idnits 2.17.1 draft-ietf-ngtrans-assgn-ipv4-addrs-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-26) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == Mismatching filename: the document gives the document name as 'draft-ietf-ngtrans-assgn-ipv4-00', but the file name used is 'draft-ietf-ngtrans-assgn-ipv4-addrs-01' == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 18 longer pages, the longest (page 2) being 66 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 18 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 8 instances of too long lines in the document, the longest one being 5 characters in excess of 72. == There are 9 instances of lines with non-RFC2606-compliant FQDNs in the document. == There are 2 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: The Client MUST not assume it can use the IPv4 Global Address until it has received a corresponding Reply to the Client Request, which is required for a Reconfigure Message too as specified in section 7.2. == Couldn't figure out when the document was first submitted -- there may comments or warnings related to the use of a disclaimer for pre-RFC5378 work that could not be issued because of this. Please check the Legal Provisions document at https://trustee.ietf.org/license-info to determine if you need the pre-RFC5378 disclaimer. -- The document date (January 1999) is 9233 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '12' is defined on line 821, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (ref. '3') (Obsoleted by RFC 8200) == Outdated reference: A later version (-28) exists of draft-ietf-dhc-dhcpv6-13 -- No information found for draft-ietf-dhc-dhcpv6ext - is the name correct? -- Possible downref: Normative reference to a draft: ref. '5' -- Possible downref: Non-RFC (?) normative reference: ref. '7' -- Possible downref: Non-RFC (?) normative reference: ref. '8' ** Obsolete normative reference: RFC 2065 (ref. '10') (Obsoleted by RFC 2535) ** Obsolete normative reference: RFC 2137 (ref. '11') (Obsoleted by RFC 3007) ** Downref: Normative reference to an Informational RFC: RFC 2185 (ref. '12') == Outdated reference: A later version (-08) exists of draft-ietf-ngtrans-siit-03 -- Possible downref: Non-RFC (?) normative reference: ref. '18' ** Obsolete normative reference: RFC 2462 (ref. '19') (Obsoleted by RFC 4862) ** Obsolete normative reference: RFC 2373 (ref. '20') (Obsoleted by RFC 3513) Summary: 14 errors (**), 0 flaws (~~), 12 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Jim Bound 3 NGTRANS Tools Working Group Compaq Computer Corp 4 Obsoletes draft-ietf-ngtrans-assgn-ipv4-00.txt January 1999 6 Assignment of IPv4 Global Addresses to IPv6 Hosts (AIIH) 8 10 Status of this Memo 12 This document is a submission by the Next Generation Transition 13 Working Group of the Internet Engineering Task Force (IETF). 14 Comments should be submitted to the ngtrans@sunroof.eng.sun.com 15 mailing list. 17 This document is an Internet-Draft. Internet-Drafts are working 18 documents of the Internet Engineering Task Force (IETF), its 19 areas, and its working groups. Note that other groups may also 20 distribute working documents as Internet-Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six 23 months and may be updated, replaced, or obsoleted by other 24 documents at any time. It is inappropriate to use Internet- 25 Drafts as reference material or to cite them other than as 26 "work in progress." 28 To view the entire list of current Internet-Drafts, please check 29 the "1id-abstracts.txt" listing contained in the Internet-Drafts 30 Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net 31 (Europe), munnari.oz.au (Pacific Rim), ftp.ietf.org (US East 32 Coast), or ftp.isi.edu (US West Coast). 34 Distribution of this memo is unlimited. 36 Abstract 38 The initial deployment of IPv6 will require a tightly coupled use of 39 IPv4 addresses to support the interoperation of IPv6 and IPv4. Nodes 40 will be able to be deployed with IPv6 addresses, but will still need 41 to communicate with IPv4 nodes that do not have a dual IP layer 42 supporting both IPv4 and IPv6. This specification defines a 43 mechanism called Assignment of IPv4 Global Addresses to IPv6 Hosts 44 (AIIH), which will assign an IPv6 Host a temporary IPv4 Global 45 Address, which can be used to communicate with a Host that supports 46 IPv4 or IPv4/IPv6. An objective of this specification is to avoid 47 the use of address translation for the deployment of IPv6 in a 48 network. Another objective is to demonstrate that IPv6 Addresses can 49 be deployed now instead of non-Global IPv4 Addresses within an 50 Intranet. 