[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: (draft-shin-v6ops-application-transition) 00 01 02 03 RFC 4038

v6ops Working Group                                      M-K. Shin (ed.)
INTERNET DRAFT                                                 Y-G. Hong
Expires: April 2004                                                 ETRI
                                                               J. Hagino
                                                                     IIJ
                                                               P. Savola
                                                               CSC/FUNET
                                                            E. M. Castro
                                                               GSYC/URJC
                                                           December 2003

                 Application Aspects of IPv6 Transition
            <draft-ietf-v6ops-application-transition-00.txt>


Status of this Memo

     This document is an Internet-Draft and is in full conformance with
     all provisions of Section 10 of RFC2026.

     Internet Drafts are working documents of the Internet Engineering
     Task Force (IETF), its areas, and working groups. Note that other
     groups may also distribute working documents as Internet-Drafts.

     Internet-Drafts are draft documents valid for a maximum of six
     months and may be updated, replaced, or obsolete by other documents
     at anytime. It is inappropriate to use Internet Drafts as reference
     material or to cite them other than as "work in progress."

     The list of current Internet-Drafts can be accessed at
     http://www.ietf.org/ietf/1id-abstracts.txt.

     The list of Internet-Draft Shadow Directories can be accessed at
     http://www.ietf.org/shadow.html.


Abstract

     As IPv6 networks are deployed and the network transition discussed,
     one should also consider how to enable IPv6 support in applications
     running on IPv6 hosts, and what is the best strategy to develop IP
     protocol support in applications.  This document specifies
     scenarios and aspects of application transition. It also proposes
     guidelines on how to develop IP version-independent applications
     during the transition period.


Table of Contents:

     1. Introduction .............................................. 2
     2. Overview of IPv6 application transition ................... 3
     3. Problems with IPv6 application transition ................. 4




Shin et al.                Expires June 2004                    [Page 1]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      3.1 IPv6 support in the OS and applications are unrelated.... 4
      3.2 DNS does not indicate which the IP version will be used . 5
      3.3 Supporting many versions of an application is difficult ..5
     4. Description of transition scenarios and guidelines ........ 6
      4.1 IPv4 applications in a dual-stack node .................. 6
      4.2 IPv6 applications in a dual-stack node .................. 7
      4.3 IPv4/IPv6 applications in a dual stack node ............. 9
      4.4 IPv4/IPv6 applications in an IPv4-only node ............. 9
     5. Application porting considerations ........................10
      5.1 Presentation format for an IP address ...................10
      5.2 Transport layer API .....................................11
      5.3 Name and address resolution .............................12
      5.4 Specific IP dependencies ............................... 12
       5.4.1 IP address selection .................................13
       5.4.2 Application framing ..................................13
       5.4.3 Storage of IP addresses ..............................14
     6. Developing IP version-independent applications ............14
      6.1 IP version-independent structures .......................14
      6.2 IP version-independent APIs .............................15
       6.2.1 Example of overly simplistic TCP server application ..16
       6.2.2 Example of overly simplistic TCP client application ..17
       6.2.3 Binary/presentation format conversion ................17
      6.3 Iterated jobs for finding the working address ...........18
       6.3.1 Example of TCP server application ....................18
       6.3.2 Example of TCP client application ....................20
     7. Transition mechanism considerations .......................21
     8. Security considerations ...................................21
     9. References ................................................21
     Authors' addresses ...........................................23
     Appendix A. Binary/presentation format conversions ...........23
      A.1 Network address to presentation format ..................23
      A.2 Presentation format to network address ..................24


1. Introduction

     As IPv6 is introduced in the IPv4-based Internet, several general
     issues when starting to use IPv6 in a world dominated by IPv4 are
     being discussed, such as routing, addressing, DNS, scenarios, etc.

     One important key to a successful IPv6 transition is the
     compatibility with the large installed base of IPv4 hosts and
     routers. This issue had been already been extensively studied, and
     the work is still in progress. In particular, [2893BIS] describes
     the basic transition mechanisms, dual-stack deployment and
     tunneling.  In addition, various kinds of transition mechanisms
     have been developed to migrate to IPv6 network. However, these
     transition mechanisms take no stance on whether applications
     support IPv6 or not.

     This document specifies application aspects of IPv6 transition.
     That is, two inter-related topics are covered:




Shin et al.                Expires June 2004                    [Page 2]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


         1.  How different network transition techniques affect
             applications, and what are the strategies for applications
             to support IPv6 and IPv4.

         2.  How to develop IPv6-capable or protocol-independent
             applications ("application porting guidelines").

     Applications will need to be modified to support IPv6 (and IPv4),
     using one of a number of techniques described in sections 2-4.
     Some guidelines to develop such application are then presented in
     sections 5 and 6.


2. Overview of IPv6 application transition

     The transition of an application can be classifed using four
     different cases (excluding the first case when there is no IPv6
     support either in the application or the operating system), as
     follows:

      +-------------------+
      |       appv4       | (appv4 - IPv4-only applications)
      +-------------------+
      |     TCP / UDP     | (transport protocols)
      +-------------------+
      |    IPv4 | IPv6    | (IP protocols supported/enabled in the OS)
      +-------------------+

      Case 1. IPv4 applications in a dual-stack node

      +-------------------+ (appv4 - IPv4-only applications)
      |  appv4  |  appv6  | (appv6 - IPv6-only applications)
      +-------------------+
      |     TCP / UDP     | (transport protocols)
      +-------------------+
      |    IPv4 | IPv6    | (IP protocols supported/enabled in the OS)
      +-------------------+

      Case 2. IPv4-only applications and IPv6-only applications
              in a dual-stack node

      +-------------------+
      |     appv4/v6      | (appv4/v6 - applications supporting
      +-------------------+             both IPv4 and IPv6)
      |     TCP / UDP     | (transport protocols)
      +-------------------+
      |    IPv4 | IPv6    | (IP protocols supported/enabled in the OS)
      +-------------------+

      Case 3. Applications supporting both IPv4 and IPv6
              in a dual-stack node





Shin et al.                Expires June 2004                    [Page 3]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      +-------------------+
      |     appv4/v6      | (appv4/v6 - applications supporting
      +-------------------+             both IPv4 and IPv6)
      |     TCP / UDP     | (transport protocols)
      +-------------------+
      |       IPv4        | (IP protocols supported/enabled in the OS)
      +-------------------+

      Case 4. Applications supporting both IPv4 and IPv6
              in an IPv4-only node

         Figure 1. Overview of Application Transition

     Figure 1 shows the cases of application transition.

