TOC |
|
The Internet will need to support IPv4 and IPv6 packets. Both address families and their attendent protocol suites support multicast of the single-source and any-source varieties. As part of the transition to IPv6, there will be scenarios where a backbone network running one IP address family internally (referred to as internal IP or I-IP) will provide transit services to attached client networks running another IP address family (referred to as external IP or E-IP). It is expected that the I-IP backbone will offer unicast and multicast transit services to the client E-IP networks.
Softwires Mesh is a solution for supporting E-IP unicast and multicast across an I-IP backbone. This document describes the mechanisms for suppporting Internet -style multicast across a set of E-IP and I-IP networks supporting softwires mesh.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
This Internet-Draft will expire on April 21, 2011.
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
1.
Introduction
2.
Terminology
3.
Scenarios of Interest
3.1.
IPv6-over-IPv4
3.2.
IPv4-over-IPv6
4.
IPv4-over-IPv6
4.1.
Mechanism
4.2.
Group Address Mapping
4.3.
Actions performed by AFBR
5.
IPv6-over-IPv4
5.1.
Discussion
5.2.
I-IP IPv4 Address Limitations
5.3.
E-IP IPv6 Addressing
5.4.
Aggregation or Compression
5.5.
AFBR Signaling
6.
Summary
7.
Security Considerations
8.
IANA Considerations
9.
References
9.1.
Normative References
9.2.
Informative References
§
Authors' Addresses
TOC |
The Internet will need to support IPv4 and IPv6 packets. Both address families and their attendent protocol suites support multicast of the single-source and any-source varieties. As part of the transition to IPv6, there will be scenarios where a backbone network running one IP address family internally (referred to as internal IP or I-IP) will provide transit services to attached client networks running another IP address family (referred to as external IP or E-IP).
The preferred solution is to leverage the multicast functions, inherent in the I-IP backbone, to efficiently and scalably tunnel encapsulated client E-IP multicast packets inside an I-IP core tree rooted at one or more ingress AFBR nodes and branching out to one or more egress AFBR leaf nodes.
[6] (Li, X., Dawkins, S., Ward, D., and A. Durand, “Softwire Problem Statement,” July 2007.) outlines the requirements for the softwires mesh scenario including multicast. It is straightforward to envisage that client E-IP multicast sources and receivers will reside in different client E-IP networks connected to an I-IP backbone network. This requires that the client E-IP source-rooted or shared tree will need to traverse the I-IP backbone network.
One method to accomplish this is to re-use the multicast VPN approach outlined in [10] (Aggarwal, R., Bandi, S., Cai, Y., Morin, T., Rekhter, Y., Rosen, E., Wijnands, I., and S. Yasukawa, “Multicast in MPLS/BGP IP VPNs,” January 2010.). MVPN-like schemes can support the softwire mesh scenario and achieve a "many-to-one" mapping between the E-IP client multicast trees and transit core multicast trees. The advantage of this approach is that the number of trees in the I-IP backbone network scales less than linearly with the number of E-IP client trees. Corporate enterprise networks and by extension multicast VPNs have been known to run applications that create a large amount of (S,G) states. Aggregation at the edge contains the (S,G) states that need to be maintained by the network operator supporting the customer VPNs. The disadvantage of this approach is possible inefficient bandwidth and resource utilization if multicast packets are delivered to a receiver AFBR with no attached E-IP receiver.
Internet-style multicast is a somewhat different in that the trees tends to be relatively sparse and source-rooted. The need for multicast aggregation at the edge (where many customer multicast trees are mapped into a few or one backbone multicast trees) does not exist and to date has not been identified. Thus the need for a basic or closer alignment with E-IP and I-IP multicast procedures emerges.
A framework on how to support such methods discribed in [8] (Wu, J., Cui, Y., Metz, C., and E. Rosen, “Softwire Mesh Framework,” June 2009.). In this document, a more detailed discussion supporting the "one-to-one" mapping schemes for the IPv6 over IPv4 and IPv4 over IPv6 scenarios will be discussed.
TOC |
An example of a softwire mesh network supporting multicast is illustrated in Figure 1. A multicast source S is located in one E-IP client network, while candidate E-IP group receivers are located in the same or different E-IP client networks that all share a common I-IP transit network. When E-IP sources and receivers are not local to each other, they can only communicate with each other through the I-IP core. There may be several E-IP sources for some multicast group residing in different client E-IP networks. In the case of shared trees, the E-IP sources, receivers and RPs might be located in different client E-IP networks. In the simple case the resources of the I-IP core are managed by a single operator although the inter-provider case is not precluded.
