Network Working Group O. Troan Internet-Draft cisco Intended status: Standards Track S. Matsushima Expires: August 2, 2012 SoftBank Telecom T. Murakami IP Infusion X. Li C. Bao CERNET Center/Tsinghua University January 30, 2012 Mapping of Address and Port (MAP) draft-mdt-softwire-mapping-address-and-port-03 Abstract This document describes a generic mechanism for mapping between IPv4 addresses and IPv6 addresses and transport layer ports. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 2, 2012. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect Troan, et al. Expires August 2, 2012 [Page 1] Internet-Draft MAP January 2012 to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. Mapping Rules . . . . . . . . . . . . . . . . . . . . . . . . 7 5.1. Port mapping algorithm . . . . . . . . . . . . . . . . . . 8 5.1.1. Bit Representation of the Algorithm . . . . . . . . . 9 5.1.2. GMA examples . . . . . . . . . . . . . . . . . . . . . 9 5.1.3. GMA Provisioning Considerations . . . . . . . . . . . 10 5.2. Basic mapping rule (BMR) . . . . . . . . . . . . . . . . . 10 5.3. Forwarding mapping rule (FMR) . . . . . . . . . . . . . . 13 5.4. Default mapping rule (DMR) . . . . . . . . . . . . . . . . 14 6. The IPv6 Interface Identifier . . . . . . . . . . . . . . . . 15 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 8. Security Considerations . . . . . . . . . . . . . . . . . . . 16 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 16 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 11.1. Normative References . . . . . . . . . . . . . . . . . . . 17 11.2. Informative References . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 Troan, et al. Expires August 2, 2012 [Page 2] Internet-Draft MAP January 2012 1. Introduction The mechanism of mapping IPv4 addresses in IPv6 addresses has been described in numerous mechanisms dating back to 1996 [RFC1933]. The Automatic tunneling mechanism described in RFC1933, assigned a globally unique IPv6 address to a host by combining the host's IPv4 address with a well-known IPv6 prefix. Given an IPv6 packet with a destination address with an embedded IPv4 address, a node could automatically tunnel this packet by extracting the IPv4 tunnel end- point address from the IPv6 destination address. There are numerous variations of this idea, described in 6over4 [RFC2529], 6to4 [RFC3056], ISATAP [RFC5214], and 6rd [RFC5969]. The differences between these are the use of well-known IPv6 prefixes, or Service Provider assigned IPv6 prefixes, and the position of the embedded IPv4 bits in the IPv6 address. Teredo [RFC4380] added a twist to this to achieve NAT traversal by also encoding transport layer ports into the IPv6 address. 6rd, to achieve more efficient encoding, allowed for only the suffix of an IPv4 address to be embedded, with the IPv4 prefix being deduced from other provisioning mechanisms. NAT-PT [RFC2766](deprecated) combined with a DNS ALG used address mapping to put NAT state, namely the IPv6 to IPv4 binding encoded in an IPv6 address. This characteristic has been inherited by NAT64 [RFC6146] and DNS64 [RFC6147] which rely on an address format defined in [RFC6052]. [RFC6052] specifies the algorithmic translation of an IPv6 address to IPv4 address. In particular, [RFC6052] specifies the address format to build IPv4-converted and IPv4-translatable IPv6 addresses. RFC6052 discusses the transport of the port-set information in an IPv4-embedded IPv6 address but the conclusion was the following (excerpt from [RFC6052]): "There have been proposals to complement stateless translation with a port range feature. Instead of mapping an IPv4 address to exactly one IPv6 prefix, the options would allow several IPv6 nodes to share an IPv4 address, with each node managing a different set of ports. If a port-set extension is needed, it could be defined later, using bits currently reserved as null in the suffix." The commonalities of all these IPv6 over IPv4 mechanisms are: o Automatically provisions an IPv6 address for a host or an IPv6 prefix