idnits 2.17.1 draft-ietf-softwire-dslite-multicast-18.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 2, 2017) is 2639 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-15) exists of draft-ietf-softwire-multicast-prefix-option-13 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Softwire WG M. Boucadair 3 Internet-Draft Orange 4 Intended status: Standards Track C. Qin 5 Expires: August 6, 2017 Cisco 6 C. Jacquenet 7 Orange 8 Y. Lee 9 Comcast 10 Q. Wang 11 China Telecom 12 February 2, 2017 14 Delivery of IPv4 Multicast Services to IPv4 Clients over an IPv6 15 Multicast Network 16 draft-ietf-softwire-dslite-multicast-18 18 Abstract 20 This document specifies a solution for the delivery of IPv4 multicast 21 services to IPv4 clients over an IPv6 multicast network. The 22 solution relies upon a stateless IPv4-in-IPv6 encapsulation scheme 23 and uses an IPv6 multicast distribution tree to deliver IPv4 24 multicast traffic. The solution is particularly useful for the 25 delivery of multicast service offerings to DS-Lite serviced 26 customers. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on August 6, 2017. 45 Copyright Notice 47 Copyright (c) 2017 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 63 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 6 67 4.1. IPv4-Embedded IPv6 Prefixes . . . . . . . . . . . . . . . 7 68 4.2. Multicast Distribution Tree Computation . . . . . . . . . 7 69 4.3. Multicast Data Forwarding . . . . . . . . . . . . . . . . 8 70 5. IPv4/IPv6 Address Mapping . . . . . . . . . . . . . . . . . . 9 71 5.1. Prefix Assignment . . . . . . . . . . . . . . . . . . . . 9 72 5.2. Multicast Address Translation Algorithm . . . . . . . . . 9 73 5.3. Textual Representation . . . . . . . . . . . . . . . . . 10 74 5.4. Examples . . . . . . . . . . . . . . . . . . . . . . . . 10 75 6. Multicast B4 (mB4) . . . . . . . . . . . . . . . . . . . . . 10 76 6.1. IGMP-MLD Interworking Function . . . . . . . . . . . . . 10 77 6.2. Multicast Data Forwarding . . . . . . . . . . . . . . . . 11 78 6.3. Fragmentation . . . . . . . . . . . . . . . . . . . . . . 11 79 6.4. Host Built-in mB4 Function . . . . . . . . . . . . . . . 12 80 6.5. Preserve the Scope . . . . . . . . . . . . . . . . . . . 12 81 7. Multicast AFTR (mAFTR) . . . . . . . . . . . . . . . . . . . 12 82 7.1. Routing Considerations . . . . . . . . . . . . . . . . . 12 83 7.2. Processing PIM Messages . . . . . . . . . . . . . . . . . 13 84 7.3. Switching from Shared Tree to Shortest Path Tree . . . . 14 85 7.4. Multicast Data Forwarding . . . . . . . . . . . . . . . . 14 86 7.5. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 14 87 8. Deployment Considerations . . . . . . . . . . . . . . . . . . 15 88 8.1. Other Operational Modes . . . . . . . . . . . . . . . . . 15 89 8.1.1. The IPv6 DR is Co-Located with the mAFTR . . . . . . 15 90 8.1.2. The IPv4 DR is Co-Located with the mAFTR . . . . . . 15 91 8.2. Load Balancing . . . . . . . . . . . . . . . . . . . . . 15 92 8.3. mAFTR Policy Configuration . . . . . . . . . . . . . . . 15 93 8.4. Static vs. Dynamic PIM Triggering . . . . . . . . . . . . 16 94 9. Security Considerations . . . . . . . . . . . . . . . . . . . 16 95 9.1. Firewall Configuration . . . . . . . . . . . . . . . . . 16 96 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 97 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 98 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 99 12.1. Normative References . . . . . . . . . . . . . . . . . . 17 100 12.2. Informative References . . . . . . . . . . . . . . . . . 18 101 Appendix A. Use Case: IPTV . . . . . . . . . . . . . . . . . . . 19 102 Appendix B. Older Versions of Group Membership Management 103 Protocols . . . . . . . . . . . . . . . . . . . . . 19 104 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 106 1. Introduction 108 DS-Lite [RFC6333] is an IPv4 address-sharing technique that enables 109 operators to multiplex public IPv4 addresses while provisioning only 110 IPv6 to users. A typical DS-Lite scenario is the delivery of an IPv4 111 service to an IPv4 user over an IPv6 network (denoted as a 4-6-4 112 scenario). [RFC6333] covers unicast services exclusively. 114 This document specifies a generic solution for the delivery of IPv4 115 multicast services to IPv4 clients over an IPv6 multicast network. 116 The solution was developed with DS-Lite in mind (see more discussion 117 below). The solution is however not limited to DS-Lite; it can be 118 applied in other deployment contexts, such as [RFC7596][RFC7597]. 