idnits 2.17.1 draft-bastian-babel-v4ov6-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC6126bis, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 14, 2020) is 1436 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Outdated reference: A later version (-20) exists of draft-ietf-babel-rfc6126bis-17 -- Obsolete informational reference (is this intentional?): RFC 5549 (Obsoleted by RFC 8950) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Bastian 3 Internet-Draft Ecole Normale Superieure, Paris 4 Updates: 6126bis (if approved) J. Chroboczek 5 Intended status: Experimental IRIF, University of Paris-Diderot 6 Expires: November 15, 2020 May 14, 2020 8 Announcing IPv4 routes with an IPv6 next-hop in the Babel routing 9 protocol 10 draft-bastian-babel-v4ov6-01 12 Abstract 14 This document defines an extension to the Babel routing protocol that 15 allows annoncing routes to an IPv4 prefix with an IPv6 next-hop, 16 which makes it possible for IPv4 traffic to flow through interfaces 17 that have not been assigned an IPv4 address. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on November 15, 2020. 36 Copyright Notice 38 Copyright (c) 2020 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (https://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Specification of Requirements . . . . . . . . . . . . . . 3 55 2. Protocol operation . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. Announcing v4-over-v6 routes . . . . . . . . . . . . . . 3 57 2.2. Receiving v4-over-v6 routes . . . . . . . . . . . . . . . 3 58 2.3. Prefix and seqno requests . . . . . . . . . . . . . . . . 4 59 2.4. Other TLVs . . . . . . . . . . . . . . . . . . . . . . . 4 60 3. Backwards compatibility . . . . . . . . . . . . . . . . . . . 4 61 4. Protocol encoding . . . . . . . . . . . . . . . . . . . . . . 5 62 4.1. Prefix encoding . . . . . . . . . . . . . . . . . . . . . 5 63 4.2. Changes for existing TLVs . . . . . . . . . . . . . . . . 5 64 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 65 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 66 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 67 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 68 7.2. Informative References . . . . . . . . . . . . . . . . . 7 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 71 1. Introduction 73 Traditionally, a routing table maps a network prefix of a given 74 address family to a next-hop address in the same address family. The 75 sole purpose of this next-hop address is to serve as an input to a 76 protocol that will map it to a link-layer address, Neighbour 77 Discovery (ND) [RFC4861] in the case of IPv6, Address Resolution 78 (ARP) [RFC0826] in the case of IPv4. Therefore, there is no reason 79 why the address family of the next hop address should match that of 80 the prefix being announced: an IPv6 next-hop yields a link-layer 81 address that is suitable for forwarding both IPv6 or IPv4 traffic. 83 We call a route towards an IPv4 prefix that uses an IPv6 next hop a 84 "v4-over-v6" route. Since an IPv6 next-hop can use a link-local 85 address that is autonomously configured, the use of v4-over-v6 routes 86 enables a mode of operation where the network core has no statically 87 assigned IP addresses of either family, thus significantly reducing 88 the amount of manual configuration. 90 This document describes an extension that allows the Babel routing 91 protocol [RFC6126bis] to announce routes towards IPv6 prefixes with 92 IPv4 next hops. The extension is inspired by a previously defined 93 extension to the BGP protocol [RFC5549]. 95 1.1. Specification of Requirements 97 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 98 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 99 "OPTIONAL" in this document are to be interpreted as described in BCP 100 14 [RFC2119] [RFC8174] when, and only when, they appear in all 101 capitals, as shown here. 103 2. Protocol operation 105 The Babel protocol fully supports double-stack operation: all data 106 that represent a neighbour address or a network prefix are tagged by 107 an Address Encoding (AE), a small integer that identifies the address 108 family (IPv4 or IPv6) of the address of prefix, and describes how it 109 is encoded. This extension defines a new AE, called v4-over-v6, 110 which has the same format as the existing AE for IPv4 addresses. 111 This new AE is only allowed in TLVs that carry network prefixes: TLVs 112 that carry a neighbour address use the normal encodings for IPv6 113 addresses. 