      Case 1 : IPv4-only applications in a dual-stack node.
               IPv6 protocol is introduced in a node, but
               applications are not yet ported to IPv6.

      Case 2 : IPv4-only applications and IPv6-only applications
               in a dual-stack node.
               Applications are ported for IPv6-only. Therefore,
               there are two same applications for different
               protocol versions (e.g., ping and ping6).

      Case 3 : Applications supporting both IPv4 and IPv6 in a dual
               stack node.
               Applications are ported for both IPv4 and IPv6 support.
               Therefore, the existing IPv4 applications can be
               removed.

      Case 4 : Applications supporting both IPv4 and IPv6 in an
               IPv4-only node.
               Applications are ported for both IPv4 and IPv6 support,
               but the same applications may also have to work when
               IPv6 is not being used (e.g. disabled from the OS).


3. Problems with IPv6 application transition

     There are several reasons why the transition period between IPv4
     and IPv6 applications may not be straightforward.  These issues are
     described in this section.


3.1 IPv6 support in the OS and applications are unrelated

     Considering the cases described in the previous section, IPv4 and
     IPv6 protocol stacks in a node is likely to co-exist for a long
     time.

     Similarly, most applications are expected to be able to handle both




Shin et al.                Expires June 2004                    [Page 4]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     IPv4 and IPv6 during another, unrelated long time period.  That is,
     operating system being dual stack does not mean having both IPv4
     and IPv6 applications. Therefore, IPv6-capable application
     transition may be independent of protocol stacks in a node.

     It is even probable that applications capable of both IPv4 and IPv6
     will have to work properly in IPv4-only nodes (whether IPv6
     protocol is completely disabled or there is no IPv6 connectivity at
     all).


3.2 DNS does not indicate which the IP version will be used

     The role of the DNS name resolver in a node is to get the list of
     destination addresses. DNS queries and responses are sent using
     either IPv4 or IPv6 to carry the queries, regardless of the
     protocol version of the data records [DNSTRANS].

     The issue of DNS name resolving related to application transition
     is that a client application can not be certain of the version of
     peer application by only doing a DNS name lookup. For example, if a
     server application does not support IPv6 yet, but runs on a dual-
     stack machine for other IPv6 services and this is listed with an
     AAAA record in the DNS, the client application will fail to connect
     to the server application, because there is a mis-match between the
     DNS query result (i.e. IPv6 addresses) and a server application
     version (i.e. IPv4).

     It is bad practise to add an AAAA record for node that does not
     support all the services using IPv6 (rather, an AAAA record for the
     specific service name and address should be used), but the
     application cannot depend on "good practise", and this must be
     handled. Operational considerations and issues with IPv6 DNS are
     described at more length in [DNSOPV6].

     In consequence, the application should request all IP addresses
     without address family constraints and try all the records returned
     from the DNS, in some order, until a working address is found.  In
     particular, the application has to be able to handle all IP
     versions returned from the DNS.


3.3 Supporting many versions of an application is difficult

     During the application transition period, system administrators may
     have various versions of the same application (an IPv4-only
     application, an IPv6-only application, or an application supporting
     both IPv4 and IPv6).

     Typically one cannot know which IP versions must be supported prior
     to doing a DNS lookup *and* trying (see section 3.2) the addresses
     returned.  Therefore, the users have a difficulty selecting the




Shin et al.                Expires June 2004                    [Page 5]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     right application version supporting the exact IP version required
     if multiple versions of the same application are available.

     To avoid problems with one application not supporting the specified
     protocol version, it is desirable to have hybrid applications,
     supporting both the protocol versions.

     Alternative approach is to have a "wrapper application" which
     performs certain tasks (like figures out which protocol version
     will be used) and calls the IPv4/IPv6-only applications as
     necessary.  However, these wrapper applications will actually
     probably have to do more than just perform a DNS lookup or figure
     out the literal IP address given.  Thus, they may get complex, and
     only work for certain kinds of, usually simple, applications.

     Nonetheless, there should be some reasonable logic to enable the
     users to use the applications with any supported protocol version;
     the users should not have to select from various versions of
     applications, some supporting only IPv4, others only IPv6, and yet
     some both versions by themselves.


4. Description of transition scenarios and guidelines

     Once the IPv6 network is deployed, applications supporting IPv6 can
     use IPv6 network services and establish IPv6 connections.  However,
     upgrading every node to IPv6 at the same time is not feasible and
     transition from IPv4 to IPv6 will be a gradual process.

     Dual-stack nodes are one of the ways to maintain IPv4 compatibility
     in unicast communications. In this section we will analyze
     different application transition scenarios (as introduced in
     section 2) and guidelines to maintain interoperability between
     applications running in different types of nodes.


4.1 IPv4 applications in a dual-stack node

     This scenario happens if IPv6 protocol is added in a node but
     IPv6-capable applications aren't yet available or installed.
     Although the node implements the dual stack, IPv4 applications can
     only manage IPv4 communications.  Then, IPv4 applications can only
     accept/establish connections from/to nodes which implement IPv4
     stack.

     In order to allow an application to communicate with other nodes
     using IPv6, the first priority is to port applications to IPv6.

     In some cases (e.g. no source code is available), existing IPv4
     applications can work if the [BIS] or [BIA] mechanism is installed
     in the node. However, these mechanisms should not be used when
     application source code is available to prevent the mis-use of




Shin et al.                Expires June 2004                    [Page 6]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     them, for example, as an excuse not to port software.

