idnits 2.17.1 draft-ietf-babel-v4viav6-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. -- The draft header indicates that this document updates RFC8966, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (21 April 2021) is 1101 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 5549 (Obsoleted by RFC 8950) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Chroboczek 3 Internet-Draft IRIF, University of Paris 4 Updates: 8966 (if approved) 21 April 2021 5 Intended status: Standards Track 6 Expires: 23 October 2021 8 IPv4 routes with an IPv6 next-hop in the Babel routing protocol 9 draft-ietf-babel-v4viav6-03 11 Abstract 13 This document defines an extension to the Babel routing protocol that 14 allows annoncing routes to an IPv4 prefix with an IPv6 next-hop, 15 which makes it possible for IPv4 traffic to flow through interfaces 16 that have not been assigned an IPv4 address. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on 23 October 2021. 35 Copyright Notice 37 Copyright (c) 2021 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 42 license-info) in effect on the date of publication of this document. 43 Please review these documents carefully, as they describe your rights 44 and restrictions with respect to this document. Code Components 45 extracted from this document must include Simplified BSD License text 46 as described in Section 4.e of the Trust Legal Provisions and are 47 provided without warranty as described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 52 1.1. Specification of Requirements . . . . . . . . . . . . . . 3 53 2. Protocol operation . . . . . . . . . . . . . . . . . . . . . 3 54 2.1. Announcing v4-via-v6 routes . . . . . . . . . . . . . . . 3 55 2.2. Receiving v4-via-v6 routes . . . . . . . . . . . . . . . 4 56 2.3. Prefix and seqno requests . . . . . . . . . . . . . . . . 4 57 2.4. Other TLVs . . . . . . . . . . . . . . . . . . . . . . . 5 58 3. ICMPv4 and PMTU discovery . . . . . . . . . . . . . . . . . . 5 59 4. Protocol encoding . . . . . . . . . . . . . . . . . . . . . . 6 60 4.1. Prefix encoding . . . . . . . . . . . . . . . . . . . . . 6 61 4.2. Changes to existing TLVs . . . . . . . . . . . . . . . . 6 62 5. Backwards compatibility . . . . . . . . . . . . . . . . . . . 7 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 64 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 65 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 66 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 9.1. Normative References . . . . . . . . . . . . . . . . . . 8 68 9.2. Informative References . . . . . . . . . . . . . . . . . 9 69 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 71 1. Introduction 73 Traditionally, a routing table maps a network prefix of a given 74 address family to a next-hop address in the same address family. The 75 sole purpose of this next-hop address is to serve as an input to a 76 protocol that will map it to a link-layer address, Neighbour 77 Discovery (ND) [RFC4861] in the case of IPv6, Address Resolution 78 (ARP) [RFC0826] in the case of IPv4. Therefore, there is no reason 79 why the address family of the next hop address should match that of 80 the prefix being announced: an IPv6 next-hop yields a link-layer 81 address that is suitable for forwarding both IPv6 or IPv4 traffic. 83 We call a route towards an IPv4 prefix that uses an IPv6 next hop a 84 "v4-via-v6" route. Since an IPv6 next-hop can use a link-local 85 address that is autonomously configured, the use of v4-via-v6 routes 86 enables a mode of operation where the network core has no statically 87 assigned IP addresses of either family, thus significantly reducing 88 the amount of manual configuration. 90 This document describes an extension that allows the Babel routing 91 protocol [RFC8966] to announce routes towards IPv6 prefixes with IPv4 92 next hops. The extension is inspired by a previously defined 93 extension to the BGP protocol [RFC5549]. 