for a site o Algorithmic or implicit address resolution for tunneling or encapsulation. Given an IPv6 destination address, an IPv4 tunnel endpoint address can be calculated. Likewise for translation, an Troan, et al. Expires August 2, 2012 [Page 3] Internet-Draft MAP January 2012 IPv4 address can be calculated from an IPv6 destination address and vice versa. o Embedding of an IPv4 address or part thereof and optionally transport layer ports into an IPv6 address. In phases of IPv4 to IPv6 migration, IPv6 only networks will be common, while there will still be a need for residual IPv4 deployment. This document describes a more generic mapping of IPv4 to IPv6 that can be used both for encapsulation (IPv4 over IPv6) and for translation between the two protocols. Just as the IPv6 over IPv4 mechanisms referred to above, the residual IPv4 over IPv6 mechanisms must be capable of: o Provisioning an IPv4 prefix, an IPv4 address or a shared IPv4 address. o Algorithmically map between an IPv4 prefix, IPv4 address or a shared IPv4 address and an IPv6 address. The unified mapping scheme described here supports translation mode, encapsulation mode, in both mesh and hub and spoke topologies. This document describes delivery of IPv4 unicast service across an IPv6 infrastructure. IPv4 multicast is not considered further in this document. The A+P (Address and Port) architecture of sharing an IPv4 address by distributing the port space is described in [RFC6346]. Specifically section 4 of [RFC6346] covers stateless mapping. The corresponding stateful solution DS-lite is described in [RFC6333]. The motivation for work is described in [I-D.ietf-softwire-stateless-4v6-motivation]. A companion document defines a DHCPv6 option for provisioning of MAP [I-D.mdt-softwire-map-dhcp-option]. Deployment considerations are described in [I-D.mdt-softwire-map-deployment]. 2. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Troan, et al. Expires August 2, 2012 [Page 4] Internet-Draft MAP January 2012 3. Terminology MAP domain: A set of MAP CEs and BRs connected to the same virtual link. A service provider may deploy a single MAP domain, or may utilize multiple MAP domains. MAP Rule A set of parameters describing the mapping between an IPv4 prefix, IPv4 address or shared IPv4 address and an IPv6 prefix or address. Each MAP node in the domain has the same set of rules. MAP node A device that implements MAP. MAP Border Relay (BR): A MAP enabled router managed by the service provider at the edge of a MAP domain. A Border Relay router has at least an IPv6-enabled interface and an IPv4 interface connected to the native IPv4 network. A MAP BR may also be referred to simply as a "BR" within the context of MAP. MAP Customer Edge (CE): A device functioning as a Customer Edge router in a MAP deployment. A typical MAP CE adopting MAP rules will serve a residential site with one WAN side interface, and one or more LAN side interfaces. A MAP CE may also be referred to simply as a "CE" within the context of MAP. Port-set: Each node has a separate part of the transport layer port space; denoted as a port-set. Port-set ID (PSID): Algorithmically identifies a set of ports exclusively assigned to the CE. Shared IPv4 address: An IPv4 address that is shared among multiple CEs. Only ports that belong to the assigned port-set can be used for communication. Also known as a Port-Restricted IPv4 address. End-user IPv6 prefix: The IPv6 prefix assigned to an End-user CE by other means than MAP itself. E.g. provisioned using DHCPv6 PD [RFC3633] or configured manually. It is unique for each CE. Troan, et al. Expires August 2, 2012 [Page 5] Internet-Draft MAP January 2012 MAP IPv6 address: The IPv6 address used to reach the MAP function of a CE from other CE's and from BR's. Rule IPv6 prefix: An IPv6 prefix assigned by a Service Provider for a mapping rule. Rule IPv4 prefix: An IPv4 prefix assigned by a Service Provider for a mapping rule. IPv4 Embedded Address (EA) bits: The IPv4 EA-bits in the IPv6 address identify an IPv4 prefix/address (or part thereof) or a shared IPv4 address (or part thereof) and a port-set identifier. MRT: MAP Rule table. Address and Port aware datastructure, supporting longest match lookups. The MRT is used by the MAP forwarding function. 