Internet DRAFT - draft-lishi-ipngwg-dbnetlayer
draft-lishi-ipngwg-dbnetlayer
ipngwg
Internet Draft Shi. Li
Document: draft-lishi-ipngwg-dbnetlayer-00.txt China Telecom
Expires: September 2014 March 2014
Double Network Layer solution as IPng
Abstract
This document describes a new proposal for IPng. Compared to IPv6,
this proposal has bigger address space, and most importantly, is
HIGHLY COMPATIBLE with IPv4.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 17, 2014.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Li Expires - September 2014 [Page 1]
Double Network Layer solution as IPng March 2014
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction................................................... 3
2. Solution: Double network layer................................. 3
2.1 Protocol stack............................................. 3
2.2 Complete forwarding scenes of the new protocol............. 4
2.3 Domain name resolve solution............................... 8
3. Upgrade routine................................................ 8
3.1 Carrier's network.......................................... 8
3.2 Users' hosts............................................... 9
4. TCP/DN/IP vs IPv6.............................................. 9
5. Peroration.................................................... 10
6. Security Considerations....................................... 10
7. References.................................................... 10
8. Acknowledgments............................................... 10
Author's Addresses............................................... 10
Li Expires - September 2014 [Page 2]
Double Network Layer solution as IPng March 2014
1. Introduction
The Internet is approaching a situation in which the current IP
address space is no longer adequate for global addressing and
routing. The replacing solution - Ipv6, is proved to be difficult to
promote in the past 20 years. The reason is obviously because it is
incompatible with IPv4.
This is because IPv6 extends address space in the IP layer, so all
layer 3 and above devices must be upgraded. This influences too much
devices which are running very well, and need too much investment and
time to achieve this. Rational carriers tend to dig the potential of
existing devices rather than replacing them with devices supporting
IPv6.
This document describes a completely new proposal which extends
address space from a newly added network layer. By doing this, not
only the address space is extended, but also the new protocol is
highly compatible with IPv4. In this proposal, only very few devices
are required to upgrade, most L3 devices need not to. And, the
upgrade can be very smooth.
2. Solution: Double network layer
2.1 Protocol stack
+-------+----------------------+-----------------------+
| Layer | Content | Key Information |
+-------+----------------------+-----------------------+
| 6 | (HTTP/FTP/...) | |
+-------+----------------------+-----------------------+
| 5 |(TCP/UDP/ICMP/IGMP...)| Dst&Src ports |
New Network +=======+======================+=======================+
Layer --->> | 4 | Domain Name | Dst&Src domain names |
+=======+======================+=======================+
| 3 | IP | Dst&Src IP addresses |
+-------+----------------------+-----------------------+
| 2 | Data Link Layer | |
+-------+----------------------+-----------------------+
| 1 | Physical Layer | |
+-------+----------------------+-----------------------+
Figure 1 TCP/DN/IP protocol stack
We add a new layer just above the IP layer, put destination and
source hosts' domain names inside as the key information. New
protocol stack with domain name layer is shown in Figure 1. Because
Li Expires - September 2014 [Page 3]
Double Network Layer solution as IPng March 2014
original protocol is known as TCP/IP, here we simply name the new
protocol as TCP/DN/IP (DN=Domain Name).
The new protocol uses domain name as the unique destination on
Internet. The Domain Name routers divide the IP network into multiple
separated areas, just like the IP routers divide the Ethernet into
multiple separated areas. Here we call each separated IP network as
an 'IP domain'. IP addresses can be re-allocated in different IP
domain. Thus we have enough addresses to use (far more than IPv6).
Because the IP layer is not touched, this protocol is highly
compatible with TCP/IP, which means that most routers in current
Internet need NOT to be upgraded.
2.2 Complete forwarding scenes of the new protocol
A. host visits host outside current IP domain
+------------------------Global Domain(.)---------------------------+
| |
| +------------------------------------+ |
| | Global Domain DNS | |
| +------------------------------------+ |
| ^|7 | ^ |
| || | | |
| || +----------------+ | | |
| 4|| | 8 | 5| |6 |
| |v | v v | |
| +--------+ +--------+ +--------+ +--------+ |
| +--| CN DNS |-| CN DNR | --+ +-- | US DNR |-| US DNS |--+ |
| | +--------+ +--------+ | | +--------+ +--------+ | |
| | ^ | ^ | | | ^ | ^ | | |
+---| | | | |---| | | |9 | |10 |-----+
| 1| |2 3| | | 11| | +-----+ | |
| | | | | | | +------------+ |
| | v | | | v |
| +-----------------+ | | +-----------------+ |
| | host.cn | | | | host.us | |
| +-----------------+ | | +-----------------+ |
| | | |
+----China domain (cn.)----+ +------US domain (us.)-----+
Figure 2 visit across IP domains
There are 3 separate IP domains in Figure 2: the Global Domain (.),
the China domain (cn.), and the US domain (us.). Each domain has
entire IP address space. Different IP domains don't interwork in IP
layer. Domain Name Routers (DNR) forward packets between IP domains.