120 If customers have to access IPv4 multicast-based services through a 121 DS-Lite environment, Address Family Transition Router (AFTR) devices 122 will have to process all the Internet Group Management Protocol 123 (IGMP) Report messages [RFC2236] [RFC3376] that have been forwarded 124 by the Customer Premises Equipment (CPE) into the IPv4-in-IPv6 125 tunnels. From that standpoint, AFTR devices are likely to behave as 126 a replication point for downstream multicast traffic, and the 127 multicast packets will be replicated for each tunnel endpoint that 128 IPv4 receivers are connected to. 130 This kind of DS-Lite environment raises two major issues: 132 1. The IPv6 network loses the benefits of the multicast traffic 133 forwarding efficiency because it is unable to deterministically 134 replicate the data as close to the receivers as possible. As a 135 consequence, the downstream bandwidth in the IPv6 network will be 136 vastly consumed by sending multicast data over a unicast 137 infrastructure. 139 2. The AFTR is responsible for replicating multicast traffic and 140 forwarding it into each tunnel endpoint connecting IPv4 receivers 141 that have explicitly asked for the corresponding contents. This 142 process may significantly consume the AFTR's resources and 143 overload the AFTR. 145 This document specifies an extension to the DS-Lite model to deliver 146 IPv4 multicast services to IPv4 clients over an IPv6 multicast- 147 enabled network. 149 This document describes a stateless translation mechanism that 150 supports either Source Specific Multicast (SSM) or Any Source 151 Multicast (ASM) operation. The recommendation in Section 1 of 152 [RFC4607] is that multicast services use SSM where possible; the 153 operation of the translation mechanism is also simplified when SSM is 154 used, e.g., considerations for placement of the IPv6 the Rendezvous 155 Point (RP) are no longer relevant. 157 1.1. Requirements Language 159 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 160 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 161 document are to be interpreted as described in RFC 2119 [RFC2119]. 163 2. Terminology 165 This document makes use of the following terms: 167 IPv4-embedded IPv6 address: an IPv6 address which embeds a 32-bit- 168 encoded IPv4 address. An IPv4-embedded IPv6 address can be 169 unicast or multicast. 171 mPrefix64: a dedicated multicast IPv6 prefix for constructing 172 IPv4-embedded IPv6 multicast addresses. mPrefix64 can be of two 173 types: ASM_mPrefix64 used in Any Source Multicast (ASM) mode or 174 SSM_mPrefix64 used in Source Specific Multicast (SSM) mode 175 [RFC4607]. The size of this prefix is /96. 177 Note: "64" is used as an abbreviation for IPv6-IPv4 178 interconnection. 180 uPrefix64: a dedicated IPv6 unicast prefix for constructing 181 IPv4-embedded IPv6 unicast addresses [RFC6052]. This prefix may 182 be either the Well-Known Prefix (i.e., 64:ff9b::/96) or a Network- 183 Specific Prefix (NSP). 185 Multicast AFTR (mAFTR): a functional entity which supports an 186 IPv4-IPv6 multicast interworking function (refer to Figure 3). It 187 receives and encapsulates the IPv4 multicast packets into IPv4-in- 188 IPv6 packets. Also, it behaves as the corresponding IPv6 189 multicast source for the encapsulated IPv4-in-IPv6 packets. 191 Multicast Basic Bridging BroadBand (mB4): a functional entity which 192 supports an IGMP-MLD interworking function (refer to Section 6.1) 193 that translates the IGMP messages into the corresponding Multicast 194 Listener Discovery (MLD) messages, and sends the MLD messages to 195 the IPv6 network. In addition, the mB4 decapsulates IPv4-in-IPv6 196 multicast packets. 198 PIMv4: refers to Protocol Independent Multicast (PIM) when deployed 199 in an IPv4 infrastructure (i.e., IPv4 transport capabilities are 200 used to exchange PIM messages). 202 PIMv6: refers to PIM when deployed in an IPv6 infrastructure (i.e., 203 IPv6 transport capabilities are used to exchange PIM messages). 205 Host portion of the MLD protocol: refers to the part of MLD that 206 applies to all multicast address listeners (Section 6 of 207 [RFC3810]). As a reminder, MLD specifies separate behaviors for 208 multicast address listeners (i.e., hosts or routers that listen to 209 multicast packets) and multicast routers. 211 Router portion of the IGMP protocol: refers to the part of IGMP that 212 is performed by multicast routers (Section 6 of [RFC3376]). 214 DR: refers to the Designated Router as defined in [RFC7761]. 216 3. Scope 218 This document focuses only on the subscription to IPv4 multicast 219 groups and the delivery of IPv4-formatted content to IPv4 receivers 220 over an IPv6-only network. In particular, only the following case is 221 covered: 223 IPv4 receivers access IPv4 multicast contents over IPv6-only 224 multicast-enabled networks. 226 This document does not cover the source/receiver heuristics, where 227 IPv4 receivers can also behave as IPv4 multicast sources. This 228 document assumes that hosts behind the mB4 are IPv4 multicast 229 receivers only. Also, the document covers host built-in mB4 230 function. 232 4. Solution Overview 234 In the DS-Lite specification [RFC6333], an IPv4-in-IPv6 tunnel is 235 used to carry bidirectional IPv4 unicast traffic between a B4 and an 236 AFTR. The solution specified in this document provides an IPv4-in- 237 IPv6 encapsulation scheme to deliver unidirectional IPv4 multicast 238 traffic from an mAFTR to an mB4. 