idnits 2.17.1 draft-xli-softwire-map-testing-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 14 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 6 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. == There are 11 instances of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 3, 2014) is 3737 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-13) exists of draft-ietf-softwire-map-08 == Outdated reference: A later version (-08) exists of draft-ietf-softwire-map-t-04 ** Obsolete normative reference: RFC 6145 (Obsoleted by RFC 7915) Summary: 1 error (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group X. Li 3 Internet-Draft C. Bao 4 Intended status: Informational G. Han 5 Expires: July 7, 2014 CERNET Center/Tsinghua 6 University 7 W. Dec 8 Cisco Systems 9 January 3, 2014 11 MAP Interoperability Testing Results 12 draft-xli-softwire-map-testing-03 14 Abstract 16 This document presents the testing results of a unified code 17 accommodating encapsulation and translation modes of Mapping of 18 Address and Port (MAP). Experiments show that the unified MAP CE is 19 not only supporting MAP-E and MAP-T modes, but also backward 20 compatible with AFTR of dual-stack lite and stateless/stateful NAT64. 22 Status of this Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on July 7, 2014. 39 Copyright Notice 41 Copyright (c) 2014 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 1.1. Testing Topology . . . . . . . . . . . . . . . . . . . . . 3 58 2. MAP specifications . . . . . . . . . . . . . . . . . . . . . . 3 59 2.1. Mapping Rules and the Address Formats . . . . . . . . . . 3 60 2.2. Port Mapping Algorithm . . . . . . . . . . . . . . . . . . 4 61 2.3. Forwarding Modes . . . . . . . . . . . . . . . . . . . . . 4 62 2.4. Implementation . . . . . . . . . . . . . . . . . . . . . . 5 63 3. MAP Testing . . . . . . . . . . . . . . . . . . . . . . . . . 5 64 3.1. MAP-T . . . . . . . . . . . . . . . . . . . . . . . . . . 6 65 3.2. MAP-E . . . . . . . . . . . . . . . . . . . . . . . . . . 6 66 3.3. 1:1 mode MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . 6 67 3.4. Mixed MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . . 7 68 4. Backward Compatibility Testing . . . . . . . . . . . . . . . . 8 69 4.1. AFTR of dual-stack lite . . . . . . . . . . . . . . . . . 8 70 4.2. NAT64 with double translation . . . . . . . . . . . . . . 9 71 5. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 9 72 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 73 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 74 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 10 75 9. Normative References . . . . . . . . . . . . . . . . . . . . . 10 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 78 1. Introduction 80 Generic mechanism for mapping between an IPv4 prefix, address or 81 parts of thereof, and transport layer ports and an IPv6 prefix or 82 address with translation mode and encapsulation mode are specified in 83 [I-D.ietf-softwire-map-t] [I-D.ietf-softwire-map]. This document 84 presents testing results of a unified code containing translation and 85 encapsulation modes of Mapping of Address and Port (MAP). The 86 backward compatibility of MAP CE with AFTR of dual-stack lite and 87 NAT64 of stateful translation are also presented. 89 1.1. Testing Topology 91 The testing topology is shown in the following figure. 93 ----- ------ 94 .-| CE.0|---|Host.0| 95 / ----- ------ 96 ------ ----- | 97 / The \ ----- / An \ | ----- ------ 98 | IPv4 |--| BR |---| IPv6 |------| CE.1|---|Host.1| 99 \Internet/ | | ^ \Network/ | ----- ------ 100 ------ ----- | ----- | 101 | \ ----- ------ 102 tcpdump -| CE.K|---|Host.K| 103 ----- ------ 105 Figure 1: Generic testing topology 107 Where, BR is the MAP Border Relay, CE is the MAP Customer Edge. Both 108 BR and CE can be configured in translation mode (MAP-T) or 109 encapsulation mode (MAP-E), independently. A tcpdump process is 110 running between BR and CE to get the packet header information. 