idnits 2.17.1 draft-ietf-v6ops-design-choices-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 221: '... A router MUST be able to determi...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 6, 2014) is 3703 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-16) exists of draft-ietf-idr-dynamic-cap-14 == Outdated reference: A later version (-11) exists of draft-ietf-opsec-lla-only-07 == Outdated reference: A later version (-06) exists of draft-ietf-v6ops-enterprise-incremental-ipv6-05 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 V6OPS Working Group P. Matthews 3 Internet-Draft Alcatel-Lucent 4 Intended status: Informational V. Kuarsingh 5 Expires: September 7, 2014 Dyn 6 March 6, 2014 8 Design Choices for IPv6 Networks 9 draft-ietf-v6ops-design-choices-01 11 Abstract 13 This document presents advice on the design choices that arise when 14 designing IPv6 networks (both dual-stack and IPv6-only). The 15 intended audience is someone designing an IPv6 network who is 16 knowledgeable about best current practices around IPv4 network 17 design, and wishes to learn the corresponding practices for IPv6. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on September 7, 2014. 36 Copyright Notice 38 Copyright (c) 2014 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 2. Design Choices . . . . . . . . . . . . . . . . . . . . . . . 3 55 2.1. Mix IPv4 and IPv6 on the Same Link? . . . . . . . . . . . 3 56 2.2. Links with Only Link-Local Addresses? . . . . . . . . . . 4 57 2.3. Link-Local Next-Hop in a Static Route? . . . . . . . . . 5 58 2.4. Separate or Combined eBGP Sessions? . . . . . . . . . . . 6 59 2.5. eBGP Endpoints: Global or Link-Local Addresses? . . . . . 7 60 2.6. IGP Choice . . . . . . . . . . . . . . . . . . . . . . . 8 61 3. General Observations . . . . . . . . . . . . . . . . . . . . 9 62 3.1. Use of Link-Local Addresses . . . . . . . . . . . . . . . 9 63 3.2. Separation of IPv4 and IPv6 . . . . . . . . . . . . . . . 10 64 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 65 5. Security Considerations . . . . . . . . . . . . . . . . . . . 10 66 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 67 7. Informative References . . . . . . . . . . . . . . . . . . . 11 68 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 70 1. Introduction 72 This document presents advice on the design choices that arise when 73 designing IPv6 networks (both dual-stack and IPv6-only). The 74 intended audience is someone designing an IPv6 network who is 75 knowledgeable about best current practices around IPv4 network 76 design, and wishes to learn the corresponding practices for IPv6. 78 The focus of the document is on design choices where there are 79 differences between IPv4 and IPv6, either in the range of possible 80 alternatives (e.g. the extra possibilities introduced by link-local 81 addresses in IPv6) or the recommended alternative. The document 82 presents the alternatives and discusses the pros and cons in detail. 83 Where consensus currently exists around the best practice, this is 84 documented; otherwise the document simply summarizes the current 85 state of the discussion. Thus this document serves to both to 86 document the reasoning behind best current practices for IPv6, and to 87 allow a designer to make an intelligent choice where no such 88 consensus exists. 90 This document does not present advice on strategies for adding IPv6 91 to a network, nor does it discuss transition mechanisms. For advice 92 in these areas, see [RFC6180] for general advice, [RFC6782] for 93 wireline service providers, [RFC6342] for mobile network providers, 94 [RFC5963] for exchange point operators, [RFC6883] for content 95 providers, and both [RFC4852] and 97 [I-D.ietf-v6ops-enterprise-incremental-ipv6] for enterprises. Nor 98 does the document cover the ins and outs of creating an IPv6 99 addressing plan; for advice in this area, see [RFC5375]. 101 This document focuses on unicast network design only. It does not 102 cover multicast, nor supporting infrastructure such as DNS. 104 The current version is still work in progress, and it is expected 105 that the presentation and discussion of additional design choices 106 will be added as the document matures. 108 2. Design Choices 110 This section consists of a list of specific design choices a network 111 designer faces when designing an IPv6-only or dual-stack network, 112 along with guidance and advice to the designer when making a choice. 114 2.1. Mix IPv4 and IPv6 on the Same Link? 116 Should IPv4 and IPv6 traffic be logically separated on a link? That 117 is: 119 a. Mix IPv4 and IPv6 traffic on the same layer 2 connection, OR 121 b. Separate IPv4 and IPv6 by using separate physical or logical 122 links (e.g., two physical links or two VLANs on the same link)? 124 Option (a) implies a single layer 3 interface at each end with both 125 IPv4 and IPv6 addresses; while option (b) implies two layer 3 126 interfaces, one for IPv4 addresses and one with IPv6 addresses. 128 The advantages of option (a) include: 130 o Requires only half as many layer 3 interfaces as option (b), thus 131 providing better scaling; 133 o May require fewer physical ports, thus saving money; 135 o Can make the QoS implementation much easier (for example, rate- 136 limiting the combined IPv4 and IPv6 traffic to or from a 137 customer); 139 o Provides better support for the expected future of increasing IPv6 140 traffic and decreasing IPv4 traffic; 142 o And is generally conceptually simpler. 144 For these reasons, there is a pretty strong consensus in the operator 145 community that option (a) is the preferred way to go. 147 However, there can be times when option (b) is the pragmatic choice. 