Internet DRAFT - draft-matsuhira-sa46t-spec
draft-matsuhira-sa46t-spec
Network Working Group N. Matsuhira
Internet-Draft Fujitsu Limited
Intended status: Standards Track July 23, 2015
Expires: January 24, 2016
Stateless Automatic IPv4 over IPv6 Encapsulation / Decapsulation
Technology: Specification
draft-matsuhira-sa46t-spec-11
Abstract
This document specifies Stateless Automatic IPv4 over IPv6
Encapsulation / Decapsulation Technology (SA46T) base specification.
SA46T makes backbone network to IPv6 only. And also, SA46T can stack
many IPv4 networks, i.e. the networks using same IPv4 (private)
addresses, without interdependence.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 24, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Matsuhira Expires January 24, 2016 [Page 1]
Internet-Draft SA46T spec July 2015
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Architecture of SA46T . . . . . . . . . . . . . . . . . . . . 3
3. Basic Network Configuration . . . . . . . . . . . . . . . . . 5
4. Basic Function of SA46T . . . . . . . . . . . . . . . . . . . 6
4.1. IPv4 over IPv6 Encapsulation / Decapsulation . . . . . . . 6
4.2. SA46T address architecture . . . . . . . . . . . . . . . . 7
4.3. Route Advertisement . . . . . . . . . . . . . . . . . . . 8
5. SA46T address format . . . . . . . . . . . . . . . . . . . . . 9
5.1. IPv6 Global Unicast Address as SA46T address . . . . . . . 9
5.2. Global SA46T address format . . . . . . . . . . . . . . . 10
6. Stacking IPv4 Networks . . . . . . . . . . . . . . . . . . . . 10
7. Redundancy of SA46T . . . . . . . . . . . . . . . . . . . . . 12
8. Configuration of SA46T and address allocation . . . . . . . . 12
9. Example of SA46T Operation . . . . . . . . . . . . . . . . . . 16
9.1. Basic SA46T Operation . . . . . . . . . . . . . . . . . . 16
9.2. SA46T Operation with plane ID . . . . . . . . . . . . . . 18
10. Characteristic . . . . . . . . . . . . . . . . . . . . . . . . 21
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22
12. Security Considerations . . . . . . . . . . . . . . . . . . . 22
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 22
14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.1. Normative References . . . . . . . . . . . . . . . . . . . 23
14.2. References . . . . . . . . . . . . . . . . . . . . . . . . 23
Appendix A. Test implementation of SA46T . . . . . . . . . . . . 24
Appendix B. SA46T experiments . . . . . . . . . . . . . . . . . . 24
B.1. WIDE camp at Sept 2010 . . . . . . . . . . . . . . . . . . 24
B.2. NICT JGN2Plus Testbed at Feb 2011 . . . . . . . . . . . . 24
B.3. Some corporate network . . . . . . . . . . . . . . . . . . 25
B.4. Interop 2011 Tokyo at Jun 2011 . . . . . . . . . . . . . . 25
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 25
Matsuhira Expires January 24, 2016 [Page 2]
Internet-Draft SA46T spec July 2015
1. Introduction
This document provides Stateless Automatic IPv4 over IPv6
Encapsulation / Decapsulation Technology (SA46T) base specification.
The basic strategy for IPv6 deployment is dual stack. Viewing this
strategy from operational side, operation cost of dual stack is
higher than single stack operation. Viewing from future, IPv6 only
operation is more reasonable rather than IPv4 only operation.
Therefore IPv6 only operation is desired.
SA46T makes backbone network to IPv6 only. And also, SA46T can stack
many IPv4 networks, i.e. the networks using same IPv4 (private)
address, without interdependence.
2. Architecture of SA46T
IP address contain two information, one is locator information, and
another is identifier information. This is basic architecture of
internet protocol, and also the Internet, and no difference between
IPv4 and IPv6.
Locater is a information related "Where", and indentifier is a
information related "Who". That mean, IP address's semantics is
"Where's Who" meaning. Host is identified whole IP address
information, that is "Where's Who", however route to the host is
identified just locator information in IP address, that is "Where".
See Figure 1.
|<------ IP address ------------------>|
|<----- Locator ----->|<--Identifier-->|
(Where ) (Who)
+---------------------+----------------+
| | |
+---------------------+----------------+
Figure 1
In IPv4 address space, some host has IPv4 address, which consist n
bits length identifier and 32 - n bits locator. In Where's Who
representation, 32 - n bits "Where" and n bits "Who".
Keeping such "Where's Who" relation, IPv4 address can be represent as
IPv6 address by expanding "Where" information from 32 - n bits to 128
- n bits. Expanding " Where" information, IPv4 address can be mapped
Matsuhira Expires January 24, 2016 [Page 3]
Internet-Draft SA46T spec July 2015
to IPv6 address. Figure 2 shows such expanding.
|<------------------------ 128 bits ----------------------------->|
|<-------------------- 96 bits ------------------->|<-- 32 bits ->|
| : |
| : |
| +-------:------+
| | IPv4 address |
| +-------:------+
| |<-Loc->:<-ID->|
| | 32-n : n |
| | bits : bits |
| | : |
+--------------------------------------------------+-------:------+
| SA46T address prefix (no IPv4 network plane ID) | IPv4 address |
+--------------------------------------------------+-------:------+
| : |
|<------------- Locator (128 - n bits ) ------------------>:<-ID->|
| : n |
| : bits |
Figure 2
IPv4 address space contain private address, that is non globally
unique IP address. If some identifier which distinguish private
address can introduce in IPv6 address space, we can treate IPv4
private address as different address in IPv6 address space. This
document define such identifier as "IPv4 network plane ID". "IPv6
network plane ID" can provide VPN (Virtual Private Network) like
service.