Li Expires - September 2014 [Page 4]
Double Network Layer solution as IPng March 2014
Each DNS server belongs to its respective IP domain. Some root DNS
servers are located at the edge of the IP domain, because the queries
may come from both inside and outside.
a) If the query comes from inside and queries for inside host,
returns the host's IP;
b) If the query comes from inside and queries for outside host,
returns the DNR's inside IP;
c) If the query comes from outside and queries for inside host,
return the DNR's outside IP.
Upgraded hosts register type DNA (Domain Name Address) resources in
DNS, map to IP addresses. Un-upgraded hosts only have type A
resources.
Here is a complete process about how host.cn sends packets to
host.us:
a) Host.cn fills the destination field in domain name layer with
'host.us'
b) Host.cn sends a query to DNS server of China domain, queries for
type DNA resource of host.us
c) DNS server finds host.us is an outside host, so returns the IP of
the Domain Name Router of CN domain(CN DNR)
d) Host.cn gets the result, fills the destination field in IP layer
with it, and then sends the packet out.
e) CN DNR queries the IP of host.us in the Global Domain. DNS returns
US DNR IP CN DNR replaces the IP destination field with it, and
sends the packet to US DNR;
f) US DNR get the packet, queries the IP of host.us inside the .us
domain, replaces the IP destination field with the result, and
sends the packet to host.us successfully.
Advantages:
a) Because IP layer is not modified, L3 devices inside IP domains
needn't to be upgraded. To carriers, such devices accounted for
the vast majority;
b) DNS servers need to be upgraded, but its amount is very limited.
c) Routers on the edge (equivalent to the international export for a
long time) need to be upgraded to DNR, but its amount is also very
limited.
Li Expires - September 2014 [Page 5]
Double Network Layer solution as IPng March 2014
B. Upgraded host visits un-upgraded outside host
A)NAT
+------------------------Global Domain(.)---------------------------+
| |
| +------------------------------------+ |
| | Global Domain DNS | |
| +------------------------------------+ |
| ^|5 |
| || |
| || +----------------+ |
| 4|| | 6 | |
| |v | v |
| +--------+ +--------+ +------------+ |
| +--| CN DNS |-| CN DNR | --+ | server.com | |
| | +--------+ +--------+ | +------------+ |
| | ^ | ^ | |
+---| | | | |------------------------------------+
| 1| |2 3| |
| | | | |
| | v | |
| +-----------------+ |
| | host.cn | |
| +-----------------+ |
| |
+----China domain (cn.)----+
Figure 3 visit outside un-upgraded host
In figure 3 the host 'server.com' in the Global Domain is not
upgraded. Here are the steps how host.cn visits it:
Steps a)-c) are the same as in section 3.2.A
d) CN DNR gets the packet, queries DNS for the IP of server.com. The
DNS returns only type A resource (no type DNA resource), so the
DNR knows that the target host hasn't been upgraded. Then the DNR
turns into NAT mode, maps (TCP/DN/IP) domainname:port to (TCP/IP)
IP:port.
This proposal should be regarded as a transitional proposal, an
optional feature of the DNR. Enabling this feature may consume more
DNR resources.
B)VPN
Usually, most requirements can be met by the NAT proposal. But, some
special applications may encounter the ALG problems, resulted in
unsuccessful connection. In such case, the user can choose the VPN
proposal:
Li Expires - September 2014 [Page 6]
Double Network Layer solution as IPng March 2014
1. User connects to the PPTP VPN Server in Global Domain via
TCP/DN/IP and obtains a valid IP address of Global Domain. Now the
user can access any hosts inside Global domain via TCP/IP.
2. After the VPN connection's establishing, the host has two IP
addresses from two different IP domains. This may lead to some
confusion. I suggest using the protocol stack to distinguish
between the two. That is, enable only TCP/DN/IP in the physical
interface, and enable only TCP/IP in the VPN interface, each with
independent routing table.
C. inside domain
A)Un-upgraded host visits inside host
1. HostA.cn(un-upgraded host) sends a DNS query to the DNS server,
queries for the IP of hostB.cn (type A)
2. DNS server finds that the target is inside current domain, then
just returns the IP or hostB.cn
3. hostA.cn communicate with HostB.cn using TCP/IP
In this scenario, no matter HostB.cn has been upgraded or not,
HostA.cn can communicate with HostB.cn using TCP/IP.
B)Upgraded host visits hosts inside domain
1. HostA.cn(upgraded host) sends a query to DNS server, queries for
the IP of HostB.cn (type DNA)
2. DNS server finds the target host is inside domain, should returns
the IP or HostB.cn
a) If there is type DNA resource of HostB.cn, this means HostB.cn
has been upgraded, returns the IP in type DNA;
b) If there is only type A resource of HostB.cn, which means
HostB.cn hasn't been upgraded, returns the IP in type A.
3. HostA.cn gets the reply from DNS
a) If the IP is in type DNA, hostA.cn knows that the target host
has been upgraded, uses TCP/DN/IP to communicate with it.
b) If the IP is in type A, hostA.cn knows that the target host
hasn't been upgraded, uses TCP/IP to communicate with it.