._._._._. ._._._._. | | | | -------- | E-IP | | E-IP |--|Source S| | network | | network | -------- ._._._._. ._._._._. | | AFBR upstream AFBR | | __+____________________+__ / : : : : \ | : : : : | E-IP Multicast | : I-IP transit core : | message should | : : : : | get across the | : : : : | I-IP transit core \_._._._._._._._._._._._._./ + + downstream AFBR downstream AFBR | | ._._._._ ._._._._ -------- | | | | -------- |Receiver|-- | E-IP | | E-IP |--|Receiver| -------- |network | |network | -------- ._._._._ ._._._._
Figure 1: Softwire Mesh Multicast Framework
Terminology used in this document:
o Address Family Border Router (AFBR) - A dual-stack router interconnecting two or more networks using different IP address families. In the context of softwires mesh multicast, the AFBR runs E-IP and I-IP control planes to maintain E-IP and I-IP multicast state respectively and performs the appropriate encapsulation/decapsulation client E-IP multicast packets for transport across the I-IP core. An AFBR will can act as a source and/or receiver in an I-IP multicast tree.
o Upstream AFBR: The AFBR routers that are located at the upstream of multicast data flow.
o Downstream AFBR: The AFBR routers that are located at the downstream of multicast data flow.
o I-IP (Internal IP). This refers to the form of IP (i.e., either IPv4 or IPv6) that is supported by the transit (or backbone) network.
o E-IP (External IP) This refers to the form of IP (i.e. either IPv4 or IPv6) that is supported by the client network(s) attached to the I-IP transit core. An E-IPv6 client network runs IPv6 and an E-IPv4 client network runs IPv4.
o I-IP core tree. A single-source or multi-source distribution tree rooted at one or more AFBR source nodes and branching out to one or more AFBR leaf nodes. An I-IP core Tree is built using standard IP or MPLS multicast signaling protocols operating exclusively inside the I-IP core network. An I-IP core Tree is used to tunnel E-IP multicast packets belonging to E-IP trees across the I-IP core. Another name for an I-IP core Tree is multicast or multipoint softwire. An I-IPv6 core network runs IPv6 and an I-IPv4 core network runs IPv4.
o E-IP client tree. A single-source or multi-source distribution tree rooted at one or more hosts or routers located inside a client E-IP network and branching out to one or more leaf nodes located in the same or different client E-IP networks.
TOC |
This section describes the two different scenarios where softwires mesh multicast will apply.
TOC |
._._._._. ._._._._. | IPv6 | | IPv6 | -------- | Client | | Client |--|Source S| | network | | network | -------- ._._._._. ._._._._. | | AFBR upstream AFBR | | __+____________________+__ / : : : : \ | : : : : | | : IPv4 transit core : | | : : : : | | : : : : | \_._._._._._._._._._._._._./ + + downstream AFBR downstream AFBR | | ._._._._ ._._._._ -------- | IPv6 | | IPv6 | -------- |Receiver|-- | Client | | Client |--|Receiver| -------- |network | | network| -------- ._._._._ ._._._._
Figure 2: IPv6-over-IPv4 Scenario
In this scenario, the E-IP Client Networks run IPv6 while the I-IP core runs IPv4 and is illustrated in Figure 2.
IPv6 multicast group addresses are longer than IPv4 multicast group addresses. It will not be possible to perform an algorithmic IPv6 - to - IPv4 address mapping without the risk of multiple IPv6 group addresses mapped to the same IPv4 address resulting in unnecessary bandwidth and resource consumption. Therefore additional effort in the form of inter-AFBR signaling will be required to ensure client E-IPv6 multicast packets are injected into the correct I-IPv4 multicast trees at the AFBRs. This clear mismatch in IPv6 and IPv4 group address lengths means that it will not be possible to perform a "one to one" mapping between IPv6 and IPv4 group addresses unless the IPv6 group address is scoped.
As mentioned earlier this scenario is common the MVPN environment. As native IPv6 deployments and multicast applications emerge from the outer reaches of the greater public IPv4 Internet, it is envisaged that the IPv6 over IPv4 softwires mesh multicast scenario will be a necessary feature supported by networks operators.
TOC |
._._._._. ._._._._. | IPv4 | | IPv4 | -------- | Client | | Client |--|Source S| | network | | network | -------- ._._._._. ._._._._. | | AFBR upstream AFBR(A) | | __+____________________+__ / : : : : \ | : : : : | | : IPv6 transit core : | | : : : : | | : : : : | \_._._._._._._._._._._._._./ + + downstream AFBR(C) downstream AFBR(D) | | ._._._._ ._._._._ -------- | IPv4 | | IPv4 | -------- |Receiver|-- | Client | | Client |--|Receiver| -------- |network | | network| -------- ._._._._ ._._._._
Figure 3: IPv4-over-IPv6 Scenario
In this scenario, the E-IP client networks run IPv4 and I-IP core runs IPv6. This scenario is illustrated in Figure 3.
