| draft-ietf-v6ops-464xlat-00.txt | draft-ietf-v6ops-464xlat-01.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force M. Mawatari | Internet Engineering Task Force M. Mawatari | |||
| Internet-Draft Japan Internet Exchange Co.,Ltd. | Internet-Draft Japan Internet Exchange Co.,Ltd. | |||
| Intended status: Informational M. Kawashima | Intended status: Informational M. Kawashima | |||
| Expires: August 18, 2012 NEC AccessTechnica, Ltd. | Expires: September 13, 2012 NEC AccessTechnica, Ltd. | |||
| C. Byrne | C. Byrne | |||
| T-Mobile USA | T-Mobile USA | |||
| February 15, 2012 | March 12, 2012 | |||
| 464XLAT: Combination of Stateful and Stateless Translation | 464XLAT: Combination of Stateful and Stateless Translation | |||
| draft-ietf-v6ops-464xlat-00 | draft-ietf-v6ops-464xlat-01 | |||
| Abstract | Abstract | |||
| This document describes an architecture (464XLAT) for providing IPv4 | This document describes an architecture (464XLAT) for providing | |||
| connectivity across an IPv6-only network by combining existing and | limited IPv4 connectivity across an IPv6-only network by combining | |||
| well-known stateful protocol translation RFC 6146 in the core and | existing and well-known stateful protocol translation RFC 6146 in the | |||
| stateless protocol translation RFC 6145 at the edge. 464XLAT is a | core and stateless protocol translation RFC 6145 at the edge. 464XLAT | |||
| simple and scalable technique to quickly deploy IPv4 access service | is a simple and scalable technique to quickly deploy limited IPv4 | |||
| to mobile and wireline IPv6-only edge networks without encapsulation. | access service to mobile and wireline IPv6-only edge networks without | |||
| encapsulation. | ||||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on August 18, 2012. | This Internet-Draft will expire on September 13, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Motivation and Uniqueness of 464XLAT . . . . . . . . . . . . . 4 | |||
| 4. Motivation and Uniqueness of 464XLAT . . . . . . . . . . . . . 4 | 4. Network Architecture . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 5. Network Architecture . . . . . . . . . . . . . . . . . . . . . 5 | 4.1. Wireline Network Architecture . . . . . . . . . . . . . . 6 | |||
| 5.1. Wireline Network Architecture . . . . . . . . . . . . . . 6 | 4.2. Wireless 3GPP Network Architecture . . . . . . . . . . . . 7 | |||
| 5.2. Wireless 3GPP Network Architecture . . . . . . . . . . . . 7 | 5. Applicability . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 6. Applicability . . . . . . . . . . . . . . . . . . . . . . . . 7 | 5.1. Wireline Network Applicability . . . . . . . . . . . . . . 7 | |||
| 6.1. Wireline Network Applicability . . . . . . . . . . . . . . 7 | 5.2. Wireless 3GPP Network Applicability . . . . . . . . . . . 8 | |||
| 6.2. Wireless 3GPP Network Applicability . . . . . . . . . . . 8 | 6. Implementation Considerations . . . . . . . . . . . . . . . . 9 | |||
| 7. Implementation Considerations . . . . . . . . . . . . . . . . 9 | 6.1. IPv6 Address Format . . . . . . . . . . . . . . . . . . . 9 | |||
| 7.1. IPv6 Address Format . . . . . . . . . . . . . . . . . . . 9 | 6.2. IPv4/IPv6 Address Translation Chart . . . . . . . . . . . 10 | |||
| 7.2. IPv4/IPv6 Address Translation Chart . . . . . . . . . . . 10 | 6.3. Traffic Treatment Scenarios . . . . . . . . . . . . . . . 11 | |||
| 7.3. Traffic Treatment Scenarios . . . . . . . . . . . . . . . 11 | 6.4. DNS Proxy Implementation . . . . . . . . . . . . . . . . . 11 | |||
| 7.4. DNS Proxy Implementation . . . . . . . . . . . . . . . . . 11 | 6.5. IPv6 Prefix Handling . . . . . . . . . . . . . . . . . . . 11 | |||
| 7.5. IPv6 Prefix Handling . . . . . . . . . . . . . . . . . . . 11 | 6.6. CLAT in a Gateway . . . . . . . . . . . . . . . . . . . . 12 | |||
| 7.6. IPv6 Fragment Header Consideration . . . . . . . . . . . . 12 | 6.7. CLAT to CLAT communications . . . . . . . . . . . . . . . 12 | |||
| 7.7. CLAT in a Gateway . . . . . . . . . . . . . . . . . . . . 12 | 7. Deployment Considerations . . . . . . . . . . . . . . . . . . 12 | |||
| 7.8. CLAT to CLAT communications . . . . . . . . . . . . . . . 12 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | |||
| 8. Deployment Considerations . . . . . . . . . . . . . . . . . . 12 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 9. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 | 11.1. Normative References . . . . . . . . . . . . . . . . . . . 13 | |||
| 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 11.2. Informative References . . . . . . . . . . . . . . . . . . 14 | |||
| 12.1. Normative References . . . . . . . . . . . . . . . . . . . 13 | ||||
| 12.2. Informative References . . . . . . . . . . . . . . . . . . 14 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 1. Introduction | 1. Introduction | |||
| The IANA unallocated IPv4 address pool was exhausted on February 3, | The IANA unallocated IPv4 address pool was exhausted on February 3, | |||
| 2011. Each RIR's unallocated IPv4 address pool will exhaust in the | 2011. Each RIR's unallocated IPv4 address pool will exhaust in the | |||
