[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01 02 03 04 05 06 07 08 09 10 11
12 13 14 15 16 17 18 19 20 21 22 23
24 25 26 27 28 29 30 31 32 33 34 35
36 37 38 39 40 41 42 43 44 45 46 47
48 49 50 51 52 53 54 55 56 57 58 59
60 61 62 63 64 65 66 67 68 69 70 71
72 73 74 75 76 77 78 79 80 81 82
draft-templin-intarea-6706bis
Network Working Group F. Templin, Ed.
Internet-Draft Boeing Research & Technology
Obsoletes: rfc6706 (if approved) January 20, 2014
Intended status: Standards Track
Expires: July 24, 2014
Transmission of IPv6 Packets over AERO Links
draft-templin-aerolink-03.txt
Abstract
This document specifies the operation of IPv6 over tunnel virtual
Non-Broadcast, Multiple Access (NBMA) links using Automatic Extended
Route Optimization (AERO). Nodes attached to AERO links can exchange
packets via trusted intermediate routers on the link that provide
forwarding services to reach off-link destinations and/or redirection
services to inform the node of an on-link neighbor that is closer to
the final destination. Operation of the IPv6 Neighbor Discovery (ND)
protocol over AERO links is based on an IPv6 link local address
format known as the AERO address.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 24, 2014.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Templin Expires July 24, 2014 [Page 1]
Internet-Draft AERO January 2014
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Asymmetric Extended Route Optimization (AERO) . . . . . . . . 5
3.1. AERO Interface Characteristics . . . . . . . . . . . . . . 5
3.2. AERO Node Types . . . . . . . . . . . . . . . . . . . . . 7
3.3. AERO Addresses . . . . . . . . . . . . . . . . . . . . . . 7
3.4. AERO Reference Operational Scenario . . . . . . . . . . . 8
3.5. AERO Prefix Delegation and Router Discovery . . . . . . . 10
3.5.1. AERO Client Behavior . . . . . . . . . . . . . . . . . 10
3.5.2. AERO Server Behavior . . . . . . . . . . . . . . . . . 10
3.6. AERO Neighbor Solicitation and Advertisement . . . . . . . 11
3.7. AERO Redirection . . . . . . . . . . . . . . . . . . . . . 12
3.7.1. Classical Redirection Approaches . . . . . . . . . . . 12
3.7.2. AERO Redirection Concept of Operations . . . . . . . . 13
3.7.3. AERO Redirection Message Format . . . . . . . . . . . 14
3.7.4. Sending Predirects . . . . . . . . . . . . . . . . . . 15
3.7.5. Processing Predirects and Sending Redirects . . . . . 16
3.7.6. Re-encapsulating and Relaying Redirects . . . . . . . 17
3.7.7. Processing Redirects . . . . . . . . . . . . . . . . . 17
3.8. Neighbor Reachability Considerations . . . . . . . . . . . 18
3.9. MTU Considerations . . . . . . . . . . . . . . . . . . . . 18
3.10. Mobility and Link-Layer Address Change Considerations . . 19
3.11. Underlying Protocol Version Considerations . . . . . . . . 19
3.12. Multicast Considerations . . . . . . . . . . . . . . . . . 19
3.13. Operation on Server-less AERO Links . . . . . . . . . . . 19
4. Implementation Status . . . . . . . . . . . . . . . . . . . . 20
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20
6. Security Considerations . . . . . . . . . . . . . . . . . . . 20
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 20
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
8.1. Normative References . . . . . . . . . . . . . . . . . . . 21
8.2. Informative References . . . . . . . . . . . . . . . . . . 22
Appendix A. AERO Server and Relay Interworking . . . . . . . . . 23
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 24
Templin Expires July 24, 2014 [Page 2]
Internet-Draft AERO January 2014
1. Introduction
This document specifies the operation of IPv6 over tunnel virtual
Non-Broadcast, Multiple Access (NBMA) links using Automatic Extended
Route Optimization (AERO). Nodes attached to AERO links can exchange
packets via trusted intermediate routers on the link that provide
forwarding services to reach off-link destinations and/or redirection
services to inform the node of an on-link neighbor that is closer to
the final destination.
Nodes on AERO links use an IPv6 link-local address format known as
the AERO Address. This address type has properties that statelessly
link IPv6 Neighbor Discovery (ND) to IPv6 routing. The AERO link can
be used for tunneling to neighboring nodes on either IPv6 or IPv4
networks, i.e., AERO views the IPv6 and IPv4 networks as equivalent
links for tunneling. The remainder of this document presents the
AERO specification.
2. Terminology
The terminology in the normative references applies; the following
terms are defined within the scope of this document:
AERO link
a Non-Broadcast, Multiple Access (NBMA) tunnel virtual overlay
configured over a node's attached IPv6 and/or IPv4 networks. All
nodes on the AERO link appear as single-hop neighbors from the
perspective of IPv6.
AERO interface
a node's attachment to an AERO link.
AERO address
an IPv6 link-local address assigned to an AERO interface and
constructed as specified in Section 3.3.
AERO node
a node that is connected to an AERO link and that participates in
IPv6 Neighbor Discovery over the link.