52 Table of Contents: 54 1. Introduction.................................................3 55 2. Terminology..................................................4 56 2.1 IPv6 AIIH Terminology.......................................4 57 2.2 Specification Language......................................5 58 3. AIIH Design Model ...........................................6 59 3.1 AIIH DHCPv6/DNS Server......................................6 60 3.2 AIIH Network Configuration Intranet to Internet Taxonomy....6 61 3.3 Accessing Hosts Services within an IPv6 Intranet............7 62 3.4 IPv6 Communications over the Internet with IPv4 Tunnels.....8 63 4. Requesting an IPv4 Global Address............................8 64 5. IPv4 Query for an IPv6 Host..................................8 65 5.1 Reaching the Intranet Primary DNS Server....................8 66 5.2 Getting the A Record Query to the AIIH Server...............9 67 6. AIIH Server Processing.......................................9 68 6.1 AIIH DNS Query and DHCPv6 Processing.......................10 69 6.2 AIIH DHCPv6 Client IPv4 Global Address Requests............11 70 6.3 Cleaning up the AIIH IPv4 Assigned Address.................11 71 6.3 Conceptual Model of an AIIH Server Implementation..........11 72 7. AIIH DHCPv6 Requirements....................................11 73 7.1 DHCPv6 IPv4 Global Address Extension.......................11 74 7.2 AIIH Server Processing of an IPv4 Global Address Extension.12 75 7.3 AIIH Client Processing of an IPv4 Global Address Extension.13 76 8. Security Considerations.....................................13 77 9. Year 2000 Considerations....................................14 78 Appendix A - Open Issues.......................................14 79 Appendix B - Draft Changes and Rationale History...............15 80 Acknowledgments................................................17 81 References.....................................................17 82 Authors' Address...............................................18 83 1. Introduction 85 The initial deployment of IPv6 will require a tightly coupled use of 86 IPv4 addresses to support the interoperation of IPv6 and IPv4. Nodes 87 will be able to be deployed with IPv6 addresses, but will still need 88 to communicate with IPv4 nodes that do not have a dual IP layer 89 supporting both IPv4 and IPv6. This specification defines a 90 mechanism called Assignment of IPv4 Global Addresses to IPv6 Hosts 91 (AIIH), which will assign an IPv6 Host a temporary IPv4 Global 92 Address, which can be used to communicate with a Host that supports 93 IPv4 or IPv4/IPv6. An objective of this specification is to avoid 94 the use of address translation for the deployment of IPv6 in a 95 network. Another objective is to demonstrate that IPv6 Addresses can 96 be deployed now instead of non-Global IPv4 Addresses within an 97 Intranet. 99 AIIH uses the DNS [1,2] mechanisms to resolve a query for an IPv6 100 Host name from an IPv4 stack that wants to communicate with the IPv4 101 stack of an IPv6 Host that supports both IPv6 and IPv4. The IPv6 102 Host that is the object of such a query will be assigned a temporary 103 IPv4 Global Address, thru DHCPv6 [4], and the IPv4 Host performing 104 the query will receive the IPv4 address assigned to the IPv6 Host in 105 a DNS query response. Communications between the two Hosts can then 106 begin directly without any intermediate nodes performing Network 107 Address Translation [14] or Application Level Gateway [7] functions. 109 AIIH also permits IPv6 Hosts to request IPv4 Global Addresses thru 110 the new DHCPv6 Extension [5] defined in this specification (section 111 7). This new Extension will also provide the Host with the IPv4 or 112 IPv6 Tunnel End Point to be used to encapsulate an IPv4 packet [15] 113 to reach an IPv4 or IPv4/IPv6 router. 115 The reason for this specification is that users deploying IPv6 will 116 not want (and most likely will not be able) to assign IPv4 addresses 117 to IPv6 nodes as they are deployed into their site, because IPv4 118 addresses are a rare commodity. But, IPv6 Hosts will still need to 119 communicate with IPv4 Hosts within an Intranet and across the 120 Internet. The AIIH mechanisms provide a means to avoid address 121 translation in a network for IPv6 Hosts that support a dual IPv4/IPv6 122 network layer [15]. 124 The specification will begin by defining the terminology (section 2), 125 then discuss the AIIH design model (section 3), then define the 126 mechanism for an IPv6 Host to request an IPv4 address (section 4), 127 then define the mechanism used for an IPv4 node to query an IPv6 node 128 (section 5), then discuss the AIIH Server processing to support this 129 mechanism (section 6), and completes the mechanism by defining the 130 DHCPv6 Extension needed to assign a temporary IPv4 address to an IPv6 131 node (section 7). The specification then discusses Security (section 132 8) and Year 2000 considerations (section 9). Appendix A will discuss 133 Open Issues that need to be discussed in the ngtrans Tools Working 134 Group, and maintain the state of Open Issues as STILL OPEN, RESOLVED, 135 or PARTIALLY RESOLVED during the draft updates to AIIH. Appendix B 136 will keep a historical account of changes to the draft and rationale 137 for those changes as they occur, and maintain consistence with the 138 Open Issues in Appendix A. 140 2. Terminology 142 2.1 IPv6 AIIH Terminology 144 IPv6 Protocol Terms: See [3] 146 IPv6 Transition Terms: See [15] 148 DHCPv6 Terms: See [4,5] 150 AIIH Server: A Server that supports DNS [2] and DHCPv6 [4,5] 151 and communications between DNS and DHCPv6, which 152 is implementation defined. See sections 4, 5 153 and 6. 