     When [BIA] or [BIS] is used, the same previous problem as described
     in section 3.2 --the IPv4 client in a [BIS]/[BIA] node trying to
     connect to an IPv4 server in a dual stack system-- arises. However,
     one can rely on [BIA]/[BIS] mechanism, which should cycle through
     all the addresses instead of applications.


4.2 IPv6 applications in a dual-stack node

     As we have seen in the previous section, applications should be
     ported to IPv6. The easiest way to port an IPv4 application is to
     substitute the old IPv4 API references by the new IPv6, one-to-one
     API mapping. That way, the application would be IPv6-only. This
     IPv6-only source code can not work in IPv4- only nodes, so the old
     IPv4 application should be maintained in these nodes. Then, we will
     get two same applications working with different protocol versions,
     depending on the node they are running (e.g., telnet and telnet6).
     This case is undesirable since maintaining two versions of the same
     source code per application, could be a difficult task.  In
     addition, this approach would cause problems for the users when
     having to select which version of the application to use, as
     described in section 3.3.

     Most implementations of dual stack allow IPv6-only applications to
     interoperate with both IPv4 and IPv6 nodes. IPv4 packets going to
     IPv6 applications on a dual-stack node, reach their destination
     because their addresses are mapped to IPv6 ones using IPv4-mapped
     IPv6 addresses: the IPv6 address ::FFFF:x.y.z.w represents the IPv4
     address x.y.z.w.

        +----------------------------------------------+
        | +------------------------------------------+ |
        | |                                          | |
        | |        IPv6-only applications            | |
        | |                                          | |
        | +------------------------------------------+ |
        |                      |                       |
        | +------------------------------------------+ |
        | |                                          | |
        | |                  TCP/UDP                 | |
        | |                                          | |
        | +------------------------------------------+ |
        |    IPv4-mapped    |        |    IPv6         |
        |  IPv6 addresses   |        |   addresses     |
        | +--------------------+ +-------------------+ |
        | |        IPv4        | |      IPv6         | |
        | +--------------------+ +-------------------+ |
        |   IPv4       |                 |             |
        |   adresses   |                 |             |
        +--------------|-----------------|-------------+




Shin et al.                Expires June 2004                    [Page 7]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


                       |                 |
                  IPv4 packets      IPv6 packets


     When an IPv4 client application sends data to an IPv6-only server
     application, running on a dual-stack node using the wildcard (but
     without the IPV6_V6ONLY socket option) address, the IPv4 client
     address is interpreted as the IPv4-mapped IPv6 address in the
     dual-stack node to allow IPv6 application to manage this
     communication. The IPv6 server will use this mapped address as if
     it were a regular IPv6 address, and a usual IPv6 connection.
     However, IPv4 packets will be exchanged between the nodes.  Kernels
     with dual stack properly interpret IPv4-mapped IPv6 addresses as
     IPv4 ones and vice versa.

     IPv6-only client application in a dual-stack node will not get
     IPv4-mapped addresses from the hostname resolution API functions
     unless a special hint, AI_V4MAPPED, is given.  If given, the IPv6
     client will use the returned mapped address as if it were a regular
     IPv6 address, and a usual IPv6 connection. However, again IPv4
     packets will be exchanged between applications.

     The default behavior of IPv6 applications in these dual-stack nodes
     allows a limited amount of IPv4 communication using the IPv4-mapped
     IPv6 addresses.  However, it is possible for IPv6 applications to
     allow connections only with IPv6 nodes (e.g. IPv6_V6ONLY socket
     option), so the interoperability with IPv4 nodes is broken. This
     option could be useful if applications use new IPv6 features, such
     as flowlabel.

     There are some implementations of dual-stack which do not allow
     IPv4-mapped IPv6 addresses to be used for interoperability between
     IPv4 and IPv6 applications. In that case, there are two ways to
     handle the problem:

      1. deploy two different versions of applications (possibly
         attached with '6' in the name), or

      2. deploy just one application supporting both protocol versions,
         as described in the next section.

     The first method is not recommended, because of significant amount
     of problems of problems associated with selecting the right
     applications, as described in sections 3.2 and 3.3.

     Therefore, there are actually two distinct cases to consider when
     writing one application to support both protocols:

      1. whether the application can (or should) support both IPv4
         and IPv6 through IPv4-mapped IPv6 addresses, or should the
         applications support both explicitly (see section 4.3), and





Shin et al.                Expires June 2004                    [Page 8]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      2. whether the systems where the applications are used support
         IPv6 at all or not (see section 4.4).


4.3 IPv4/IPv6 applications in a dual stack node

     Applications should be ported to support both IPv4 and IPv6; such
     applications are sometimes called IP version-independent
     applications.  After that, the existing IPv4-only applications
     could be removed. Since we have only one version of each
     application, the source code will be typically easy to maintain and
     to modify, and there are no problems managing which application to
     select for which purpose.

     This transition case is the most advisable. During IPv6 transition
     period, applications supporting both IPv4 and IPv6 should be able
     to communicate with other applications, irrespective of the
     versions of the protocol stack or the application in the node. Dual
     applications allow more interoperability between heterogeneous
     applications and nodes.

     If the source code is written in a protocol-independent way,
     without dependencies on either IPv4 or IPv6, applications will be
     able to communicate with any combination of applications and types
     of nodes.

     Implementations typically by-default prefer IPv6 if the remote node
     and application support it.  However, if IPv6 connections fail,
     dual applications will automatically try IPv4 ones. The resolver
     returns a list of valid addresses for the remote node and
     applications can iterate through all, first trying IPv6 ones, until
     connection succeeds.

     Applications writers should be aware of this typical by-default
     ordering, but the applications themselves typically need not be
     aware of the the local protocol ordering [RFC 3484].

     A more detailed porting guideline is described in section 6.