C)Un-upgraded host visits host outside current domain
1. HostA.cn(un-upgraded host) sends a query to DNS server, querying
for the IP in type A of HostB.us
2. DNS server finds the target host is outside domain, and the source
host hasn't been upgraded (because it queries type A resource),
returns the web server's IP to lead the host to upgrade.
3. If HostA.cn is opening the web page on the target, it will open
the webpage leading to upgrade.
Li Expires - September 2014 [Page 7]
Double Network Layer solution as IPng March 2014
2.3 Domain name resolve solution
A)Fixed domain name
Add a new resource type - DNA (Domain Name Address) - into DNS. Set
the value to the IP address of the upgraded host. After a host has
been upgraded, it should add a type DNA resource into DNS. Thus the
others can determine whether the host has been upgraded or not.
B)Auto-configuration for dynamically accessed hosts
We can see from the previous routing and forwarding process that, to
be able to be properly addressed, each host requires a domain name.
The majority of broadband users are dynamically assigned IP
addresses. And if we want to assign domain name to them, the DHCP
system should be adjusted. This will affect too much devices.
A solution about auto-configuration domain name for hosts:
1. Add local domain's name into local DNS system (for example, add
".cn" into the DNS system of domain .cn);
2. The upgraded host connects to the network, applies IP address and
DNS servers via DHCP (for example, gets 192.0.2.10 as IP);
3. If succeed, queries local domain's name via DNS (DNS returns
".cn");
4. Converts the IP to HEX-style string, and quotes it with "[ ]" (we
get "[C000020A]" here). This is used as the host part of the
domain name.
5. Combine the host part and the domain part to get the whole domain
name (in this example, it's "[C000020A].cn").
When a TCP/DN/IP host wants to map a domain name to IP address, it
should firstly check whether the target domain name are in the same
IP domain with itself. If yes, see whether the left part is in above
style. If still yes, just parses the IP from it. In other case,
queries IP via DNS.
Following this proposal, the carriers needn't modifying their DHCP
servers, and the amount of queries sent to DNS servers are also
reduced greatly.
3. Upgrade routine
3.1 Carrier's network
A)Network devices
Carriers need to the following jobs:
a. Transform the DNS
Li Expires - September 2014 [Page 8]
Double Network Layer solution as IPng March 2014
a) If inside hosts are queried, returns the IPs of the hosts; if
outside hosts are queried, returns the IPs of corresponding
DNR;
b) The root domain name server of the domain should be set on the
border of the domain (should has interfaces on both sides)
b. Upgrade the routers on domain border to DNR
B)Home Gateway
HGs need no upgrading, can simply disable NAT and work in L3 routing
mode.
Because the amount of HG is huge, compared with IPv6, this
specification of this proposal can save too much investment and time.
3.2 Users' hosts
The users should upgrade their OS and applications. These upgrades
are based on software and should be simple. We omit them here.
4. TCP/DN/IP vs IPv6
It is now widely recognized that IPv6 will be the next-generation
Internet protocol. We compare TCP/DN/IP and IPv6 here:
A) addressing basis
IPv6: Globally unique 128-bit address
TCP/DN/IP: Globally unique domain name, Inside domain unique IPv4
address is available
B) Address space
IPv6: 2^128=3.4*10^38
TCP/DN/IP: >>10^96
C) Compatibility
IPv6: Incompatible
TCP/DN/IP: High compatibility. Hosts in same domain continue working
without upgrading. IPv4 network needn't to be closed. L3 routers
inside domains need no upgrading. Up-upgraded hosts cannot cross
domain, but upgrade is easy when needed.
D) Migration enthusiasm
Li Expires - September 2014 [Page 9]
Double Network Layer solution as IPng March 2014
IPv6: Carriers invest too much, but nothing rewarded; Upgraded users
will find only very few resources in the new network and dislike it,
and there are big obstacle to visit resources in original IPv4
network. So the users tend to don't move.
TCP/DN/IP: Carriers invest very few. Upgraded users can continually
visit any resources in original IPv4 network. Only un-upgraded users
will find they cannot visit resources outside its domain, but the
upgrade is based on software and is easy.
5. Peroration
TCP/DN/IP seems to be a very good solution for IPng: bigger address
space (even bigger than IPv6), highly compatible with IPv4 (and thus,
easy and smooth upgrading, etc)
This document is just a very brief framework about the new proposal,
and the author hopes more people will accept this solution, and
jointly promote this solution to mature.
Thanks.
6. IANA Considerations
IANA is required to add a new resource type 'DNA' into DNS, and the
value should be set to a IPv4 address.
7. Security Considerations
TBD.
8. References
8.1 Normative References
[RFC 1034] P. Mockapetris, "DOMAIN NAMES - CONCEPTS AND FACILITIES",
RFC-1034, November 1987
8.2 Informative References
9. Acknowledgments
Author's Addresses
Shi Li
China TeleCom
Email: lishi@sttri.com.cn
Li Expires - September 2014 [Page 10]