| near future. It will be difficult for many networks to assign IPv4 | near future. It will be difficult for many networks to assign IPv4 | |||
| addresses to end users, despite substantial IP connectivity growth | addresses to end users, despite substantial IP connectivity growth | |||
| required for mobile devices, smart-grid, and cloud nodes. | required for mobile devices, smart-grid, and cloud nodes. | |||
| This document describes an IPv4 over IPv6 solution as one of the | This document describes an IPv4 over IPv6 solution as one of the | |||
| techniques for IPv4 service extension and encouragement of IPv6 | techniques for IPv4 service extension and encouragement of IPv6 | |||
| deployment. | deployment. 464XLAT is not a one for one replacement of full IPv4 | |||
| functionality. The 464XLAT IPv4 service is limited to application | ||||
| that function in a client server model and is not fit for IPv4 peer- | ||||
| to-peer communication or inbound IPv4 connections. | ||||
| The 464XLAT architecture described in this document uses IPv4/IPv6 | The 464XLAT architecture described in this document uses IPv4/IPv6 | |||
| translation standardized in [RFC6145] and [RFC6146]. It does not | translation standardized in [RFC6145] and [RFC6146]. It does not | |||
| require DNS64 [RFC6147], but it may use DNS64 to enable single | require DNS64 [RFC6147] since a host may simply send IPv4 packets, | |||
| stateful translation [RFC6146] instead of 464XLAT double translation | including packets to an IPv4 DNS server, which will be translated on | |||
| where possible. It is also possible to provide single IPv4/IPv6 | the CLAT to IPv6 and back to IPv4 on the PLAT. 464XLAT networks may | |||
| translation service, which will be needed in the future case of IPv6- | use DNS64 to enable single stateful translation [RFC6146] instead of | |||
| only servers and peers to be reached from legacy IPv4-only hosts. | 464XLAT double translation where possible. It is also possible to | |||
| The 464XLAT architecture encourages IPv6 transition by making IPv4 | provide single IPv4/IPv6 translation service, which will be needed in | |||
| services reachable across IPv6-only networks and providing IPv6 and | the future case of IPv6-only servers and peers to be reached from | |||
| IPv4 connectivity to single-stack IPv4 or IPv6 servers and peers. | legacy IPv4-only hosts. The 464XLAT architecture encourages IPv6 | |||
| transition by making IPv4 services reachable across IPv6-only | ||||
| networks and providing IPv6 and IPv4 connectivity to single-stack | ||||
| IPv4 or IPv6 servers and peers. | ||||
| Running a single-stack IPv6-only network has several operational | Running a single-stack IPv6-only network has several operational | |||
| benefits in terms of increasing scalability and decreasing | benefits in terms of increasing scalability and decreasing | |||
| operational complexity. Unfortunately, there are important cases | operational complexity. Unfortunately, there are important cases | |||
| where IPv6-only networks fail to meet subscriber expectations, as | where IPv6-only networks fail to meet subscriber expectations, as | |||
| described in [I-D.arkko-ipv6-only-experience]. The 464XLAT overcomes | described in [I-D.arkko-ipv6-only-experience]. The 464XLAT overcomes | |||
| the issues described in [I-D.arkko-ipv6-only-experience] to provide | the issues described in [I-D.arkko-ipv6-only-experience] to provide | |||
| subscribers the full dual-stack functionality while providing the | subscribers the full IPv6 and limited IPv4 functionality while | |||
| network operator the benefits of a simple yet highly scalable single- | providing the network operator the benefits of a simple yet highly | |||
| stack IPv6 network. | scalable single-stack IPv6 network. | |||
| 2. Requirements Language | ||||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | ||||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | ||||
| document are to be interpreted as described in [RFC2119]. | ||||
| 3. Terminology | 2. Terminology | |||
| PLAT: PLAT is Provider side translator(XLAT) that complies with | PLAT: PLAT is Provider side translator(XLAT) that complies with | |||
| [RFC6146]. It translates N:1 global IPv6 packets to global | [RFC6146]. It translates N:1 global IPv6 packets to global | |||
| IPv4 packets, and vice versa. | IPv4 packets, and vice versa. | |||
| CLAT: CLAT is Customer side translator(XLAT) that complies with | CLAT: CLAT is Customer side translator(XLAT) that complies with | |||
| [RFC6145]. It algorithmically translates 1:1 private IPv4 | [RFC6145]. It algorithmically translates 1:1 private IPv4 | |||
| packets to global IPv6 packets, and vice versa. The CLAT | packets to global IPv6 packets, and vice versa. The CLAT | |||
| function is applicable to a router or an end-node such as a | function is applicable to a router or an end-node such as a | |||
| mobile phone. CLAT SHOULD perform router function to | mobile phone. CLAT should perform router function to | |||
| facilitate packets forwarding through the stateless | facilitate packets forwarding through the stateless | |||
| translation even if it is an end-node. In addition to | translation even if it is an end-node. In addition to | |||