Because of the much larger IPv6 group address space, it will not be a problem to map individual client E-IPv4 trees to a specific I-IPv6 core tree. This simplifies operations on the AFBR because it becomes possible to algorithmically map an IPv4 group/source address to an IPv6 group/source address and vice-versa.
The IPv4-over-IPv6 scenario is an emerging requirement as network operators build out native IPv6 backbone networks. These networks naturally will support native IPv6 services and applications but it is with near 100% certainty that legacy IPv4 networks handling unicast and multicast will need to be accomodated.
TOC |
TOC |
Routers in the client E-IPv4 networks contain routes to all other client E-IPv4 networks. Through the set of known and deployed mechanisms, E-IPv4 hosts and routers have discovered or learned of (S,G) or (*,G) IPv4 addresses. Any I-IP multicast state instantiated in the core is referred to as (S',G') or (*,G') and is of course separate from E-IP multicast state.
Suppose a downstream AFBR D receives an E-IPv4 PIM Join/Prune message from the E-IPv4 network for either an (S,G) tree or a (*,G) tree. The AFBR D router can translate the E-IPv4 PIMv4 message into an I-IPv6 PIMv6 message with the latter being directed towards I-IP IPv6 address of the upstream AFBR. When the I-IPv6 PIM message arrives at the upstream AFBR A, it should translate the message back into an E-IPv4 PIM message. The result of these actions is the construction of E-IPv4 tree with (S,G) or (*,G) state deposited in the E-IP networks and an I-IP trees with (S',G') or (*,G') contained in the I-IP network.
In this case it is incumbent upon the AFBR routers to perform PIM signaling message conversions in the control plane and IP group address conversions or mappings in the data plane. It becomes possible to devise an algorithmic IPv4-to-IPv6 group mapping at AFBR. AFBR A can translate the IPv4 source address S into the corresponding IPv4-mapped IPv6 address, and then B can translate it back. A proposed group address mapping is described in the next section.
Note that the I-IPv6 core routers do not contain E-IPv4 routes. To ensure that PIMv6 join messages can reach the correct AFBR router leading to E-IPv4 source network, the RPF Vector [7] (Wijnands, IJ., Boers, A., and E. Rosen, “The Reverse Path Forwarding (RPF) Vector TLV,” March 2009.) is appended to the PIMv6 message on its ways to the AFBR.
TOC |
For IPv4-over-IPv6 scenario, an simple algorithmic mapping between IPv4 multicast group addresses and IPv6 group addresses is supported. One possibility is to prepend the operator's IPv6 prefix to the IPv4 address when mapping an E-IP address to an I-IP address, just like figure 8 shows.
0 8 16 96 127 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ |FF XX| ISP Assigned Prefix | v4 address| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
Figure 8: Mapping IPv4 to IPv6 group address
The first two octets identify the the IPv6 multicast address format described in [3] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” July 1998.). The following 10 octets are assigned by the network operator and the last 4 octets are the IPv4 address.
Additional group address mapping options will be provided in the next version of this draft.
TOC |
The following actions are performed by the AFBR
Details of these procedures will be outlined in the next version of this document.
TOC |
TOC |
Routers in the client E-IPv6 networks contain routes to all other client E-IPv6 networks. Through the set of known and deployed mechanisms, E-IPv6 hosts and routers have discovered or learned of (S,G) or (*,G) IPv6 addresses. Any I-IP multicast state instantiated in the core is referred to as (S',G') or (*,G') and is of course separate from E-IP multicast state.
This particular scenario introduces unique challenges. Unlike the IPv4-over-IPv6 scenario, it’s impossible to map all of the IPv6 multicast address space into the IPv4 address space to address the one-to-one Softwire Multicast requirement. There are however a number of approaches to either reduce the scope of the one-to-one requirement or to provide minimal aggregation as a compromise. These can be explored in greater detail and articulated in future drafts for consideration of the Softwire Multicast solution by the working group. Simple examples of these follow as discussion items for this work in progress.
TOC |
We must first consider what range of I-IP IPv4 multicast addresses are available for the IPv6-over-IPv4 mapping. If the I-IP provider is also using IPv4 multicast for other services then the entire 224/4 address range will not be available. Additionally, the 239/8 scoped range may also be used for other services limiting the available addresses for Softwire Multicast even further. These limitations need to be addressed in any Softwire Mesh Multicast IPv6-over-IPv4 solution.