95 1.1. Specification of Requirements 97 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 98 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 99 "OPTIONAL" in this document are to be interpreted as described in BCP 100 14 [RFC2119] [RFC8174] when, and only when, they appear in all 101 capitals, as shown here. 103 2. Protocol operation 105 The Babel protocol fully supports double-stack operation: all data 106 that represent a neighbour address or a network prefix are tagged by 107 an Address Encoding (AE), a small integer that identifies the address 108 family (IPv4 or IPv6) of the address of prefix, and describes how it 109 is encoded. This extension defines a new AE, called v4-via-v6, which 110 has the same format as the existing AE for IPv4 addresses. This new 111 AE is only allowed in TLVs that carry network prefixes: TLVs that 112 carry a neighbour address use the normal encodings for IPv6 113 addresses. 115 2.1. Announcing v4-via-v6 routes 117 A Babel node that needs to announce an IPv4 route over an interface 118 that has no assigned IPv4 address MAY make a v4-via-v6 announcement. 119 In order to do so, it first establishes an IPv6 next-hop address in 120 the usual manner (either by sending the Babel packet over IPv6, or by 121 including a Next Hop TLV containing an IPv6 address); it then sends 122 an Update with AE equal to TBD containing the IPv4 prefix being 123 announced. 125 If the outgoing interface has been assigned an IPv4 address, then, in 126 the interest of maximising compatibility with existing routers, the 127 sender SHOULD prefer an ordinary IPv4 announcement; even in that 128 case, however, it MAY use a v4-via-v6 announcement. A node SHOULD 129 NOT send both ordinary IPv4 and v4-via-v6 annoucements for the same 130 prefix over a single interface (if the update is sent to a multicast 131 address) or to a single neighbour (if sent to a unicast address), 132 since doing that doubles the amount of routing traffic while 133 providing no benefit. 135 2.2. Receiving v4-via-v6 routes 137 Upon reception of an Update TLV with a v4-via-v6 AE and finite 138 metric, a Babel node computes the IPv6 next-hop, as described in 139 Section 4.6.9 of [RFC8966]. If no IPv6 next-hop exists, then the 140 Update MUST be silently ignored. If an IPv6 next-hop exists, then 141 the node MAY acquire the route being announced, as described in 142 Section 3.5.3 of [RFC8966]; the parameters of the route are as 143 follows: 145 * the prefix, plen, router-id, seqno, metric MUST be computed as for 146 an IPv4 route, as described in Section 4.6.9 of [RFC8966]; 148 * the next-hop MUST be computed as for an IPv6 route, as described 149 in Section 4.6.9 of [RFC8966]: it is taken from the last preceding 150 Next-Hop TLV with an AE field equal to 2 or 3; if no such entry 151 exists, and if the Update TLV has been sent in a Babel packet 152 carried over IPv6, then the next-hop is the network-layer source 153 address of the packet. 155 An Update TLV with a v4-via-v6 AE and metric equal to infinity is a 156 retraction: it announces that a previously available route is being 157 retracted. In that case, no next-hop is necessary, and the 158 retraction is treated as described in Section 4.6.9 of [RFC8966]. 160 As usual, a node MAY ignore the update, e.g., due to filtering 161 (Appendix C of [RFC8966]). If a node cannot install v4-via-v6 162 routes, eg., due to hardware or software limitations, then routes to 163 an IPv4 prefix with an IPv6 next-hop MUST NOT be selected, as 164 described in Section 3.5.3 of [RFC8966]. 166 2.3. Prefix and seqno requests 168 Prefix and seqno requests are used to request an update for a given 169 prefix. Since they are not related to a specific Next-Hop, there is 170 no semantic difference between IPv4 and v4-via-v6 requests. 171 Therefore, a node SHOULD NOT send requests of either kind with the AE 172 field being set to TBD (v4-via-v6); instead, it SHOULD request IPv4 173 updates using requests with the AE field being set to 1 (IPv4). 175 When receiving requests, AEs 1 (IPv4) and TBD (v4-via-v6) MUST be 176 treated in the same manner: the receiver processes the request as 177 described in Section 3.8 of [RFC8966]. If an Update is sent, then it 178 MAY be sent with AE 1 or TBD, as described in Section 2.1 above, 179 irrespective of which AE was used in the request. 181 When receiving a request with AE 0 (wildcard), the receiver SHOULD 182 send a full route dump, as described in Section 3.8.1.1 of [RFC8966]. 183 Any IPv4 routes contained in the route dump MAY use either AE 1 or AE 184 TBD, as described in Section 2.1 above. 186 2.4. Other TLVs 188 The only other TLVs defined by [RFC8966] that carry an AE field are 189 Next-Hop and TLV. Next-Hop and IHU TLVs MUST NOT carry the AE TBD 190 (v4-via-v6). 