That is SA46T address. In SA46T address, "Where" information's bit
length is 128 -n bits, and "Who" information's bit length is n bits.
Figure 3 shows summary of IPv4 address and SA46T address relation.
Matsuhira Expires January 24, 2016 [Page 4]
Internet-Draft SA46T spec July 2015
|<------------------------ 128 bits ----------------------------->|
|<-------------------- 96 bits ------------------->|<-- 32 bits ->|
| : |
| : |
| +-------:------+
| | IPv4 address |
| +-------:------+
| |<-Loc->:<-ID->|
| | 32-n : n |
| | bits : bits |
| | : |
+--------------------------------------------------+-------:------+
| SA46T address prefix (no IPv4 network plane ID) | IPv4 address |
+--------------------------------------------------+-------:------+
| : |
| : |
| 96 - m bits | m bits | 32 bits |
+-----------------------+--------------------------+-------:------+
| SA46T address prefix | IPv4 network plane ID | IPv4 address |
+-----------------------+--------------------------+-------:------+
|<------------- Locator (128 - n bits ) ------------------>:<-ID->|
| : n |
| : bits |
Figure 3
3. Basic Network Configuration
Figure 4 shows network configuration with SA46T. The network consists
of three parts. Backbone network, stub network, and SA46T.
Backbone network is operated with IPv6 only. Stub network has three
cases. IPv4 only, Dual Stack (both IPv4 and IPv6), and IPv6 only.
SA46T connects backbone network and stub network in case IPv4 still
works in that stub network. If stub network is IPv6 only, SA46T is
not needed.
Campus network, corporate network, and ISP network are the example
for such network.
Matsuhira Expires January 24, 2016 [Page 5]
Internet-Draft SA46T spec July 2015
/---------------------------------------------------\
| |
| Backbone Network |
| (IPv6 only) |
| |
\---------------------------------------------------/
| | |
+-------+ +-------+ |
| SA46T | | SA46T | |
+-------+ +-------+ |
| | |
/--------------\ /--------------\ /--------------\
| | | | | |
| Stub Network | | Stub Network | | Stub Network |
| (IPv4 only) | | (Dual Stack) | | (IPv6 only) |
| | | | | |
\--------------/ \--------------/ \--------------/
Figure 4
4. Basic Function of SA46T
SA46T has mainly two function. One is IPv4 over IPv6 Encapsulation /
Decapsulation, and another is advertise route for stub network.
4.1. IPv4 over IPv6 Encapsulation / Decapsulation
SA46T encapsulates IPv4 packet to IPv6 from stub network to backbone
network, and decapsulates IPv6 packet to IPv4 from backbone network
to stub network. Figure 5 shows such movement.
+--------+------------+ +----------+--------+------------+
|IPv4 Hdr| Data | --> | IPv6 Hdr |IPv4 Hdr| Data |
+--------+------------+ +----------+--------+------------+
+--------+------------+ +----------+--------+------------+
|IPv4 Hdr| Data | <-- | IPv6 Hdr |IPv4 Hdr| Data |
+--------+------------+ +----------+--------+------------+
/-------------------\ +-------+ /-----------------------------\
| Stub Network |--| SA46T |--| Backbone Network |
| (IPv4) | +-------+ | (IPv6 only) |
\-------------------/ \-----------------------------/
Figure 5
Matsuhira Expires January 24, 2016 [Page 6]
Internet-Draft SA46T spec July 2015
SA46T MUST support tunnel MTU discovery [RFC1853]. When encapsulated
IPv6 Packet size exceed path MTU and inner IPv4 packet have the Don't
Fragment bit is set, SA46T MUST return ICMP Destination unreachable
message with Type3 Code4, fragmentation needed and DS set [RFC0792].
In case IPv6, SA46T just relays IPv6 packet.
+----------+------------+ +----------+------------+
| IPv6 Hdr | data | --> | IPv6 Hdr | data |
+----------+------------+ +----------+------------+
+----------+------------+ +----------+------------+
| IPv6 Hdr | data | <-- | IPv6 Hdr | data |
+----------+------------+ +----------+------------+
/---------------------\ +-------+ /--------------------\
| Stub Network |--| SA46T |--| Backbone Network |
| (IPv6) | +-------+ | (IPv6 only) |
\--------------------/ \---------------------/
Figure 6
By IPv4 over IPv6 function, SA46T make backbone network to IPv6 only.
4.2. SA46T address architecture
SA46T address is a IPv6 address used in outer IPv6 header which
encapsulate IPv4 packet by SA46T.
