IPv4 prefix, address or
parts of thereof, and transport layer ports and an IPv6 prefix or
address with translation mode and encapsulation mode are specified in
[RFC7599] [RFC7597]. This document presents testing results of a
unified code containing translation and encapsulation modes of
Mapping of Address and Port (MAP). The backward compatibility of MAP
CE with AFTR of dual-stack lite and NAT64 of stateful translation are
also presented.
1.1. Testing Topology
The testing topology is shown in the following figure.
----- ------
.-| CE.0|---|Host.0|
/ ----- ------
------ ----- |
/ The \ ----- / An \ | ----- ------
| IPv4 |--| BR |---| IPv6 |------| CE.1|---|Host.1|
\Internet/ | | ^ \Network/ | ----- ------
------ ----- | ----- |
| \ ----- ------
tcpdump -| CE.K|---|Host.K|
----- ------
Figure 1: Generic testing topology
Where, BR is the MAP Border Relay, CE is the MAP Customer Edge. Both
BR and CE can be configured in translation mode (MAP-T) or
encapsulation mode (MAP-E), independently. A tcpdump process is
running between BR and CE to get the packet header information.
2. MAP specifications
The code tested in this document follows the MAP specification
defined in [RFC7599] [RFC7597], which contain the Mapping Rules, the
Port Mapping Algorithm and the Forwarding Mode. The explicit address
format and configuration parameters used for the code are presented
in the following sections.
2.1. Mapping Rules and the Address Formats
The address format of Basic Mapping Rule (BMR) and Forwarding Mapping
Rule (FMR) are defined in the following figure. Also note that
translation mode (MAP-T) and encapsulation mode (MAP-E) have the same
Li, et al. Expires April 20, 2018 [Page 3]
Internet-Draft MAP Interoperability Testing Results October 2017
address format of BMR/FMR.
<-- n bits -->|<o bits>|<-m bits>|< 8>|<---- L>=32 ------>|<--56-L-->
|0 63| 127|
+-------------+--------+---------+----+--------------+----+---------+
| IPv6 prefix |EA bits |Subnet-id| u | IPv4 address |PSID| 0 |
+-------------+--------+---------+----+--------------+----+---------+
<End-user IPv6 prefix >|
Figure 2: BMR/FMR in translation and encapsulation modes
The address format of Default Mapping Rule is different for
translation (MAP-T) and encapsulation (MAP-E), as shown in the
following figures.
|0 63| 127|
+--------------------------------+----+--------------+--------------+
| BR prefix | u | IPv4 address | 0 |
+--------------------------------+----+--------------+--------------+
Figure 3: DMR in translation mode
|0 127|
+-------------------------------------------------------------------+
| BR IPv6 address |
+-------------------------------------------------------------------+
Figure 4: DMR in encapsulation mode
The testing presented in this document is for the Hubs and Spokes
scenario, and therefore, only BMR and DMR are required in each CE.
2.2. Port Mapping Algorithm
The port mapping algorithm is called Generalized Modulus Algorithm
(GMA), which contains the sharing ratio (R=2^k), the maximum number
of contiguous ports (M=2^m) and the Port-Set Identifiers (PSID).
2.3. Forwarding Modes
The MAP has two forwarding modes, the translation (MAP-T) and
encapsulation (MAP-E). The header processing algorithms of the
Li, et al. Expires April 20, 2018 [Page 4]
Internet-Draft MAP Interoperability Testing Results October 2017
translation and the encapsulation modes are defined in [RFC6145] and
[RFC2473], respectively.
2.4. Implementation
The MAP specification is implemented in Linux environment under GPL
[map-code].
The CE related configuration parameters are:
-i specify the name of the Ethernet device connected to IPv4 world
-I specify the name of the Ethernet device connected to IPv6 world
-H specify in CE mode
-a specify the IPv4 address and mask of the host behind the CE
-P specify the IPv6 rule prefix and prefix length of the host behind
the CE
-R specify the associated IPv4 address sharing ratio R of the host
behind the CE
-M specify the associated M parameter of the host behind the CE
device
-o specify the PSID of the host behind the CE
-N specify in NAT44 mode. The '-A' option is required.
-A specify the public IPv4 address and mask which the host behind the
CE device is mapped into. In this case, the '-a' option will
specify the private IPv4 network and prefix length
-X specify the IPv6 prefix is not containing EA-bits
3. MAP Testing
The configuration examples and the testing results of the MAP's
translation mode (MAP-T), the encapsulation mode (MAP-E), MAP-T/MAP-E
1:1 modes and the mixed MAP-T/MAP-E modes are shown in this section.