TOC |
The multicast address range of E-IP IPv6 can be reduced in a number of ways to limit the scope of addresses that need to be mapped into the I-IP IPv4 space. The high order bits of the IPv6 address range may be discarded for mapping purposes. Additional bit may also be reduced if the agreed solution limits the E-IP IPv6 multicast addresses available for Softwire Multicast.
TOC |
It will be necessary in this use-case to support a non - "one-to-one" mapping of E-IPv6 to I-IPv4 trees. This could take the form of address aggregation or address compression using an agreed upon hashing mechanism. In both cases there may be a requirement for an AFBR signaling mechanism to communicate the mapping function and the group of interest between E-IP sites.
TOC |
Specific signaling procedures and examples will be included in the next version of this document.
]
TOC |
There are two scenarios applicable to softwires mesh multicast: IPv4-over-IPv6 and IPv6-over-IPv4. In the former senario, one-to-one group address mapping and PIM signaling conversion can be realized.
The latter scenario introduces several challenges relatd to group address constraints, AFBR signaling and the potential need for aggregation at the edge.
TOC |
The AFBR routers could maintain secure communications through the use of Security Architecture for the Internet Protocol as described in[RFC4301]. But when adopting some schemes that will cause heavy burden on routers, some attacker may use it as a tool for DDoS attack.
TOC |
For Inter-AFBR signaling, address mapping is applied, and it should follow some predefined rule, especially the format of IPv6 prefix for address mapping should be predefined, so that ingress AFBR and egress AFBR can finish the mapping procedure correctly. The format of IPv6 prefix for translation can be unified within only the transit core, or within global area. In the later condition, the format should be assigned by IANA.
TOC |
TOC |
[1] | Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina, “Generic Routing Encapsulation (GRE),” RFC 2784, March 2000 (TXT). |
[2] | Foster, B. and F. Andreasen, “Media Gateway Control Protocol (MGCP) Redirect and Reset Package,” RFC 3991, February 2005 (TXT). |
[3] | Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” RFC 2373, July 1998 (TXT, HTML, XML). |
[4] | Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” RFC 4291, February 2006 (TXT). |
[5] | Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas, “Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised),” RFC 4601, August 2006 (TXT, PDF). |
[6] | Li, X., Dawkins, S., Ward, D., and A. Durand, “Softwire Problem Statement,” RFC 4925, July 2007 (TXT). |
[7] | Wijnands, IJ., Boers, A., and E. Rosen, “The Reverse Path Forwarding (RPF) Vector TLV,” RFC 5496, March 2009 (TXT). |
[8] | Wu, J., Cui, Y., Metz, C., and E. Rosen, “Softwire Mesh Framework,” RFC 5565, June 2009 (TXT). |
TOC |
[9] | Wijnands, I., Boers, A., and E. Rosen, “The RPF Vector TLV,” draft-ietf-pim-rpf-vector-08 (work in progress), January 2009 (TXT). |
[10] | Aggarwal, R., Bandi, S., Cai, Y., Morin, T., Rekhter, Y., Rosen, E., Wijnands, I., and S. Yasukawa, “Multicast in MPLS/BGP IP VPNs,” draft-ietf-l3vpn-2547bis-mcast-10 (work in progress), January 2010 (TXT). |
[11] | Metz, C., Cui, Y., and M. Xu, “Softwires Mesh Multicast Problem Statement,” draft-metz-softwires-multicast-problem-statement-00 (work in progress), February 2008 (TXT). |
TOC |
Mingwei Xu | |
Tsinghua University | |
Department of Computer Science, Tsinghua University | |
Beijing 100084 | |
P.R.China | |
Phone: | +86-10-6278-5822 |
Email: | xmw@cernet.edu.cn |
Yong Cui | |
Tsinghua University | |
Department of Computer Science, Tsinghua University | |
Beijing 100084 | |
P.R.China | |
Phone: | +86-10-6278-5822 |
Email: | cuiyong@tsinghua.edu.cn |
Shu Yang | |
Tsinghua University | |
Department of Computer Science, Tsinghua University | |
Beijing 100084 | |
P.R.China | |
Phone: | +86-10-6278-5822 |
Email: | yangshu1988@gmail.com |
Chris Metz | |
Cisco Systems | |
170 West Tasman Drive | |
San Jose, California 95134-1706 | |
USA | |
Phone: | +1-408-525-3275 |
Email: | chmetz@cisco.com |
Greg Shepherd | |
Cisco Systems | |
170 West Tasman Drive | |
San Jose, California 95134 | |
USA | |
Phone: | +1-541-912-9758 |
Email: | shep@cisco.com |