112 2. MAP specifications 114 The code tested in this document follows the MAP specification 115 defined in [I-D.ietf-softwire-map-t] [I-D.ietf-softwire-map], which 116 contain the Mapping Rules, the Port Mapping Algorithm and the 117 Forwarding Mode. The explicit address format and configuration 118 parameters used for the code are presented in the following sections. 120 2.1. Mapping Rules and the Address Formats 122 The address format of Basic Mapping Rule (BMR) and Forwarding Mapping 123 Rule (FMR) are defined in the following figure. Also note that 124 translation mode (MAP-T) and encapsulation mode (MAP-E) have the same 125 address format of BMR/FMR. 127 <-- n bits -->||<-m bits>|< 8>|<---- L>=32 ------>|<--56-L--> 128 |0 63| 127| 129 +-------------+--------+---------+----+--------------+----+---------+ 130 | IPv6 prefix |EA bits |Subnet-id| u | IPv4 address |PSID| 0 | 131 +-------------+--------+---------+----+--------------+----+---------+ 132 | 134 Figure 2: BMR/FMR in translation and encapsulation modes 136 The address format of Default Mapping Rule is different for 137 translation (MAP-T) and encapsulation (MAP-E), as shown in the 138 following figures. 140 |0 63| 127| 141 +--------------------------------+----+--------------+--------------+ 142 | BR prefix | u | IPv4 address | 0 | 143 +--------------------------------+----+--------------+--------------+ 145 Figure 3: DMR in translation mode 147 |0 127| 148 +-------------------------------------------------------------------+ 149 | BR IPv6 address | 150 +-------------------------------------------------------------------+ 152 Figure 4: DMR in encapsulation mode 154 The testing presented in this document is for the Hubs and Spokes 155 scenario, and therefore, only BMR and DMR are required in each CE. 157 2.2. Port Mapping Algorithm 159 The port mapping algorithm is called Generalized Modulus Algorithm 160 (GMA), which contains the sharing ratio (R=2^k), the maximum number 161 of contiguous ports (M=2^m) and the Port-Set Identifiers (PSID). 163 2.3. Forwarding Modes 165 The MAP has two forwarding modes, the translation (MAP-T) and 166 encapsulation (MAP-E). The header processing algorithms of the 167 translation and the encapsulation modes are defined in [RFC6145] and 168 [RFC2473], respectively. 170 2.4. Implementation 172 The MAP specification is implemented in Linux environment under GPL 173 [map-code]. 175 The CE related configuration parameters are: 177 -i specify the name of the Ethernet device connected to IPv4 world 179 -I specify the name of the Ethernet device connected to IPv6 world 181 -H specify in CE mode 183 -a specify the IPv4 address and mask of the host behind the CE 185 -P specify the IPv6 rule prefix and prefix length of the host behind 186 the CE 188 -R specify the associated IPv4 address sharing ratio R of the host 189 behind the CE 191 -M specify the associated M parameter of the host behind the CE 192 device 194 -o specify the PSID of the host behind the CE 196 -N specify in NAT44 mode. The '-A' option is required. 198 -A specify the public IPv4 address and mask which the host behind the 199 CE device is mapped into. In this case, the '-a' option will 200 specify the private IPv4 network and prefix length 202 -X specify the IPv6 prefix is not containing EA-bits 204 3. MAP Testing 206 The configuration examples and the testing results of the MAP's 207 translation mode (MAP-T), the encapsulation mode (MAP-E), MAP-T/MAP-E 208 1:1 modes and the mixed MAP-T/MAP-E modes are shown in this section. 210 The basic testing method is from an IPv4 host connected to CE to ping 211 an IPv4 server (202.112.35.254) connected to BR. The tcpdump records 212 the packet headers of the echo request and echo reply messages. 