AERO Server ("server")
a node that configures an advertising router interface on an AERO
link over which it can provide default forwarding and redirection
services for other AERO nodes.
Templin Expires July 24, 2014 [Page 3]
Internet-Draft AERO January 2014
AERO Client ("client")
a node that configures a non-advertising router interface on an
AERO link over which it can connect End User Networks (EUNs) to
the AERO link.
AERO Relay ("relay")
a node that relays IPv6 packets between Servers on the same AERO
link, and/or that forwards IPv6 packets between the AERO link and
the IPv6 Internet. An AERO Relay may or may not also be
configured as an AERO Server.
ingress tunnel endpoint (ITE)
an AERO interface endpoint that injects packets into an AERO link.
egress tunnel endpoint (ETE)
an AERO interface endpoint that receives tunneled packets from an
AERO link.
underlying network
a connected IPv6 or IPv4 network routing region over which AERO
nodes tunnel IPv6 packets.
underlying interface
an AERO node's interface point of attachment to an underlying
network.
underlying address
an IPv6 or IPv4 address assigned to an AERO node's underlying
interface. When UDP encapsulation is used, the UDP port number is
also considered as part of the underlying address. Underlying
addresses are used as the source and destination addresses of the
AERO encapsulation header.
link-layer address
the same as defined for "underlying address" above.
network layer address
an IPv6 address used as the source or destination address of the
inner IPv6 packet header.
end user network (EUN)
an IPv6 network attached to a downstream interface of an AERO
Client (where the AERO interface is seen as the upstream
interface).
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Templin Expires July 24, 2014 [Page 4]
Internet-Draft AERO January 2014
3. Asymmetric Extended Route Optimization (AERO)
The following sections specify the operation of IPv6 over Automatic
Extended Route Optimization (AERO) links:
3.1. AERO Interface Characteristics
All nodes connected to an AERO link configure their AERO interfaces
as router interfaces (not host interfaces). End system applications
therefore do not bind directly to the AERO interface, but rather bind
to end user network (EUN) interfaces beyond which their packets may
be forwarded over an AERO interface.
AERO interfaces use IPv6-in-IPv6 encapsulation [RFC2473] to exchange
tunneled packets with AERO neighbors attached to an underlying IPv6
network, and use IPv6-in-IPv4 encapsulation [RFC4213] to exchange
tunneled packets with AERO neighbors attached to an underlying IPv4
network. AERO interfaces can also use IPsec encapsulation [RFC4301]
(either IPv6-in-IPv6 or IPv6-in-IPv4) in environments where strong
authentication and confidentiality are required.
AERO interfaces further use the Subnetwork Encapsulation and
Adaptation Layer (SEAL) [I-D.templin-intarea-seal] and can therefore
configure an unlimited Maximum Transmission Unit (MTU). This entails
the insertion of a SEAL header (i.e., an IPv6 fragment header with
the S bit set to 1) between the inner IPv6 header and the outer IP
encapsulation header. When NAT traversal and/or filtering middlebox
traversal is necessary, a UDP header is further inserted between the
outer IP encapsulation header and the SEAL header. (Note that while
[RFC6980] forbids fragmentation of IPv6 ND messages, the SEAL
fragmentation header applies only to the outer tunnel encapsulation
and not the inner IPv6 ND packet.)
AERO interfaces maintain a neighbor cache and use a variation of
standard unicast IPv6 ND messaging. AERO interfaces use Neighbor
Solicitation (NS), Neighbor Advertisement (NA) and Redirect messages
the same as for any IPv6 link. They do not use Router Solicitation
(RS) and Router Advertisement (RA) messages for several reasons.
First, default router discovery is supported through other means more
appropriate for AERO links as described below. Second, discovery of
more-specific routes is through the receipt of NS, NA and Redirect
messages. Finally, AERO links do not use any on-link prefixes other
than link-local; hence, there is no need for prefix discovery.
AERO Neighbor Solicitation (NS) and Neighbor Advertisement (NA)
messages do not include Source/Target Link Layer Address Options
(S/TLLAO). Instead, AERO nodes determine the link-layer addresses of
neighbors by examining the encapsulation source address of any NS/NA
Templin Expires July 24, 2014 [Page 5]
Internet-Draft AERO January 2014
messages they receive and ignore any S/TLLAOs included in these
messages. This is vital to the operation of AERO links for which
neighbors are separated by Network Address Translators (NATs) -
either IPv4 or IPv6.
AERO Redirect messages include a TLLAO the same as for any IPv6 link.
The TLLAO includes the link-layer address of the target node,
including both the IP address and the UDP source port number used by
the target when it sends UDP-encapsulated packets over the AERO
interface (the TLLAO instead encodes the value 0 when the target does
not use UDP encapsulation). TLLAOs for target nodes that use an IPv6
underlying address include the full 16 bytes of the IPv6 address as
shown in Figure 1, while TLLAOs for target nodes that use an IPv4
underlying address include only the 4 bytes of the IPv4 address as
shown in Figure 2.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 2 | Length = 3 | UDP Source Port (or 0) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+-- --+
| |
+-- IPv6 Address --+
| |
+-- --+
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: AERO TLLAO Format for IPv6
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 2 | Length = 1 | UDP Source Port (or 0) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: AERO TLLAO Format for IPv4
Finally, nodes on AERO interfaces use a simple data origin
authentication for encapsulated packets they receive from other
Templin Expires July 24, 2014 [Page 6]
Internet-Draft AERO January 2014
nodes. In particular, AERO Clients accept encapsulated packets with
a link-layer source address belonging to their current AERO Server.