155 IPv4 Global Address: An IPv4 address that is globally routable on 156 the Internet. 158 2.2 Specification Language 160 In this document, several words are used to signify the requirements 161 of the specification, in accordance with RFC 2119 [9]. These words 162 are often capitalized. 164 MUST This word, or the adjective "required", means that 165 the definition is an absolute requirement of the 166 specification. 168 MUST NOT This phrase means that the definition is an absolute 169 prohibition of the specification. 171 SHOULD This word, or the adjective "recommended", means 172 that there may exist valid reasons in particular 173 circumstances to ignore this item, but the full 174 implications must be understood and carefully 175 weighed before choosing a different course. 176 Unexpected results may result otherwise. 178 MAY This word, or the adjective "optional", means that 179 this item is one of an allowed set of alternatives. 180 An implementation which does not include this option 181 MUST be prepared to interoperate with another 182 implementation which does include the option. 184 silently discard 185 The implementation discards the packet without 186 further processing, and without indicating an error 187 to the sender. The implementation SHOULD provide 188 the capability of logging the error, including the 189 contents of the discarded packet, and SHOULD record 190 the event in a statistics counter. 192 3. AIIH Design Model 194 The design model provides two mechanism to assign an IPv6 Host an 195 IPv4 address. The first mechanism is for the Host to request an IPv4 196 address that is globally routable, and the second is for an AIIH 197 Server to assign an IPv6 Host a globally routable IPv4 address using 198 the DHCPv6 Reconfigure Message. The assumption in this specification 199 is that a site has a certain number of IPv4 Global Addresses, which 200 can be assigned within their enterprise on a temporary basis for use 201 by Hosts in the site. The design model also assumes the site has an 202 IPv4/IPv6 router in the site that is used to send and receive packets 203 over the Internet. 205 For an IPv6 Host to participate in the AIIH mechanism it MUST have a 206 dual IP layer, supporting both an IPv4 and IPv6 stack. This 207 specification makes the assumption that for IPv6 initial deployment 208 Host nodes will not ship an IPv6-only stack implementation. For 209 embedded system type nodes that support only an IPv6 stack AIIH 210 cannot be a solution. 212 3.1 AIIH DHCPv6/DNS Server 214 The AIIH Server supports a co-located DHCPv6 and DNS Server and other 215 implementation defined software functions. The AIIH server 216 configuration files and database is not defined in this 217 specification. There can be one or many AIIH Servers on an Intranet 218 and how they maintain consistency and Tunnel End Point configurations 219 for IPv6 links is implementation defined. 221 3.2 AIIH Network Configuration Intranet to Internet Taxonomy 223 The design model supports the following network configuration abstraction: 225 Host X ----------------------- Router Y ------------------- Host Z 226 (Intranet) (Intranet & Internet) (Intranet) 228 Host X represents an IPv4/IPv6 implementation, that has an 229 IPv6 address. The IPv6 addresses is denoted as X6. 231 Router Y represents an IPv4/IPv6 implementation that has both 232 an IPv4 Global and IPv6 Address. The IPv4 address is denoted as 233 Y4 and the IPv6 address is denoted as Y6. 235 Host Z represents an IPv4 or IPv4/IPv6 implementation that has 236 an IPv4 Global Address, and MAY have an IPv6 Address. The IPv4 237 address is denoted as Z4 and if an IPv6 address exists it is 238 denoted as Z6. 240 For Host X to communicate with Host Z4 it must perform several 241 operations: 243 1. Obtain an IPv4 Global Address denoted by X4, from an AIIH 244 Server. 245 2. Send the packet to Y4 or Y6 so it can be routed to Z4. This can 246 be accomplished in several manners from the information 247 provided by the new DHCPv6 IPv4 Global Address Extension 248 (section 7) sent to X6: 250 2.1 If the Tunnel End Point is an IPv4-Compatible [20] 251 address then encapsulate IPv4 packets to Z4 within 252 IPv4 to reach Y4 [14]. 254 2.2 If the Tunnel End Point is an IPv6 Address then 255 encapsulate IPv4 packets to Z4 within IPv6 to reach 256 Y6 [13], this means an IPv4/IPv6 interim router exists 257 between X4 and Y6. 259 2.3 If the Tunnel End Point is zero (not present) then 260 it is assumed that the router on X4's LAN can route 261 IPv4 Global Addresses to Y4 within the site. This 262 means the site has an IPv4 Global Address backbone 263 at least for routability to Y4. 