Figure 7 shows SA46T address architecture
| 96 - m bits | m bits | 32 bits |
+-----------------------+--------------------------+--------------+
| SA46T address prefix | IPv4 network plane ID | IPv4 address |
+-----------------------+--------------------------+--------------+
Figure 7
SA46T address consists of three parts as follows.
SA46T address prefix
SA46T address prefix indicates this packet is encapsulated by
SA46T and MUST be encapsulated by SA46T. This value is
preconfigured to all SA46T in the networks.
Matsuhira Expires January 24, 2016 [Page 7]
Internet-Draft SA46T spec July 2015
IPv4 network plane ID
IPv4 network plane ID is an identifier of IPv4 network stack over
IPv6 backbone network. This value is preconfigured depend on the
SA46T belong which IPv4 network plane. For more detail see
Section 6.
IPv4 address
IPv4 address in inner IPv4 packet.
SA46T address is resolved copying IPv4 address in inner IPv4 packet,
and preconfigured values, SA46T prefix and IPv4 network plane ID.
Table 1 shows SA46T IPv4 network plane ID length (m) and number of
plane.
+----+----------------------+
| m | # of plane |
+----+----------------------+
| 16 | 65536 |
| 32 | 4294967296 |
| 64 | 18446744073709551616 |
+----+----------------------+
Table 1
4.3. Route Advertisement
SA46T converts stub network's IPv4 route to SA46T IPv6 route and
advertises to backbone network. And reverse direction, SA46T
converts SA46T IPv6 route to IPv4 route, that advertises other IPv4
stub networks.
If IPv4 stub network's prefix length is n, the prefix length of SA46T
IPv6 route which converts from that IPv4 prefix is 128 - 32 + n.
Table 2 shows detail value.
+--------------------+--------------------------+
| IPv4 prefix length | SA46T IPv6 prefix length |
+--------------------+--------------------------+
| /8 | /104 |
| /16 | /112 |
| /24 | /120 |
+--------------------+--------------------------+
Table 2
Matsuhira Expires January 24, 2016 [Page 8]
Internet-Draft SA46T spec July 2015
The IPv4 route for stub network is map to SA46T IPv6 route one to
one, so number of route of IPv4 is same as number of route of SA46T
IPv6 route. Total number of route is same as when backbone network
operate dual stack, without SA46T.
In stub network, usual dynamic routing protocol for IPv4 and IPv6 can
be used such as RIPv2 [RFC2453], RIPng [RFC2080], OSPFv2 [RFC2328],
OSPFv3 [RFC2740] and IS-IS [RFC1195][RFC5308]. Similarly, in
backbone network, usual dynamic routing protocol for IPv6 can be used
such as RIPng [RFC2080], OSPFv3 [RFC2740] and IS-IS [RFC5308] .
If want using default route, default SA46T advertise the route [SA46T
address prefix/( 96 - m )] as default route. If want using different
default route by IPv4 network plane ID, default SA46T in IPv4 network
plane #1 advertise the route [ SA46T address prefix + IPv4 network
plane ID #1 / 96] as default route. Figure 15 in Section 9 show the
example using default route.
5. SA46T address format
SA46T can be used closely in the backbone network, so SA46T address
does not be advertised outside of the backbone network, and IPv6
packet which contains SA46T address does not be forwarded outside of
the backbone network.
So, SA46T address format and SA46T address prefix can be decided each
backbone network. But for your information, one example is shown as
follows. That is based on IPv6 Global Unicast Address.
Of course, SA46T can be used in the Internet, or between the ASs.
This case is discussed shortly in Section 5.2.
5.1. IPv6 Global Unicast Address as SA46T address
This example is based on IPv6 Global Unicast Address Format
[RFC3587].
Figure 8 shows IPv6 Global Unicast Address Format.
| 3 | 45bits | 16bits | 64bits |
+---+-----------------------+-----------+--------------------------+
|001| Global routing prefix | subnet id | Interface ID |
+---+-----------------------+-----------+--------------------------+
Figure 8
Matsuhira Expires January 24, 2016 [Page 9]
Internet-Draft SA46T spec July 2015
Figure 9 shows SA46T address format using part of IPv6 Global Unicast
Address.
| 3 | 45bits | 16bits | 32bits | 32bits |
+---+-----------------------+-----------+--------------------------+
|001| Global routing prefix | subnet id | plane ID | IPv4 address |
+---+-----------------------+-----------+--------------------------+
<---SA46T address prefix--------------->
Figure 9
Where:
Global routing prefix
global routing prefix
subnet id
indication for SA46T prefix. Example is 0x5A46.
plane id
IPv4 network plane ID. The value 0 should be for the global IPv4
Internet.
IPv4 address
IPv4 address of inner IPv4 packet
5.2. Global SA46T address format
SA46T can be used in The Internet, or between AS. This is achieved
by recognizing SA46T address format as common address. Such address
should be Global SA46T address.
Global SA46T address format and prefix requires IANA assignment of
IPv6 address prefix. Global SA46T address is proposed in
[I-D.draft-matsuhira-sa46t-gaddr].
6. Stacking IPv4 Networks
SA46T can provide VPN like service to stub networks by using
different IPv4 network plane ID value. Table 3 shows example of IPv4
network plane ID and its usage.