AERO nodes also accept encapsulated packets with a link-layer source
address that is correct for the network-layer source address. The
AERO node considers the link-layer source address correct for the
network-layer source address if there is an IPv6 route that matches
the network-layer source address as well as a neighbor cache entry
corresponding to the next hop that includes the link-layer address.
3.2. AERO Node Types
AERO Servers configure their AERO link interfaces as router
interfaces, and provide default routing services to AERO Clients.
AERO Clients also configure their AERO link interfaces as router
interfaces, i.e., even if the AERO Client otherwise displays the
outward characteristics of an ordinary host (for example, the Client
may internally configure both an AERO interface and (virtual) EUN
interfaces). AERO Clients are provisioned with IPv6 Prefix
Delegations either through a DHCPv6 Prefix Delegation exchange with
an AERO Server over the AERO link or via a static delegation obtained
through an out-of-band exchange with an AERO link prefix delegation
authority. Each AERO Client receives at least a /64 prefix
delegation, and may receive even shorter prefixes.
AERO Relays relay packets between nodes connected to the same AERO
link and also forward packets between the AERO link and the native
IPv6 network. The relaying process entails re-encapsulation of IPv6
packets that were received from a first AERO node and are to be
forwarded without modification to a second AERO node.
3.3. AERO Addresses
An AERO address is an IPv6 link-local address assigned to an AERO
interface and with an IPv6 prefix embedded within the interface
identifier. The AERO address is formatted as:
fe80::[IPv6 prefix]
Each AERO Client configures an AERO address based on the delegated
prefix it has received from the AERO link prefix delegation
authority. The address begins with the prefix fe80::/64 and includes
in its interface identifier the base /64 prefix taken from the
Client's delegated IPv6 prefix. The base prefix is determined by
masking the delegated prefix with the prefix length. For example, if
an AERO Client has received the prefix delegation:
Templin Expires July 24, 2014 [Page 7]
Internet-Draft AERO January 2014
2001:db8:1000:2000::/56
it would construct its AERO address as:
fe80::2001:db8:1000:2000
An AERO Client may receive multiple discontiguous IPv6 prefix
delegations, in which case it would configure multiple AERO addresses
- one for each prefix.
Each AERO Server configures the special AERO address fe80::1 to
support the operation of IPv6 Neighbor Discovery over the AERO link;
the address therefore has the properties of an IPv6 Anycast address.
While all Servers configure the same AERO address and therefore
cannot be distinguished from one another at the network layer,
Clients can still distinguish Servers at the link layer by examining
the Servers' link-layer addresses.
Nodes that are configured as pure AERO Relays (i.e., and that do not
also act as Servers) do not configure an IPv6 address of any kind on
their AERO interfaces. The Relay's AERO interface is therefore used
purely for transit and does not participate in IPv6 ND message
exchanges.
3.4. AERO Reference Operational Scenario
Figure 3 depicts the AERO reference operational scenario. The figure
shows an AERO Server('A'), two AERO Clients ('B', 'D') and three
ordinary IPv6 hosts ('C', 'E', 'F'):
Templin Expires July 24, 2014 [Page 8]
Internet-Draft AERO January 2014
.-(::::::::)
.-(::: IPv6 :::)-. +-------------+
(:::: Internet ::::)--| Host F |
`-(::::::::::::)-' +-------------+
`-(::::::)-' 2001:db8:3::1
|
+--------------+
| AERO Server A|
| (C->B; E->D) |
+--------------+
fe80::1
L2(A)
|
X-----+-----------+-----------+--------X
| AERO Link |
L2(B) L2(D)
fe80::2001:db8:0:0 fe80::2001:db8:1:0 .-.
+--------------+ +--------------+ ,-( _)-.
| AERO Client B| | AERO Client D| .-(_ IPv6 )-.
| (default->A) | | (default->A) |--(__ EUN )
+--------------+ +--------------+ `-(______)-'
2001:DB8:0::/48 2001:DB8:1::/48 |
| 2001:db8:1::1
.-. +-------------+
,-( _)-. 2001:db8:0::1 | Host E |
.-(_ IPv6 )-. +-------------+ +-------------+
(__ EUN )--| Host C |
`-(______)-' +-------------+
Figure 3: AERO Reference Operational Scenario
In Figure 3, AERO Server ('A') connects to the AERO link and connects
to the IPv6 Internet, either directly or via other IPv6 routers (not
shown). Server ('A') assigns the address fe80::1 to its AERO
interface with link-layer address L2(A). Server ('A') next arranges
to add L2(A) to a published list of valid Servers for the AERO link.
AERO Client ('B') assigns the address fe80::2001:db8:0:0 to its AERO
interface with link-layer address L2(B). Client ('B') configures a
default route via the AERO interface with next-hop network-layer
address fe80::1 and link-layer address L2(A), then sub-delegates the
prefix 2001:db8:0::/48 to its attached EUNs. IPv6 host ('C')
connects to the EUN, and configures the network-layer address 2001:
db8:0::1.