4.4. IPv4/IPv6 applications in an IPv4-only node

     As the transition is likely to happen over a longer timeframe,
     applications that have already been ported to support both IPv4 and
     IPv6 may be run on IPv4-only nodes. This would typically be done to
     avoid having to support two application versions for older and
     newer operating systems, or to support the case that the user wants
     to disable IPv6 for some reason.

     Depending on how application/operating system support is done, some
     may want to ignore this case, but usually no assumptions can be
     made and applications should also work in this scenario.




Shin et al.                Expires June 2004                    [Page 9]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     An example is an application that issues a socket() command, first
     trying AF_INET6 and then AF_INET.  However, if the kernel does not
     have IPv6 support, the call will result in an EPROTONOSUPPORT or
     EAFNOSUPPORT error. Typically, encountering errors like these leads
     to exiting the socket loop, and AF_INET will not even be tried.
     The application will need to handle this case or build the loop in
     such a way that errors are ignored until the last address family.

     So, this case is just an extension of the IPv4/IPv6 support in the
     previous case, covering one relatively common but often ignored
     case.


5. Application porting considerations

     The minimum changes in IPv4 applications to work using IPv6 are
     basically based on the different size and format of IPv4 and IPv6
     addresses.

     Applications have been developed with the assumption they would use
     IPv4 as network protocol. This assumption results in many IP
     dependencies through source code.

     The following list summarizes the more common IP version
     dependencies in applications:

      a) Presentation format for an IP address: it is an ASCII string
         which represents the IP address, dotted-decimal string
         for IPv4 and hexadecimal string for IPv6.

      b) Transport layer API: functions to establish communications
         and to exchange information.

      c) Name and address resolution: conversion functions between
         hostnames and IP addresses, and vice versa.

      d) Specific IP dependencies: more specific IP version
         dependencies, such as: IP address selection,
         application framing, storage of IP addresses.

     In the following subsections, the problems with the aforementioned
     IP version dependencies are analyzed. Although application source
     code can be ported to IPv6 with minimum changes related to IP
     addresses, some recommendations are given to modify the source code
     in a protocol independent way, which will allow applications to
     work using both IPv4 and IPv6.


5.1 Presentation format for an IP address

     Many applications use IP addresses to identify network nodes and to
     establish connections to destination addresses. For instance, using




Shin et al.                Expires June 2004                   [Page 10]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     the client/server model, clients usually need an IP address as an
     application parameter to connect to a server. This IP address is
     usually provided in the presentation format, as a string.  There
     are two problems, when porting the presentation format for an IP
     address: the allocated memory and the management of the
     presentation format.

     Usually, the allocated memory to contain an IPv4 address
     representation as string is not enough to contain an IPv6 one.
     Applications should be modified to prevent from overflowing the
     buffer holding the presentation format for an IP address, now
     larger in IPv6.

     IPv4 and IPv6 do not use the same presentation format. IPv4 uses
     dot (.) to separate the four octets written in decimal notation and
     IPv6 uses colon (:) to separate each pair of octets written in
     hexadecimal notation. In order to support both, IPv4 and IPv6, the
     management functions of presentation format, such as IP address
     parsers, should be changed to be compliant with both the formats.

     A particular problem with IP address parsers comes when the input
     is actually a combination of IP address and port.  With IPv4, these
     are often coupled with a semi-colon, like "192.0.2.1:80".  However,
     such an approach would be ambiguous with IPv6, as semi-colons are
     already used to structure the address.

     Therefore, the IP address parsers which take the port number
     separated with a semi-colon should represent IPv6 addresses
     somehow.  One way is to enclose the address in brackets, as is done
     with Uniform Resource Locators (URLs) [RFC 2732], like
     http://[2001:db8::1]:80.

     In some specific cases, it may be necessary to give a zone
     identifier as part of the address, like fe80::1%eth0.  In general,
     applications should not need to parse these identifiers.

     The IP address parsers should support enclosing the IPv6 address in
     brackets even when it's not used in conjunction with a port number,
     but requiring that the user always gives a literal IP address
     enclosed in brackets is not recommended.

     Note that the use of address literals is strongly discouraged for
     general purpose direct input to the applications; host names and
     DNS should be used instead.


5.2 Transport layer API

     Communication applications often include a transport module that
     establishes communications. Usually, this module manages everything
     related to communications and uses a transport layer API, typically
     as a network library. When porting an application to IPv6 most




Shin et al.                Expires June 2004                   [Page 11]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     changes should be made in this application transport module, in
     order to be adapted to the new IPv6 API.

     In the general case, porting an existing application to IPv6
     requires to examine the following issues related to the API:

      - Network information storage: IP address data structures.
        The new structures must contain 128-bit IP addresses. The use of
        generic address structures, which can store any address family,
        is recommended.
        Sometimes special addresses are hard-coded in the application
        source; developers should pay attention to them in order to use
        the new address format. Some of these special IP addresses are:
        wildcard local, loopback and broadcast. IPv6 does not have
        the broadcast addresses, so applications can use multicast
        instead.

      - Address conversion functions.
        The address conversion functions convert the binary address
        representation to the presentation format and vice versa. The
        new conversion functions are specified to the IPv6 address
        format.

      - Communication API functions.
        These functions manage communications. Their signatures are
        defined based on generic socket address structure. Then, the
        same functions are valid for IPv6. However, the IP address data
        structures used when calling these functions require the
        updates.

      - Network configuration options.
        They are used when configuring different communication models
        for Input/Output (I/O) operations (blocking/nonblocking, I/O
        multiplexing, etc) and should be translated to the IPv6 ones.


5.3 Name and address resolution

     From the application point of view, the name and address resolution
     is a system-independent process. An application calls functions in
     a system library, the resolver, which is linked into the
     application when this is built. However, these functions use IP
     address structures, which are protocol dependent, and must be
     reviewed to support the new IPv6 resolution calls.

     There are two basic resolution functions. The first function
     returns a list of all configured IP addresses for a hostname. These
     queries can be constrained to one protocol family, for instance
     only IPv4 or only IPv6 addresses. However, the recommendation is
     that all configured IP addresses should be got to allow
     applications to work to every kind of node. And the second function
     returns the hostname associated to an IP address.