Matsuhira Expires January 24, 2016 [Page 10]
Internet-Draft SA46T spec July 2015
If backbone network operator provide IPv4 privates network service to
Organization A, backbone network operator sets IPv4 network plane ID
value =1 to the SA46T which connects stub network of organization A.
If there are five stub network of organization A, backbone network
operator sets same IPv4 network plane ID = 1, to five SA46Ts which
connect stub network of organization A. If there are one hundred stub
network of organization B, backbone network operator sets same IPv4
network plane ID = 2, to one hundred SA46Ts which connect stub
network of organization B. If a new stub network in organization B
join, backbone network operator configures same IPv4 network plane ID
= 2, to the new stub network only, which connect stub network of
organization B, and no configuration is needed to one hundred SA46Ts
which are already connected.
Such configuration, that means same stub network group to same IPv4
network plane ID value, is simple and easy to understand, so, it is
expected that possibility of misconfiguration is very low. And also,
number of configuration is minimum, that mean, number of
configuration is same as number of stub networks, and add new stub
network, configure to new one only.
Describe above, SA46T can provide VPN like service, for example,
Intranet or extranet. And, after IPv4 global address running out,
some service provider may want to reuse IPv4 private address. SA46T
can provide such IPv4 private address networks over single IPv6
backbone network. By SA46T, some service providers may reuse IPv4
private address.
+---------------------+---------------------------------------------+
| IPv4 network plane | usage |
| ID value | |
+---------------------+---------------------------------------------+
| 0 | IPv4 Internet (Global) |
| 1 | IPv4 Private network for Organization A |
| | (Intranet) |
| 2 | IPv4 Private network for Organization B |
| | (Intranet) |
| 3 | IPv4 Private network for Group A (Extranet) |
| 4 | IPv4 Private network for Group B (Extranet) |
| 5 | Net10 reuse network for consumer group A |
| | (Private address access) |
| 6 | Net10 reuse network for consumer group B |
| | (Private address access) |
| 7 | Net10 reuse network for consumer group C |
| | (Private address access ) |
| .... | .... |
+---------------------+---------------------------------------------+
Matsuhira Expires January 24, 2016 [Page 11]
Internet-Draft SA46T spec July 2015
Table 3
7. Redundancy of SA46T
SA46T brings no limit for redundancy. Figure 10 shows such example
in case two connection between backbone network and stub network.
Number of link between backbone network and stub network is not
limited, and different type of link can be used, for example, for
wire and wireless.
Configuration of SA46Ts, which connect same stub network, is same.
That mean same SA46T prefix and same IPv4 network plane ID value.
/---------------------------------------------------\
| |
| Backbone Network |
| (IPv6 only) |
| |
\---------------------------------------------------/
| | | |
+-------+ +-------+ +-------+ +-------+
| SA46T | | SA46T | | SA46T | | SA46T |
+-------+ +-------+ +-------+ +-------+
| | | |
/---------------------\ /---------------------\
| | | |
| Stub Network | | Stub Network |
| (IPv4 only) | | (Dual Stack) |
| | | |
\---------------------/ \---------------------/
Figure 10
8. Configuration of SA46T and address allocation
Configuration of SA46T require just three information, SA46T address
prefix, IPv4 Network plane ID, and prefix length of SA46T route.
These information could explain just only one line, "<SA46T address
prefix><IPv4 network plane ID>/ prefix length of SA46T route".
When there are N numbers SA46Ts in a certain backbone network,
configure one line per SA46T to the N numbers SA46Ts are needed.
Total line is just N. If adding new SA46T to the backbone network,
configure one line to the new SA46T only is needed, and addition or
change does not needed to existing N numbers SA46Ts. Now new 1 line
Matsuhira Expires January 24, 2016 [Page 12]
Internet-Draft SA46T spec July 2015
and total numbers of line is N+1.
Static configured tunnel require N(N-1) configurations. So, SA46T
needs less configuration than static configured tunnel, especially
when value of N is large number.
SA46T require few configuration, so when numbers of SA46T is small,
manual configuration may be enough. However, when large number of
SA46T needed in big network, configuration via server may useful.
For automatic configuration of SA46T, IPv4 address allocation in stub
network should consider, both static address allocation and automatic
address allocation. In the latter case, using DHCP should be
reasonable.
Figure 11 shows example of configuration database for SA46T. As
identifier of SA46T, MAC address is used, however, other information
may be used.
When stub network connected SA46T is configured with dynamic address,
allocate IPv4 address in allocatable IPv4 address block to the stub
network side interface of SA46T at startup phase. That is default
router address in the stub network. When SA46T receive DHCP request
from a host in stub network, DHCP server allocate IP address from
allocatable IPv4 address block, and notify IP address of DNS server
and IP address of default router.
When stub network connected SA46T is configuraed with static address,
a value of allocatable IPv4 address block should be 0.0.0.0/0 and a
value of DNS Server should be 0.0.0.0..
