Internet-Draft | OHT | December 2023 |
Matsuhira | Expires 24 June 2024 | [Page] |
Network address translation technology has a convenient aspect, however, it has the side effect of breaking end-to-end transparency. This document proposes a technology that achieves both network address translation and end-to-end transparency. This technology may provide solutions for mobility, migration, multihoming, policy routing, etc.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 24 June 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
NAT [RFC1631] was devised as a short-term solution to the exhaustion of IPv4 addresses, and is placed at the boundary between a private network (Intranet) built using private addresses [RFC1597] and the Internet. Communication closed to the intranet is made possible by using private addresses. A global address is required only for hosts communicating with the Internet, and this is achieved by NAT performing address translation.This technology supported the expansion of the Intranets and the Internet.¶
After that, technology was developed that allows multiple hosts to share a single global IPv4 address. This technology is called NAPT (Network Address Port Translation). This technology was primarily used in SOHO (small office/home office) networks and supported the expansion of SOHO networks and the Internet.¶
On the other hand, 8+8/GSE [I-D.ietf-ipngwg-gseaddr] was proposed in the early stages of the IPv6 discussion. This proposal involves translating the prefix part of the IPv6 address. Therefore, it has the side effects of NAT. As a result, there was a lot of discussion. Note that this has nothing to do with IPv4 address exhaustion.¶
Furthermore, as for the transition technology from IPv4 to IPv6, technologies that involve address translation such as NAT-PT [RFC2766] were considered, but this is also a technology similar to NAT and has a lot of discussion.¶
End-to-end transparency can be maintained by encapsulating packets generated by the host and subjecting only the encapsulated outer IP header to address translation. That is, internal packets must not be translation.¶
Figure 1 shows encapsulation. IP Encapsulation within IP is described in RFC2003 [RFC2003].¶
Typically, the destination IP address in the outer header is the address of the tunnel endpoint. However, in this concept, the outer header is a copy of the inner header. If the outer header is not translated, the outer header remains the same as the internal header. After encapsulation, the outer header of the packet is subject to translate.¶
This section defines terminologies.¶
This section describes network configuration with OHT.¶
Figure 2 shows sample network configuration with OHT.¶
Typically, OHT is implemented in a router. Encapsulation and decoupling are also implemented in routers. However, other implementations are possible. For example, encapsulation and decapsulation may be implemented in the host.¶
Figure 3 shows possible IP protocol versions, i.e. IPv4 [RFC791] and IPv6 [RFC8200]combinations.¶
There are four combinations, and dealing with all of them would be complicated. Therefore, it would be good if the Outer IP Header could be limited to IPv6 only.¶
In this concept, the outer header is a copy of the inner header.¶
In this concept, the outer header is essentially a copy of the inner header. According to this, the possible combinations of IP protocol versions are IPv6 over IPv6 and IPv4 over IPv4. If it is assumed that it will be applied to an IPv6 only backbone, accommodation of IPv4 will be possible with IPv6 over IPv6 over IPv4. In this case, the IPv6 Addresses with Embedded IPv4 Addresses can be used as the IPv6 address in the internal IPv6 header.¶
If support for IPv4 private addresses, M46A [I-D.matsuhira-m46a] might be useful.¶
Figure 4 shows the structure of OHT table.¶
The table may contain Traffic Class and Flow Label.¶
Figure 5 shows possible address type [RFC4291] combinations for outer header destination addresses and inner header destination addresses are shown.¶
OHT provides solutions for mobility, migration, multi-homing, policy routing, service function chaining, etc. More details will be provided in the future versions.¶
This document makes no request of IANA.¶
Note to RFC Editor: this section may be removed on publication as an RFC.¶
IPsec for internal packets works because internal packets are forwarded unchanged.¶
It may be listed in the future.¶