Shin et al.                Expires June 2004                   [Page 12]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


5.4. Specific IP dependencies


5.4.1 IP address selection

     IPv6 promotes the configuration from multiple IP addresses per
     node, which is a different model of IPv4; however applications only
     use a destination/source pair for a communication. Choosing the
     right IP source and destination addresses is a key factor that may
     determine the route of IP datagrams.

     Typically nodes, not applications, automatically solve the source
     address selection. A node will choose the source address for a
     communication following some rules of best choice, [RFC 3484], but
     also allowing applications to make changes in the ordering rules.

     When selecting the destination address, applications usually ask a
     resolver for the destination IP address. The resolver returns a set
     of valid IP addresses from a hostname. Unless applications have a
     specific reason to select any particular destination address, they
     should just try each element in the list until the communication
     succeeds.


5.4.2 Application framing

     The Application Level Framing (ALF) architecture controls
     mechanisms that traditionally fall within the transport layer.
     Applications implementing ALF are often responsible for packetizing
     data into Application Data Units (ADUs). The application problem
     when using ALF is the ADU size selection to obtain better
     performance.

     Application framing is typically needed by applications using
     connectionless protocols (such as UDP).  The application will have
     to know, or be able to detect, what are the packet sizes which can
     be sent and received, end-to-end, on the network.

     Applications can use 1280 octets as data length. [RFC 2460]
     specifies IPv6 requires that every link in the Internet have an
     Maximum Transmission Unit (MTU) of 1280 octets or greater. However,
     in order to get better performance ADU size should be calculated
     based on the length of transmission unit of underlying protocols.

     FIXME: Application framing has relations e.g. with Path MTU
     Discovery and application design which need to be analyzed better.


5.4.3 Storage of IP addresses

     Some applications store IP addresses as information of remote
     peers. For instance, one of the most popular ways to register




Shin et al.                Expires June 2004                   [Page 13]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     remote nodes in collaborative applications is based on using IP
     addresses as registry keys.

     Although the source code that stores IP addresses can be modified
     to IPv6 following the previous basic porting recommendations, there
     are some reasons why applications should not store IP addresses:

      - IP addresses can change throughout the time, for instance
        after a renumbering process.

      - The same node can reach a destination host using different
        IP addresses.

     Instead of using IP addresses, applications should use FQDNs.
     Hence, applications delegate the resolution of the IP addresses to
     the name resolution system, which will return the associated IP
     address at the moment of the query.


6. Developing IP version-independent applications

     As we have seen before, dual applications working with both IPv4
     and IPv6 are recommended. These applications should avoid IP
     dependencies in the source code. However if IP dependencies are
     required, one of the best solutions is based on building a
     communication library which provides an IP version independent API
     to applications and hides all dependencies.

     In order to develop IP version independent applications, the
     following guidelines should be considered.


6.1 IP version-independent structures

     All of the memory structures and APIs should be IP version-
     independent. In that sense, one should avoid structs in_addr,
     in6_addr, sockaddr_in and sockaddr_in6.

     Suppose you pass a network address to some function, foo(). If you
     use struct in_addr or struct in6_addr, you will end up with extra
     parameter to indicate address family, as below:

      struct in_addr in4addr;
      struct in6_addr in6addr;
       /* IPv4 case */
      foo(&in4addr, AF_INET);
       /* IPv6 case */
      foo(&in6addr, AF_INET6);

     However, this leads to duplicated code and having to consider each
     scenario from both perspectives independently; this is difficult to
     maintain. So, we should use struct sockaddr_storage like below.




Shin et al.                Expires June 2004                   [Page 14]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      struct sockaddr_storage ss;
      int sslen;
      /* AF independent! - use sockaddr when passing a pointer */
      /* note: it's typically necessary to also pass the length
         explicitly */
      foo((struct sockaddr *)&ss, sslen);


6.2 IP version-independent APIs

     getaddrinfo() and getnameinfo() are new address independent
     variants that hide the gory details of name-to-address and
     address-to-name translations.  They implement functionalities of
     the following functions:

       gethostbyname()
       gethostbyaddr()
       getservbyname()
       getservbyport()

     They also obsolete the functionality of gethostbyname2(), defined
     in [RFC2133].

     These can perform hostname/address and service name/port lookups,
     though the features can be turned off if desirable. getaddrinfo()
     can return multiple addresses, as below:

       localhost.      IN A    127.0.0.1
                       IN A    127.0.0.2
                       IN AAAA ::1

     In this example, if IPv6 is preferred, getaddrinfo returns first
     ::1, and then both 127.0.0.1 and 127.0.0.2 is in a random order.

     Getaddrinfo() and getnameinfo() can query hostname as well as
     service name/port at once.

     As well, it is not preferred to hardcode AF-dependent knowledge
     into the program. The construct like below should be avoided:

       /* BAD EXAMPLE */
       switch (sa->sa_family) {
       case AF_INET:
               salen = sizeof(struct sockaddr_in);
               break;
      }

     Instead, we should use the ai_addrlen member of the addrinfo
     structure, as returned by getaddrinfo().

     The gethostbyname(), gethostbyaddr(), getservbyname(), and
     getservbyport() are mainly used to get server and client sockets.




Shin et al.                Expires June 2004                   [Page 15]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     Following, we will see simple examples to create these sockets
     using the new IPv6 resolution functions.