214 3.1. MAP-T 216 The MAP CE in MAP-T mode is configured as: 218 utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T 220 utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A 221 202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 0 -c 1440 -T 223 The tcpdump data samples are: 225 09:42:16.526809 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8: 226 b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 18177, length 227 40 229 09:42:16.527448 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8: 230 b4b6:100:ca:2675:100:0: ICMP6, echo reply, seq 18177, length 40 232 3.2. MAP-E 234 The MAP CE in MAP-E mode is configured as: 236 utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E 238 utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A 239 202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 8 -c 1400 -E 241 The tcpdump data samples are: 243 09:38:43.326429 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8: 244 b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo 245 request, id 1040, seq 32512, length 40 247 09:38:43.327786 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6: 248 180:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo 249 reply, id 1040, seq 32512, length 40 251 3.3. 1:1 mode MAP-T/MAP-E 253 The 1:1 mode MAP-T/MAP-E means that each CE has its own mapping rule 254 with or without the IPv4 address sharing. 256 The MAP CE in MAP-T 1:1 mode is configured as: 258 utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T 260 utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A 261 202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1440 262 -T 264 The tcpdump data samples are: 266 22:53:30.977999 IP6 2001:da8:b4b6:2700:ca:2675:100:0 > 2001:da8: 267 b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 7113, length 40 269 22:53:30.978876 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8: 270 b4b6:2700:ca:2675:100:0: ICMP6, echo reply, seq 7113, length 40 272 The MAP CE in MAP-E 1:1 mode is configured as: 274 utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E 276 utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A 277 202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1400 278 -E 280 The tcpdump data samples are: 282 22:56:29.661058 IP6 2001:da8:b4b6:2700:ca:2675:180:0 > 2001:da8: 283 b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo 284 request, id 4113, seq 7276, length 40 286 22:56:29.661751 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6: 287 2700:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo 288 reply, id 4113, seq 7276, length 40 290 3.4. Mixed MAP-T/MAP-E 292 The CE and BR can be configured in different modes, for example CE 293 can be configured in translation mode and BR can be configured in 294 encapsulation mode. The reason is that the forwarding mode is only 295 required in the IPv4 to IPv6 direction, while it can be automatically 296 identified by checking the value of the next header in the IPv6 297 packets in the IPv6 to IPv4 direction. This feature provides great 298 flexibility to the users and operators to select desired forwarding 299 mode without dropping a single packet in different forwarding mode. 300 The following are two examples of BR and CE in different forwarding 301 modes with the configurations shown in MAP-T and MAP-E sections. 303 When BR is in T mode and CE is in E mode, the tcpdump data samples 304 are: 306 09:39:48.829067 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8: 307 b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo 308 request, id 1040, seq 47104, length 40 309 09:39:48.833054 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8: 310 b4b6:180:ca:2675:180:0: ICMP6, echo reply, seq 47104, length 40 312 When BR is in E mode and CE is in T mode, the tcpdump data samples 313 are: 315 09:44:11.692130 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8: 316 b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 41473, length 317 40 319 09:44:11.693044 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6: 320 100:ca:2675:100:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo 321 reply, id 1024, seq 41473, length 40 323 4. Backward Compatibility Testing 325 The MAP CE is backward compatible to dual-stack lite in the E mode 326 and to NAT64 in the T mode. 328 4.1. AFTR of dual-stack lite 330 Dual-stack lite is a stateful encapsulation technology defined in 331 [RFC6333]. For the testing, the MAP BR is replaced by dual-stack 332 lite AFTR [dual-stack-lite-code]. 