240 An overview of the solution is provided in this section which is 241 intended as an introduction to how it works, but is not normative. 242 For the normative specifications of the two new functional elements: 243 mB4 and mAFTR (Figure 1), refer to Sections 6 and 7. 245 ------------ 246 / \ 247 | IPv4 network | 248 \ / 249 ------------ 250 IPv4 multicast : | ^ PIMv4 Join 251 v | : 252 +-------------+ 253 | mAFTR | 254 +-------------+ 255 IPv6 multicast |:| | ^ PIMv6 Join (PIMv6 256 (IPv4 embedded) |:| | : routers in between) 257 ------------ 258 / \ 259 | IPv6 network | 260 \ / 261 ------------ 262 |:| | ^ MLD Report 263 |v| | : 264 +-----------+ 265 | mB4 | 266 +-----------+ 267 IPv4 multicast : | ^ IGMP Report 268 v | : 269 +-----------+ 270 | IPv4 | 271 | receiver | 272 +-----------+ 274 Figure 1: Functional Architecture 276 4.1. IPv4-Embedded IPv6 Prefixes 278 In order to map the addresses of IPv4 multicast traffic with IPv6 279 multicast addresses, an IPv6 multicast prefix (mPrefix64) and an IPv6 280 unicast prefix (uPrefix64) are provided to the mAFTR and the mB4 281 elements, both of which contribute to the computation and the 282 maintenance of the IPv6 multicast distribution tree that extends the 283 IPv4 multicast distribution tree into the IPv6 multicast network. 284 The IPv4/IPv6 address mapping is stateless. 286 The mAFTR and the mB4 use mPrefix64 to convert an IPv4 multicast 287 address (G4) into an IPv4-embedded IPv6 multicast address (G6). The 288 mAFTR and the mB4 use uPrefix64 to convert an IPv4 source address 289 (S4) into an IPv4-embedded IPv6 address (S6). The mAFTR and the mB4 290 must use the same mPrefix64 and uPrefix64, and also run the same 291 algorithm for building IPv4-embedded IPv6 addresses. Refer to 292 Section 5 for more details about the address mapping. 294 4.2. Multicast Distribution Tree Computation 296 When an IPv4 receiver connected to the device that embeds the mB4 297 capability wants to subscribe to an IPv4 multicast group, it sends an 298 IGMP Report message towards the mB4. The mB4 creates the IPv6 299 multicast group (G6) address using mPrefix64 and the original IPv4 300 multicast group address. If the receiver sends a source-specific 301 IGMPv3 Report message, the mB4 will create the IPv6 source address 302 (S6) using uPrefix64 and the original IPv4 source address. 304 The mB4 uses the G6 (and both S6 and G6 in SSM) to create the 305 corresponding MLD Report message. The mB4 sends the Report message 306 towards the IPv6 network. The PIMv6 Designated Router receives the 307 MLD Report message and sends the PIMv6 Join message to join the IPv6 308 multicast distribution tree. It can send either PIMv6 Join (*,G6) in 309 ASM or PIMv6 Join (S6,G6) in SSM to the mAFTR. 311 The mAFTR acts as the IPv6 DR to which the uPrefix64-derived S6 is 312 connected. The mAFTR will receive the source-specific PIMv6 Join 313 message (S6,G6) from the IPv6 multicast network. If the mAFTR is the 314 Rendezvous Point (RP) of G6, it will receive the any-source PIMv6 315 Join message (*,G6) from the IPv6 multicast network. If the mAFTR is 316 not the RP of G6, it will send the PIM Register message to the RP of 317 G6 located in the IPv6 multicast network. For the sake of 318 simplicity, it is recommended to configure the mAFTR as the RP for 319 the IPv4-embedded IPv6 multicast groups it manages; no registration 320 procedure is required under this configuration. 322 When the mAFTR receives the PIMv6 Join message (*,G6), it will 323 extract the IPv4 multicast group address (G4). If the mAFTR is the 324 RP of G4 in the IPv4 multicast network, it will create a (*,G4) entry 325 (if such entry does not already exist) in its own IPv4 multicast 326 routing table. If the mAFTR is not the RP of G4, it will send the 327 corresponding PIMv4 Join message (*,G4) towards the RP of G4 in the 328 IPv4 multicast network. 330 When the mAFTR receives the PIMv6 Join message (S6,G6), it will 331 extract the IPv4 multicast group address (G4) and IPv4 source address 332 (S4) and send the corresponding (S4,G4) PIMv4 Join message directly 333 to the IPv4 source. 335 A branch of the multicast distribution tree is thus constructed, 336 comprising both an IPv4 part (from the mAFTR upstream) and an IPv6 337 part (from mAFTR downstream towards the mB4). 339 The mAFTR advertises the route of uPrefix64 with an IPv6 Interior 340 Gateway Protocol (IGP), so as to represent the IPv4-embedded IPv6 341 source in the IPv6 multicast network, and to allow IPv6 routers to 342 run the Reverse Path Forwarding (RPF) check procedure on incoming 343 multicast traffic. Injecting internal /96 routes is not problematic 344 given the recommendation in [RFC7608] that requires that forwarding 345 processes must be designed to process prefixes of any length up to 346 /128. 