6.2.1 Example of overly simplistic TCP server application

     A simple TCP server socket at service name (or port number string)
     SERVICE:

      /*
       * BAD EXAMPLE: does not implement the getaddrinfo loop as
       * specified in 6.3. This may result in one of the following:
       *  - an IPv6 server, listening at the wildcard address,
       *    allowing IPv4 addresses through IPv4-mapped IPv6 addresses.
       *  - an IPv4 server, if IPv6 is not enabled,
       *  - an IPv6-only server, if IPv6 is enabled but IPv4-mapped IPv6
       *    addresses are not used by default, or
       *  - no server at all, if getaddrinfo supports IPv6, but the
       *    system doesn't, and socket(AF_INET6, ...) exists with an
       *    error.
       */
      struct addrinfo hints, *res;
      int error, sockfd;

      memset(&hints, 0, sizeof(hints));
      hints.ai_flags = AI_PASSIVE;
      hints.ai_family = AF_UNSPEC;
      hints.ai_socktype = SOCK_STREAM;

      error = getaddrinfo(NULL, SERVICE, &hints, &res);
      if (error != 0) {
         /* handle getaddrinfo error */
      }

      sockfd = socket(res->family, res->ai_socktype, res->ai_protocol);
      if (sockfd < 0) {
         /* handle socket error */
      }

      if (bind(sockfd, res->ai_addr, res->ai_addrlen) < 0) {
         /* handle bind error */
      }

      /* ... */

      freeaddrinfo(res);


6.2.2 Example of overly simplistic TCP client application

     A simple TCP client socket connecting to a server which is running
     at node name (or IP address presentation format) SERVER_NODE and




Shin et al.                Expires June 2004                   [Page 16]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     service name (or port number string) SERVICE:

      /*
       * BAD EXAMPLE: does not implement the getaddrinfo loop as
       * specified in 6.3. This may result in one of the following:
       *  - an IPv4 connection to the IPv4 destination,
       *  - an IPv6 connection to an IPv6 destination,
       *  - an attempt to try to reach an IPv6 destination (if AAAA
       *    record found), but failing -- without fallbacks -- because:
       *     o getaddrinfo supports IPv6 but the system does not
       *     o IPv6 routing doesn't exist, so falling back to e.g. TCP
       *       timeouts
       *     o IPv6 server reached, but service not IPv6-enabled or
       *       firewalled away
       *  - if the first destination is not reached, there is no
       *    fallback to the next records
       */
      struct addrinfo hints, *res;
      int error, sockfd;

      memset(&hints, 0, sizeof(hints));
      hints.ai_family = AF_UNSPEC;
      hints.ai_socktype = SOCK_STREAM;

      error = getaddrinfo(SERVER_NODE, SERVICE, &hints, &res);
      if (error != 0) {
           /* handle getaddrinfo error */
      }

      sockfd = socket(res->family, res->ai_socktype, res->ai_protocol);
      if (sockfd < 0) {
           /* handle socket error */
      }

      if (connect(sockfd, res->ai_addr, res->ai_addrlen) < 0 ) {
           /* handle connect error */
      }

      /* ... */

      freeaddrinfo(res);


6.2.3 Binary/presentation format conversion

     In addition, we should consider the binary and presentation address
     format conversion APIs.  The following functions convert network
     address structure in its presentation address format and vice
     versa:

       inet_ntop()
       inet_pton()




Shin et al.                Expires June 2004                   [Page 17]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


     Both are from the basic socket extensions for IPv6. Since these
     functions are not protocol independent, we should write code for
     the different address families.

     A more detailed examples are described in appendix A.

     Note that inet_ntop()/inet_pton() lose the scope identifier (if
     used e.g. with link-local addresses) in the conversions, contrary
     to the getaddrinfo()/getnameinfo() functions.


6.3 Iterated jobs for finding the working address

     In a client code, when multiple addresses are returned from
     getaddrinfo(), we should try all of them until connection succeds.
     When a failure occurs with socket(), connect(), bind(), or some
     other function, go on to try the next address.

     In addition, if something is wrong with the socket call because the
     address family is not supported (i.e., in case of section 4.4),
     applications should try the next address structure.

     Note: in the following examples, the socket() return value error
     handling could be simplied by substituting special checking of
     specific error numbers by always continuing on with the socket
     loop.  Whether this is a better idea should be considered in more
     detail.


6.3.1 Example of TCP server application


     The previous example TCP server example should be written:

      #define MAXSOCK 2
      struct addrinfo hints, *res;
      int error, sockfd[MAXSOCK], nsock=0;

      memset(&hints, 0, sizeof(hints));
      hints.ai_flags = AI_PASSIVE;
      hints.ai_family = AF_UNSPEC;
      hints.ai_socktype = SOCK_STREAM;

      error = getaddrinfo(NULL, SERVICE, &hints, &res);
      if (error != 0) {
          /* handle getaddrinfo error */
      }

      for (aip=res; aip && nsock < MAXSOCK; aip=aip->ai_next) {
          sockfd[nsock] = socket(aip->ai_family,
                                 aip->ai_socktype,
                                 aip->ai_protocol);




Shin et al.                Expires June 2004                   [Page 18]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


          if (sockfd[nsock] < 0) {
              switch errno {
                   case EAFNOSUPPORT:
                   case EPROTONOSUPPORT:
                       /*
                        *  e.g., skip the errors until
                        *  the last address family,
                        *  see section 4.4.
                        */
                        if (aip->ai_next)
                                continue;
                        else {
                               /* handle unknown protocol errors */
                                break;
                        }
                   default:
                        /* handle other socket errors */
                        ;
               }

          } else {
              int on = 1;
              /* optional: works better if dual-binding to wildcard
                 address */
              if (aip->ai_family == AF_INET6) {
                  setsockopt(sockfd[nsock], IPPROTO_IPV6, IPV6_V6ONLY,
                             (char *)&on, sizeof(on));
                  /* errors are ignored */
              }
              if (bind(sockfd[nsock], aip->ai_addr,
                                      aip->ai_addrlen) < 0 ) {
                  /* handle bind error */
                  close(sockfd[nsock]);
                  continue;
              }
              if (listen(sockfd[nsock], SOMAXCONN) < 0) {
                  /* handle listen errors */
                  close(sockfd[nsock]);
                  continue;
              }
          }
          nsock++;
      }
      freeaddrinfo(res);

      /* check that we were able to obtain the sockets */


6.3.2 Example of TCP client application

     The previous TCP client example should be written:





Shin et al.                Expires June 2004                   [Page 19]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      struct addrinfo hints, *res, *aip;
      int sockfd, error;

      memset(&hints, 0, sizeof(hints));
      hints.ai_family   = AF_UNSPEC;
      hints.ai_socktype = SOCK_STREAM;

      error = getaddrinfo(SERVER_NODE, SERVICE, &hints, &res);
      if (error != 0) {
          /* handle getaddrinfo error */
      }

      for (aip=res; aip; aip=aip->ai_next) {

          sockfd = socket(aip->ai_family,
                          aip->ai_socktype,
                          aip->ai_protocol);

          if (sockfd < 0) {
              switch errno {
                   case EAFNOSUPPORT:
                   case EPROTONOSUPPORT:
                       /*
                        *  e.g., skip the errors until
                        *  the last address family,
                        *  see section 4.4.
                        */
                        if (aip->ai_next)
                                continue;
                        else {
                               /* handle unknown protocol errors */
                                break;
                        }

                   default:
                        /* handle other socket errors */
                        ;
               }

          } else {
              if (connect(sockfd, aip->ai_addr, aip->ai_addrlen) == 0)
                  break;

              /* handle connect errors */
              close(sockfd);
              sockfd=-1;
          }
      }

      if (sockfd > 0) {
          /* socket connected to server address */





Shin et al.                Expires June 2004                   [Page 20]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


          /* ... */
      }

      freeaddrinfo(res);


7. Transition mechanism considerations

     A mechanism, [NAT-PT], introduces a special set of addresses,
     formed of NAT-PT prefix and an IPv4 address; this refers to IPv4
     addresses, translated by NAT-PT DNS-ALG.  In some cases, one might
     be tempted to handle these differently.

     However, IPv6 applications must not be required to distinguish
     "normal" and "NAT-PT translated" addresses (or any other kind of
     special addresses, including the IPv6-mapped IPv4-addresses):  that
     would be completely unscalable, and if such distinction must be
     made, it must be done elsewhere (e.g. kernel, system libraries).


8. Security considerations

     TBD.

     One particular point about application transition is how IPv4-
     mapped IPv6-addresses are handled.  The use in the API can be seen
     as both a merit (easier application transition) and as a burden
     (difficulty in ensuring whether the use was legimate) [V6MAPPED].
     This may have to be considered in more detail.


9. References

 Normative References

 [RFC 3493]  R. Gilligan, S. Thomson, J. Bound, W. Stevens, "Basic
             Socket Interface Extensions for IPv6," RFC 3493, February
             2003.

 [RFC 3542]  W. Stevens, M. Thomas, E. Nordmark, T. Jinmei, "Advanced
             Sockets Application Program Interface (API) for IPv6,"
             RFC 3542, May 2003.

 [BIS]       K. Tsuchiya, H. Higuchi, Y. Atarashi, "Dual Stack Hosts
             using the "Bump-In-the-Stack" Technique (BIS)," RFC 2767,
             February 2000.

 [BIA]       S. Lee, M-K. Shin, Y-J. Kim, E. Nordmark, A. Durand,
             "Dual Stack Hosts using "Bump-in-the-API" (BIA)," RFC
             3338, October 2002.

 [2893BIS]   E. Nordmark, "Transition Mechanisms for IPv6 Hosts and




Shin et al.                Expires June 2004                   [Page 21]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


             Routers," <draft-ietf-v6ops-mech-v2-02.txt>, February 2003,
             Work-in-progress.

 [RFC 2460]  S. Deering, R. Hinden, "Internet Protocol, Version 6
             (IPv6) Specification,", RFC 2460, December 1998.

 [RFC 3484]  R. Draves, "Default Address Selection for IPv6,"
             RFC 3484, February 2003.


 Informative References

 [RFC 2732]  R. Hinden, B. Carpenter, L. Masinter, "Format for Literal
             IPv6 Addresses in URL's," RFC 2732, December 1999.

 [NAT-PT]    G. Tsirtsis, P. Srisuresh, "Network Address Translation
             - Protocol Translation (NAT-PT)," RFC 2766, February 2000.

 [DNSTRANS]  A. Durand, J. Ihren, "DNS IPv6 transport operational
             guidelines," <draft-ietf-dnsop-ipv6-transport-guidelines-
             00.txt>, June 2003, Work in Progress.

 [DNSOPV6]   A. Durand, J. Ihren, P. Savola, "Operational Considerations
             and Issues with IPv6 DNS," <draft-ietf-dnsop-ipv6-dns-
             issues-03.txt>, November 2003, Work in Progress.

 [AF-APP]    Jun-ichiro itojun Hagino, "Implementing AF-independent
             application", http://www.kame.net/newsletter/19980604/,
             2001.

 [V6MAPPED]  Jun-ichiro itojun Hagino, "IPv4 mapped address
             considered harmful", <draft-itojun-v6ops-v4mapped-
             harmful-00.txt>, Apr 2002, Work in Progress.

 [IP-GGF]    T. Chown, J. Bound, S. Jiang, P. O'Hanlon, "Guidelines for
             IP version independence in GGF specifications," Global
             Grid Forum(GGF) Documentation, September 2003, Work in
             Progress.




Authors' addresses
  Myung-Ki Shin
  ETRI PEC
  161 Gajeong-Dong, Yuseong-Gu, Daejeon 305-350, Korea
  Tel : +82 42 860 4847
  Fax : +82 42 861 5404
  E-mail : mkshin@pec.etri.re.kr

  Yong-Guen Hong
  ETRI PEC




Shin et al.                Expires June 2004                   [Page 22]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


  161 Gajeong-Dong, Yuseong-Gu, Daejeon 305-350, Korea
  Tel : +82 42 860 6447
  Fax : +82 42 861 5404
  E-mail : yghong@pec.etri.re.kr

  Jun-ichiro itojun HAGINO
  Research Laboratory, Internet Initiative Japan Inc.
  Takebashi Yasuda Bldg.,
  3-13 Kanda Nishiki-cho,
  Chiyoda-ku,Tokyo 101-0054, JAPAN
  Tel: +81-3-5259-6350
  Fax: +81-3-5259-6351
  E-mail: itojun@iijlab.net

  Pekka Savola
  CSC/FUNET
  Espoo, Finland
  E-mail: psavola@funet.fi

  Eva M. Castro
  Rey Juan Carlos University (URJC)
  E-mail : eva@gsyc.escet.urjc.es




Appendix A. Binary/presentation format conversions

     The following functions convert network address structure in its
     presentation address format and vice versa:

       inet_ntop()
       inet_pton()

     Both are from the basic socket extensions for IPv6. Since these
     functions are not protocol independent, we should write code for
     the different address families.