115 2.1. Announcing v4-over-v6 routes 117 A Babel node that needs to announce an IPv4 route over an interface 118 that has no assigned IPv4 address MAY make a v4-over-v6 announcement. 119 In order to do so, it first establishes an IPv6 next-hop address in 120 the usual manner (either by sending the Babel packet over IPv6, or by 121 including a Next Hop TLV containing an IPv6 address); it then sends 122 an Update with AE equal to TBD containing the IPv4 prefix being 123 announced. 125 If the outgoing interface has been assigned an IPv4 address, then, in 126 the interest of maximising compatibility with existing routers, the 127 sender SHOULD prefer an ordinary IPv4 announcement; even in that 128 case, however, it MAY use a v4-over-v6 announcement. A node SHOULD 129 NOT send both ordinary IPv4 and v4-over-v6 annoucements for the same 130 prefix over a single interface (if the update is sent to a multicast 131 address) or to a single neighbour (if sent to a unicast address), 132 since doing that doubles the amount of routing traffic while 133 providing no benefit. 135 2.2. Receiving v4-over-v6 routes 137 Upon reception of an Update TLV with a v4-over-v6 AE, a Babel node 138 computes the IPv6 next-hop, as described in Section 4.6.9 of 139 [RFC6126bis]. If no IPv6 next-hop exists, then the Update MUST be 140 silently ignored. If an IPv6 next-hop exists, then the node MAY 141 acquire the route being announced, as described in Section 3.5.3 of 142 [RFC6126bis]; the parameters of the route are as follows: 144 o the prefix, plen, router-id, seqno, metric MUST be computed as for 145 an IPv4 route, as described in Section 4.6.9 of [RFC6126bis]; 147 o the next-hop MUST be computed as for an IPv6 route, as described 148 in Section 4.6.9 of [RFC6126bis]: it is taken from the last 149 preceding Next-Hop TLV with an AE field equal to 2 or 3; if no 150 such entry exists, and if the Update TLV has been sent in a Babel 151 packet carried over IPv6, then the next-hop is the network-layer 152 source address of the packet. 154 As usual, a node MAY ignore the update, e.g., due to filtering 155 (Appendix C of [RFC6126bis]). If a node cannot install v4-over-v6 156 routes, eg., due to hardware or software limitations, then routes to 157 an IPv4 prefix with an IPv6 next-hop MUST NOT be selected, as 158 described in Section 3.5.3 of [RFC6126bis]. 160 2.3. Prefix and seqno requests 162 Prefix and seqno requests are used to request an update for a given 163 prefix. Since they are not related to a specific Next-Hop, there is 164 no semantic difference between ordinary IPv4 and v4-over-v6 requests. 166 A node SHOULD NOT send requests of either kind with the AE field 167 being set to TBD (v4-over-v6); instead, it SHOULD request IPv4 168 updates using requests with the AE field being set to 1 (IPv4). 170 When receiving requests, AEs 1 (IPv4) and TBD (v4-over-v6) MUST be 171 treated in the same manner: the receiver processes the request as 172 described in Section 3.8 of [RFC6126bis]. If an Update is sent, then 173 it MAY be sent with AE 1 or TBD, as described in Section 2.1 above, 174 irrespective of which AE was used in the request. 176 When receiving a request with AE 0 (wildcard), the receiver SHOULD 177 send a full route dump, as described in Section 3.8.1.1 of 178 [RFC6126bis]. Any IPv4 routes contained in the route dump MAY use 179 either AE 1 or AE TBD, as described in Section 2.1 above. 181 2.4. Other TLVs 183 The only other TLV defined by [RFC6126bis] that carries an AE field 184 is the IHU TLV. IHU TLVs MUST NOT carry the AE TBD (v4-over-v6). 186 3. Backwards compatibility 188 This protocol extension adds no new TLVs or sub-TLVs. 190 This protocol extension uses a new AE. As discussed in Appendix D of 191 [RFC6126bis] and specified in the same document, implementations that 192 do not understand the present extension will silently ignore the 193 various TLVs that use this new AE. As a result, incompatible 194 versions will ignore v4-over-v6 routes. They will also ignore 195 requests with AE TBD, which, as stated in Section 2.3, are NOT 196 RECOMMENDED. 198 Using a new AE introduces a new compression state, used to parse the 199 network prefixes. As this compression state is separate from other 200 AEs' states, it will not interfere with the compression state of 201 unextended nodes. 203 This extension reuses the next-hop state from AEs 2 and 3 (IPv6), but 204 makes no changes to the way it is updated, and therefore causes no 205 compatibility issues. 