4. Architecture A full IPv4 address or IPv4 prefix can be used like today, e.g. for identifying an interface or as a DHCP pool. A shared IPv4 address on the other hand, MUST NOT be used to identify an interface. While it is theoretically possible to make host stacks and applications port- aware, that is considered a too drastic change to the IP model [RFC6250]. The MAP architecture described here, restricts the use of the shared IPv4 address to only be used as the global address (outside) of the NAPT [RFC2663] running on the CE. The NAPT MUST in turn be connected to a MAP aware forwarding function, that does encapsulation/ decapsulation or translation to IPv6. For packets outbound from the private IPv4 network, the CE NAPT MUST translate transport identifiers (e.g. TCP and UDP port numbers) so that they fall within the assigned CE's port-range. The forwarding function uses the MRT to make forwarding decisions. The table consist of the mapping rules. An entry in the table consists of an IPv4 prefix and PSID. The normal best matching prefix algorithm is used. With a maximum key length of 48 (32 + 16). E.g. with a sharing ratio of 64 (6 bit PSID length) a host route for this CE would be a /38 (32 + 6). Troan, et al. Expires August 2, 2012 [Page 6] Internet-Draft MAP January 2012 5. Mapping Rules A MAP node is provisioned with one or more mapping rules. Mapping rules are used differently depending on their function. Every MAP node must be provisioned with a Basic mapping rule. This is used by the node to configure itself with an IPv4 address, IPv4 prefix or shared IPv4 address from an End-user IPv6 prefix. This same basic rule can also be used for forwarding, where an IPv4 destination address and optionally a destination port is mapped into an IPv6 address or prefix. Additional mapping rules can be specified to allow for e.g. multiple different IPv4 subnets to exist within the domain. Additional mapping rules are recognized by having a Rule IPv6 prefix different from the base End-user IPv6 prefix. Traffic outside of the domain (IPv4 address not matching (using longest matching prefix) any Rule IPv4 prefix in the Rules database) will be forward using the Default mapping rule. The Default mapping rule maps outside destinations to the BR's IPv6 address or prefix. There are three types of mapping rules: 1. Basic Mapping Rule - used for IPv4 prefix, address or port set assignment. There can only be one Basic Mapping Rule per End- user IPv6 prefix. The Basic Mapping Rule is used to configure the MAP IPv6 address or prefix. * Rule IPv6 prefix (including prefix length) * Rule IPv4 prefix (including prefix length) * Rule EA-bits length (in bits) * Rule Port Parameters (optional) 2. Forwarding Mapping Rule - used for forwarding. The Basic Mapping Rule is also a Forwarding Mapping Rule. Each Forwarding Mapping Rule will result in an entry in the MRT for the Rule IPv4 prefix. * Rule IPv6 prefix (including prefix length) * Rule IPv4 prefix (including prefix length) * Rule EA-bits length (in bits) * Rule Port Parameters (optional) Troan, et al. Expires August 2, 2012 [Page 7] Internet-Draft MAP January 2012 3. Default Mapping Rule - used for destinations outside the MAP domain. A 0.0.0.0/0 entry is installed in the MRT for this rule. * Rule IPv6 prefix (including prefix length) * Rule BR IPv4 address A MAP node finds its Basic Mapping Rule by doing a longest match between the End-user IPv6 prefix and the Rule IPv6 prefix in the Mapping Rule database. The rule is then used for IPv4 prefix, address or shared address assignment. A MAP IPv6 address (or prefix) is formed from the BMR Rule IPv6 prefix. This address MUST be assigned to an interface of the MAP node and is used to terminate all MAP traffic being sent or received to the node. Port-aware IPv4 entries in the