Matsuhira Expires January 24, 2016 [Page 13]
Internet-Draft SA46T spec July 2015
+---------------++------------------------+-------------+-------------+
|Identifier || SA46T address prefix | Allocatable | DNS Server |
|of SA46T || + IPv4 network plane ID| IPv4 address| (IPv4) |
|(e.g. MAC addr)|| + prefix length | block | |
+---------------++------------------------+-------------+-------------+
|Identifier || SA46T address prefix | Allocatable | DNS Server |
|of SA46T || + IPv4 network plane ID| IPv4 address| (IPv4) |
|(e.g. MAC addr)|| + prefix length | block | |
+---------------++------------------------+-------------+-------------+
|Identifier || SA46T address prefix | Allocatable | DNS Server |
|of SA46T || + IPv4 network plane ID| IPv4 address| (IPv4) |
|(e.g. MAC addr)|| + prefix length | block | |
+---------------++------------------------+-------------+-------------+
| || | | |
~ : ~~ : ~ : ~ : ~
| || | | |
+---------------++------------------------+-------------+-------------+
|Identifier || SA46T address prefix | Allocatable | DNS Server |
|of SA46T || + IPv4 network plane ID| IPv4 address| (IPv4) |
|(e.g. MAC addr)|| + prefix length | block | |
+---------------++------------------------+-------------+-------------+
Figure 11
Figure 12 shows timeline diagram of message exchange between SA46T
and host in stub network and SA46T configuration server when stub
network is configured with dynamic address. Protocol between SA46T
and SA46T configuration server including SA46T server discovery may
be defined in future.
Matsuhira Expires January 24, 2016 [Page 14]
Internet-Draft SA46T spec July 2015
<--- Backbone (IPv6 only) --><--- Stub Network ------>
SA46T
Configuration SA46T Host
Server with DHCP Server (Dynamic address)
| | |
~ ~ ~
| | |
|<--Request -----------| |
| (MAC Address) | |
|-----Response-------->| |
| (SA46t Prefix | |
| + IPv4 plane ID | |
| + prefix length, | |
| Allocate IPv4 | |
| address block | |
| | |
| ( address allocation |
| to the interface |
| of stub network side ) |
| | |
| | |
| |<--DHCP Request ----|
| |---DHCP Response -->|
| | (address configured)
| | |
~ ~ ~
<============================<-------------------|
| Encap | |
| | |
~ ~ ~
| | |
===========================>------------------->|
| Decap | |
Figure 12
Figure 13 shows timeline diagram of message exchange between SA46T
and host in stub network and SA46T configuration server when stub
network is configured with static address. Such static address
configuration may be used mainly at server zone, so such stub network
may be well managed, so SA46T may also configured manually.
Matsuhira Expires January 24, 2016 [Page 15]
Internet-Draft SA46T spec July 2015
<--- Backbone (IPv6 only) --><--- Stub Network ------>
SA46T
Configuration SA46T Host
Server (Static address)
| | |
~ ~ ~
| | |
|<--Request -----------| |
| (MAC Address) | |
|-----Response-------->| |
| (SA46t Prefix | |
| + IPv4 plane ID | |
| + prefix length | |
| | |
~ ~ ~
| | |
===========================>------------------->|
| Decap | |
~ ~ ~
| Encap | |
<============================<-------------------|
| | |
Figure 13
9. Example of SA46T Operation
9.1. Basic SA46T Operation
Figure 14 shows SA46T operation which does not use IPv4 network plane
ID. In this example, two stub network is connected to backbone
network via SA46T. One stub network is 10.1.1.0/24 sub network, and
the other is 10.1.2.0/24 sub network.
When SA46T receives IPv4 route advertisement, then SA46T convert this
IPv4 route to IPv6 route by address resolution to SA46T address, and
advertise this IPv6 route to backbone network. When SA46T receives
IPv6 route advertisements, then SA46T converts this IPv6 route to
IPv4 route if this IPv6 route is match SA46T address ( same prefix
with SA46T), and advertise this IPv4 route to stub network.
In this example. IPv4 route, 10.1.1.0/24 is converted to IPv6 route,
<SA46Tprefix>:10.1.1.0/120,and IPv4 route, 10.1.2.0/24 is converted
to IPv6 route, <SA46Tprefix>:10.1.2.0/120 at SA46T from stub network
to backbone network. And, from backbone network to stub network,
IPv6 route, <SA46Tprefix>:10.1.1.0/120 is converted to IPv4 route,
Matsuhira Expires January 24, 2016 [Page 16]
Internet-Draft SA46T spec July 2015
10.1.1.0/24, and IPv6 route, <SA46Tprefix>:10.1.2.0/120 is converted
to IPv4 route, 10.1.2.0/24.