207 As mentioned in Section 2.1, ordinary IPv4 announcements are 208 preferred to v4-over-v6 announcements when the outgoing interface has 209 an assigned IPv4 address; doing otherwise would prevent routers that 210 do not implement this extension from learning the route being 211 announced. 213 4. Protocol encoding 215 This extension defines the v4-over-v6 AE, whose value is TBD. This 216 AE is solely used to tag network prefixes, and MUST NOT be used to 217 tag peers' addresses, eg. in Next-Hop or IHU TLVs. 219 This extension defines no new TLVs or sub-TLVs. 221 4.1. Prefix encoding 223 Network prefixes tagged with AE TBD MUST be encoded and decoded as 224 prefixes tagged with AE 1 (IPv4), as described in Section 4.3.1 of 225 [RFC6126bis]. 227 A new compression state for AE TBD (v4-over-v6) distinct from that of 228 AE 1 (IPv4) is introduced, and MUST be used for address compression 229 of prefixes tagged with AE TBD, as described in Section 4.6.9 of 230 [RFC6126bis] 232 4.2. Changes for existing TLVs 234 The following TLVs MAY be tagged with AE TBD: 236 o Update (Type = 8) 238 o Route Request (Type = 9) 239 o Seqno Request (Type = 10) 241 As AE TBD is suitable only to tag network prefixes, IHU (Type = 5) 242 and Next-Hop (Type = 7) TLVs MUST NOT be tagged with AE TBD. Such 243 TLVs MUST be silently ignored. 245 4.2.1. Update 247 An Update (Type = 8) TLV with AE = TBD is constructed as described in 248 Section 4.6.9 of [RFC6126bis] for AE 1 (IPv4), with the following 249 specificities: 251 o Prefix. The Prefix field is constructed according to the 252 Section 4.1 above. 254 o Next hop. The next hop is determined as described in Section 2.2 255 above. 257 4.2.2. Other valid TLVs tagged with AE = TBD 259 Any other valid TLV tagged with AE = TBD MUST be constructed and 260 decoded as described in Section 4.6 of [RFC6126bis]. Network 261 prefixes within MUST be constructed and decoded as described in 262 Section 4.1 above. 264 5. IANA Considerations 266 IANA is requested to allocate a value (4 suggested) in the "Babel 267 Address Encodings" registry as follows: 269 +-----+------------+-----------------+ 270 | AE | Name | Reference | 271 +-----+------------+-----------------+ 272 | TBD | v4-over-v6 | (this document) | 273 +-----+------------+-----------------+ 275 6. Security Considerations 277 This extension does not fundamentally change the security properties 278 of the Babel protocol: as described in Section 6 of [RFC6126bis], 279 Babel must be protected by a suitable cryptographic mechanism in 280 order to be made secure. 282 However, enabling this extension will allow IPv4 traffic to flow 283 through sections of a network that have not been assigned IPv4 284 addresses, which, in turn, might allow IPv4 traffic to reach areas of 285 the network that were previously inaccessible to such traffic. If 286 this is undesirable, the flow of IPv4 traffic must be restricted by 287 the use of suitable filtering rules (Appendix C of [RFC6126bis]) 288 together with matching access control rules in the data plane. 290 7. References 292 7.1. Normative References 294 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 295 Requirement Levels", BCP 14, RFC 2119, 296 DOI 10.17487/RFC2119, March 1997. 298 [RFC6126bis] 299 Chroboczek, J. and D. Schinazi, "The Babel Routing 300 Protocol", draft-ietf-babel-rfc6126bis-17 (work in 301 progress), February 2020. 303 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 304 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 305 May 2017. 307 7.2. Informative References 309 [RFC0826] Plummer, D., "An Ethernet Address Resolution Protocol: Or 310 Converting Network Protocol Addresses to 48.bit Ethernet 311 Address for Transmission on Ethernet Hardware", STD 37, 312 RFC 826, DOI 10.17487/RFC0826, November 1982. 314 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 315 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 316 DOI 10.17487/RFC4861, September 2007. 318 [RFC5549] Le Faucheur, F. and E. Rosen, "Advertising IPv4 Network 319 Layer Reachability Information with an IPv6 Next Hop", 320 RFC 5549, DOI 10.17487/RFC5549, May 2009. 322 Authors' Addresses 324 Theophile Bastian 325 Ecole Normale Superieure, Paris 326 France 328 Email: theophile.bastian@ens.fr 329 Juliusz Chroboczek 330 IRIF, University of Paris-Diderot 331 Case 7014 332 75205 Paris Cedex 13 333 France 335 Email: jch@irif.fr