The basic testing method is from an IPv4 host connected to CE to ping
an IPv4 server (202.112.35.254) connected to BR. The tcpdump records
the packet headers of the echo request and echo reply messages.
Li, et al. Expires April 20, 2018 [Page 5]
Internet-Draft MAP Interoperability Testing Results October 2017
3.1. MAP-T
The MAP CE in MAP-T mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T
utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 0 -c 1440 -T
The tcpdump data samples are:
09:42:16.526809 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8:
b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 18177, length
40
09:42:16.527448 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8:
b4b6:100:ca:2675:100:0: ICMP6, echo reply, seq 18177, length 40
3.2. MAP-E
The MAP CE in MAP-E mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E
utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 8 -c 1400 -E
The tcpdump data samples are:
09:38:43.326429 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8:
b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo
request, id 1040, seq 32512, length 40
09:38:43.327786 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6:
180:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo
reply, id 1040, seq 32512, length 40
3.3. 1:1 mode MAP-T/MAP-E
The 1:1 mode MAP-T/MAP-E means that each CE has its own mapping rule
with or without the IPv4 address sharing.
The MAP CE in MAP-T 1:1 mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T
utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1440
Li, et al. Expires April 20, 2018 [Page 6]
Internet-Draft MAP Interoperability Testing Results October 2017
-T
The tcpdump data samples are:
22:53:30.977999 IP6 2001:da8:b4b6:2700:ca:2675:100:0 > 2001:da8:
b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 7113, length 40
22:53:30.978876 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8:
b4b6:2700:ca:2675:100:0: ICMP6, echo reply, seq 7113, length 40
The MAP CE in MAP-E 1:1 mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E
utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1400
-E
The tcpdump data samples are:
22:56:29.661058 IP6 2001:da8:b4b6:2700:ca:2675:180:0 > 2001:da8:
b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo
request, id 4113, seq 7276, length 40
22:56:29.661751 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6:
2700:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo
reply, id 4113, seq 7276, length 40
3.4. Mixed MAP-T/MAP-E
The CE and BR can be configured in different modes, for example CE
can be configured in translation mode and BR can be configured in
encapsulation mode. The reason is that the forwarding mode is only
required in the IPv4 to IPv6 direction, while it can be automatically
identified by checking the value of the next header in the IPv6
packets in the IPv6 to IPv4 direction. This feature provides great
flexibility to the users and operators to select desired forwarding
mode without dropping a single packet in different forwarding mode.
The following are two examples of BR and CE in different forwarding
modes with the configurations shown in MAP-T and MAP-E sections.
When BR is in T mode and CE is in E mode, the tcpdump data samples
are:
09:39:48.829067 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8:
b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo
request, id 1040, seq 47104, length 40
Li, et al. Expires April 20, 2018 [Page 7]
Internet-Draft MAP Interoperability Testing Results October 2017
09:39:48.833054 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8:
b4b6:180:ca:2675:180:0: ICMP6, echo reply, seq 47104, length 40
When BR is in E mode and CE is in T mode, the tcpdump data samples
are:
09:44:11.692130 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8:
b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 41473, length
40
09:44:11.693044 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6:
100:ca:2675:100:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo
reply, id 1024, seq 41473, length 40
4. Backward Compatibility Testing
The MAP CE is backward compatible to dual-stack lite in the E mode
and to NAT64 in the T mode.
4.1. AFTR of dual-stack lite
Dual-stack lite is a stateful encapsulation technology defined in
[RFC6333]. For the testing, the MAP BR is replaced by dual-stack
lite AFTR [dual-stack-lite-code].
The MAP CE is configured as:
utils/ivictl -r -d -P 2001::1/128
utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A
10.255.255.1/24 -P 2001:da8:b001:1009::/64 -R 16 -M 2 -o 0 -c 1400
-E
The tcpdump data samples are:
22:48:42.536559 IP6 2001:da8:b001:1009:a:ffff:100:0 > 2001::1: IP
10.255.255.1 > 202.112.35.254: ICMP echo request, id 1024, seq
41473, length 40
22:48:42.539352 IP6 2001::1 > 2001:da8:b001:1009:a:ffff:100:0: IP
202.112.35.254 > 10.255.255.1: ICMP echo reply, id 1024, seq
41473, length 40
Li, et al. Expires April 20, 2018 [Page 8]
Internet-Draft MAP Interoperability Testing Results October 2017
4.2. NAT64 with double translation
NAT64 is a stateful translation technology defined in [RFC6146] and
[RFC6145]. For the testing, the MAP BR is replaced by NAT64
[nat64-code].