334 The MAP CE is configured as: 336 utils/ivictl -r -d -P 2001::1/128 338 utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A 339 10.255.255.1/24 -P 2001:da8:b001:1009::/64 -R 16 -M 2 -o 0 -c 1400 340 -E 342 The tcpdump data samples are: 344 22:48:42.536559 IP6 2001:da8:b001:1009:a:ffff:100:0 > 2001::1: IP 345 10.255.255.1 > 202.112.35.254: ICMP echo request, id 1024, seq 346 41473, length 40 348 22:48:42.539352 IP6 2001::1 > 2001:da8:b001:1009:a:ffff:100:0: IP 349 202.112.35.254 > 10.255.255.1: ICMP echo reply, id 1024, seq 350 41473, length 40 352 4.2. NAT64 with double translation 354 NAT64 is a stateful translation technology defined in [RFC6146] and 355 [RFC6145]. For the testing, the MAP BR is replaced by NAT64 356 [nat64-code]. 358 The MAP CE is configured as: 360 utils/ivictl -r -d -P 2001:da8:b4b6:1000::/64 -T 362 utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A 363 2.2.2.2/32 -P 2001:da8:b001:fff9::/64 -R 16 -M 2 -o 0 -c 1440 -T 365 The tcpdump data samples are: 367 09:24:16.478385 IP6 2001:da8:b001:fff9:2:202:200:0 > 2001:da8: 368 b4b6:1000:ca:7023:fe00:0: ICMP6, echo request, seq 25600, length 369 40 371 09:24:16.479638 IP6 2001:da8:b4b6:1000:ca:7023:fe00:0 > 2001:da8: 372 b001:fff9:2:202:200:0: ICMP6, echo reply, seq 25600, length 40 374 Note that for this scenario, the CE defined in [RFC6877] can also 375 achieve this goal. 377 5. Conclusions 379 Although only the echo request/echo reply testing results with the 380 corresponding MAP CE configuration examples are presented in this 381 document, the TCP/UDP applications are also tested in CERNET/CERNET2 382 successfully. The concluding remarks are: 384 o A unified MAP can support MAP-T, MAP-E, 1:1 mode MAP-T/MAP-E and 385 even the mixed modes without introducing additional complexity. 387 o A unified MAP CE can be configured to support MAP-T, MAP-E, 1:1 388 mode MAP-T/MAP-E, mixed MAP-T/MAP-E, and backward compatible with 389 stateless NAT64, stateful NAT64 and dual-stack lite. 391 6. Security Considerations 393 This document does not introduce any new security considerations. 395 7. IANA Considerations 397 None. 399 8. Acknowledgments 401 The authors would like to acknowledge the following contributors of 402 this document: Weicai Wang, Wentao Shang and Rajiv Asati. 404 9. Normative References 406 [I-D.ietf-softwire-map] 407 Troan, O., Dec, W., Li, X., Bao, C., Matsushima, S., 408 Murakami, T., and T. Taylor, "Mapping of Address and Port 409 with Encapsulation (MAP)", draft-ietf-softwire-map-08 410 (work in progress), August 2013. 412 [I-D.ietf-softwire-map-t] 413 Li, X., Bao, C., Dec, W., Troan, O., Matsushima, S., and 414 T. Murakami, "Mapping of Address and Port using 415 Translation (MAP-T)", draft-ietf-softwire-map-t-04 (work 416 in progress), September 2013. 418 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 419 IPv6 Specification", RFC 2473, December 1998. 421 [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation 422 Algorithm", RFC 6145, April 2011. 424 [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful 425 NAT64: Network Address and Protocol Translation from IPv6 426 Clients to IPv4 Servers", RFC 6146, April 2011. 428 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 429 Stack Lite Broadband Deployments Following IPv4 430 Exhaustion", RFC 6333, August 2011. 432 [RFC6877] Mawatari, M., Kawashima, M., and C. Byrne, "464XLAT: 433 Combination of Stateful and Stateless Translation", 434 RFC 6877, April 2013. 436 [dual-stack-lite-code] 437 "Dual-stack Lite Code: 438 http://www.isc.org/software/aftr/11". 440 [map-code] 441 "MAP Code: http://mapt.ivi2.org:8039/mapt.html". 443 [nat64-code] 444 "NAT64 Code: http://ecdysis.viagenie.ca/download.html". 446 Authors' Addresses 448 Xing Li 449 CERNET Center/Tsinghua University 450 Room 225, Main Building, Tsinghua University 451 Beijing 100084 452 CN 454 Phone: +86 10-62785983 455 Email: xing@cernet.edu.cn 457 Congxiao Bao 458 CERNET Center/Tsinghua University 459 Room 225, Main Building, Tsinghua University 460 Beijing 100084 461 CN 463 Phone: +86 10-62785983 464 Email: congxiao@cernet.edu.cn 466 Guoliang Han 467 CERNET Center/Tsinghua University 468 Room 225, Main Building, Tsinghua University 469 Beijing 100084 470 CN 472 Phone: +86 10-62785983 473 Email: bupthgl@gmail.com 475 Wojciech Dec 476 Cisco Systems 477 Haarlerbergpark Haarlerbergweg 13-19 478 Amsterdam, NOORD-HOLLAND 1101 CH 479 Netherlands 481 Phone: 482 Email: wdec@cisco.com