/-------------\ +-----+ /------------\ +-----+ /-------------\
|Stub Network | | | | Backbone | | | |Stub Network |
|(10.1.1.0/24)|--|SA46T|--| Network |--|SA46T|--|(10.1.2.0/24)|
| | | | |(IPv6 only) | | | | |
\-------------/ +-----+ \------------/ +-----+ \-------------/
[10.1.1.0/24] ---> [<SA46Tprefix>:10.1.1.0/120] ---> [10.1.1.0/24]
[10.1.2.0/24] <--- [<SA46Tprefix>:10.1.2.0/120] <--- [10.1.2.0/24]
+---------+----+ +---------+----+----+ +---------+----+
| data |IPv4| --> | data |IPv4|IPv6| --> | data |IPv4|
+---------+----+ +---------+----+----+ +---------+----+
src: 10.1.1.1 src: <SA46Tprefix>:10.1.1.1 src: 10.1.1.1
dst: 10.1.2.1 dst: <SA46Tprefix>:10.1.2.1 dst: 10.1.2.1
Figure 14
Figure 15 shows the example using default route. Default route is
useful in case most packets are routed same path. Typically, access
network is one of the example. Although using default route,
communication between stub networks can be done. Communication
between host 10.1.1.1 and host 10.1.2.1 can be done inside in access
network, and does not pass over default SA46T.
Matsuhira Expires January 24, 2016 [Page 17]
Internet-Draft SA46T spec July 2015
/------------\
| |
/-------------\ +-----+ | | +-----+ /-------------\
| Backbone | | | | Access | | | |Stub Network |
| Network |--|SA46T|--| Network |--|SA46T|--|(10.1.1.0/24)|
| | | | |(IPv6 only) | | | | |
\-------------/ +-----+ | | +-----+ \-------------/
(default) | <--[<SA46Tprefix>:10.1.1.0/120]
[<SA46Tprefix>/96] --> |
| |
| | +-----+ /-------------\
| | | | |Stub Network |
| |--|SA46T|--|(10.1.2.0/24)|
| | | | | |
| | +-----+ \-------------/
| <--[<SA46Tprefix>:10.1.2.0/120]
| |
| |
| | +-----+ /-------------\
| | | | |Stub Network |
| |--|SA46T|--|(10.1.3.0/24)|
| | | | | |
| | +-----+ \-------------/
| <--[<SA46Tprefix>:10.1.3.0/120]
| |
\------------/
Figure 15
9.2. SA46T Operation with plane ID
Figure 16 shows SA46T operation which uses IPv4 network plane ID. In
this example, there are two planes, and two stub network in each
plane is connected to backbone network via SA46T. In each plane, one
stub network is 10.1.1.0/24 sub network, and the other is 10.1.2.0/24
sub network, that means same IPv4 address is used in different plane.
When SA46T receives IPv4 route advertisements, then SA46T converts
this IPv4 route to IPv6 route by address resolution to SA46T address,
and advertise this IPv6 route to backbone network. When SA46T
receives IPv6 route advertisements, then SA46T converts this IPv6
route to IPv4 route if this IPv6 route is match SA46T address ( same
prefix with SA46T), and advertises this IPv4 route to stub network.
In this example in plane #1. IPv4 route, 10.1.1.0/24 is converted to
IPv6 route, <SA46Tprefix><#1>:10.1.1.0/120,and IPv4 route,
10.1.2.0/24 is converted to IPv6 route, <SA46Tprefix><#1>:10.1.2.0/
Matsuhira Expires January 24, 2016 [Page 18]
Internet-Draft SA46T spec July 2015
120 at SA46T from stub network to backbone network. And, from
backbone network to stub network, IPv6 route, <SA46Tprefix><#
1>:10.1.1.0/120 is converted to IPv4 route, 10.1.1.0/24, and IPv6
route, <SA46Tprefix><#1>:10.1.2.0/120 is converted to IPv4 route,
10.1.2.0/24.
And also, In this example in plane #2. IPv4 route, 10.1.1.0/24 is
converted to IPv6 route, <SA46Tprefix><#2>:10.1.1.0/120,and IPv4
route, 10.1.2.0/24 is converted to IPv6 route, <SA46Tprefix><#
2>:10.1.2.0/120 at SA46T from stub network to backbone network. And,
from backbone network to stub network, IPv6 route, <SA46Tprefix><#
2>:10.1.1.0/120 is converted to IPv4 route, 10.1.1.0/24, and IPv6
route, <SA46Tprefix><#2>:10.1.2.0/120 is converted to IPv4 route,
10.1.2.0/24.
In IPv6 space, address <SA46Tprefix><#1>:10.1.1.1 and address
<SA46Tprefix><#2>:10.1.1.1 are different address, route
<SA46Tprefix><#1>:10.1.1.0/120 and route <SA46Tprefix><#2>:10.1.1.0/
120 are different route, although in IPv4 space, address 10.1.1.1 in
plane #1 and 10.1.1.1 in plane#2 are same address, route 10.1.1.0/24
in plane#1 and route 10.1.1.0/24 in plane#2 are same route.
Matsuhira Expires January 24, 2016 [Page 19]
Internet-Draft SA46T spec July 2015
/------------\
.......<plane#1>............|............|............................
: /-------------\ +-----+ | | +-----+ /-------------\ :
: | Stub Network| | | | | | | | Stub Network| :
: |(10.1.1.0/24)|--|SA46T|--| Backbone |--|SA46T|--|(10.1.2.0/24)| :
: | | | | | Network | | | | | :
: \-------------/ +-----+ |(IPv6 only) | +-----+ \-------------/ :
:...........................|............|...........................:
| |
........<plane#2>...........|............|............................