MRT are installed for all the Forwarding Mapping Rules and an IPv4 default route for the Default Mapping Rule. In hub and spoke mode, all traffic MUST be forwarded using the Default Mapping Rule. 5.1. Port mapping algorithm Different Port-Set Identifiers (PSID) MUST have non-overlapping port- sets. The two extreme cases are: (1) the port numbers are not contiguous for each PSID, but uniformly distributed across the port range (0-65535); (2) the port numbers are contiguous in a single range for each PSID. The port mapping algorithm proposed here is called the Generalized Modulus Algorithm (GMA) and supports both these cases. For a given sharing ratio (R) and the maximum number of contiguous ports (M), the GMA algorithm is defined as: 1. The port number (P) of a given PSID (K) is composed of: P = R * M * j + M * K + i Where: * PSID: K = 0 to R - 1 * Port range index: j = (4096 / M) / R to ((65536 / M) / R) - 1, if the port numbers (0 - 4095) are excluded. Troan, et al. Expires August 2, 2012 [Page 8] Internet-Draft MAP January 2012 * Contiguous Port index: i = 0 to M - 1 2. The PSID (K) of a given port number (P) is determined by: K = (floor(P/M)) % R Where: * % is the modulus operator * floor(arg) is a function that returns the largest integer not greater than arg. 5.1.1. Bit Representation of the Algorithm Given a sharing ratio (R=2^k), the maximum number of contiguous ports (M=2^m), for any PSID (K) and available ports (P) can be represented as: 0 8 15 +---------------+----------+------+-------------------+ | P | ----------------+-----------------+-------------------+ | A (j) | PSID (K) | M (i) | +---------------+----------+------+-------------------+ |<----a bits--->|<-----k bits---->|<------m bits----->| Figure 1: Bit representation Where j and i are the same indexes defined in the port mapping algorithm. For any port number, the PSID can be obtained by bit mask operation. For a > 0, j MUST be larger than 0. This ensures that the algorithm excludes the system ports ([I-D.ietf-tsvwg-iana-ports]). For a = 0, j MAY be 0 to allow for the provisioning of the system ports. 5.1.2. GMA examples Troan, et al. Expires August 2, 2012 [Page 9] Internet-Draft MAP January 2012 For example, for R = 1024, PSID offset: a = 4 and PSID length: k = 10 bits Port-set-1 Port-set-2 PSID=0 | 4096, 4097, 4098, 4099, | 8192, 8193, 8194, 8195, | ... PSID=1 | 4100, 4101, 4102, 4103, | 8196, 8197, 8198, 8199, | ... PSID=2 | 4104, 4105, 4106, 4107, | 8200, 8201, 8202, 8203, | ... PSID=3 | 4108, 4109, 4110, 4111, | 8204, 8205, 8206, 8207, | ... ... PSID=1023| 8188, 8189, 8190, 8191, | 12284, 12285, 12286, 12287,| ... Example 1: with offset = 4 (a = 4) For example, for R = 64, a = 0 (PSID offset = 0 and PSID length = 6 bits): Port-set PSID=0 | [ 0 - 1023] PSID=1 | [1024 - 2047] PSID=2 | [2048 - 3071] PSID=3 | [3072 - 4095] ... PSID=63 | [64512 - 65535] Example 2: with offset = 0 (a = 0) 5.1.3. GMA Provisioning Considerations The number of offset bits (a) and excluded ports are optionally provisioned via the "Rule Port Mapping Parameters" in the Basic Mapping Rule. The defaults are: o Excluded ports : 0-4095 o Offset bits (a) : 4 To simplify the GMA port mapping algorithm the defaults are chosen so that the PSID field starts on a nibble boundary and the excluded port range (0-1023) is extended to 0-4095. 5.2. Basic mapping rule (BMR) Troan, et al. Expires August 2, 2012 [Page 10] Internet-Draft MAP January 2012 | n bits | o bits | m bits | 128-n-o-m bits | +--------------------+-----------+---------+------------+----------+ | Rule IPv6 prefix | EA bits |subnet ID| interface ID | +--------------------+-----------+---------+-----------------------+ |<--- End-user IPv6 prefix --->| Figure 2: IPv6 address format The Embedded Address bits (EA bits) are unique per end user within a Rule IPv6 prefix. The Rule IPv6 prefix is the part of the End-user IPv6 prefix that is common among all CEs using the same Basic Mapping Rule within the MAP domain. The EA bits encode the CE specific IPv4 address and port information. The