| stateless translation, the CLAT as a common home router or 3G | stateless translation, the CLAT as a common home router or 3G | |||
| router is expected to perform gateway functions such as DHCP | router is expected to perform gateway functions such as DHCP | |||
| server and DNS proxy for local clients. | server and DNS proxy for local clients. | |||
| UE: The 3GPP term for user equipment. The most common type of UE | UE: The 3GPP term for user equipment. The most common type of UE | |||
| is a mobile phone. | is a mobile phone. | |||
| PDP: A Packet Data Protocol (PDP) Context is the equivalent of a | PDP: A Packet Data Protocol (PDP) Context is the equivalent of a | |||
| virtual connection between the host and a gateway. | virtual connection between the host and a gateway. | |||
| 4. Motivation and Uniqueness of 464XLAT | 3. Motivation and Uniqueness of 464XLAT | |||
| 1. Minimal IPv4 resource requirements | ||||
| 464XLAT is the most efficient use of scarce IPv4 addresses for | 1. Minimal IPv4 resource requirements, maximum IPv4 efficiency | |||
| networks that have fast growing edges. The primary motivation | ||||
| for deploying IPv6 is the exhaustion of IPv4 addresses and the | ||||
| risk that exhaustion poses to future internet growth. 464XLAT | ||||
| directly takes on the challenge of IPv4 address exhaustion by | ||||
| providing efficient stateful IPv4 address sharing at the PLAT and | ||||
| decoupling the edge network growth from the availability of | ||||
| scarce IPv4 addresses. | ||||
| 464XLAT has low barriers to entry since only a small amount of | 464XLAT has low barriers to entry since only a small amount of | |||
| IPv4 addresses are needed to support the stateful translation | IPv4 addresses are needed to support the stateful translation | |||
| [RFC6146] function in the PLAT. | [RFC6146] function in the PLAT. With port-overloading, one IPv4 | |||
| address can support millions of simultaneous translations. | ||||
| Given that network operators are deploying IPv6 because IPv4 | Given that network operators are deploying IPv6-only access | |||
| resources are scarce, solutions that require dual-stack (no IPv4 | networks because IPv4 resources are scarce, solutions that | |||
| multiplexing) or stateless address sharing (bounded static | require dual-stack (no IPv4 multiplexing) or stateless address | |||
| address multiplexing) are simply not IPv4-efficient enough to | sharing (bounded static address multiplexing) are simply not | |||
| solve the two-pronged challenge of increasing IPv4 address | IPv4-efficient enough to solve the two-pronged challenge of | |||
| scarcity and continued exponential network edge growth. | increasing IPv4 address scarcity and continued exponential | |||
| network edge growth for network operators. | ||||
| 2. No new protocols required | 2. No new protocols required, quick deployment | |||
| 464XLAT can be deployed today, it uses existing RFCs ([RFC6145] | 464XLAT can be deployed today, it uses existing RFCs ([RFC6145] | |||
| and [RFC6146]), and there exists implementations for both | and [RFC6146]), and there exists implementations for both | |||
| wireline network (CLAT in the home router) and wireless 3GPP | wireline networks (CLAT in the home router) and wireless 3GPP | |||
| network (CLAT in the UE). The ability to quickly deploy 464XLAT | networks (CLAT in the UE). The ability to quickly deploy 464XLAT | |||
| is a critical feature given the urgency of IPv4 exhaustion and | is a critical feature given the urgency of IPv4 exhaustion and | |||
| brisk pace of internet growth. | brisk pace of internet growth. | |||
| 3. Cost-effective transition to IPv6 | 3. Cost-effective transition to IPv6 | |||
| When combined with DNS64 [RFC6147], the 464XLAT architecture only | When combined with DNS64 [RFC6147], the 464XLAT architecture only | |||
| requires double translation in the case of IPv4-referrals or | requires double translation in the case of IPv4-referrals or | |||
| IPv4-only socket calls. Consequently, the network traffic in the | IPv4-only socket calls. Consequently, the network traffic in the | |||
| ISP backbone network is predominately IPv6 end-to-end or single | ISP backbone network is predominately IPv6 end-to-end or single | |||
| translation. This is especially cost-effective in wireless 3GPP | translation. This is especially cost-effective in wireless 3GPP | |||
| GSM and UMTS networks that would otherwise require two separate | GSM and UMTS networks that would otherwise require two separate | |||
| PDP connections to support IPv4 and IPv6. | PDP connections to support IPv4 and IPv6. | |||
| While translation on the CLAT is not always used, the CLAT | While translation on the CLAT is not always used, the CLAT | |||
| function is crucial for enabling the IPv4-only applications and | function is crucial for enabling the IPv4-only applications. All | |||
| providing IP address family service parity to the end-users. All | ||||
| IPv6-native flows pass end-to-end without any translation. This | IPv6-native flows pass end-to-end without any translation. This | |||
| is a beneficial solution for end-users, content providers, and | is a beneficial solution for end-users, content providers, and | |||