348 4.3. Multicast Data Forwarding 350 When the mAFTR receives an IPv4 multicast packet, it will encapsulate 351 the packet into an IPv6 multicast packet using the IPv4-embedded IPv6 352 multicast address as the destination address and an IPv4-embedded 353 IPv6 unicast address as the source address. The encapsulated IPv6 354 multicast packet will be forwarded down the IPv6 multicast 355 distribution tree and the mB4 will eventually receive the packet. 357 The IPv6 multicast network treats the IPv4-in-IPv6 encapsulated 358 multicast packets as native IPv6 multicast packets. The IPv6 359 multicast routers use the outer IPv6 header to make their forwarding 360 decisions. 362 When the mB4 receives the IPv6 multicast packet (to G6) derived by 363 mPrefix64, it decapsulates it and forwards the original IPv4 364 multicast packet towards the receivers subscribing to G4. 366 Note: At this point, only IPv4-in-IPv6 encapsulation is defined; 367 however, other types of encapsulation could be defined in the future. 369 5. IPv4/IPv6 Address Mapping 371 5.1. Prefix Assignment 373 A dedicated IPv6 multicast prefix (mPrefix64) is provisioned to the 374 mAFTR and the mB4. The mAFTR and the mB4 use the mPrefix64 to form 375 an IPv6 multicast group address from an IPv4 multicast group address. 376 The mPrefix64 can be of two types: ASM_mPrefix64 (a mPrefix64 used in 377 ASM mode) or SSM_mPrefix64 (a mPrefix64 used in SSM mode). The 378 mPrefix64 MUST be derived from the corresponding IPv6 multicast 379 address space (e.g., the SSM_mPrefix64 must be in the range of 380 multicast address space specified in [RFC4607]). 382 The IPv6 part of the multicast distribution tree can be seen as an 383 extension of the IPv4 part of the multicast distribution tree. The 384 IPv4 source address MUST be mapped to an IPv6 source address. An 385 IPv6 unicast prefix (uPrefix64) is provisioned to the mAFTR and the 386 mB4. The mAFTR and the mB4 use the uPrefix64 to form an IPv6 source 387 address from an IPv4 source address as specified in [RFC6052]. The 388 uPrefix-formed IPv6 source address will represent the original IPv4 389 source in the IPv6 multicast network. The uPrefix64 MUST be derived 390 from the IPv6 unicast address space. 392 The multicast address translation MUST follow the algorithm defined 393 in Section 5.2. 395 The mPrefix64 and uPrefix64 can be configured in the mB4 using a 396 variety of methods, including an out-of-band mechanism, manual 397 configuration, or a dedicated provisioning protocol (e.g., using 398 DHCPv6 [I-D.ietf-softwire-multicast-prefix-option]). 400 The stateless translation mechanism described in Section 5 does not 401 preclude use of Embedded-RP [RFC3956][RFC7371]. 403 5.2. Multicast Address Translation Algorithm 405 IPv4-embedded IPv6 multicast addresses are composed according to the 406 following algorithm: 408 o Concatenate the mPrefix64 96 bits and the 32 bits of the IPv4 409 address to obtain a 128-bit address. 411 The IPv4 multicast addresses are extracted from the IPv4-embedded 412 IPv6 multicast addresses according to the following algorithm: 414 o If the multicast address has a pre-configured mPrefix64, extract 415 the last 32 bits of the IPv6 multicast address. 417 An IPv4 source is represented in the IPv6 realm with its 418 IPv4-converted IPv6 address [RFC6052]. 420 5.3. Textual Representation 422 The embedded IPv4 address in an IPv6 multicast address is included in 423 the last 32 bits; therefore, dotted decimal notation can be used. 425 5.4. Examples 427 Group address mapping example: 429 +---------------------+--------------+----------------------------+ 430 | mPrefix64 | IPv4 address | IPv4-Embedded IPv6 address | 431 +---------------------+--------------+----------------------------+ 432 | ff0x::db8:0:0/96 | 233.252.0.1 | ff0x::db8:233.252.0.1 | 433 +---------------------+--------------+----------------------------+ 435 Source address mapping example when a /96 is used: 437 +---------------------+--------------+----------------------------+ 438 | uPrefix64 | IPv4 address | IPv4-Embedded IPv6 address | 439 +---------------------+--------------+----------------------------+ 440 | 2001:db8::/96 | 192.0.2.33 | 2001:db8::192.0.2.33 | 441 +---------------------+--------------+----------------------------+ 443 IPv4 and IPv6 addresses used in this example are derived from the 444 IPv4 and IPv6 blocks reserved for documentation, as per [RFC6676]. 445 The unicast IPv4 address of the above example is derived from the 446 documentation address block defined in [RFC6890]. 448 6. Multicast B4 (mB4) 450 6.1. IGMP-MLD Interworking Function 452 The IGMP-MLD Interworking Function combines the IGMP/MLD Proxying 453 function and the address synthesizing operations. The IGMP/MLD 454 Proxying function is specified in [RFC4605]. The address translation 455 is stateless and MUST follow the address mapping specified in 456 Section 5. 