EA bits can contain a full or part of an IPv4 prefix or address, and in the shared IPv4 address case contains a Port-Set Identifier (PSID). The MAP IPv6 address is created by concatenating the End-user IPv6 prefix with the MAP subnet-id and the interface-id as specified in Section 6. The MAP subnet ID is defined to be the first subnet (all bits set to zero). A MAP node MUST reserve the first IPv6 prefix in a End-user IPv6 prefix for the purpose of MAP. Shared IPv4 address: | r bits | p bits | | q bits | +-------------+---------------------+ +------------+ | Rule IPv4 | IPv4 Address suffix | |Port-Set ID | +-------------+---------------------+ +------------+ | 32 bits | Figure 3: Shared IPv4 address Complete IPv4 address: | r bits | p bits | +-------------+---------------------+ | Rule IPv4 | IPv4 Address suffix | +-------------+---------------------+ | 32 bits | Figure 4: Complete IPv4 address Troan, et al. Expires August 2, 2012 [Page 11] Internet-Draft MAP January 2012 IPv4 prefix: | r bits | p bits | +-------------+---------------------+ | Rule IPv4 | IPv4 Address suffix | +-------------+---------------------+ | < 32 bits | Figure 5: IPv4 prefix The length of r MAY be zero, in which case the complete IPv4 address or prefix is encoded in the EA bits. If only a part of the IPv4 address/prefix is encoded in the EA bits, the Rule IPv4 prefix is provisioned to the CE by other means (e.g. a DHCPv6 option). To create a complete IPv4 address (or prefix), the IPv4 address suffix (p) from the EA bits, are concatenated with the Rule IPv4 prefix (r bits). The offset of the EA bits field in the IPv6 address is equal to the BMR Rule IPv6 prefix length. The length of the EA bits field (o) is given by the BMR Rule EA-bits length. The sum of the Rule IPv6 Prefix length and the Rule EA-bits length MUST be less or equal than the End-user IPv6 prefix length. If o + r < 32 (length of the IPv4 address in bits), then an IPv4 prefix is assigned. If o + r is equal to 32, then a full IPv4 address is to be assigned. The address is created by concatenating the Rule IPv4 prefix and the EA-bits. If o + r is > 32, then a shared IPv4 address is to be assigned. The number of IPv4 address suffix bits (p) in the EA bits is given by 32 - r bits. The PSID bits are used to create a port-set. The length of the PSID bit field within EA bits is: o - p. In the following examples, only the suffix (last 8 bits) of the IPv4 address is embedded in the EA bits (r = 24), while the IPv4 prefix (first 24 bits) is given in the BMR Rule IPv4 prefix. Troan, et al. Expires August 2, 2012 [Page 12] Internet-Draft MAP January 2012 Example: Given: End-user IPv6 prefix: 2001:db8:0012:3400::/56 Basic Mapping Rule: {2001:db8:0000::/40 (Rule IPv6 prefix), 192.0.2.0/24 (Rule IPv4 prefix), 16 (Rule EA-bits length)} Sharing ratio: 256 (16 - (32 - 24) = 8. 2^8 = 256) PSID offset: 4 We get IPv4 address and port-set: EA bits offset: 40 IPv4 suffix bits (p): Length of IPv4 address (32) - IPv4 prefix length (24) = 8 IPv4 address: 192.0.2.18 PSID start: 40 + p = 40 + 8 = 48 PSID length: o - p = 16 (56 - 40) - 8 = 8 PSID: 0x34 Port-set-1: 4928, 4929, 4930, 4931, 4932, 4933, 4934, 4935, 4936, 4937, 4938, 4939, 4940, 4941, 4942, 4943 Port-set-2: 9024, 9025, 9026, 9027, 9028, 9029, 9030, 9031, 9032, 9033, 9034, 9035, 9036, 9037, 9038, 9039 ... Port-set-15: 62272, 62273, 62274, 62275, 62276, 62277, 62278, 62279, 62280, 62281, 62282, 62283, 62284, 62285, 62286, 62287, 5.3. Forwarding mapping rule (FMR) On adding an FMR rule, an IPv4 route is installed in the AP RIB for the Rule IPv4 prefix. On forwarding an IPv4 packet, a best matching prefix lookup is done in the IPv4 routing table and the correct FMR is chosen. Troan, et al. Expires August 2, 2012 [Page 13] Internet-Draft MAP January 2012 | 32 bits | | 16 bits | +--------------------------+ +-------------------+ | IPv4 destination address | | IPv4 dest port | +--------------------------+ +-------------------+ : : ___/ : | p bits | / q bits : +----------+ +------------+ |IPv4 sufx| |Port-Set