AERO Client ('D') assigns the address fe80::2001:db8:1:0 to its AERO
interface with link-layer address L2(D). Client ('D') configures a
default route via the AERO interface with next-hop network-layer
Templin Expires July 24, 2014 [Page 9]
Internet-Draft AERO January 2014
address fe80::1 and link-layer address L2(A), then sub-delegates the
network-layer prefix 2001:db8:1::/48 to its attached EUNs. IPv6 host
('E') connects to the EUN, and configures the network-layer address
2001:db8:1::1.
Finally, IPv6 host ('F') connects to an IPv6 network outside of the
AERO link domain. Host ('F') configures its IPv6 interface in a
manner specific to its attached IPv6 link, and assigns the network-
layer address 2001:db8:3::1 to its IPv6 link interface.
3.5. AERO Prefix Delegation and Router Discovery
3.5.1. AERO Client Behavior
AERO Clients observe the IPv6 router requirements defined in
[RFC6434]. AERO Clients first discover the link-layer address of an
AERO Server via static configuration, or through an automated means
such as DNS name resolution. In the absence of other information,
the Client resolves the name "linkupnetworks.[domainname]", where
[domainname] is the DNS domain appropriate for the Client's attached
underlying network. The Client then creates a neighbor cache entry
with the IPv6 link-local address fe80::1 and the discovered address
as the link-layer address. The Client further creates a default
route with the link-local address fe80::1 as the next hop.
Next, the Client acts as a requesting router to obtain IPv6 prefixes
through DHCPv6 Prefix Delegation [RFC3633] via the Server. After the
Client acquires prefixes, it sub-delegates them to nodes and links
within its attached EUNs. It also assigns the link-local AERO
address(es) taken from its delegated prefix(es) to the AERO interface
(see: Section 3.3).
After configuring a default route and obtaining prefixes, the Client
sends periodic NS messages to the server to obtain new NAs in order
to keep neighbor cache entries alive. The Client can also forward
IPv6 packets destined to networks beyond its local EUNs via the
Server as an IPv6 default router. The Server may in turn return a
Redirect message informing the Client of a neighbor on the AERO link
that is topologically closer to the final destination as specified in
Section 3.7.
3.5.2. AERO Server Behavior
AERO Servers observe the IPv6 router requirements defined in
[RFC6434]. They further configure a DHCPv6 relay/server function on
their AERO links. When the Server delegates prefixes, it also
establishes forwarding table and neighbor cache entries that list the
AERO address of the Client as the next hop toward the delegated IPv6
Templin Expires July 24, 2014 [Page 10]
Internet-Draft AERO January 2014
prefixes (where the AERO address is constructed as specified in
Section 3.3).
Servers respond to NS messages from Clients on their AERO interfaces
by returning an NA message. When the Server receives an NS message,
it updates the neighbor cache entry using the network layer source
address as the neighbor's network layer address and using the link-
layer source address of the NS message as the neighbor's link-layer
address.
When the Server forwards a packet via the same AERO interface on
which it arrived, it initiates an AERO route optimization procedure
as specified in Section 3.7.
3.6. AERO Neighbor Solicitation and Advertisement
After an AERO node has received a prefix delegation, it creates an
AERO address as specified in Section 3.3. It can then send NS
messages to elicit NA messages from other AERO nodes. When the AERO
node sends NS/NA messages, however, it must also include the length
of the prefix corresponding to the AERO address. AERO NS/NA messages
therefore include a new 8-bit "Prefix Length" field take from the
low-order 8 bits of the Reserved field as shown in Figure 4 and
Figure 5.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type (=135) | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Prefix Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Target Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
Figure 4: AERO Neighbor Solicitation (NS) Message Format
Templin Expires July 24, 2014 [Page 11]
Internet-Draft AERO January 2014
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type (=136) | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| R|S|O| Reserved | Prefix Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Target Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
Figure 5: AERO Neighbor Advertisement (NA) Message Format
When an AERO node sends an NS/NA message, it MUST use its AERO
address as the IPv6 source address and MUST include its AERO address
prefix length in the Prefix Length field.
When an AERO node receives an NS/NA message, it accepts the message
if the Prefix Length applied to the source address is correct for the
neighbor; otherwise, it ignores the message.
3.7. AERO Redirection
Section 3.4 describes the AERO reference operational scenario. We
now discuss the operation and protocol details of AERO Redirection
with respect to this reference scenario.
3.7.1. Classical Redirection Approaches
With reference to Figure 3, when the IPv6 source host ('C') sends a
packet to an IPv6 destination host ('E'), the packet is first
forwarded via the EUN to AERO Client ('B'). Client ('B') then
forwards the packet over its AERO interface to AERO Server ('A'),
which then forwards the packet to AERO Client ('D'), where the packet
is finally forwarded to the IPv6 destination host ('E'). When Server
('A') forwards the packet back out on its advertising AERO interface,
it must arrange to redirect Client ('B') toward Client ('D') as a
better next-hop node on the AERO link that is closer to the final
destination. However, this redirection process applied to AERO
interfaces must be more carefully orchestrated than on ordinary links
since the parties may be separated by potentially many underlying
Templin Expires July 24, 2014 [Page 12]
Internet-Draft AERO January 2014
network routing hops.