| network operators that scale best with end-to-end IPv6 | network operators that scale best with end-to-end IPv6 | |||
| communication. | communication. | |||
| In summary, the 464XLAT architecture works today for service | In summary, the 464XLAT architecture works today for service | |||
| providers that require large-scale strategic IPv6 deployments to | providers that require large-scale strategic IPv6 deployments to | |||
| overcome the challenges of IPv4 address scarcity. Unlike other | overcome the challenges of IPv4 address scarcity. Since 464XLAT is | |||
| transition architectures associated with tunneling or | stateful, there is no tight coupling or IPv4 address coordination | |||
| [I-D.mdt-softwire-mapping-address-and-port], 464XLAT properly assumes | between the PLAT and the CLAT. Unlike other transition architectures | |||
| that IPv4 is scarce and IPv6 must work with today's existing systems | associated with tunneling or | |||
| as much as possible. In the case of tunneling, the tunneling | [I-D.mdt-softwire-mapping-address-and-port], 464XLAT assumes that | |||
| solutions like Dual-Stack Lite [RFC6333] are known to break existing | IPv4 is scarce and IPv6 must work with today's existing systems as | |||
| network based deep packet inspection solutions like 3GPP standardized | much as possible. In the case of tunneling, the tunneling solutions | |||
| Policy and Charging Control (PCC). 464XLAT does not require much IPv4 | like Dual-Stack Lite [RFC6333] are known to break existing network | |||
| based deep packet inspection solutions like 3GPP standardized Policy | ||||
| and Charging Control (PCC). 464XLAT does not require much IPv4 | ||||
| address space to enable the stateful translation [RFC6146] function | address space to enable the stateful translation [RFC6146] function | |||
| in the PLAT while providing global IPv4 and IPv6 reachability to | in the PLAT while providing global IPv4 and IPv6 reachability to | |||
| IPv6-only wireline and wireless subscribers. | IPv6-only wireline and wireless subscribers. | |||
| 5. Network Architecture | 4. Network Architecture | |||
| 464XLAT architecture is shown in the following figure. | 464XLAT architecture is shown in the following figure. | |||
| 5.1. Wireline Network Architecture | 4.1. Wireline Network Architecture | |||
| ---- | ---- | |||
| | v6 | | | v6 | | |||
| ---- | ---- | |||
| | | | | |||
| ---- | .---+---. .------. | ---- | .---+---. .------. | |||
| | v6 |-----+ / \ / \ | | v6 |-----+ / \ / \ | |||
| ---- | ------ / IPv6 \ ------ / IPv4 \ | ---- | ------ / IPv6 \ ------ / IPv4 \ | |||
| +---| CLAT |---+ Internet +---| PLAT |---+ Internet | | +---| CLAT |---+ Internet +---| PLAT |---+ Internet | | |||
| ------- | ------ \ / ------ \ / | ------- | ------ \ / ------ \ / | |||
| skipping to change at page 7, line 5 | skipping to change at page 7, line 5 | |||
| ----- | ----- | ----- | ----- | |||
| <- v4p -> XLAT <--------- v6 --------> XLAT <- v4g -> | <- v4p -> XLAT <--------- v6 --------> XLAT <- v4g -> | |||
| v6 : Global IPv6 | v6 : Global IPv6 | |||
| v4p : Private IPv4 | v4p : Private IPv4 | |||
| v4g : Global IPv4 | v4g : Global IPv4 | |||
| Figure 1: Wireline Network Topology | Figure 1: Wireline Network Topology | |||
| 5.2. Wireless 3GPP Network Architecture | 4.2. Wireless 3GPP Network Architecture | |||
| ---- | ---- | |||
| | v6 | | | v6 | | |||
| ---- | ---- | |||
| | | | | |||
| .---+---. | .---+---. | |||
| / \ | / \ | |||
| / IPv6 \ | / IPv6 \ | |||
| | Internet | | | Internet | | |||
| \ / | \ / | |||
| skipping to change at page 7, line 37 | skipping to change at page 7, line 37 | |||
| +----------------------+ ----- | +----------------------+ ----- | |||
| <- v4p -> XLAT <--------- v6 --------> XLAT <- v4g -> | <- v4p -> XLAT <--------- v6 --------> XLAT <- v4g -> | |||
| v6 : Global IPv6 | v6 : Global IPv6 | |||
| v4p : Private IPv4 | v4p : Private IPv4 | |||
| v4g : Global IPv4 | v4g : Global IPv4 | |||
| Figure 2: Wireless 3GPP Network Topology | Figure 2: Wireless 3GPP Network Topology | |||
| 6. Applicability | 5. Applicability | |||
| 6.1. Wireline Network Applicability | 5.1. Wireline Network Applicability | |||
| When an ISP has IPv6 access network infrastructure and 464XLAT, the | When an ISP has IPv6 access network infrastructure and 464XLAT, the | |||
| ISP can provide IPv4 service to end users across an IPv6 access | ISP can provide IPv4 service to end users across an IPv6 access | |||
| network. The result is that edge network growth is no longer tightly | network. The result is that edge network growth is no longer tightly | |||
| coupled to the availability of scarce IPv4 addresses. | coupled to the availability of scarce IPv4 addresses. | |||
| If the IXP or another provider operates the PLAT, the ISP is only | If the IXP or another provider operates the PLAT, the ISP is only | |||
| required to deploy an IPv6 access network. All ISPs do not need IPv4 | required to deploy an IPv6 access network. All ISPs do not need IPv4 | |||
| access networks. They can migrate their access network to a simple | access networks. They can migrate their access network to a simple | |||