ID | +----------+ +------------+ \ / ____/ ________/ \ : __/ _____/ \ : / / | n bits | o bits | m bits | 128-n-o-m bits | +--------------------+-----------+---------+------------+----------+ | Rule IPv6 prefix | EA bits |subnet ID| interface ID | +--------------------+-----------+---------+-----------------------+ |<--- End-user IPv6 prefix --->| Figure 6: Deriving of MAP IPv6 address Example: Given: IPv4 destination address: 192.0.2.18 IPv4 destination port: 9030 Forwarding Mapping Rule: {2001:db8:0000::/40 (Rule IPv6 prefix), 192.0.2.0/24 (Rule IPv4 prefix), 16 (Rule EA-bits length)} PSID offset: 4 We get IPv6 address: IPv4 suffix bits (p): 32 - 24 = 8 (18 (0x12)) PSID length: 8 PSID: 0x34 (9030 (0x2346)) EA bits: 0x1234 MAP IPv6 address: 2001:db8:0012:3400:00c0:0002:1200:3400 5.4. Default mapping rule (DMR) The Default Mapping rule is used to reach IPv4 destinations outside of the MAP domain. Traffic using this rule will be sent from a CE to a BR. The Rule IPv4 prefix in the DMR is: 0.0.0.0/0. The Rule IPv6 prefix is the IPv6 address or prefix of the BR. Which is used, is dependent on the mode used. For example translation requires that the IPv4 destination address is encoded in the BR IPv6 address, so only a Troan, et al. Expires August 2, 2012 [Page 14] Internet-Draft MAP January 2012 prefix is used in the DMR to allow for a generated interface identifier. For the encapsulation mode the Rule IPv6 prefix can be the full IPv6 address of the BR. There MUST be only one Default Mapping Rule within a MAP domain. Default Mapping Rule: {2001:db8:0001:0000:<interface-id>:/128 (Rule IPv6 prefix), 0.0.0.0/0 (Rule IPv4 prefix), 192.0.2.1 (BR IPv4 address)} Example 3: Default Mapping Rule In most implementations of a routing table, the next-hop address must be of the same address family as the prefix. To satisfy this requirement a BR IPv4 address is included in the rule. Giving a default route in the IPv4 routing table: 0.0.0.0 -> 192.0.2.1, MAP-Interface0 6. The IPv6 Interface Identifier The Interface identifier format is based on the format specified in section 2.2 of [RFC6052], with the added PSID format field. In an encapsulation solution, an IPv4 address and port is mapped to an IPv6 address. This is the address of the tunnel end point of the receiving MAP CE. For traffic outside the MAP domain, the IPv6 tunnel end point address is the IPv6 address of the BR. The interface-id used for all MAP nodes in the domain MUST be deterministic. When translating, the destination IPv4 address is translated into a corresponding IPv6 address. In the case of traffic outside of the MAP domain, it is translated to the BR's IPv6 prefix. For the BR to be able to reverse the translation, the full destination IPv4 address must be encoded in the IPv6 address. The same thing applies if an IPv4 prefix is encoded in the IPv6 address, then the reverse translator needs to know the full destination IPv4 address, which has to be encoded in the interface-id. The encoding of the full IPv4 address into the interface identifier, both for the source and destination IPv6 addresses have been shown to be useful for troubleshooting. Troan, et al. Expires August 2, 2012 [Page 15] Internet-Draft MAP January 2012 +--+---+---+---+---+---+---+---+---+ |PL| 8 16 24 32 40 48 56 | +--+---+---+---+---+---+---+---+---+ |64| u | IPv4 address | PSID | 0 | +--+---+---+---+---+---+---+---+---+ Figure 7 In the case of an IPv4 prefix, the IPv4 address field is right-padded with zeroes up to 32 bits. The PSID field is left-padded to create a 16 bit field. For an IPv4 prefix or a complete IPv4 address, the PSID field is zero. If the End-user IPv6 prefix length is larger than 64, the most significant parts of the interface identifier is overwritten by the prefix. For translation mode the End-user IPv6 prefix MUST be 64 or shorter. 7. IANA Considerations This specification does not require any IANA actions. 8. Security Considerations Specific security considerations with the MAP mechanism are detailed in the encapsulation and translation documents [I-D.mdt-map-t/ I-D.mdt-map-e]. [RFC6269] outlines general issues with IPv4 address sharing. 