Network Working Group K.Fang Internet Draft Cisco Systems Document: draft-zhiyfang-divi-icmp-00.txt Nov 2011 Expires: May 2012 dIVI Port error handling and range allocation Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on May, 2012. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC-2119]. K.Fang Expires May 2012 [Page 1] Internet-Draft dIVI Port-range correction Nov 2011 Abstract This memo defines port error handling and port range allocation mechanism for Dual-Stateless Ipv4/Ipv6 Translation(dIVI) Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . .3 1.1. Motivation. . . . . . . . . . . . . . . . . . . . . . . .3 1.2. Potential Benefits . . . . . . . . . . . . . . . . . . .3 1.2.1. Easy for troubleshooting. . . . . . . . . . . . .3 1.2.2. Easy for annouce the correct port-range . . . . .4 2. Definition & implementation . . . . . . . . . . . . . . . . . .4 2.1. ICMPv6 dIVI Error Port-Range Correction Message . . . . .4 3. Security Considerations . . . . . . . . . . . . . . . . . . . .4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . .5 5. Reference . . . . . . . . . . . . . . . . . . . . . . . . . . .5 K.Fang Expires May 2012 [Page 2] Internet-Draft dIVI Port-range correction Nov 2011 1. Introduction This section explains the reasoning for port error handling and port range allocation mechanism for Dual-Stateless Ipv4/Ipv6 Translation(dIVI) 1.1. Motivation Dual-Stateless Ipv4/Ipv6 Translation(dIVI) proposal to share Ipv4 ports with multiple Ipv6 hosts which shown in the following figure. --------------------------------- -----|IPv4-translatable.0#port-range.0 | / --------------------------------- / --------------------------------- |--------|IPv4-translatable.1#port-range.1 | | --------------------------------- -------------------- | --------------------------------- | IPv4-addr#any ports|-----------|IPv4-translatable.2#port-range.2 | -------------------- | --------------------------------- | --------------------------------- |--------|IPv4-translatable.3#port-range.3 | | --------------------------------- \ ... \ --------------------------------- -----|IPv4-translatable.K#port-range.K | --------------------------------- ... Endpoint need a simple way to know the exactly port-range and if endpoint send packets with wrong portrange, it will request Xlate element trigger ICMPv6 based error notification. We proposal use ICMPv6 as port-range error handling and also contain the correct port-range to notice the endpoint. 1.2. Potential Benefits 2 potential benefits for dIVI by using the ICMPv6 error handle and correlation mechanism. 1.2.1 Easy for troubleshooting Network engineer could easily find the root cause if the endpoint send Packets with wrong ports. K.Fang Expires May 2012 [Page 3] Internet-Draft dIVI Port-range correction Nov 2011 1.2.2 Easy for annouce the correct port-range Send the correct share Ratio N and Port-Set-Id K in ICMPv6 Port-error Message could be the most simple way for the endpoints aware the dIVI Mapping rules. 2. Definition & implementation 2.1 ICMPv6 dIVI Error Port-Range Correction Message Defined a new ICMPv6 Message type (Type-5) 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Allowed Port Mask | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ IPv6 Fields: Destination Address Copied from the Source Address field of the invoking packet. ICMPv6 Fields: Type 5 - dIVI Error Port Range correction message Code 0 - Port-Range Error Allowed Port Mask Based on the share Ratio N and Port-Set-Id K Defined the correct port mask. Description If an IPv6 dIVI node processing a Ipv6 packet finds a problem with a wrong Port-range, it will trigger this message to notice the client and correct the right port-range for use. 3. Security Considerations It's same as general ICMPv6 security considerations, See RFC4443 Section 5. K.Fang Expires May 2012 [Page 4] Internet-Draft dIVI Port-range correction Nov 2011 4. IANA Considerations Add new ICMPv6 Message type listed below: Type 5 - dIVI Error Port Range correction message 5. References [1] C. Bao , X. Li, et.al "dIVI: Dual-Stateless IPv4/IPv6 Translation", draft-xli-behave-divi-03, July.2011 Authors' Addresses Kevin Fang Cisco Systems EMail: zhiyfang&cisco.com K.Fang Expires May 2012 [Page 5]