     A more detailed examples are follows.


A.1 Network address to presentation format

     Conversions from network address structure to presentation format
     can be written:

      struct sockaddr_storage ss;
      char addrStr[INET6_ADDRSTRLEN];

      /* fill ss structure */

      switch (ss.ss_family) {




Shin et al.                Expires June 2004                   [Page 23]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


           case AF_INET:
                inet_ntop(ss.ss_family,
                         &((struct sockaddr_in *)&ss)->sin_addr,
                         addrStr,
                         sizeof(addrStr));
                break;

           case AF_INET6:
                inet_ntop(ss.ss_family,
                          &((struct sockaddr_in6 *)&ss)->sin6_addr,
                          addrStr,
                          sizeof(addrStr));

                break;

           default:
                /* handle unknown family */
      }

     Note, the destination buffer addrStr should be long enough to
     contain the presentation address format: INET_ADDRSTRLEN for IPv4
     and INET6_ADDRSTRLEN for IPv6. Since INET6_ADDRSTRLEN is longer
     than INET_ADDRSTRLEN, the first one is used as the destination
     buffer length.

     However, this conversion is protocol dependent. We can write the
     same conversion using getnameinfo() in a protocol independent way.

      struct sockaddr_storage ss;
      char addrStr[INET6_ADDRSTRLEN];
      char servStr[NI_MAXSERV];
      int error;

      /* fill ss structure */

      error = getnameinfo((struct sockaddr *)&ss, sizeof(ss),
                          addrStr, sizeof(addrStr),
                          servStr, sizeof(servStr),
                          NI_NUMERICHOST);


A.2 presentation format to network address

     Conversions from presentation format to network address structure
     can be written as follows:

      struct sockaddr_storage ss;
      struct sockaddr_in *sin;
      struct sockaddr_in6 *sin6;
      char addrStr[INET6_ADDRSTRLEN];

      /* fill addrStr buffer and ss.ss_family */




Shin et al.                Expires June 2004                   [Page 24]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


      switch (ss.ss_family) {
            case AF_INET:
                  sin = (struct sockaddr_in *)&ss;
                  inet_pton(ss.ss_family,
                            addrStr,
                            (sockaddr *)&sin->sin_addr));
                  break;

            case AF_INET6:
                  sin6 = (struct sockaddr_in6 *)&ss;
                  inet_pton(ss.ss_family,
                            addrStr,
                            (sockaddr *)&sin6->sin6_addr);
                  break;

            default:
                /* handle unknown family */
      }

     Note, the address family of the presentation format must be known.

     This conversion may be also written in a protocol independent way
     using getaddrinfo().

      struct addrinfo hints, *res;
      char addrStr[INET6_ADDRSTRLEN];
      int error;

      /* fill addrStr buffer */

      memset(&hints, 0, sizeof(hints));
      hints.ai_family = AF_UNSPEC;

      error = getaddrinfo(addrStr, NULL, &hints, &res);
      if (error != 0) {
          /* handle getaddrinfo error */
      }

      /* res->ai_addr contains the network address structure */
      /* ... */

      freeaddrinfo(res);














Shin et al.                Expires June 2004                   [Page 25]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


Intellectual Property Statement

     The IETF takes no position regarding the validity or scope of any
     intellectual property or other rights that might be claimed to
     pertain to the implementation or use of the technology described in
     this document or the extent to which any license under such rights
     might or might not be available; neither does it represent that it
     has made any effort to identify any such rights. Information on the
     IETF's procedures with respect to rights in standards-track and
     standards-related documentation can be found in BCP-11. Copies of
     claims of rights made available for publication and any assurances
     of licenses to be made available, or the result of an attempt made
     to obtain a general license or permission for the use of such
     proprietary rights by implementors or users of this specification
     can be obtained from the IETF Secretariat.

     The IETF invites any interested party to bring to its attention any
     copyrights, patents or patent applications, or other proprietary
     rights which may cover technology that may be required to practice
     this standard. Please address the information to the IETF Executive
     Director.


Full Copyright Statement

     Copyright (C) The Internet Society (2003). All Rights Reserved.

     This document and translations of it may be copied and furnished to
     others, and derivative works that comment on or otherwise explain
     it or assist in its implementation may be prepared, copied,
     published and distributed, in whole or in part, without restriction
     of any kind, provided that the above copyright notice and this
     paragraph are included on all such copies and derivative works.
     However, this document itself may not be modified in any way, such
     as by removing the copyright notice or references to the Internet
     Society or other Internet organizations, except as needed for the
     purpose of developing Internet standards in which case the
     procedures for copyrights defined in the Internet Standards process
     must be followed, or as required to translate it into languages
     other than English.

     The limited permissions granted above are perpetual and will not be
     revoked by the Internet Society or its successors or assignees.

     This document and the information contained herein is provided on
     an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
     ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
     IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
     THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
     WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.






Shin et al.                Expires June 2004                   [Page 26]

INTERNET-DRAFT   Application Aspects of IPv6 Transition    December 2003


Acknowledgement

     Funding for the RFC Editor function is currently provided by the
     Internet Society.




















































Shin et al.                Expires June 2004                   [Page 27]


Html markup produced by rfcmarkup 1.109, available from https://tools.ietf.org/tools/rfcmarkup/