265 For Y4 to communicate with X4, upon receiving packets from 266 Z4 for X4 several options exist: 268 1. When Y4 received an IPv4 or encapsulated packet from 269 2.1 above then it MUST maintain that route to X4 270 from that IPv4 address and either encapsulate the 271 IPv4 packet to X4 or send it directly to the interim 272 router that can reach X4. 274 2. When Y4 received an IPv6 packet from X4 in 2.2 above 275 it MUST maintain a tunnel route to the IPv6 address 276 from which it received the X4 packet. 278 3. When Y4's site has an IPv4 Global Address backbone 279 routable network in place, Y4 uses normal routing 280 mechanisms to forward the packet to X4. 282 3.3 Accessing Hosts Services within an IPv6 Intranet 284 When Z4 wants to communicate with an application service on X4, the 285 mechanisms defined in section 5 will accomplish this task. For this 286 type of service Y4 and X4 MUST be able to communicate by way of an 287 IPv4 Global Address backbone network within the Site to X4. Section 288 5 also discusses Hosts within the Intranet accessing X4, when an IPv4 289 Global Address is used for that communications. 291 If the site is using non-Global IPv4 Addresses as a network topology 292 [17] for Intranet communications, Host X can obtain that address from 293 an IPv4 DHCPv4 Server [16] using X's IPv4 implementation and such 294 addresses are denoted as X4P (for IPv4 private address) and are only 295 used for site Intranet communications. 297 3.4 IPv6 Communications over the Internet with IPv4 Tunnels 299 AIIH could be used to communicate with IPv6 Hosts across the Internet 300 by X6 tunneling IPv6 packets in IPv4 to Y4, which would be delivered 301 to the network domain at Z. At Z's network the IPv4 packet would be 302 decapsulated and the IPv6 packet would be delivered to Z6. This 303 would add significant mechanisms to this specification and a possible 304 extension for future work around AIIH. But it is noted here now for 305 consistency, and as a possible future work item. 307 4. Requesting an IPv4 Global Address 309 An IPv4/IPv6 Host can request an IPv4 Global Address by using the 310 IPv4 Global Address Extension defined in section 7. The IPv4/IPv6 311 Host MUST support DHCPv6 [4] and the DHCPv6 Extensions [5]. The 312 Requests/Response Model of DHCPv6 will process this new extension as 313 any other extension. There is no need to define a new message type 314 for DHCPv6 for this processing or add to the DHCPv6 protocol. 316 Once the Host has obtained an IPv4 Global Address it SHOULD NOT 317 update DNS to reflect an A type or PTR type record for this address. 318 The reason is that the intent is to provide a Host with this 319 temporary address to use for communications with an IPv4 node. Once 320 the reason for obtaining an IPv4 Global Address has been satisfied 321 the Host MUST Release this IPv4 Global Address from the AIIH DHCPv6 322 Server implementation. 324 When an IPv4/IPv6 Host receives an IPv4 Global Address either from a 325 Request as a Client DHCPv6 Host or from an AIIH Server Reconfigure 326 Message as defined in section 6, the Host MUST create any necessary 327 configured tunnels using the Tunnel End Point address provided by the 328 AIIH DHCPv6 Server in an implementation defined manner. See section 329 7 for additional requirements for processing the DHCPv6 IPv4 Global 330 Address Extension. 332 5. IPv4 Query for an IPv6 Host 334 AIIH supports IPv4 DNS queries from the Internet or within an 335 Intranet to establish communications with an IPv6 Host. An IPv4 Host 336 will not necessarily know that it is trying to establish 337 communications with an IPv6 Host. The IPv4 Host will communicate 338 with the IPv6 Host by first obtaining an IPv4 Global Address for the 339 IPv6 node as it does for any other node (e.g. gethostbyname API). 341 5.1 Reaching the Intranet Primary DNS Server 343 The IPv4 DNS query will reach the Primary DNS Name Server for the 344 IPv6 Host. It is implementation defined how the DNS query passes 345 thru a domains Firewall [7] to reach the IPv6 nodes Primary DNS 346 Server. This is a per user policy that is beyond the scope of this 347 specification. 349 5.2 Getting the A Record Query to the AIIH Server 351 When the Primary DNS Server for the IPv6 node receives the IPv4 Hosts 352 query, it will do a DNS search for that IPv6 Host and find that there 353 is an Authoritative DNS Server for that specific DNS A record, which 354 represents an IPv6 Host. That DNS Server will be one part of the 355 AIIH Server software. After the AIIH DHCPv6 Server assigns the IPv6 356 node a temporary IPv4 Global Address, the AIIH DNS Server will 357 respond to the original IPv4 DNS query authoritatively with an IPv4 358 Global Address for the IPv6 Host or return Host Not Found. 360 For Example: 362 IPv4 node "v4host.abc.com" queries for "v6host1.xyz.com" 364 Query reaches Primary DNS Server for "v6host1.xyz.com". 366 ----------- 367 xyz.com. IN SOA primary.xyz.com. etc etc. 368 . 