192 3. ICMPv4 and PMTU discovery 194 The Internet Control Message Protocol (ICMPv4, or simply ICMP) 195 [RFC792] is a protocol related to IPv4 that is primarily used to 196 carry diagnostic and debugging information. ICMPv4 packets may be 197 originated by end hosts (e.g., the "destination unreachable, port 198 unreachable" ICMPv4 packet), but they may also be originated by 199 intermediate routers (e.g., most other kinds of "destination 200 unreachable" packets). 202 Some protocols deployed in the Internet rely on ICMPv4 packets sent 203 by intermediate routers. Most notably, path MTU Discovery (PMTUd) 204 [RFC1191] is an algorithm executed by end hosts to discover the 205 maximum packet size that a route is able to carry. While there exist 206 variants of PMTUd that are purely end-to-end [RFC4821], the variant 207 most commonly deployed in the Internet has a hard dependency on 208 ICMPv4 packets originated by intermediate routers: if intermediate 209 routers are unable to send ICMPv4 packets, PMTUd may lead to 210 persistent blackholing of IPv4 traffic. 212 Due to this kind of dependency, every Babel router that is able to 213 forward IPv4 traffic MUST be able originate ICMPv4 traffic. Since 214 the extension described in this document enables routers to forward 215 IPv4 traffic received over an interface that has not been assigned an 216 IPv4 address, a router implementing this extension MUST be able to 217 originate ICMPv4 packets even when the outgoing interface has not 218 been assigned an IPv4 address. 220 There are various ways to meet this requirement, and choosing between 221 them is left to the implementation. For example, if a router has an 222 interface that has been assigned an IPv4 address, or if an IPv4 223 address has been assigned to the router itself (to the "loopback 224 interface"), then that IPv4 address may be "borrowed" to serve as the 225 source of originated ICMPv4 packets. If no IPv4 address is 226 available, a router may choose a source address from a prefix known 227 to be unused, for example from a suitably chosen private address 228 range [RFC1918]. If no more suitable address is available, then a 229 router MAY use the IPv4 dummy address 192.0.0.8 as the source address 230 of the IMCPv4 packets that it sends. Note however that using the 231 same address on multiple routers may hamper debugging and fault 232 isolation, e.g., when using the "traceroute" utility. 234 4. Protocol encoding 236 This extension defines the v4-via-v6 AE, whose value is TBD. This AE 237 is solely used to tag network prefixes, and MUST NOT be used to tag 238 peers' addresses, eg. in Next-Hop or IHU TLVs. 240 This extension defines no new TLVs or sub-TLVs. 242 4.1. Prefix encoding 244 Network prefixes tagged with AE TBD MUST be encoded and decoded just 245 like prefixes tagged with AE 1 (IPv4), as described in Section 4.3.1 246 of [RFC8966]. 248 A new compression state for AE TBD (v4-via-v6) distinct from that of 249 AE 1 (IPv4) is introduced, and MUST be used for address compression 250 of prefixes tagged with AE TBD, as described in Section 4.6.9 of 251 [RFC8966] 253 4.2. Changes to existing TLVs 255 The following TLVs MAY be tagged with AE TBD: 257 * Update (Type = 8) 259 * Route Request (Type = 9) 261 * Seqno Request (Type = 10) 263 As AE TBD is suitable only for network prefixes, IHU (Type = 5) and 264 Next-Hop (Type = 7) TLVs MUST NOT be tagged with AE TBD. Such 265 (incorrect) TLVs MUST be ignored upon reception. 267 4.2.1. Update 269 An Update (Type = 8) TLV with AE = TBD is constructed as described in 270 Section 4.6.9 of [RFC8966] for AE 1 (IPv4), with the following 271 specificities: 273 * Prefix. The Prefix field is constructed according to Section 4.1 274 above. 276 * Next hop. The next hop is determined as described in Section 2.2 277 above. 279 4.2.2. Other TLVs 281 When tagged with the AE TBD, Route Request and Seqno Request updates 282 MUST be constructed and decoded as described in Section 4.6 of 283 [RFC8966], and the network prefixes contained within them decoded as 284 described in Section 4.1 above. 286 5. Backwards compatibility 288 This protocol extension adds no new TLVs or sub-TLVs. 290 This protocol extension uses a new AE. As discussed in Appendix D of 291 [RFC8966] and specified in the same document, implementations that do 292 not understand the present extension will silently ignore the various 293 TLVs that use this new AE. As a result, incompatible versions will 294 ignore v4-via-v6 routes. They will also ignore requests with AE TBD, 295 which, as stated in Section 2.3, are NOT RECOMMENDED. 