| and highly scalable IPv6-only environment. Incidentally, Japan | and highly scalable IPv6-only environment. Incidentally, Japan | |||
| Internet Exchange(JPIX) is providing 464XLAT trial service since July | Internet Exchange(JPIX) is providing 464XLAT trial service since July | |||
| 2010. | 2010. In addition to this, the effectiveness of 464XLAT was | |||
| confirmed in the WIDE camp Spring 2012. The result is described in | ||||
| [I-D.hazeyama-widecamp-ipv6-only-experience]. | ||||
| 6.2. Wireless 3GPP Network Applicability | 5.2. Wireless 3GPP Network Applicability | |||
| The vast majority of mobile wireless networks are compliant to Pre- | The vast majority of mobile wireless networks are compliant to Pre- | |||
| Release 9 3GPP standards. In Pre-Release 9 3GPP networks, GSM and | Release 9 3GPP standards. In Pre-Release 9 3GPP networks, GSM and | |||
| UMTS networks must signal and support both IPv4 and IPv6 PDP | UMTS networks must signal and support both IPv4 and IPv6 PDP | |||
| attachments to access IPv4 and IPv6 network destinations. Since | attachments to access IPv4 and IPv6 network destinations. Since | |||
| there are 2 PDPs required to support 2 address families, this is | there are 2 PDPs required to support 2 address families, this is | |||
| double the number of PDPs required to support the status quo of 1 | double the number of PDPs required to support the status quo of 1 | |||
| address family, which is IPv4. Doubling the PDP count to support | address family, which is IPv4. Doubling the PDP count to support | |||
| IPv4 and IPv6 is generally not operationally viable since a large | IPv4 and IPv6 is generally not operationally viable since a large | |||
| portion of the network cost is derived from the number of PDP | portion of the network cost is derived from the number of PDP | |||
| skipping to change at page 9, line 8 | skipping to change at page 9, line 10 | |||
| with single translation or native IPv6 access. For the remaining 15% | with single translation or native IPv6 access. For the remaining 15% | |||
| of applications that require IPv4 connectivity, the CLAT function on | of applications that require IPv4 connectivity, the CLAT function on | |||
| the UE provides a private IPv4 address and IPv4 default-route on the | the UE provides a private IPv4 address and IPv4 default-route on the | |||
| host for the applications to reference and bind to. Connections | host for the applications to reference and bind to. Connections | |||
| sourced from the IPv4 interface are immediately routed to the CLAT | sourced from the IPv4 interface are immediately routed to the CLAT | |||
| function and passed to the IPv6-only mobile network, destine to the | function and passed to the IPv6-only mobile network, destine to the | |||
| PLAT. In summary, the UE has the CLAT function that does a stateless | PLAT. In summary, the UE has the CLAT function that does a stateless | |||
| translation [RFC6145], but only when required. The mobile network | translation [RFC6145], but only when required. The mobile network | |||
| has a PLAT that does stateful translation [RFC6146]. | has a PLAT that does stateful translation [RFC6146]. | |||
| 7. Implementation Considerations | 6. Implementation Considerations | |||
| 7.1. IPv6 Address Format | 6.1. IPv6 Address Format | |||
| IPv6 address format in 464XLAT is presented in the following format. | IPv6 address format in 464XLAT is presented in the following format. | |||
| +-----------------------------------------------+---------------+ | +-----------------------------------------------+---------------+ | |||
| | XLAT prefix(96) | IPv4(32) | | | XLAT prefix(96) | IPv4(32) | | |||
| +-----------------------------------------------+---------------+ | +-----------------------------------------------+---------------+ | |||
| IPv6 Address Format for 464XLAT | IPv6 Address Format for 464XLAT | |||
| Source address and destination address have IPv4 address embedded in | Source address and destination address have IPv4 address embedded in | |||
| the low-order 32 bits of the IPv6 address. The format is defined in | the low-order 32 bits of the IPv6 address. The format is defined in | |||
| Section 2.2 of [RFC6052]. However, 464XLAT does not use the Well- | Section 2.2 of [RFC6052]. However, 464XLAT does not use the Well- | |||
| Known IPv6 Prefix "64:ff9b::/96". | Known IPv6 Prefix "64:ff9b::/96". | |||
| 7.2. IPv4/IPv6 Address Translation Chart | 6.2. IPv4/IPv6 Address Translation Chart | |||
| Source IPv4 address | Source IPv4 address | |||
| +----------------------------+ | +----------------------------+ | |||
| | Global IPv4 (32bit) | | | Global IPv4 (32bit) | | |||
| | assigned to IPv4 pool@PLAT | | | assigned to IPv4 pool@PLAT | | |||
| +--------+ +----------------------------+ | +--------+ +----------------------------+ | |||
| | IPv4 | Destination IPv4 address | | IPv4 | Destination IPv4 address | |||
| | server | +----------------------------+ | | server | +----------------------------+ | |||
| +--------+ | Global IPv4 (32bit) | | +--------+ | Global IPv4 (32bit) | | |||
| ^ | assigned to IPv4 server | | ^ | assigned to IPv4 server | | |||
| skipping to change at page 11, line 5 | skipping to change at page 11, line 5 | |||