: /-------------\ +-----+ | | +-----+ /-------------\ :
: | Stub Network| | | | | | | | Stub Network| :
: |(10.1.1.0/24)|--|SA46T|--| |--|SA46T|--|(10.1.2.0/24)| :
: | | | | | | | | | | :
: \-------------/ +-----+ | | +-----+ \-------------/ :
:...........................|............|...........................:
\------------/
<<plane #1>>
[10.1.1.0/24] --->[<SA46Tprefix><#1>:10.1.1.0/120] ---> [10.1.1.0/24]
[10.1.2.0/24] <---[<SA46Tprefix><#1>:10.1.2.0/120] <--- [10.1.2.0/24]
+---------+----+ +---------+----+----+ +---------+----+
| data |IPv4| --> | data |IPv4|IPv6| --> | data |IPv4|
+---------+----+ +---------+----+----+ +---------+----+
src: 10.1.1.1 src: <SA46Tprefix><#1>:10.1.1.1 src: 10.1.1.1
dst: 10.1.2.1 dst: <SA46Tprefix><#1>:10.1.2.1 dst: 10.1.2.1
<<plane#2>>
[10.1.1.0/24] --->[<SA46Tprefix><#2>:10.1.1.0/120] ---> [10.1.1.0/24]
[10.1.2.0/24] <---[<SA46Tprefix><#2>:10.1.2.0/120] <--- [10.1.2.0/24]
+---------+----+ +---------+----+----+ +---------+----+
| data |IPv4| --> | data |IPv4|IPv6| --> | data |IPv4|
+---------+----+ +---------+----+----+ +---------+----+
src: 10.1.1.1 src: <SA46Tprefix><#2>:10.1.1.1 src: 10.1.1.1
dst: 10.1.2.1 dst: <SA46Tprefix><#2>:10.1.2.1 dst: 10.1.2.1
Figure 16
Figure 17shows the example using default route with IPv4 network
plane. In this case, default SA46T may configure different by each
IPv4 network plane.
Matsuhira Expires January 24, 2016 [Page 20]
Internet-Draft SA46T spec July 2015
/------------\
.......<plane#1>............|............|............................
: /-------------\ +-----+ | | +-----+ /-------------\ :
: | Backbone | | | | | | | | Stub Network| :
: | Network |--|SA46T|--| Access |--|SA46T|--|(10.1.1.0/24)| :
: | | | | | Network | | | | | :
: \-------------/ +-----+ |(IPv6 only) | +-----+ \-------------/ :
: (default) | <--[<SA46Tprefix><#1>:10.1.1.0/120]:
: [<SA46Tprefix><#1>/96] --> | :
: | | :
: | | :
: | | +-----+ /-------------\ :
: | | | | | Stub Network| :
: | |--|SA46T|--|(10.1.2.0/24)| :
: | | | | | | :
: | | +-----+ \-------------/ :
: | <--[<SA46Tprefix><#1>:10.1.2.0/120] :
:...........................|............|...........................:
| |
.......<plane#2>............|............|............................
: /-------------\ +-----+ | | +-----+ /-------------\ :
: | Backbone | | | | | | | | Stub Network| :
: | Network |--|SA46T|--| |--|SA46T|--|(10.1.1.0/24)| :
: | | | | | | | | | | :
: \-------------/ +-----+ | | +-----+ \-------------/ :
: (default) | <--[<SA46Tprefix><#2>:10.1.1.0/120]:
: [<SA46Tprefix><#2>/96] --> | :
: | | :
: | | :
: | | +-----+ /-------------\ :
: | | | | | Stub Network| :
: | |--|SA46T|--|(10.1.2.0/24)| :
: | | | | | | :
: | | +-----+ \-------------/ :
: | <--[<SA46Tprefix><#2>:10.1.2.0/120] :
:...........................|............|...........................:
| |
\------------/
Figure 17
10. Characteristic
SA46T has following useful characteristics.
Matsuhira Expires January 24, 2016 [Page 21]
Internet-Draft SA46T spec July 2015
o Reduce backbone network operation cost with IPv6 single stack ( at
least less than Dual Stack)
o Can allocate IPv4 address to stub networks, which used in backbone
network before installing SA46T
o Less configuration
o No need for special protocol
o No dependent Layer 2 network
o Can Stack IPv4 Private networks
o Easy stop IPv4 operation in stub network for future ( just remove
SA46T)
o Provide redundancy
11. IANA Considerations
This document makes no request of IANA.
Note to RFC Editor: this section may be removed on publication as an
RFC.
12. Security Considerations
SA46T use automatic Encapsulation / Decapsulation technologies.
Security consideration related tunneling technologies are discussed
in RFC2893[RFC2893], RFC2267[RFC2267], etc.
13. Acknowledgements
This document is based on Naoki Matsuhira's original ideas and an
individual effort of the author.
Review and encouragement have been provided by many peoples.
