| < draft-ietf-ospf-transition-to-ospfv3-11.txt | draft-ietf-ospf-transition-to-ospfv3-12.txt > | |||
|---|---|---|---|---|
| Internet Draft I. Chen | Internet Draft I. Chen | |||
| <draft-ietf-ospf-transition-to-ospfv3-11.txt> Ericsson | <draft-ietf-ospf-transition-to-ospfv3-12.txt> Ericsson | |||
| Intended Status: Standards Track A. Lindem | Intended Status: Standards Track A. Lindem | |||
| Updates: 5838 Cisco | Updates: 5838 Cisco | |||
| R. Atkinson | R. Atkinson | |||
| Consultant | Consultant | |||
| Expires in 6 months June 29, 2016 | Expires in 6 months June 30, 2016 | |||
| OSPFv3 over IPv4 for IPv6 Transition | OSPFv3 over IPv4 for IPv6 Transition | |||
| <draft-ietf-ospf-transition-to-ospfv3-11.txt> | <draft-ietf-ospf-transition-to-ospfv3-12.txt> | |||
| Status of this Memo | Status of this Memo | |||
| Distribution of this memo is unlimited. | Distribution of this memo is unlimited. | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 8, line 15 ¶ | skipping to change at page 8, line 15 ¶ | |||
| 0 1 2 3 | 0 1 2 3 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | Source Address | | | Source Address | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | Destination Address | | | Destination Address | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | 0 | Protocol (89) | OSPFv3 Packet Length | | | 0 | Protocol (89) | OSPFv3 Packet Length | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| Figure 3: Pseduo-header for OSPFv3 over IPv4. | Figure 3: Pseudo-header for OSPFv3 over IPv4. | |||
| 3.4. Operation over Virtual Links | 3.4. Operation over Virtual Links | |||
| When an OSPF router sends an OSPF packet over a virtual link, the | When an OSPF router sends an OSPF packet over a virtual link, the | |||
| receiving router is a router that might not be directly connected | receiving router is a router that might not be directly connected | |||
| to the sending router. Thus, the destination IP address of the IP | to the sending router. Thus, the destination IP address of the IP | |||
| packet must be a reachable unicast IP address for the virtual link | packet must be a reachable unicast IP address for the virtual link | |||
| endpoint. Because IPv6 is the presumed Internet protocol and an | endpoint. Because IPv6 is the presumed Internet protocol and an | |||
| IPv4 destination is not routable, the OSPFv3 address family | IPv4 destination is not routable, the OSPFv3 address family | |||
| extension [RFC5838] specifies that only IPv6 address family virtual | extension [RFC5838] specifies that only IPv6 address family virtual | |||
| skipping to change at page 9, line 17 ¶ | skipping to change at page 9, line 17 ¶ | |||
| Implementations of OSPFv3 over IPv4 transport SHOULD implement | Implementations of OSPFv3 over IPv4 transport SHOULD implement | |||
| separate counters for a protocol mismatch and SHOULD provide means | separate counters for a protocol mismatch and SHOULD provide means | |||
| to suppress the ospfIfRxBadPacket and ospfVirtIfRxBadPacket SNMP | to suppress the ospfIfRxBadPacket and ospfVirtIfRxBadPacket SNMP | |||
| notifications as described in [RFC4750] and the ospfv3IfRxBadPacket | notifications as described in [RFC4750] and the ospfv3IfRxBadPacket | |||
| and ospv3VirtIfRxBadPacket SNMP notifications as described in | and ospv3VirtIfRxBadPacket SNMP notifications as described in | |||
| [RFC5643] when an OSPFv2 packet is received by the OSPFv3 process | [RFC5643] when an OSPFv2 packet is received by the OSPFv3 process | |||
| or vice versa. | or vice versa. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| As described in [RFC4552], OSPFv3 uses IPsec [RFC4301] for | As specified in [RFC5340], OSPFv3 relies on IPsec [RFC4301] for | |||
| authentication and confidentiality. Consequently, an OSPFv3 packet | authentication and confidentiality. [RFC4552] specifies how IPsec is | |||
| transported within an IPv4 packet requires IPsec to provide | used with OSPFv3 over IPv6 transport. In order to use OSPFv3 with | |||
| authentication and confidentiality. Further work such as [ipsecospf] | IPv4 transport as specified herein, further work such as [ipsecospf] | |||
| would be required to support IPsec protection for OSPFv3 over IPv4 | would be required. | |||
| transport. | ||||
| An optional OSPFv3 Authentication Trailer [RFC7166] also has been | An optional OSPFv3 Authentication Trailer [RFC7166] also has been | |||
| defined as an alternative to using IPsec. The calculation of the | defined as an alternative to using IPsec. The calculation of the | |||
| authentication data in the Authentication Trailer includes the source | authentication data in the Authentication Trailer includes the source | |||
| IPv6 address to protect an OSPFv3 router from Man-in-the-Middle | IPv6 address to protect an OSPFv3 router from Man-in-the-Middle | |||
| attacks. For IPv4 encapsulation as described herein, the IPv4 source | attacks. For IPv4 encapsulation as described herein, the IPv4 source | |||
| address should be placed in the first 4 octets of Apad followed by | address should be placed in the first 4 octets of Apad followed by | |||
| the hexadecimal value 0x878FE1F3 repeated (L-4)/4 times, where L is | the hexadecimal value 0x878FE1F3 repeated (L-4)/4 times, where L is | |||
| the length of hash measured in octets. | the length of hash measured in octets. | |||
| skipping to change at page 9, line 49 ¶ | skipping to change at page 9, line 48 ¶ | |||
| optional OSPFv3 Authentication Trailer. | optional OSPFv3 Authentication Trailer. | |||
| 6. IANA Considerations | 6. IANA Considerations | |||
| No actions are required from IANA as result of the publication of | No actions are required from IANA as result of the publication of | |||
| this document. | this document. | |||
| 7. Acknowledgments | 7. Acknowledgments | |||
| The authors would like to thank Alexander Okonnikov for his thorough | The authors would like to thank Alexander Okonnikov for his thorough | |||
| review and valuable feedback. The authors would also like to thank | review and valuable feedback and Suresh Krishnan for pointing out | |||
| Wenhu Lu for acting as document shepherd. | that clear specification for pseudo-header used in the OSPFv3 packet | |||
| checksum calculation was required. The authors would also like to | ||||
| thank Wenhu Lu for acting as document shepherd. | ||||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791, September | [RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791, September | |||
| 1981. | 1981. | |||
| [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 | [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 | |||
| (IPv6) Specification", RFC 2460, December 1998. | (IPv6) Specification", RFC 2460, December 1998. | |||
| End of changes. 6 change blocks. | ||||
| 12 lines changed or deleted | 13 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||