The MAP CE is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:1000::/64 -T
utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A
2.2.2.2/32 -P 2001:da8:b001:fff9::/64 -R 16 -M 2 -o 0 -c 1440 -T
The tcpdump data samples are:
09:24:16.478385 IP6 2001:da8:b001:fff9:2:202:200:0 > 2001:da8:
b4b6:1000:ca:7023:fe00:0: ICMP6, echo request, seq 25600, length
40
09:24:16.479638 IP6 2001:da8:b4b6:1000:ca:7023:fe00:0 > 2001:da8:
b001:fff9:2:202:200:0: ICMP6, echo reply, seq 25600, length 40
Note that for this scenario, the CE defined in [RFC6877] can also
achieve this goal.
5. Conclusions
Although only the echo request/echo reply testing results with the
corresponding MAP CE configuration examples are presented in this
document, the TCP/UDP applications are also tested in CERNET/CERNET2
successfully. The concluding remarks are:
o A unified MAP can support MAP-T, MAP-E, 1:1 mode MAP-T/MAP-E and
even the mixed modes without introducing additional complexity.
o A unified MAP CE can be configured to support MAP-T, MAP-E, 1:1
mode MAP-T/MAP-E, mixed MAP-T/MAP-E, and backward compatible with
stateless NAT64, stateful NAT64 and dual-stack lite.
6. Security Considerations
This document does not introduce any new security considerations.
Li, et al. Expires April 20, 2018 [Page 9]
Internet-Draft MAP Interoperability Testing Results October 2017
7. IANA Considerations
None.
8. Acknowledgments
The authors would like to acknowledge the following contributors of
this document: Weicai Wang, Wentao Shang and Rajiv Asati.
9. Normative References
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473,
December 1998, <https://www.rfc-editor.org/info/rfc2473>.
[RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
Algorithm", RFC 6145, DOI 10.17487/RFC6145, April 2011,
<https://www.rfc-editor.org/info/rfc6145>.
[RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful
NAT64: Network Address and Protocol Translation from IPv6
Clients to IPv4 Servers", RFC 6146, DOI 10.17487/RFC6146,
April 2011, <https://www.rfc-editor.org/info/rfc6146>.
[RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
Stack Lite Broadband Deployments Following IPv4
Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011,
<https://www.rfc-editor.org/info/rfc6333>.
[RFC6877] Mawatari, M., Kawashima, M., and C. Byrne, "464XLAT:
Combination of Stateful and Stateless Translation",
RFC 6877, DOI 10.17487/RFC6877, April 2013,
<https://www.rfc-editor.org/info/rfc6877>.
[RFC7597] Troan, O., Ed., Dec, W., Li, X., Bao, C., Matsushima, S.,
Murakami, T., and T. Taylor, Ed., "Mapping of Address and
Port with Encapsulation (MAP-E)", RFC 7597, DOI 10.17487/
RFC7597, July 2015,
<https://www.rfc-editor.org/info/rfc7597>.
[RFC7599] Li, X., Bao, C., Dec, W., Ed., Troan, O., Matsushima, S.,
and T. Murakami, "Mapping of Address and Port using
Translation (MAP-T)", RFC 7599, DOI 10.17487/RFC7599,
July 2015, <https://www.rfc-editor.org/info/rfc7599>.
[dual-stack-lite-code]
Li, et al. Expires April 20, 2018 [Page 10]
Internet-Draft MAP Interoperability Testing Results October 2017
"Dual-stack Lite Code:
http://www.isc.org/software/aftr/11".
[map-code]
"MAP Code: http://mapt.ivi2.org:8039/mapt.html".
[nat64-code]
"NAT64 Code: http://ecdysis.viagenie.ca/download.html".
Authors' Addresses
Xing Li
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: xing@cernet.edu.cn
Congxiao Bao
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: congxiao@cernet.edu.cn
Guoliang Han
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: bupthgl@gmail.com
Li, et al. Expires April 20, 2018 [Page 11]
Internet-Draft MAP Interoperability Testing Results October 2017
Wojciech Dec
Cisco Systems
Haarlerbergpark Haarlerbergweg 13-19
Amsterdam, NOORD-HOLLAND 1101 CH
Netherlands
Phone:
Email: wdec@cisco.com
Li, et al. Expires April 20, 2018 [Page 12]