Particulary Akira Kato at WIDE Project / Keio University and Masanobu
Katoh at Fujitsu in initial stage. And many discussions and assists
are provided from Toshiya Asaba, Osamu Nakamura, Yoshiki Ishida,
Ichiro Mizukoshi, Noriyuki Shigechika, Miya Kohno, Yoshinobu
Matsuzaki, Akira Nakagawa. And comments and discussions are provided
in IETF meeting from Fred Baker, Brian Carpenter, Randy Bush, Dave
Thaler and Alain Duland. If there is a comment not refrected, it is
Matsuhira Expires January 24, 2016 [Page 22]
Internet-Draft SA46T spec July 2015
surely because of my English language capability, and the author
still want reflect it include missing.
The author would like to thank all above people, and others discussed
with in WIDE project meeting and inside Fujitsu.
Originally, SA46T is an abbreviation for "Stateless Automatic IPv4
over IPv6 Tunneling". Now, SA46T is an abbreviation for "Stateless
Automatic IPv4 over IPv6 Encapsulation / Decapsulation Technology".
This change was made in response to the indication from the softwire
WG chair at 4th softwire interim meeting in September 2011.
14. References
14.1. Normative References
[I-D.draft-matsuhira-sa46t-gaddr]
Matsuhira, N., "Stateless Automatic IPv4 over IPv6
Encapsulation / Decapsulation Technology: Global SA46T
Address Format", January 2014.
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, September 1981.
[RFC1853] Simpson, W., "IP in IP Tunneling", RFC 1853, October 1995.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3587] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global
Unicast Address Format", RFC 3587, August 2003.
14.2. References
[RFC1195] Callon, R., "Use of OSI IS-IS for routing in TCP/IP and
dual environments", RFC 1195, December 1990.
[RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080,
January 1997.
[RFC2267] Ferguson, P. and D. Senie, "Network Ingress Filtering:
Defeating Denial of Service Attacks which employ IP Source
Address Spoofing", RFC 2267, January 1998.
[RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998.
[RFC2453] Malkin, G., "RIP Version 2", STD 56, RFC 2453,
Matsuhira Expires January 24, 2016 [Page 23]
Internet-Draft SA46T spec July 2015
November 1998.
[RFC2740] Coltun, R., Ferguson, D., and J. Moy, "OSPF for IPv6",
RFC 2740, December 1999.
[RFC2893] Gilligan, R. and E. Nordmark, "Transition Mechanisms for
IPv6 Hosts and Routers", RFC 2893, August 2000.
[RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308,
October 2008.
Appendix A. Test implementation of SA46T
Test implementation of SA46T is developed for evaluation the SA46T
technology. This implementation is developed as module in kernel
space of CentOS. The amount of development is about 300 step with C
language.
Appendix B. SA46T experiments
B.1. WIDE camp at Sept 2010
SA46T implementation is tested at WIDE camp in 4.5 days at Semtemper
2010. Attendees of WIDE camp served SA46T service via WIreless LAN.
SA46T provide both IPv4 and IPv6. IPv4 packets are encapsulated and
decapsulated in camp net, that mean this test is in LAN environments.
This time single IPv4 plane was used.
About 200 peoples joins this experiments and 275 clients are used,
inculude Windows, MacOS, Linux, FreeBSD, iPhone and iPod Touch, etc.
IPv4 address is allocated via DHCP. There are no change in clients,
servers, and network equipment, just add SA46T. Total, four SA46T
boxes were used in this experiments.
SA46T work fine and very stable.
B.2. NICT JGN2Plus Testbed at Feb 2011
SA46T implementation is tested at NICT JGN2Plus testbed at February
2011. This test is held at WAN environments. SA46T is setted up at
Sapporo, Osaka, Okayama and Okinawa in Japan and Thai, and carry HDTV
Live Stream and 3D HDTV Live stream. Experimental period is about an
one month. Total, five SA46T boxes were used in this experiments.
In JGN2Plus, OSPFv3 was used, and BGP4+ is used for peering with
Thai.
Matsuhira Expires January 24, 2016 [Page 24]
Internet-Draft SA46T spec July 2015
This time, single IPv4 plane was used too.
SA46T work fine and very stable, too.
B.3. Some corporate network
SA46Ts are installed some corporate network. This installation is
done with secrets basically, that mean, nobody know SA46T was
installed, and if there are some trouble, someone craim or report the
problem.
After few month trial, there was no problem.
B.4. Interop 2011 Tokyo at Jun 2011
SA46T is demonstrated at Interop 2011 Tokyo at June 2011.
At this time, three planes were used. Plane #0 is used for Internet
access, using IPv4 Global address. Visitor can have a experiments
with SA46T from the cables wich connected to SA46T in access corner.
Plane #1 is used for closed network, such like between Data Center
network and enterprise network. In this plane, private addresses are
used. Plane #2 is used for video streaming. In this plane, same
private addresses which used in Plane#1 are used by intention. And
this plane in Interop ShowNet and NICT and Thai were connected.
Total, nine SA46T boxes are used in this demonstration.
About 128,000 peoples visit in this event, and see many demonstration
include SA46T.
SA46T work fine and very stable, too.
Author's Address
Naoki Matsuhira
Fujitsu Limited
1-1, Kamikodanaka 4-chome, Nakahara-ku
Kawasaki, 211-8588
Japan
Phone: +81-44-754-3466
Fax:
Email: matsuhira@jp.fujitsu.com
Matsuhira Expires January 24, 2016 [Page 25]