458 The mB4 performs the host portion of the MLD protocol on the upstream 459 interface. The composition of IPv6 membership in this context is 460 constructed through address synthesizing operations and MUST 461 synchronize with the membership database maintained in the IGMP 462 domain. MLD messages are sent natively to the directly connected 463 IPv6 multicast routers (it will be processed by the PIM DR). The mB4 464 also performs the router portion of the IGMP protocol on the 465 downstream interface(s). Refer to [RFC4605] for more details. 467 +----------+ IGMP +-------+ MLD +---------+ 468 | IPv4 |---------| mB4 |---------| PIM | 469 | Receiver | | | | DR | 470 +----------+ +-------+ +---------+ 472 Figure 2: IGMP-MLD Interworking 474 If SSM is deployed, the mB4 MUST construct the IPv6 source address 475 (or retrieve the IPv4 source address) using the uPrefix64. The mB4 476 MAY create a membership database which associates the IPv4-IPv6 477 multicast groups with the interfaces (e.g., WLAN and Wired Ethernet) 478 facing IPv4 multicast receivers. 480 6.2. Multicast Data Forwarding 482 When the mB4 receives an IPv6 multicast packet, it MUST check the 483 group address and the source address. If the IPv6 multicast group 484 prefix is mPrefix64 and the IPv6 source prefix is uPrefix64, the mB4 485 MUST decapsulate the IPv6 header [RFC2473]; the decapsulated IPv4 486 multicast packet will be forwarded through each relevant interface 487 following standard IPv4 multicast forwarding procedure. Otherwise, 488 the mB4 MUST silently drop the packet. 490 As an illustration, if a packet is received from source 491 2001:db8::192.0.2.33 and needs to be forwarded to group 492 ff3x:20:2001:db8::233.252.0.1, the mB4 decapsulates it into an IPv4 493 multicast packet using 192.0.2.33 as the IPv4 source address and 494 using 233.252.0.1 as the IPv4 destination multicast group. This 495 example assumes that the mB4 is provisioned with uPrefix64 496 (2001:db8::/96) and mPrefix64 (ff3x:20:2001:db8::/96). 498 6.3. Fragmentation 500 Encapsulating IPv4 multicast packets into IPv6 multicast packets that 501 will be forwarded by the mAFTR towards the mB4 along the IPv6 502 multicast distribution tree reduces the effective MTU size by the 503 size of an IPv6 header. In this specification, the data flow is 504 unidirectional from the mAFTR to the mB4. The mAFTR MUST fragment 505 the oversized IPv6 packet after the encapsulation into two IPv6 506 packets. The mB4 MUST reassemble the IPv6 packets, decapsulate the 507 IPv6 header, and forward the IPv4 packet to the hosts that have 508 subscribed to the corresponding multicast group. Further 509 considerations about fragmentation issues are documented in Sections 510 5.3 and 6.3 of [RFC6333]. 512 6.4. Host Built-in mB4 Function 514 If the mB4 function is implemented in the host which is directly 515 connected to an IPv6-only network, the host MUST implement the 516 behaviors specified in Sections 6.1, 6.2, and 6.3. The host MAY 517 optimize the implementation to provide an Application Programming 518 Interface (API) or kernel module to skip the IGMP-MLD Interworking 519 Function. Optimization considerations are out of scope of this 520 specification. 522 6.5. Preserve the Scope 524 When several mPrefix64s are available, if each enclosed IPv4-embedded 525 IPv6 multicast prefix has a distinct scope, the mB4 MUST select the 526 appropriate IPv4-embedded IPv6 multicast prefix whose scope matches 527 the IPv4 multicast address used to synthesize an IPv4-embedded IPv6 528 multicast address (specific mappings are listed in Section 8 of 529 [RFC2365]). Mapping is achieved such that the scope of the selected 530 IPv6 multicast prefix does not exceed the original IPv4 multicast 531 scope. If the mB4 is instructed to preserve the scope but no IPv6 532 multicast prefix that matches the IPv4 multicast scope is found, IPv6 533 multicast address mapping SHOULD fail. 535 The mB4 MAY be configured to not preserve the scope when enforcing 536 the address translation algorithm. 538 Consider that an mB4 is configured with two mPrefix64s 539 ff0e::db8:0:0/96 (Global scope) and ff08::db8:0:0/96 (Organization 540 scope). If the mB4 receives an IGMP report from an IPv4 receiver to 541 subscribe to 233.252.0.1, it checks which mPrefix64 to use in order 542 to preserve the scope of the requested IPv4 multicast group. In this 543 example, given that 233.252.0.1 is intended for global use, the mB4 544 creates the IPv6 multicast group (G6) address using ff0e::db8:0:0/96 545 and the original IPv4 multicast group address (233.252.0.1): 546 ff0e::db8:233.252.0.1. 548 7. Multicast AFTR (mAFTR) 550 7.1. Routing Considerations 552 The mAFTR is responsible for interconnecting the IPv4 multicast 553 distribution tree with the corresponding IPv6 multicast distribution 554 tree. The mAFTR MUST use the uPrefix64 to build the IPv6 source 555 addresses of the multicast group address derived from mPrefix64. In 556 other words, the mAFTR MUST be the multicast source whose address is 557 derived from uPrefix64. 559 The mAFTR MUST advertise the route towards uPrefix64 with the IPv6 560 IGP. This is needed by the IPv6 multicast routers so that they 561 acquire the routing information to discover the source. 