Consider a first alternative in which Server ('A') informs Client
('B') only and does not inform Client ('D') (i.e., "classical
redirection"). In that case, Client ('D') has no way of knowing that
Client ('B') is authorized to forward packets from their claimed
network-layer source addresses, and it may simply elect to drop the
packets. Also, Client ('B') has no way of knowing whether Client
('D') is performing some form of source address filtering that would
reject packets arriving from a node other than a trusted default
router, nor whether Client ('D') is even reachable via a direct path
that does not involve Server ('A').
Consider a second alternative in which Server ('A') informs both
Client ('B') and Client ('D') separately, via independent redirection
control messages (i.e., "augmented redirection"). In that case, if
Client ('B') receives the redirection control message but Client
('D') does not, subsequent packets sent by Client ('B') could be
dropped due to filtering since Client ('D') would not have a route to
verify their source network-layer addresses. Also, if Client ('D')
receives the redirection control message but Client ('B') does not,
subsequent packets sent in the reverse direction by Client ('D')
would be lost.
Since both of these alternatives have shortcomings, a new redirection
technique (i.e., "AERO redirection") is needed.
3.7.2. AERO Redirection Concept of Operations
Again, with reference to Figure 3, when source host ('C') sends a
packet to destination host ('E'), the packet is first forwarded over
the source host's attached EUN to Client ('B'), which then forwards
the packet via its AERO interface to Server ('A').
Using AERO redirection, Server ('A') then forwards the packet out the
same AERO interface toward Client ('D') and also sends an AERO
"Predirect" message forward to Client ('D') as specified in
Section 3.7.4. The Predirect message includes Client ('B')'s
network- and link-layer addresses as well as information that Client
('D') can use to determine the IPv6 prefix used by Client ('B') .
After Client ('D') receives the Predirect message, it process the
message and returns an AERO Redirect message destined for Client
("B") via Server ('A') as specified in Section 3.7.5. During the
process, Client ('D') also creates or updates a neighbor cache entry
for Client ('B'), and creates an IPv6 route for Client ('B')'s IPv6
prefix.
When Server ('A') receives the Redirect message, it processes the
Templin Expires July 24, 2014 [Page 13]
Internet-Draft AERO January 2014
message and forwards it on to Client ('B') as specified in
Section 3.7.6. The message includes Client ('D')'s network- and
link-layer addresses as well as information that Client ('B') can use
to determine the IPv6 prefix used by Client ('D'). After Client
('B') receives the Redirect message, it processes the message as
specified in Section 3.7.7. During the process, Client ('B') also
creates or updates a neighbor cache entry for Client ('D'), and
creates an IPv6 route for Client ('D')'s IPv6 prefix.
Following the above Predirect/Redirect message exchange, forwarding
of packets from Client ('B') to Client ('D') without involving Server
('A) as an intermediary is enabled. The mechanisms that support this
exchange are specified in the following sections.
3.7.3. AERO Redirection Message Format
AERO Redirect/Predirect messages use the same format as for ICMPv6
Redirect messages depicted in Section 4.5 of [RFC4861], but also
include a new "Prefix Length" field taken from the low-order 8 bits
of the Redirect message Reserved field. The Redirect/Predirect
messages are formatted as shown in Figure 6:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type (=137) | Code (=0/1) | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Prefix Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Target Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Destination Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
Figure 6: AERO Redirect/Predirect Message Format
Templin Expires July 24, 2014 [Page 14]
Internet-Draft AERO January 2014
3.7.4. Sending Predirects
When an AERO Server forwards a packet out the same AERO interface
that it arrived on, the Server sends a Predirect message forward
toward the AERO Client nearest the destination instead of sending a
Redirect message back to AERO Client nearest the source.
In the reference operational scenario, when Server ('A') forwards a
packet sent by Client ('B') toward Client ('D'), it also sends a
Predirect message forward toward Client ('D'), subject to rate
limiting (see Section 8.2 of [RFC4861]). Server ('A') prepares the
Predirect message as follows:
o the link-layer source address is set to 'L2(A)' (i.e., the
underlying address of Server ('A')).
o the link-layer destination address is set to 'L2(D)' (i.e., the
underlying address of Client ('D')).
o the network-layer source address is set to fe80::1 (i.e., the AERO
address of Server ('A')).
o the network-layer destination address is set to fe80::2001:db8:1:0
(i.e., the AERO address of Client ('D')).
o the Type is set to 137.
o the Code is set to 1 to indicate "Predirect".
o the Prefix Length is set to the length of the prefix to be applied
to Target address.
o the Target Address is set to fe80::2001:db8:0::0 (i.e., the AERO
address of Client ('B')).
o the Destination Address is set to the IPv6 source address of the
packet that triggered the Predirection event.
o the message includes a TLLAO set to 'L2(B)' (i.e., the underlying
address of Client ('B')).
o the message includes a Redirected Header Option (RHO) that
contains the originating packet truncated to ensure that at least
the network-layer header is included but the size of the message
does not exceed 1280 bytes.
Server ('A') then sends the message forward to Client ('D').