369 . 370 xyz.com IN NS primary.xyz.com 371 aiih.xyz.com IN NS v6trans.aiih.xyz.com 372 . 373 . 374 primary.xyz.com IN A 202.13.12.6 375 v6trans.aiih.xyz.com IN A 202.13.12.8 376 . 377 . 378 . 379 v6host1.xyz.com IN CNAME v6host1.aiih.xyz.com 380 v6host2.xyz.com IN CNAME v6host2.aiih.xyz.com 381 v6host3.xyz.com IN CNAME v6host3.aiih.xyz.com 383 DNS query will end up going to the authoritative server 384 v6trans.aiih.xyz.com looking for v6host1.aiih.xyz.com. This permits 385 the AIIH Server to now process a request for an IPv4 Global Address 386 for an IPv6 Host that had no IPv6 DNS AAAA Record [18]. 388 6. AIIH Server Processing 390 The AIIH Server is an implementation where DNS, DHCPv6, and 391 communications between those two applications exists. These 392 applications MAY be co-located on the same Host, but that is not a 393 requirement of this specification. How DNS and DHCPv6 communicate is 394 implementation defined. The AIIH Server SHOULD support the following 395 operations: 397 1. Act as the Authoritative DNS Name Server for a set of IPv6 398 Hosts that can be queried for IPv4 Global Addresses. 400 2. Communications between the AIIH DNS server and the AIIH DHCPv6 401 Server. 403 3. An AIIH DHCPv6 Server that can maintain a pool of IPv4 Global 404 Addresses in an implementation defined manner. 406 4. An AIIH DHCPv6 Server that can maintain Tunnel End Points for 407 IPv6 Links in an implementation defined manner. 409 5. An AIIH DHCPv6 Server to process DNS AIIH IPv6 Host DNS queries, 410 and Reconfiguring IPv6 Hosts to assign IPv4 Global Addresses to 411 their interfaces. 413 6. Support DHCPv6 Client's requesting IPv4 Global Addresses. 415 7. Dynamically Updating DNS with an IPv4 Global Address for 416 an IPv6 Host that supports IPv4/IPv6. 418 An AIIH Server MUST support a dual IPv4/IPv6 network layer and 419 implementation of IPv4/IPv6. 421 6.1 AIIH DNS Query and DHCPv6 Processing 423 Once the AIIH DNS finds the IPv6 Host (v6host1.xyz.com) being queried 424 the AIIH DNS requests from its corresponding AIIH DHCPv6 Server to 425 assign an IPv4 Global Address to the IPv6 Host being queried. 427 The AIIH DHCPv6 Server will look within its pool of IPv4 Global 428 Addresses for an address and if a Tunnel End Point address is 429 required for the IPv6 Host to reach the router (Y4) to route packets 430 onto the Internet. If an address is available the DHCPv6 Server will 431 send a DHCPv6 Reconfigure Message to the IPv6 node to temporarily 432 assign the node an IPv4 Global Address (see section 7). 434 Once the AIIH DHCPv6 server is certain that the IPv6 Host has 435 assigned the address to an interface, the AIIH DHCPv6 Server responds 436 back to the corresponding AIIH DNS Server with the IPv4 Global 437 Address assigned to the IPv6 Host being queried (v6host1.xyz.com), or 438 that an address could not be assigned to this IPv6 Host. 440 The AIIH DNS Server will now respond to the IPv4 DNS Query (Z4) as 441 the Authoritative DNS Name Server with an address or Host not found. 443 The AIIH DHCPv6 Server MAY send a dynamic update to DNS [6] to add an 444 A type record to the Primary DNS Server, where the query came from to 445 the AIIH DNS Server. The Time-To-Live (TTL) field in the update MUST 446 NOT be set to be greater than the valid lifetime for the IPv4- 447 Compatible address in the DHCPv6 Extension provided to the DHCPv6 448 Client. It is highly recommended that the DNS not be updated with an 449 A record for the IPv6 Host, unless that IPv6 Host provides a 450 permanent IPv4 Application service needed by IPv4 Hosts. 452 6.2 AIIH DHCPv6 Client IPv4 Global Address Requests 454 An AIIH DHCPv6 Server will receive DHCPv6 Requests for IPv4 Global 455 Addresses from IPv6 Host's. The AIIH DHCPv6 Server will determine if 456 an address is available and assign the address to the DHCPv6 Client 457 as specified in section 7 of this specification. 459 A DHCPv6 Client MUST NOT dynamically update DNS with an A record for 460 an IPv4 Global Address it has been assigned. All updates to DNS MUST 461 be done by the AIIH DHCPv6 Server. A DHCPv6 Client MAY request an 462 that an address it has been assigned be added to the DNS, but as 463 stated in section 6.1 this behavior is discouraged unless the Client 464 perceives that an application it is providing will be of a permanent 465 nature for IPv4 Hosts, as opposed to a transient need for an IPv4 466 Global Address from the AIIH DHCPv6 Server. 468 6.3 Cleaning up the AIIH IPv4 Assigned Address 470 Once the IPv4 address expires the DHCPv6 Server will permit the IPv4 471 address to be reused. But before the address can be reused the 472 DHCPv6 Server MUST delete the IPv4 address from the Primary DNS 473 Server, thru the Dynamic Updates to DNS mechanism, if an A record was 474 added to the relative Primary DNS Server. 