| | IPv4 | | assigned to IPv4 client | | | IPv4 | | assigned to IPv4 client | | |||
| | client | +----------------------------+ | | client | +----------------------------+ | |||
| +--------+ Destination IPv4 address | +--------+ Destination IPv4 address | |||
| +----------------------------+ | +----------------------------+ | |||
| | Global IPv4 (32bit) | | | Global IPv4 (32bit) | | |||
| | assigned to IPv4 server | | | assigned to IPv4 server | | |||
| +----------------------------+ | +----------------------------+ | |||
| IPv4/IPv6 Address Translation Chart | IPv4/IPv6 Address Translation Chart | |||
| 7.3. Traffic Treatment Scenarios | 6.3. Traffic Treatment Scenarios | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| | Server | Application | Traffic Treatment | Location of | | | Server | Application | Traffic Treatment | Location of | | |||
| | | and Host | | Translation | | | | and Host | | Translation | | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| | IPv6 | IPv6 | End-to-end IPv6 | None | | | IPv6 | IPv6 | End-to-end IPv6 | None | | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| | IPv4 | IPv6 | Stateful Translation | PLAT | | | IPv4 | IPv6 | Stateful Translation | PLAT | | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| | IPv4 | IPv4 | 464XLAT | PLAT/CLAT | | | IPv4 | IPv4 | 464XLAT | PLAT/CLAT | | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| | IPv6 | IPv4 | Stateless Translation | CLAT | | | IPv6 | IPv4 | Stateless Translation | CLAT | | |||
| +--------+-------------+-----------------------+-------------+ | +--------+-------------+-----------------------+-------------+ | |||
| Traffic Treatment Scenarios | Traffic Treatment Scenarios | |||
| The above chart shows most common traffic types and traffic | The above chart shows most common traffic types and traffic | |||
| treatment. | treatment. | |||
| 7.4. DNS Proxy Implementation | 6.4. DNS Proxy Implementation | |||
| The case of an IPv4-only node behind CLAT querying an IPv4 DNS server | The case of an IPv4-only node behind CLAT querying an IPv4 DNS server | |||
| is undesirable since it requires both stateful and stateless | is undesirable since it requires both stateful and stateless | |||
| translation for each DNS lookup. The CLAT SHOULD set itself as the | translation for each DNS lookup. The CLAT should set itself as the | |||
| DNS server via DHCP or other means and proxy DNS queries for IPv4 and | DNS server via DHCP or other means and proxy DNS queries for IPv4 and | |||
| IPv6 clients. Using the CLAT enabled home router or UE as a DNS | IPv6 clients. Using the CLAT enabled home router or UE as a DNS | |||
| proxy is a normal consume gateway function and simplifies the traffic | proxy is a normal consume gateway function and simplifies the traffic | |||
| flow so that only IPv6 native queries are made across the access | flow so that only IPv6 native queries are made across the access | |||
| network. The CLAT SHOULD allow for a client to query any DNS server | network. The CLAT should allow for a client to query any DNS server | |||
| of its choice and bypass the proxy. | of its choice and bypass the proxy. | |||
| 7.5. IPv6 Prefix Handling | 6.5. IPv6 Prefix Handling | |||
| In the best case, the CLAT will have a dedicated /64 via DHCPv6 or | In the best case, the CLAT will have a dedicated /64 via DHCPv6 or | |||
| other means to source and receive IPv6 packets associated with the | other means to source and receive IPv6 packets associated with the | |||
| [RFC6145] stateless translation of IPv4 packets to the local clients. | [RFC6145] stateless translation of IPv4 packets to the local clients. | |||
| In cases where the access network does not allow for a dedicated | In suboptimal cases where the access network does not allow for a | |||
| translation prefix, the CLAT SHOULD take ownership of the lowest /96 | dedicated translation prefix, CLAT may take ownership of a /96 from | |||
| from an attached interface's /64 to source and receive translation | an attached interface's /64 to source and receive translation | |||
| traffic. Establishing ownership of the /96 requires that the CLAT | traffic. If this case, the CLAT should actively avoid LAN address | |||
| SHOULD perform NDP so that no other nodes on the /64 may use the | conflicts for this claimed /96. Alternatively, the CLAT may do NAT44 | |||
| lowest /96. This will be the case for 3G phones on IPv6-only | such that all private IPv4 sourced LAN packets appears from one | |||
| networks that do not yet support DHCPv6 prefix delegation or the case | private IPv4 address which is statelessly translated to one IPv6 | |||
| for some wireline environments that can only receive RA. | address that the CLAT will own as a host IPv6 address from an IPv6 | |||
| /64 interface. | ||||
| The CLAT may discover the Pref64::/n of the PLAT via some method such | The CLAT may discover the Pref64::/n of the PLAT via some method such | |||
| as DHCPv6 option, TR-069, or | as DHCPv6 option, TR-069, DNS APL RR [RFC3123] or | |||
| [I-D.ietf-behave-nat64-discovery-heuristic]. | [I-D.ietf-behave-nat64-discovery-heuristic]. | |||
| 7.6. IPv6 Fragment Header Consideration | 6.6. CLAT in a Gateway | |||