Templin Expires July 24, 2014 [Page 15]
Internet-Draft AERO January 2014
3.7.5. Processing Predirects and Sending Redirects
When Client ('D') receives a Predirect message, it accepts the
message only if it has a link-layer source address of the Server,
i.e. 'L2(A)'. Client ('D') further accepts the message only if it
is willing to serve as a redirection target. Next, Client ('D')
validates the message according to the ICMPv6 Redirect message
validation rules in Section 8.1 of [RFC4861].
In the reference operational scenario, when the Client ('D') receives
a valid Predirect message, it either creates or updates a neighbor
cache entry that stores the Target Address of the message as the
network-layer address of Client ('B') and stores the link-layer
address found in the TLLAO as the link-layer address of Client ('B').
Client ('D') then applies the Prefix Length to the Interface
Identifier portion of the Target Address and records the resulting
IPv6 prefix in its IPv6 forwarding table.
After processing the message, Client ('D') prepares a Redirect
message response as follows:
o the link-layer source address is set to 'L2(D)' (i.e., the link-
layer address of Client ('D')).
o the link-layer destination address is set to 'L2(A)' (i.e., the
link-layer address of Server ('A')).
o the network-layer source address is set to 'L3(D)' (i.e., the AERO
address of Client ('D')).
o the network-layer destination address is set to 'L3(B)' (i.e., the
AERO address of Client ('B')).
o the Type is set to 137.
o the Code is set to 0 to indicate "Redirect".
o the Prefix Length is set to the length of the prefix to be applied
to the Target and Destination address.
o the Target Address is set to fe80::2001:db8:1::1 (i.e., the AERO
address of Client ('D')).
o the Destination Address is set to the IPv6 destination address of
the packet that triggered the Redirection event.
o the message includes a TLLAO set to 'L2(D)' (i.e., the underlying
address of Client ('D')).
Templin Expires July 24, 2014 [Page 16]
Internet-Draft AERO January 2014
o the message includes as much of the RHO copied from the
corresponding AERO Predirect message as possible such that at
least the network-layer header is included but the size of the
message does not exceed 1280 bytes.
After Client ('D') prepares the Redirect message, it sends the
message to Server ('A').
3.7.6. Re-encapsulating and Relaying Redirects
When Server ('A') receives a Redirect message, it accepts the message
only if it has a neighbor cache entry that associates the message's
link-layer source address with the network-layer source address.
Next, Server ('A') validates the message according to the ICMPv6
Redirect message validation rules in Section 8.1 of [RFC4861].
Following validation, Server ('A') re-encapsulates the Redirect as
discussed in [I-D.templin-intarea-seal], and then relays the re-
encapsulated Redirect on to Client ('B') as follows.
In the reference operational scenario, Server ('A') receives the
Redirect message from Client ('D') and prepares to forward a
corresponding Redirect message to Client ('B'). Server ('A') then
verifies that Client ('D') is authorized to use the Prefix Length in
the Redirect message when applied to the AERO address in the network-
layer source of the Redirect message, and discards the message if
verification fails. Otherwise, Server ('A') re-encapsulates the
redirect by changing the link-layer source address of the message to
'L2(A)', changing the network-layer source address of the message to
fe80::1, and changing the link-layer destination address to 'L2(B)' .
Server ('A') finally relays the re-encapsulated message to the
ingress node ('B') without decrementing the network-layer IPv6 header
Hop Limit field.
While not shown in Figure 3, AERO Relays relay Redirect and Predirect
messages in exactly this same fashion described above. See Figure 7
in Appendix A for an extension of the reference operational scenario
that includes Relays.
3.7.7. Processing Redirects
When Client ('B') receives the Redirect message, it accepts the
message only if it has a link-layer source address of the Server,
i.e. 'L2(A)'. Next, Client ('B') validates the message according to
the ICMPv6 Redirect message validation rules in Section 8.1 of
[RFC4861]. Following validation, Client ('B') then processes the
message as follows.
In the reference operational scenario, when Client ('B') receives the
Templin Expires July 24, 2014 [Page 17]
Internet-Draft AERO January 2014
Redirect message, it either creates or updates a neighbor cache entry
that stores the Target Address of the message as the network-layer
address of Client ('D') and stores the link-layer address found in
the TLLAO as the link-layer address of Client ('D'). Client ('B')
then applies the Prefix Length to the Interface Identifier portion of
the Target Address and records the resulting IPv6 prefix in its IPv6
forwarding table.
Now, Client ('B') has an IPv6 forwarding table entry for
Client('D')'s prefix, and Client ('D') has an IPv6 forwarding table
entry for Client ('B')'s prefix. Thereafter, the clients may
exchange ordinary network-layer data packets directly without
forwarding through Server ('A').
3.8. Neighbor Reachability Considerations
When a source Client discovers a target neighbor (either through
redirection or some other means) it MUST test the direct path to the
target by sending an initial NS message to elicit a solicited NA
response. While testing the path, the Client SHOULD continue sending
packets via the Server until target reachability has been confirmed.
The Client MUST thereafter follow the Neighbor Unreachability
Detection (NUD) procedures in Section 7.3 of [RFC4861], and can
resume sending packets via the Server at any time the direct path
appears to be failing.