476 6.3 Conceptual Model of an AIIH Server Implementation 478 A conceptual model (not part of this specification) for the AIIH DNS 479 Server and DHCPv6 Server to communicate could be a number of 480 mechanisms that support interprocess communications between two 481 processes (e.g. Threads, Local Domain Sockets, Shared Memory). The 482 IPv4 pool of addresses maintained by the DHCPv6 server is 483 implementation defined how that is obtained and configured as is 484 specified for IPv6 addresses in DHCPv6. Once the IPv4 address is 485 assigned it can be kept as part of the IPv6 nodes binding entry on 486 the DHCPv6 Server as other configuration data is specified in DHCPv6. 488 7. AIIH DHCPv6 Requirements 490 The AIIH DHCPv6 processes will use the DHCPv6 protocol and extensions 491 to communicate between the AIIH DHCPv6 Server and the DHCPv6 Client. 492 A new extension is required for DHCPv6 (section 7.1) to support AIIH. 493 But there are some additional requirements placed on the AIIH 494 processes that are not specific to the DHCPv6 protocol, but as 495 transition and interoperation mechanisms for the IPv6 Hosts. 497 7.1 DHCPv6 IPv4 Global Address Extension 499 The DHCPv6 IPv4 Global Address Extension informs a DHCPv6 500 Server or Client that the IPv6 Address Extension [5] following this 501 extension will contain an IPv4-Compatible Address [20], or is a Request 502 for an IPv4 Global Address from a Client, or a Reply assigning a Global 503 IPv4 Address to a Client from a Server. The extension can also 504 provide an IPv4-Compatible or IPv6 address to be used as the Tunnel 505 End Point to encapsulate an IPv6 packet within IPv4, or an IPv4 506 packet within IPv6. 508 0 1 2 3 509 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 510 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 511 | Type | Length | 512 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 513 | Tunnel End Point | 514 | (If Present) | 515 | (16 octets) | 516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 518 Type: TBD 519 Length: 0 or 16 520 Tunnel End Point: IPv6 Address if Present 522 An IPv4 Global Address Extension MUST only apply to the extension 523 following and not to any additional extensions in the DHCPv6 524 protocol. 526 7.2 AIIH Server Processing of an IPv4 Global Address Extension 528 When a DHCPv6 Server receives an IPv4 Global Address Extension it 529 MUST assume that the next extension in a DHCPv6 Request or Release 530 Message; the Client is either Requesting an IPv4 Global Address or 531 Releasing an IPv4 Global Address. If an address is present in either 532 of these messages it will be in the form of an IPv4-Compatible 533 Address. 535 When a DHCPv6 Server sends a Client a Reconfigure Message to assign 536 an IPv4 Global Address to an interface the Server MUST NOT set the 537 "N" bit in the Reconfigure Message, so the Client performs the 538 necessary Request/Reply DHCPv6 processing to obtain the address from 539 the Server. The Server MUST NOT assume that the Client has assigned 540 the address to an interface until it has sent the corresponding Reply 541 to the Client. 543 The Server will no a priori the IPv6 routable address, when sending a 544 Reconfiguration Message, of a Client within the Intranet, and should 545 use that address with its own IPv6 address as the transaction binding 546 cache until the DHCPv6 Client/Server protocol processing has 547 completed. 549 The Server will look in its implementation defined IPv4 Global 550 Address configuration to determine if a Tunnel End Point is required 551 for a specific IPv6 Address Prefix. If that is the case the Server 552 will put the address for the Tunnel End Point in the IPv4 Global 553 Address Extension. If the Tunnel End Point address is an IPv4 554 address the Server will put that address in the extension as an 555 IPv4-Compatible address. 557 7.3 AIIH Client Processing of an IPv4 Global Address Extension 559 When a DHCPv6 Client receives an IPv4 Global Address Extension it 560 MUST assume that the next extension in a DHCPv6 Reconfigure or Reply 561 Message; the Server is either assigning an IPv4 Global Address or 562 supplying an IPv4 Global Address. The address present in either of 563 these messages will be in the form of an IPv4-Compatible Address. 565 When the Client supplies an IPv4 Global Address as a Request or 566 Release it MUST represent that address as an IPv4-Compatible Address. 568 The Client MUST not assume it can use the IPv4 Global Address until 569 it has received a corresponding Reply to the Client Request, which is 570 required for a Reconfigure Message too as specified in section 7.2. 572 Once the Client is assured it can use the IPv4 Global Address it can 573 perform the following operations: 575 1. In an implementation defined manner the Client MUST assign the 576 address to an interface, supporting the Client's IPv4 stack 577 implementation. 