| In the 464XLAT environment, the PLAT and CLAT SHOULD include an IPv6 | ||||
| Fragment Header, since IPv4 host does not set the DF bit. However, | ||||
| the IPv6 Fragment Header has been shown to cause operational | ||||
| difficulties in practice due to limited firewall fragmentation | ||||
| support, etc. Therefore, the PLAT and CLAT may provide a | ||||
| configuration function that allows the PLAT and CLAT not to include | ||||
| the Fragment Header for the non-fragmented IPv6 packets. The | ||||
| function provide a configuration function to adjust minimum IPv6 MTU, | ||||
| or can configure whether it include the Fragment Header. At any | ||||
| rate, both behaviors SHOULD match. | ||||
| 7.7. CLAT in a Gateway | ||||
| The CLAT is a stateless translation feature which can be implemented | The CLAT is a stateless translation feature which can be implemented | |||
| in a common home router or mobile phone that has a mobile router | in a common home router or mobile phone that has a mobile router | |||
| feature. The router with CLAT function SHOULD provide common router | feature. The router with CLAT function should provide common router | |||
| services such as DHCP of [RFC1918] addresses, DHCPv6, and DNS | services such as DHCP of [RFC1918] addresses, DHCPv6, and DNS | |||
| service. The router SHOULD set itself as the DNS server advertised | service. The router should set itself as the DNS server advertised | |||
| via DHCP or other means to the clients so that it may implement the | via DHCP or other means to the clients so that it may implement the | |||
| DNS proxy function to avoid double translation of DNS request. | DNS proxy function to avoid double translation of DNS request. | |||
| 7.8. CLAT to CLAT communications | 6.7. CLAT to CLAT communications | |||
| While CLAT to CLAT IPv4 communication may work when the client IPv4 | While CLAT to CLAT IPv4 communication may work when the client IPv4 | |||
| subnets do not overlap, this traffic flow is out of scope. 464XLAT is | subnets do not overlap, this traffic flow is out of scope. 464XLAT is | |||
| a hub and spoke architecture focused on enabling IPv4-only services | a hub and spoke architecture focused on enabling IPv4-only services | |||
| over IPv6-only access networks. | over IPv6-only access networks. | |||
| 8. Deployment Considerations | 7. Deployment Considerations | |||
| Even if the Internet access provider for consumers is different from | Even if the Internet access provider for consumers is different from | |||
| the PLAT provider (another Internet access provider or Internet | the PLAT provider (another Internet access provider or Internet | |||
| exchange provider, etc.), it can implement traffic engineering | exchange provider, etc.), it can implement traffic engineering | |||
| independently from the PLAT provider. Detailed reasons are below: | independently from the PLAT provider. Detailed reasons are below: | |||
| 1. The Internet access provider for consumers can figure out IPv4 | 1. The Internet access provider for consumers can figure out IPv4 | |||
| source address and IPv4 destination address from translated IPv6 | source address and IPv4 destination address from translated IPv6 | |||
| packet header, so it can implement traffic engineering based on | packet header, so it can implement traffic engineering based on | |||
| IPv4 source address and IPv4 destination address (e.g. traffic | IPv4 source address and IPv4 destination address (e.g. traffic | |||
| skipping to change at page 13, line 21 | skipping to change at page 13, line 8 | |||
| can identify the type of packets ("native IPv6 packets" and | can identify the type of packets ("native IPv6 packets" and | |||
| "IPv4/IPv6 translation packets"), and implement traffic | "IPv4/IPv6 translation packets"), and implement traffic | |||
| engineering based on IPv6 prefix. | engineering based on IPv6 prefix. | |||
| This 464XLAT architecture has two capabilities. One is a IPv4 -> | This 464XLAT architecture has two capabilities. One is a IPv4 -> | |||
| IPv6 -> IPv4 translation for sharing global IPv4 addresses, another | IPv6 -> IPv4 translation for sharing global IPv4 addresses, another | |||
| is a IPv4 -> IPv6 translation for reaching IPv6-only servers from | is a IPv4 -> IPv6 translation for reaching IPv6-only servers from | |||
| IPv4-only clients that can not support IPv6. IPv4-only clients must | IPv4-only clients that can not support IPv6. IPv4-only clients must | |||
| be support through the long period of global transition to IPv6. | be support through the long period of global transition to IPv6. | |||
| 9. Security Considerations | 8. Security Considerations | |||
| To implement a PLAT, see security considerations presented in Section | To implement a PLAT, see security considerations presented in Section | |||
| 5 of [RFC6146]. | 5 of [RFC6146]. | |||
| To implement a CLAT, see security considerations presented in Section | To implement a CLAT, see security considerations presented in Section | |||
| 7 of [RFC6145]. The CLAT MAY comply with [RFC6092]. | 7 of [RFC6145]. The CLAT may comply with [RFC6092]. | |||