9. Contributors Mohamed Boucadair, Gang Chen, Maoke Chen, Wojciech Dec, Xiaohong Deng, Jouni Korhonen, Tomasz Mrugalski, Jacni Qin, Chunfa Sun, Qiong Sun, Leaf Yeh. 10. Acknowledgements This document is based on the ideas of many. In particular Remi Despres, who has tirelessly worked on generalized mechanisms for stateless address mapping. The authors would like to thank Guillaume Gottard, Dan Wing, Jan Troan, et al. Expires August 2, 2012 [Page 16] Internet-Draft MAP January 2012 Zorz, Necj Scoberne, Tina Tsou for their thorough review and comments. 11. References 11.1. Normative References [I-D.mdt-softwire-map-dhcp-option] Mrugalski, T., Boucadair, M., Deng, X., Troan, O., and C. Bao, "DHCPv6 Options for Mapping of Address and Port", draft-mdt-softwire-map-dhcp-option-02 (work in progress), January 2012. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC6346] Bush, R., "The Address plus Port (A+P) Approach to the IPv4 Address Shortage", RFC 6346, August 2011. 11.2. Informative References [I-D.ietf-softwire-stateless-4v6-motivation] Boucadair, M., Matsushima, S., Lee, Y., Bonness, O., Borges, I., and G. Chen, "Motivations for Stateless IPv4 over IPv6 Migration Solutions", draft-ietf-softwire-stateless-4v6-motivation-00 (work in progress), September 2011. [I-D.ietf-tsvwg-iana-ports] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire, "Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry", draft-ietf-tsvwg-iana-ports-10 (work in progress), February 2011. [RFC1933] Gilligan, R. and E. Nordmark, "Transition Mechanisms for IPv6 Hosts and Routers", RFC 1933, April 1996. [RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4 Domains without Explicit Tunnels", RFC 2529, March 1999. [RFC2663] Srisuresh, P. and M. Holdrege, "IP Network Address Translator (NAT) Terminology and Considerations", RFC 2663, August 1999. [RFC2766] Tsirtsis, G. and P. Srisuresh, "Network Address Troan, et al. Expires August 2, 2012 [Page 17] Internet-Draft MAP January 2012 Translation - Protocol Translation (NAT-PT)", RFC 2766, February 2000. [RFC3056] Carpenter, B. and K. Moore, "Connection of IPv6 Domains via IPv4 Clouds", RFC 3056, February 2001. [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003. [RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)", RFC 4380, February 2006. [RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214, March 2008. [RFC5969] Townsley, W. and O. Troan, "IPv6 Rapid Deployment on IPv4 Infrastructures (6rd) -- Protocol Specification", RFC 5969, August 2010. [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, October 2010. [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful NAT64: Network Address and Protocol Translation from IPv6 Clients to IPv4 Servers", RFC 6146, April 2011. [RFC6147] Bagnulo, M., Sullivan, A., Matthews, P., and I. van Beijnum, "DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers", RFC 6147, April 2011. [RFC6250] Thaler, D., "Evolution of the IP Model", RFC 6250, May 2011. [RFC6269] Ford, M., Boucadair, M., Durand, A., Levis, P., and P. Roberts, "Issues with IP Address Sharing", RFC 6269, June 2011. [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- Stack Lite Broadband Deployments Following IPv4 Exhaustion", RFC 6333, August 2011. Troan, et al. Expires August 2, 2012 [Page 18] Internet-Draft MAP January 2012 Authors' Addresses Ole Troan cisco Oslo Norway Email: ot@cisco.com Satoru Matsushima SoftBank Telecom 1-9-1 Higashi-Shinbashi, Munato-ku Tokyo Japan Email: satoru.matsushima@tm.softbank.co.jp Tetsuya Murakami IP Infusion 1188 East Arques Avenue Sunnyvale USA Email: tetsuya@ipinfusion.com Xing Li CERNET Center/Tsinghua University Room 225, Main Building, Tsinghua University Beijing 100084 CN Email: xing@cernet.edu.cn Congxiao Bao CERNET Center/Tsinghua University Room 225, Main Building, Tsinghua University Beijing 100084 CN Email: congxiao@cernet.edu.cn Troan, et al. Expires August 2, 2012 [Page 19]