563 7.2. Processing PIM Messages 565 The mAFTR MUST interwork PIM Join/Prune messages for (*,G6) and 566 (S6,G6) on their corresponding (*,G4) and (S4,G4). The following 567 text specifies the expected behavior of the mAFTR for PIM Join 568 messages. 570 +---------+ 571 ---------| mAFTR |--------- 572 PIMv6 |uPrefix64| PIMv4 573 |mPrefix64| 574 +---------+ 576 Figure 3: PIMv6-PIMv4 Interworking Function 578 The mAFTR contains two separate Tree Information Bases (TIBs): the 579 IPv4 Tree Information Base (TIB4) and the IPv6 Tree Information Base 580 (TIB6), which are bridged by one IPv4-in-IPv6 virtual interface. It 581 should be noted that TIB implementations may vary (e.g., some may 582 rely upon a single integrated TIB without any virtual interface), but 583 they should follow this specification for the sake of global and 584 functional consistency. 586 When an mAFTR receives a PIMv6 Join message (*,G6) with an IPv6 587 multicast group address (G6) that is derived from the mPrefix64, it 588 MUST check its IPv6 Tree Information Base (TIB6). If there is an 589 entry for this G6 address, it MUST check whether the interface 590 through which the PIMv6 Join message has been received is in the 591 outgoing interface (oif) list. If not, the mAFTR MUST add the 592 interface to the oif list. If there is no entry in the TIB6, the 593 mAFTR MUST create a new entry (*,G6) for the multicast group. 594 Whether or not the IPv4-in-IPv6 virtual interface is set as the 595 incoming interface of the newly created entry is up to the 596 implementation but it should comply with the mAFTR's multicast data 597 forwarding behavior, see Section 7.4. 599 The mAFTR MUST extract the IPv4 multicast group address (G4) from the 600 IPv4-embedded IPv6 multicast address (G6) contained in the PIMv6 Join 601 message. The mAFTR MUST check its IPv4 Tree Information Base (TIB4). 602 If there is an entry for G4, it MUST check whether the IPv4-in-IPv6 603 virtual interface is in the outgoing interface list. If not, the 604 mAFTR MUST add the interface to the oif list. If there is no entry 605 for G4, the mAFTR MUST create a new (*,G4) entry in its TIB4 and 606 initiate the procedure for building the shared tree in the IPv4 607 multicast network without any additional requirement. 609 If the mAFTR receives a source-specific Join message, the (S6,G6) is 610 processed rather than (*,G6). The procedures of processing (S6,G6) 611 and (*,G6) are almost the same. Differences have been detailed in 612 [RFC7761]. 614 7.3. Switching from Shared Tree to Shortest Path Tree 616 When the mAFTR receives the first IPv4 multicast packet, it may 617 extract the source address (S4) from the packet and send an Explicit 618 PIMv4 (S4,G4) Join message directly to S4. The mAFTR switches from 619 the shared Rendezvous Point Tree (RPT) to the Shortest Path Tree 620 (SPT) for G4. 622 For IPv6 multicast routers to switch to the SPT, there is no new 623 requirement. IPv6 multicast routers may send an Explicit PIMv6 Join 624 to the mAFTR once the first (S6,G6) multicast packet arrives from 625 upstream multicast routers. 627 7.4. Multicast Data Forwarding 629 When the mAFTR receives an IPv4 multicast packet, it checks its TIB4 630 to find a matching entry and then forwards the packet to the 631 interface(s) listed in the outgoing interface list. If the IPv4-in- 632 IPv6 virtual interface also belongs to this list, the packet is 633 encapsulated with the mPrefix64-derived and uPrefix64-derived 634 IPv4-embedded IPv6 addresses to form an IPv6 multicast packet 635 [RFC2473]. Then another lookup is made by the mAFTR to find a 636 matching entry in the TIB6. Whether the RPF check for the second 637 lookup is performed or not is up to the implementation and is out of 638 the scope of this document. The IPv6 multicast packet is then 639 forwarded along the IPv6 multicast distribution tree, based upon the 640 outgoing interface list of the matching entry in the TIB6. 642 As an illustration, if a packet is received from source 192.0.2.33 643 and needs to be forwarded to group 233.252.0.1, the mAFTR 644 encapsulates it into an IPv6 multicast packet using 645 ff3x:20:2001:db8::233.252.0.1 as the IPv6 destination multicast group 646 and using 2001:db8::192.0.2.33 as the IPv6 source address. 648 7.5. Scope 650 The Scope field of IPv4-in-IPv6 multicast addresses should be valued 651 accordingly (e.g, to "E" for Global scope) in the deployment 652 environment. This specification does not discuss the scope value 653 that should be used. 655 The considerations in Section 6.5 are to be followed by the mAFTR. 657 8. Deployment Considerations 659 8.1. Other Operational Modes 661 8.1.1. The IPv6 DR is Co-Located with the mAFTR 663 The mAFTR can embed the MLD Querier function (as well as the PIMv6 664 DR) for optimization purposes. When the mB4 sends a MLD Report 665 message to this mAFTR, the mAFTR should process the MLD Report 666 message that contains the IPv4-embedded IPv6 multicast group address 667 and then send the corresponding PIMv4 Join message (Figure 4). 