| 10. IANA Considerations | 9. IANA Considerations | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 11. Acknowledgements | 10. Acknowledgements | |||
| The authors would like to thank JPIX NOC members, JPIX 464XLAT trial | The authors would like to thank JPIX NOC members, JPIX 464XLAT trial | |||
| service members, Seiichi Kawamura, Dan Drown, Brian Carpenter, Rajiv | service members, Seiichi Kawamura, Dan Drown, Brian Carpenter, Rajiv | |||
| Asati, Washam Fan and Behcet Sarikaya for their helpful comments. We | Asati, Washam Fan, Behcet Sarikaya, Jan Zorz, Remi Despres, Tatsuya | |||
| also would like to thank Fred Baker and Joel Jaeggli for their | Oishi, Lorenzo Colitti, and Erik Kline for their helpful comments. | |||
| We also would like to thank Fred Baker and Joel Jaeggli for their | ||||
| support. | support. | |||
| 12. References | 11. References | |||
| 12.1. Normative References | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | 11.1. Normative References | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | ||||
| [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. | [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. | |||
| Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, | Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, | |||
| October 2010. | October 2010. | |||
| [RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for | [RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for | |||
| IPv4/IPv6 Translation", RFC 6144, April 2011. | IPv4/IPv6 Translation", RFC 6144, April 2011. | |||
| [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation | [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation | |||
| Algorithm", RFC 6145, April 2011. | Algorithm", RFC 6145, April 2011. | |||
| [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful | [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful | |||
| NAT64: Network Address and Protocol Translation from IPv6 | NAT64: Network Address and Protocol Translation from IPv6 | |||
| Clients to IPv4 Servers", RFC 6146, April 2011. | Clients to IPv4 Servers", RFC 6146, April 2011. | |||
| 12.2. Informative References | 11.2. Informative References | |||
| [I-D.arkko-ipv6-only-experience] | [I-D.arkko-ipv6-only-experience] | |||
| Arkko, J. and A. Keranen, "Experiences from an IPv6-Only | Arkko, J. and A. Keranen, "Experiences from an IPv6-Only | |||
| Network", draft-arkko-ipv6-only-experience-05 (work in | Network", draft-arkko-ipv6-only-experience-05 (work in | |||
| progress), February 2012. | progress), February 2012. | |||
| [I-D.hazeyama-widecamp-ipv6-only-experience] | ||||
| Hazeyama, H., Hiromi, R., Ishihara, T., and O. Nakamura, | ||||
| "Experiences from IPv6-Only Networks with Transition | ||||
| Technologies in the WIDE Camp Spring 2012", | ||||
| draft-hazeyama-widecamp-ipv6-only-experience-01 (work in | ||||
| progress), March 2012. | ||||
| [I-D.ietf-behave-nat64-discovery-heuristic] | [I-D.ietf-behave-nat64-discovery-heuristic] | |||
| Savolainen, T., Korhonen, J., and D. Wing, "Discovery of a | Savolainen, T., Korhonen, J., and D. Wing, "Discovery of | |||
| Network-Specific NAT64 Prefix using a Well-Known Name", | IPv6 Prefix Used for IPv6 Address Synthesis", | |||
| draft-ietf-behave-nat64-discovery-heuristic-05 (work in | draft-ietf-behave-nat64-discovery-heuristic-06 (work in | |||
| progress), January 2012. | progress), March 2012. | |||
| [I-D.mdt-softwire-mapping-address-and-port] | [I-D.mdt-softwire-mapping-address-and-port] | |||
| Troan, O., Matsushima, S., Murakami, T., Li, X., and C. | Bao, C., Troan, O., Matsushima, S., Murakami, T., and X. | |||
| Bao, "Mapping of Address and Port (MAP)", | Li, "Mapping of Address and Port (MAP)", | |||
| draft-mdt-softwire-mapping-address-and-port-03 (work in | draft-mdt-softwire-mapping-address-and-port-03 (work in | |||
| progress), January 2012. | progress), January 2012. | |||
| [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and | [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and | |||
| E. Lear, "Address Allocation for Private Internets", | E. Lear, "Address Allocation for Private Internets", | |||
| BCP 5, RFC 1918, February 1996. | BCP 5, RFC 1918, February 1996. | |||
| [RFC3123] Koch, P., "A DNS RR Type for Lists of Address Prefixes | ||||
| (APL RR)", RFC 3123, June 2001. | ||||
| [RFC6092] Woodyatt, J., "Recommended Simple Security Capabilities in | [RFC6092] Woodyatt, J., "Recommended Simple Security Capabilities in | |||
| Customer Premises Equipment (CPE) for Providing | Customer Premises Equipment (CPE) for Providing | |||
| Residential IPv6 Internet Service", RFC 6092, | Residential IPv6 Internet Service", RFC 6092, | |||
| January 2011. | January 2011. | |||
| [RFC6147] Bagnulo, M., Sullivan, A., Matthews, P., and I. van | [RFC6147] Bagnulo, M., Sullivan, A., Matthews, P., and I. van | |||
| Beijnum, "DNS64: DNS Extensions for Network Address | Beijnum, "DNS64: DNS Extensions for Network Address | |||
| Translation from IPv6 Clients to IPv4 Servers", RFC 6147, | Translation from IPv6 Clients to IPv4 Servers", RFC 6147, | |||
| April 2011. | April 2011. | |||
| End of changes. 54 change blocks. | ||||
| 147 lines changed or deleted | 137 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||