If the Client is unable to elicit an NA response after MAX_RETRY
attempts, it SHOULD consider the direct path unusable for forwarding
purposes but still viable for ingress filtering purposes.
If reachability is confirmed, the Client SHOULD thereafter process
any link-layer errors as a hint that the direct path to the target
has either failed or has become intermittent.
3.9. MTU Considerations
As specified in Section 3.1, AERO interfaces configure an unlimited
MTU (here, "unlimited' means 64KB minus overhead for encapsulation
over IPv4, and 4GB minus overhead for encapsulation over IPv6). The
use of SEAL also ensures that packets up to 1500 bytes in length are
delivered over the AERO link, while larger packets can still be used
when the AERO link can support the larger size without fragmentation.
AERO Clients SHOULD examine the Maximum Segment Size (MSS) value in
TCP connection requests involving a host on their attached end user
network. The Client SHOULD rewrite the MSS value to a size that
would avoid SEAL fragmentation and path MTU black holes in the vast
majority of cases, i.e., at most 1500 bytes minus the TCP, IPv6 and
Templin Expires July 24, 2014 [Page 18]
Internet-Draft AERO January 2014
encapsulation header lengths (see: [RFC0879][RFC6691]).
By writing a reduced value in the TCP MSS, the AERO Client ensures
that the resulting TCP session will use packet sizes small enough to
avoid SEAL fragmentation and reassembly. The communicating endpoints
can subsequently negotiate for larger packet sizes using
Packetization Layer Path MTU Discovery (PLMPMTUD) [RFC4821], which
searches for successful packet sizes larger than the original MSS.
Other protocol types that do not include an MSS exchange in their
connection establishment (e.g., UDP) will still see a 1500 byte
minimum MTU even if a small amount of fragmentation and reassembly
are necessary.
3.10. Mobility and Link-Layer Address Change Considerations
When a Client needs to change its link-layer address (e.g., due to a
mobility event, due to a change in underlying network interface,
etc.), it sends an immediate NS message forward to any of its
correspondents (including the Server and any other Clients) which
then discover the new link-layer address.
If two Clients change their link-layer addresses simultaneously, the
NS/NA exchange(s) may fail. In that case, the Clients follow the
same NUD procedures specified in Section 3.8.
3.11. Underlying Protocol Version Considerations
A source Client may connect only to an IPvX underlying network, while
the target Client connects only to an IPvY underlying network. In
that case, the source Client has no means for reaching the target
directly (since they connect to underlying networks of different IP
protocol versions) and so must ignore any Redirects and continue to
send packets via the Server.
3.12. Multicast Considerations
When the underlying network supports multicast, AERO nodes use the
multicast address mapping specification found in [RFC2529] for IPv4
underlying networks and use a direct multicast mapping for IPv6
underlying networks. (In the latter case, "direct multicast mapping"
means that if the IPv6 multicast destination address of the inner
packet is "M", then the IPv6 multicast destination address of the
encapsulating header is also "M".)
3.13. Operation on Server-less AERO Links
In some AERO link scenarios, there may be no Server on the link
and/or no need for Clients to use a Server as an intermediary trust
Templin Expires July 24, 2014 [Page 19]
Internet-Draft AERO January 2014
anchor. In that case, Clients can establish neighbor cache entries
and IPv6 routes by performing direct NS/NA exchanges, and some other
form of trust basis must be applied so that each Client can verify
that the prospective neighbor is authorized to use its claimed
prefix.
When there is no Server on the link, Clients must arrange to receive
prefix delegations and publish the delegations via a secure prefix
discovery service through some means outside the scope of this
document.
4. Implementation Status
An early implementation is available at:
http://linkupnetworks.com/seal/sealv2-1.0.tgz.
5. IANA Considerations
There are no IANA actions required for this document.
6. Security Considerations
AERO link security considerations are the same as for standard IPv6
Neighbor Discovery [RFC4861] except that AERO improves on some
aspects. In particular, AERO is dependent on a trust basis between
AERO Clients and Servers, where the Clients only engage in the AERO
mechanism when it is facilitated by a trust anchor.
AERO links must be protected against link-layer address spoofing
attacks in which an attacker on the link pretends to be a trusted
neighbor. Links that provide link-layer securing mechanisms (e.g.,
WiFi networks) and links that provide physical security (e.g.,
enterprise network LANs) provide a first line of defense that is
often sufficient. In other instances, securing mechanisms such as
Secure Neighbor Discovery (SeND) [RFC3971] or IPsec [RFC4301] must be
used.
7. Acknowledgements
Discussions both on the v6ops list and in private exchanges helped
shape some of the concepts in this work. Individuals who contributed
insights include Mikael Abrahamsson, Fred Baker, Stewart Bryant,
Brian Carpenter, Brian Haberman, Joel Halpern, and Lee Howard.
Members of the IESG also provided valuable input during their review
Templin Expires July 24, 2014 [Page 20]
Internet-Draft AERO January 2014
process that greatly improved the document. Special thanks go to
Stewart Bryant, Joel Halpern and Brian Haberman for their shepherding
guidance.