669 +---------+ 670 ---------| mAFTR |--------- 671 MLD |uPrefix64| PIMv4 672 |mPrefix64| 673 +---------+ 675 Figure 4: MLD-PIMv4 Interworking Function 677 Discussions about the location of the mAFTR capability and related 678 ASM or SSM multicast design considerations are out of the scope of 679 this document. 681 8.1.2. The IPv4 DR is Co-Located with the mAFTR 683 If the mAFTR is co-located with the IPv4 DR connected to the original 684 IPv4 source, it may simply use the uPrefix64 and mPrefix64 prefixes 685 to build the IPv4-embedded IPv6 multicast packets, and the sending of 686 PIMv4 Join messages becomes unnecessary. 688 8.2. Load Balancing 690 For robustness and load distribution purposes, several nodes in the 691 network can embed the mAFTR function. In such case, the same IPv6 692 prefixes (i.e., mPrefix64 and uPrefix64) and algorithm to build 693 IPv4-embedded IPv6 addresses must be configured on those nodes. 695 8.3. mAFTR Policy Configuration 697 The mAFTR may be configured with a list of IPv4 multicast groups and 698 sources. Only multicast flows bound to the configured addresses 699 should be handled by the mAFTR. Otherwise, packets are silently 700 dropped. 702 8.4. Static vs. Dynamic PIM Triggering 704 To optimize the usage of network resources in current deployments, 705 all multicast streams are conveyed in the core network while only the 706 most popular ones are forwarded in the aggregation/access networks 707 (static mode). Less popular streams are forwarded in the access 708 network upon request (dynamic mode). Depending on the location of 709 the mAFTR in the network, two modes can be envisaged: static and 710 dynamic. 712 Static Mode: the mAFTR is configured to instantiate permanent 713 (S6,G6) and (*,G6) entries in its TIB6 using a pre-configured 714 (S4,G4) list. 716 Dynamic Mode: the instantiation or withdrawal of (S6,G6) or (*,G6) 717 entries is triggered by the receipt of PIMv6 messages. 719 9. Security Considerations 721 Besides multicast scoping considerations (see Section 6.5 and 722 Section 7.5), this document does not introduce any new security 723 concern in addition to what is discussed in Section 5 of [RFC6052], 724 Section 10 of [RFC3810] and Section 6 of [RFC7761]. 726 Unlike solutions that map IPv4 multicast flows to IPv6 unicast flows, 727 this document does not exacerbate Denial-of-Service (DoS) attacks. 729 An mB4 SHOULD be provided with appropriate configuration information 730 to preserve the scope of a multicast message when mapping an IPv4 731 multicast address into an IPv4-embedded IPv6 multicast address and 732 vice versa. 734 9.1. Firewall Configuration 736 The CPE that embeds the mB4 function SHOULD be configured to accept 737 incoming MLD messages and traffic forwarded to multicast groups 738 subscribed by receivers located in the customer premises. 740 10. Acknowledgments 742 The authors would like to thank Dan Wing for his guidance in the 743 early discussions which initiated this work. We also thank Peng Sun, 744 Jie Hu, Qiong Sun, Lizhong Jin, Alain Durand, Dean Cheng, Behcet 745 Sarikaya, Tina Tsou, Rajiv Asati, Xiaohong Deng, and Stig Venaas for 746 their valuable comments. 748 Many thanks to Ian Farrer for the review. 750 Thanks to Zhen Cao, Tim Chown, Francis Dupont, Jouni Korhonen, and 751 Stig Venaas for the directorates review. 753 11. IANA Considerations 755 This document includes no request to IANA. 757 12. References 759 12.1. Normative References 761 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 762 Requirement Levels", BCP 14, RFC 2119, 763 DOI 10.17487/RFC2119, March 1997, 764 . 766 [RFC2365] Meyer, D., "Administratively Scoped IP Multicast", BCP 23, 767 RFC 2365, DOI 10.17487/RFC2365, July 1998, 768 . 770 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 771 IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, 772 December 1998, . 774 [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 775 Thyagarajan, "Internet Group Management Protocol, Version 776 3", RFC 3376, DOI 10.17487/RFC3376, October 2002, 777 . 779 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 780 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 781 DOI 10.17487/RFC3810, June 2004, 782 . 784 [RFC4605] Fenner, B., He, H., Haberman, B., and H. Sandick, 785 "Internet Group Management Protocol (IGMP) / Multicast 786 Listener Discovery (MLD)-Based Multicast Forwarding 787 ("IGMP/MLD Proxying")", RFC 4605, DOI 10.17487/RFC4605, 788 August 2006, . 790 [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for 791 IP", RFC 4607, DOI 10.17487/RFC4607, August 2006, 792 . 794 [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. 795 Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, 796 DOI 10.17487/RFC6052, October 2010, 797 . 