579 2. In an implementation defined manner the Client MUST create an entry 580 as an IPv4-Compatible Address supporting the processing required 581 for an IPv6 address regarding the valid and preferred lifetimes 582 as specified in IPv6 Addrconf [19]. Once the IPv4-Compatible 583 address valid lifetime expires the IPv4 address MUST be deleted 584 from the respective interface and a DHCPv6 Release Message 585 MUST be sent to the AIIH DHCPv6 Server to delete the IPv4 Global 586 Address from the Servers bindings. 588 3. If a Tunnel End Point address is provided in the IPv4 Global 589 Address Extension, the Client MUST create a configured tunnel 590 to the Tunnel End Point address, in an implementation defined 591 manner. If the Tunnel End Point address is an IPv4-Compatible 592 address then the encapsulation is IPv4 within IPv4, if the 593 Tunnel End Point is an IPv6 address then the encapsulation 594 is IPv6 in IPv4. These encapsulation mechanisms are defined 595 in other IPv6 specifications [13, 15]. 597 8. Security Considerations 599 The AIIH mechanism can use all the defined security specifications 600 for each functional part of the operation. For DNS the DNS Security 601 Extensions/Update can be used [10, 11], for DHCPv6 the DHCPv6 602 Authentication Message can be used [5], and for communications 603 between the IPv6 node, once it has an IPv4 address, and the remote 604 IPv4 node, IPSEC [8] can be used as AIIH does not break secure end- 605 to-end communications at any point in the mechanism. 607 9. Year 2000 Considerations 609 There are no Year 2000 issues in this specification. 611 Appendix A - Open Issues 613 - Need to add Examples for the new A6 Record types and how 614 AAAA records can be used initially and references. 616 OPEN 1/99 618 - Should use new Basic API terms for APIs. 620 OPEN 1/99 622 - Need to add references for IPsec. 624 OPEN 1/99 626 - Need to change references for DNS SEC esp solutions 627 for Dynamic Updates to DNS. 629 OPEN 1/99 631 - Need to look at issues for TCP TIME_WAIT state and other 632 issues of addresses timing out. 634 OPEN 1/99 636 - Need to add words to the design objective of preserving the 637 end-to-end model for IPv6. 639 OPEN 1/99 641 - The draft does not speak of PTR records for the IPv6 node 642 A record once its created. But its only useful during the 643 lifetime of the assigned IPv4 address. 645 STILL OPEN 3/98 Draft. Closed - New A6 Records 647 - RFC 1183 RT Record is Experimental and there is some concern 648 its obsolete. Though some implementations still support some 649 code for the RT record. Also the Route Through semantics 650 specified may need to strongly state the query is passed thru 651 to the AIIH server. This needs to be discussed. 653 RESOLVED 3/98 Draft RT record deprecated. 655 - The Primary Server must look for the IPv6 node A record first 656 before finding the RT record. This needs to be verified 657 as an implementation issue. 659 RESOLVED 3/98 Draft - Use CNAME Records. 661 - When the AIIH Server responds to the query it may not be 662 authoritative. This needs to be verified and checked. 664 RESOLVED 3/98 Draft - Use CNAME Records and AIIH Server will 665 be authoritative for the AIIH ZONE. 667 - Use of TTL for DNS Caches can cause problems for existing IPv4 668 applications that cache IPv4 addresses. 670 PARTIALLY RESOLVED - 3/98 Draft do not update DNS unless 671 application will be permanent as opposed to transient. 672 But TTL's that are updated still need some thought for 673 legacy applications. This also points to possibly adding 674 new fields to the hostent structure which will at least 675 help new IPv6 applications and legacy IPv4 applications 676 to change to act in a well behaved manner. 678 - Specification needs a design example to get packets from 679 the IPv6 node to an egress IPv4 router. 681 PARTIALLY RESOLVED - 3/98 Draft added Design Section discussing 682 tunneling mechanisms to be used and added Tunnel End Point address 683 supplied by the AIIH DHCPv6 Server. Still needs more discussion. 685 - NNAT name does not state what the specification does. 687 RESOLVED - 3/98 Draft changed name to AIIH. 689 Appendix B - Draft Changes and Rationale History 691 Prior to January 1999: 693 - Changed the name of the draft from NNAT to AIIH. This also 694 was done to prevent any perceived antagonism towards the NAT 695 IETF work, which is not an objective of this work. 697 - Changed the Introduction to be more descriptive of the task 698 at hand. 700 - Added IPv4 Global Address definition to terminology section. 702 - Added tunnel routability discussion to Design Model and a 703 diagram abstraction to be used by the specification as 704 a point of reference. 706 - Added to the architecture the ability for an IPv6 node to 707 request an IPv4 Global Address from an AIIH DHCPv6 Server. 708 This will permit AIIH to not only be useful for incoming 709 IPv4 Host communications with IPv6 Hosts but also for outgoing 710 IPv4 communications to the Internet from IPv6 Hosts and for 711 Intranet enterprise communications between an IPv6 Host and 712 IPv4 Host. 714 - Hinted that AIIH could be used in future work to define 715 the capability for two IPv6 Hosts separated by an IPv4 cloud to 716 to communicate thru tunnels, like thru a production 6bone 717 network on the Internet. 