This work has further been encouraged and supported by Boeing
colleagues including Balaguruna Chidambaram, Jeff Holland, Cam
Brodie, Yueli Yang, Wen Fang, Ed King, Mike Slane, Kent Shuey, Gen
MacLean, and other members of the BR&T and BIT mobile networking
teams.
Earlier works on NBMA tunneling approaches are found in
[RFC2529][RFC5214][RFC5569].
8. References
8.1. Normative References
[I-D.templin-intarea-seal]
Templin, F., "The Subnetwork Encapsulation and Adaptation
Layer (SEAL)", draft-templin-intarea-seal-68 (work in
progress), January 2014.
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981.
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, September 1981.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998.
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, December 1998.
[RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms
for IPv6 Hosts and Routers", RFC 4213, October 2005.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
September 2007.
Templin Expires July 24, 2014 [Page 21]
Internet-Draft AERO January 2014
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862, September 2007.
[RFC6434] Jankiewicz, E., Loughney, J., and T. Narten, "IPv6 Node
Requirements", RFC 6434, December 2011.
8.2. Informative References
[IRON] Templin, F., "The Internet Routing Overlay Network
(IRON)", Work in Progress, June 2012.
[RFC0879] Postel, J., "TCP maximum segment size and related topics",
RFC 879, November 1983.
[RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4
Domains without Explicit Tunnels", RFC 2529, March 1999.
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic
Host Configuration Protocol (DHCP) version 6", RFC 3633,
December 2003.
[RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
Neighbor Discovery (SEND)", RFC 3971, March 2005.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005.
[RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU
Discovery", RFC 4821, March 2007.
[RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site
Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214,
March 2008.
[RFC5569] Despres, R., "IPv6 Rapid Deployment on IPv4
Infrastructures (6rd)", RFC 5569, January 2010.
[RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O.
Troan, "Basic Requirements for IPv6 Customer Edge
Routers", RFC 6204, April 2011.
[RFC6691] Borman, D., "TCP Options and Maximum Segment Size (MSS)",
RFC 6691, July 2012.
Templin Expires July 24, 2014 [Page 22]
Internet-Draft AERO January 2014
[RFC6980] Gont, F., "Security Implications of IPv6 Fragmentation
with IPv6 Neighbor Discovery", RFC 6980, August 2013.
Appendix A. AERO Server and Relay Interworking
Figure 3 depicts a reference AERO operational scenario with a single
Server on the AERO link. In order to support scaling to larger
numbers of nodes, the AERO link can deploy multiple Servers and
Relays, e.g., as shown in Figure 7.
.-(::::::::)
.-(::: IPv6 :::)-.
(:: Internetwork ::)
`-(::::::::::::)-'
`-(::::::)-'
|
+--------------+ +------+-------+ +--------------+
|AERO Server C | | AERO Relay D | |AERO Server E |
| (default->D) | | (A->C; G->E) | | (default->D) |
| (A->B) | +-------+------+ | (G->F) |
+-------+------+ | +------+-------+
| | |
X---+---+-------------------+------------------+---+---X
| AERO Link |
+-----+--------+ +--------+-----+
|AERO Client B | |AERO Client F |
| (default->C) | | (default->E) |
+--------------+ +--------------+
.-. .-.
,-( _)-. ,-( _)-.
.-(_ IPv6 )-. .-(_ IPv6 )-.
(__ EUN ) (__ EUN )
`-(______)-' `-(______)-'
| |
+--------+ +--------+
| Host A | | Host G |
+--------+ +--------+
Figure 7: AERO Server/Relay Interworking
In this example, AERO Client ('B') associates with AERO Server ('C'),
while AERO Client ('F') associates with AERO Server ('E').
Furthermore, AERO Servers ('C') and ('E') do not associate with each
other directly, but rather have an association with AERO Relay ('D')
(i.e., a router that has full topology information concerning its
associated Servers and their Clients). Relay ('D') connects to the
AERO link, and also connects to the native IPv6 Internetwork.
Templin Expires July 24, 2014 [Page 23]
Internet-Draft AERO January 2014
When host ('A') sends a packet toward destination host ('G'), IPv6
forwarding directs the packet through the EUN to Client ('B'), which
forwards the packet to Server ('C') in absence of more-specific
forwarding information. Server ('C') forwards the packet, and it
also generates an AERO Predirect message that is then forwarded
through Relay ('D') to Server ('E'). When Server ('E') receives the
message, it forwards the message to Client ('F').
After processing the AERO Predirect message, Client ('F') sends an
AERO Redirect message to Server ('E'). Server ('E'), in turn,
forwards the message through Relay ('D') to Server ('C'). When
Server ('C') receives the message, it forwards the message to Client
('B') informing it that host 'G's EUN can be reached via Client
('F'), thus completing the AERO redirection.
The network layer routing information shared between Servers and
Relays must be carefully coordinated in a manner outside the scope of
this document. In particular, Relays require full topology
information, while individual Servers only require partial topology
information (i.e., they only need to know the EUN prefixes associated
with their current set of Clients). See [IRON] for an architectural
discussion of routing coordination between Relays and Servers.
Author's Address
Fred L. Templin (editor)
Boeing Research & Technology
P.O. Box 3707
Seattle, WA 98124
USA
Email: fltemplin@acm.org
Templin Expires July 24, 2014 [Page 24]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/