799 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 800 Stack Lite Broadband Deployments Following IPv4 801 Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011, 802 . 804 [RFC7608] Boucadair, M., Petrescu, A., and F. Baker, "IPv6 Prefix 805 Length Recommendation for Forwarding", BCP 198, RFC 7608, 806 DOI 10.17487/RFC7608, July 2015, 807 . 809 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 810 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 811 Multicast - Sparse Mode (PIM-SM): Protocol Specification 812 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 813 2016, . 815 12.2. Informative References 817 [I-D.ietf-softwire-multicast-prefix-option] 818 Boucadair, M., Qin, J., Tsou, T., and X. Deng, "DHCPv6 819 Option for IPv4-Embedded Multicast and Unicast IPv6 820 Prefixes", draft-ietf-softwire-multicast-prefix-option-13 821 (work in progress), February 2017. 823 [RFC2236] Fenner, W., "Internet Group Management Protocol, Version 824 2", RFC 2236, DOI 10.17487/RFC2236, November 1997, 825 . 827 [RFC3956] Savola, P. and B. Haberman, "Embedding the Rendezvous 828 Point (RP) Address in an IPv6 Multicast Address", 829 RFC 3956, DOI 10.17487/RFC3956, November 2004, 830 . 832 [RFC6676] Venaas, S., Parekh, R., Van de Velde, G., Chown, T., and 833 M. Eubanks, "Multicast Addresses for Documentation", 834 RFC 6676, DOI 10.17487/RFC6676, August 2012, 835 . 837 [RFC6890] Cotton, M., Vegoda, L., Bonica, R., Ed., and B. Haberman, 838 "Special-Purpose IP Address Registries", BCP 153, 839 RFC 6890, DOI 10.17487/RFC6890, April 2013, 840 . 842 [RFC7371] Boucadair, M. and S. Venaas, "Updates to the IPv6 843 Multicast Addressing Architecture", RFC 7371, 844 DOI 10.17487/RFC7371, September 2014, 845 . 847 [RFC7596] Cui, Y., Sun, Q., Boucadair, M., Tsou, T., Lee, Y., and I. 848 Farrer, "Lightweight 4over6: An Extension to the Dual- 849 Stack Lite Architecture", RFC 7596, DOI 10.17487/RFC7596, 850 July 2015, . 852 [RFC7597] Troan, O., Ed., Dec, W., Li, X., Bao, C., Matsushima, S., 853 Murakami, T., and T. Taylor, Ed., "Mapping of Address and 854 Port with Encapsulation (MAP-E)", RFC 7597, 855 DOI 10.17487/RFC7597, July 2015, 856 . 858 Appendix A. Use Case: IPTV 860 IPTV generally includes two categories of service offerings: 862 o Video on Demand (VoD) that unicast video content to receivers. 864 o Multicast live TV broadcast services. 866 Two types of provider are involved in the delivery of this service: 868 o Content Providers, who usually own the contents that is multicast 869 to receivers. Content providers may contractually define an 870 agreement with network providers to deliver contents to receivers. 872 o Network Providers, who provide network connectivity services 873 (e.g., network providers are responsible for carrying multicast 874 flows from head-ends to receivers). 876 Note that some contract agreements prevent a network provider from 877 altering the content as sent by the content provider for various 878 reasons. Depending on these contract agreements, multicast streams 879 should be delivered unaltered to the requesting users. 881 Many current IPTV contents are likely to remain IPv4-formatted and 882 out of control of the network providers. Additionally, there are 883 numerous legacy receivers (e.g., IPv4-only Set Top Boxes (STB)) that 884 can't be upgraded or be easily replaced to support IPv6. As a 885 consequence, IPv4 service continuity must be guaranteed during the 886 transition period, including the delivery of multicast services such 887 as Live TV Broadcasting to users. 889 Appendix B. Older Versions of Group Membership Management Protocols 891 Given the multiple versions of group membership management protocols, 892 mismatch issues may arise at the mB4 (refer to Section 6.1). 894 If IGMPv2 operates on the IPv4 receivers while MLDv2 operates on the 895 MLD Querier, or if IGMPv3 operates on the IPv4 receivers while MLDv1 896 operates on the MLD Querier, the version mismatch issue will be 897 encountered. To solve this problem, the mB4 should perform the 898 router portion of IGMP which is similar to the corresponding MLD 899 version (IGMPv2 as of MLDv1, or IGMPv3 as of MLDv2) operating in the 900 IPv6 domain. Then, the protocol interaction approach specified in 901 Section 7 of [RFC3376] can be applied to exchange signaling messages 902 with the IPv4 receivers on which the different version of IGMP is 903 operating. 905 Note that the support of IPv4 SSM requires MLDv2 to be enabled in the 906 IPv6 network. 908 Authors' Addresses 910 Mohamed Boucadair 911 Orange 912 Rennes 35000 913 France 915 Email: mohamed.boucadair@orange.com 917 Chao Qin 918 Cisco 919 Shanghai 920 P.R. China 922 Email: jacni@jacni.com 924 Christian Jacquenet 925 Orange 926 Rennes 35000 927 France 929 Email: christian.jacquenet@orange.com 931 Yiu L. Lee 932 Comcast 933 United States of America 935 Email: yiu_lee@cable.comcast.com 936 URI: http://www.comcast.com 937 Qian Wang 938 China Telecom 939 P.R. China 941 Phone: +86 10 58502462 942 Email: 13301168516@189.cn