297 Using a new AE introduces a new compression state, used to parse the 298 network prefixes. As this compression state is separate from other 299 AEs' states, it will not interfere with the compression state of 300 unextended nodes. 302 This extension reuses the next-hop state from AEs 2 and 3 (IPv6), but 303 makes no changes to the way it is updated, and therefore causes no 304 compatibility issues. 306 As mentioned in Section 2.1, ordinary IPv4 announcements are 307 preferred to v4-via-v6 announcements when the outgoing interface has 308 an assigned IPv4 address; doing otherwise would prevent routers that 309 do not implement this extension from learning the route being 310 announced. 312 6. IANA Considerations 314 IANA is requested to allocate a value (4 suggested) in the "Babel 315 Address Encodings" registry as follows: 317 +=====+===========+=================+ 318 | AE | Name | Reference | 319 +=====+===========+=================+ 320 | TBD | v4-via-v6 | (this document) | 321 +-----+-----------+-----------------+ 323 Table 1 325 7. Security Considerations 327 The extension defined in this document does not fundamentally change 328 the security properties of the Babel protocol. However, by allowing 329 IPv4 routes to be propagated across routers that have not been 330 assigned IPv4 addresses, it might invalidate the assumptions made by 331 some network administatoris, which could conceivably lead to security 332 issues. 334 For example, if an island of IPv4-only hosts is separated from the 335 IPv4 Internet by an area of routers that have not been assigned IPv4 336 addresses, a network administrator might reasonably assume that the 337 IPv4-only hosts are unreachable from the IPv4 Internet. This 338 assumption is broken if the intermediary routers implement the 339 extension described in this document, which might expose the 340 IPv4-only hosts to traffic from the IPv4 Internet. If this is 341 undesirable, the flow of IPv4 traffic must be restricted by the use 342 of suitable filtering rules (Appendix C of [RFC8966]) together with 343 matching packet filters in the data plane. 345 8. Acknowledgments 347 This protocol extension was originally designed, described and 348 implemented in collaboration with Theophile Bastian. Margaret Cullen 349 pointed out the issues with ICMP and helped coin the phrase "v4-via- 350 v6". The author is also indebted to Donald Eastlake, Toke Hoiland- 351 Jorgensen, and David Schinazi. 353 9. References 355 9.1. Normative References 357 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 358 Requirement Levels", BCP 14, RFC 2119, 359 DOI 10.17487/RFC2119, March 1997, 360 . 362 [RFC792] Postel, J., "Internet Control Message Protocol", STD 5, 363 RFC 792, DOI 10.17487/RFC0792, September 1981, 364 . 366 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 367 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 368 May 2017, . 370 [RFC8966] Chroboczek, J. and D. Schinazi, "The Babel Routing 371 Protocol", RFC 8966, DOI 10.17487/RFC8966, January 2021, 372 . 374 9.2. Informative References 376 [RFC0826] Plummer, D., "An Ethernet Address Resolution Protocol: Or 377 Converting Network Protocol Addresses to 48.bit Ethernet 378 Address for Transmission on Ethernet Hardware", STD 37, 379 RFC 826, DOI 10.17487/RFC0826, November 1982, 380 . 382 [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, 383 DOI 10.17487/RFC1191, November 1990, 384 . 386 [RFC1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G. 387 J., and E. Lear, "Address Allocation for Private 388 Internets", BCP 5, RFC 1918, DOI 10.17487/RFC1918, 389 February 1996, . 391 [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU 392 Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007, 393 . 395 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 396 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 397 DOI 10.17487/RFC4861, September 2007, 398 . 400 [RFC5549] Le Faucheur, F. and E. Rosen, "Advertising IPv4 Network 401 Layer Reachability Information with an IPv6 Next Hop", 402 RFC 5549, DOI 10.17487/RFC5549, May 2009, 403 . 405 Author's Address 407 Juliusz Chroboczek 408 IRIF, University of Paris 409 Case 7014 410 75205 Paris Cedex 13 411 France 413 Email: jch@irif.fr