719 - Added new section to define how an IPv6 Host can request 720 an IPv4 Global Address. 722 - Defined new mechanism for DNS query processing when an IPv6 723 Host is looked for from an IPv4 Host, thru the use of CNAME 724 and NS records. This also permits IPv4 Host Intranet queries 725 too now. 727 - New text clarifying that within the Intranet processing AIIH 728 must only be used with IPv4 Global Addresses and Private 729 IPv4 addresses should be retrieved from DHCPv4, via the IPv6 730 Hosts IPv4 stack. 732 - Added new text defining the AIIH Server and the interaction 733 with DHCPv6 and DNS applications. Also further refined the 734 requirements of the AIIH Server model. 736 - Expanded the section on the new DHCPv6 Section defining the 737 required Server and Client behavior. Added support to permit 738 AIIH to be used for Intranet and Internet communications from 739 within the site. 741 - Changed the DHCPv6 Extension for IPv4 Global Addresses to 742 make it an extension which defines the next extension to 743 be a request for AIIH processing relative to DHCPv6. 745 - Added a Tunnel End Point address to the new extension so 746 IPv6 Hosts can configure tunnels to communicate with the 747 egress router to transmit or reply with IPv4 on the Internet 748 or within the Intranet. 750 - Defined the AIIH side affect requirements for IPv6 Hosts using 751 this mechanism with DHCPv6. 753 - Updated and added to the Acknowledgment and References Section. 755 - Updated the Open Issues from December 1997 draft and noted 756 the status of each issue as STILL OPEN, RESOLVED, or PARTIALLY 757 RESOLVED. 759 - Updated the Changes from this draft. 761 January 1999: 763 - Updated References. 765 - Fixed Edit Issues 767 - Added new Open Issues. 769 - Removed all terms of NNAT except for History. 771 Acknowledgments 773 The author would like to thank Erik Nordmark for spending time 774 reviewing with him this idea and suggesting the use of the DHCPv6 775 Reconfigure Message, Richard Johnson for suggesting the use of the 776 DNS CNAME Record, and Robert Watson who suggested that the AIIH 777 DHCPv6 and DNS Server be co-located. George Tsirtsis who suggested 778 using AIIH to assign IPv4 Global Addresses to IPv6 Hosts in general. 779 Richard Draves and Jack McCann who have provided many helpful 780 technical suggestions, and the NGTRANS working group for taking the 781 time to work on AIIH. 783 References 785 [1] Mockapetris, P., "Domain Names - Concepts and Facilities", STD 786 13, RFC 1034, USC/Information Sciences Institute, November 1987. 788 [2] Mockapetris, P., "Domain Names - Implementation and Specifica- 789 tion", STD 13, RFC 1035, USC/Information Sciences Institute, 790 November 1987. 792 [3] S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) 793 Architecture", RFC 2460, December 1998. 795 [4] J. Bound and C. Perkins. Dynamic Host Configuration Protocol 796 for IPv6. draft-ietf-dhc-dhcpv6-13.txt March 1998 (work 797 in progress). 799 [5] C. Perkins. Extensions for the Dynamic Host Configuration 800 Protocol for IPv6. draft-ietf-dhc-dhcpv6ext-10.txt March 801 1998. (work in progress). 803 [6] P. Vixie, S. Thomson, Y. Rekhter, and J. Bound. Dynamic Updates 804 to the Domain Name System (DNS). RFC 2136, April 1997. 806 [7] William R. Cheswick and Steven Bellovin. Firewalls and Internet 807 Security. Addison-Wesley, Reading, MA 1994 (ISBN: 808 0-201-63357-4). 810 [8] IPSEC - This needs to include the Arch, Auth, and ESP specs. 812 [9] S. Bradner. Key words for use in RFCs to indicate Requirement 813 Levels. RFC 2119, March 1997. 815 [10] D. Eastlake and C. Kaufman. Domain Name System Security 816 Extensions. RFC 2065, January 1997. 818 [11] D. Eastlake. Secure Domain Name System Dynamic Update. 819 RFC 2137, April 1997. 821 [12] R. Callon and D. Haskins. Routing Aspects Of IPv6 Transition 822 RFC 2185, September 1997. 824 [13] A. Conta and S. Deering. Generic Packet Tunneling in IPv6. 825 RFC 2473, December 1998. 827 [14] E. Nordmark. Stateless IP/ICMP Translator (SIIT) 828 draft-ietf-ngtrans-siit-03.txts, November 1998 829 (work in progress) 831 [15] R. Gilligan and E. Nordmark. Transition Mechanisms for IPv6 832 Hosts and Routers. draft-ietf-ngtrans-trans-mech-01.txt, 833 August 1998 (work in progress). 835 [16] R. Droms. Dynamic Host Configuration Protocol. 836 RFC 2131, March 1997. 838 [17] Rekhter, Moskowitz, Karrenburg, Groot. Address Allocation 839 for Private Networks. RFC 1918. February 1996. 841 [18] This needs to reflect the new DNS work for IPv6. 843 [19] Thomson, Narten. IPv6 Stateless Address Configuration. 844 RFC 2462, December 1998. 846 [20] Hinden, Deering. IP Version 6 Addressing Architecture. 847 RFC 2373, July 1998. 849 Authors' Address 851 Jim Bound 852 Compaq Computer Corporation 853 110 Spitbrook Road, ZKO3-3/U14 854 Nashua, NH 03062 855 Phone: (603) 884-0400 856 Email: bound@zk3.dec.com