148 Most commonly, option (b) is used to work around limitations in 149 network equipment. One big example is the generally poor level of 150 support today for individual statistics on IPv4 traffic vs IPv6 151 traffic when option (a) is used. Other, device-specific, limitations 152 exist as well. It is expected that these limitations will go away as 153 support for IPv6 matures, making option (b) less and less attractive 154 until the day that IPv4 is finally turned off. 156 Most networks today use option (a) wherever possible. 158 2.2. Links with Only Link-Local Addresses? 160 Should the link: 162 a. Use only link-local addresses ("unnumbered"), OR 164 b. Have global or unique-local addresses assigned in addition to 165 link-locals? 167 There are two advantages of unnumbered links. The first advantage is 168 ease of configuration. In a network with a large number of 169 unnumbered links, the operator can just enable an IGP on each router, 170 without going through the tedious process of assigning and tracking 171 the addresses for each link. The second advantage is security. 172 Since link-local addresses are unroutable, the associated interfaces 173 cannot be attacked from an off-link device. This implies less effort 174 around maintaining security ACLs. 176 Countering this advantage are various disadvantages to unnumbered 177 links in IPv6: 179 o It is not possible to ping an interface that has only a link-local 180 address from a device that is not directly attached to the link. 181 Thus, to troubleshoot, one must typically log into a device that 182 is directly attached to the device in question, and execute the 183 ping from there. 185 o A traceroute passing over the unnumbered link will return the 186 loopback or system address of the router, rather than the address 187 of the interface itself. 189 o On some devices, by default the link-layer address of the 190 interface is derived from the MAC address assigned to interface. 191 When this is done, swapping out the interface hardware (e.g. 193 interface card) will cause the link-layer address to change. In 194 some cases (peering config, ACLs, etc) this may require additional 195 changes. However, many devices allow the link-layer address of an 196 interface to be explicitly configured, which avoids this issue. 198 o The practice of naming router interfaces using DNS names is 199 difficult-to-impossible when using LLAs only. 201 o It is not possible to identify the interface or link (in a 202 database, email, etc) by just giving its address. 204 For more discussion on the pros and cons, see 205 [I-D.ietf-opsec-lla-only]. 207 Today, most operators use numbered links (option b). 209 2.3. Link-Local Next-Hop in a Static Route? 211 What form of next-hop address should one use in a static route? 213 a. Use the far-end's link-local address as the next-hop address, OR 215 b. Use the far-end's GUA/ULA address as the next-hop address? 217 Recall that the IPv6 specs for OSPF [RFC5340] and ISIS [RFC5308] 218 dictate that they always use link-locals for next-hop addresses. For 219 static routes, [RFC4861] section 8 says: 221 A router MUST be able to determine the link-local address for each 222 of its neighboring routers in order to ensure that the target 223 address in a Redirect message identifies the neighbor router by 224 its link-local address. For static routing, this requirement 225 implies that the next-hop router's address should be specified 226 using the link-local address of the router. 228 This implies that using a GUA or ULA as the next hop will prevent a 229 router from sending Redirect messages for packets that "hit" this 230 static route. All this argues for using a link-local as the next-hop 231 address in a static route. 233 However, there are two cases where using a link-local address as the 234 next-hop clearly does not work. One is when the static route is an 235 indirect (or multi-hop) static route. The second is when the static 236 route is redistributed into another routing protocol. In these 237 cases, the above text from RFC 4861 notwithstanding, either a GUA or 238 ULA must be used. 240 Furthermore, many network operators are concerned about the 241 dependency of the default link-local address on an underlying MAC 242 address, as described in the previous section. 244 Today most operators use GUAs as next-hop addresses. 246 2.4. Separate or Combined eBGP Sessions? 248 For a dual-stack peering connection where eBGP is used as the routing 249 protocol, then one can either: 251 a. Use one BGP session to carry both IPv4 and IPv6 routes, OR 253 b. Use two BGP sessions, a session over IPv4 carrying IPv4 routes 254 and a session over IPv6 carrying IPv6 routes. 256 The main advantage of (a) is a reduction in the number of BGP 257 sessions compared with (b). 259 However, there are a number of concerns with option (a): 261 o On most existing implementations, adding or removing an address 262 family to an established BGP session will cause the router to tear 263 down and re-establish the session. Thus adding the IPv6 family to 264 an existing session carrying just IPv4 routes will disrupt the 265 session, and the eventual removal of IPv4 from the dual IPv4/IPv6 266 session will also disrupt the session. This disruption problem 267 will persist until something similar to [I-D.ietf-idr-dynamic-cap] 268 or [I-D.ietf-idr-bgp-multisession] is widely deployed. 270 o Whatever selection you make for the underlying transport protocol 271 (v4 or v6) will likely look funny at some date. Using two 272 sessions is appropriate both now and in the future. 274 o Carrying (for example) IPv6 routes over IPv4 means that route 275 information is transported over a different transport plane than 276 the data packets themselves. If v6 connectivity goes down locally 277 without v4 also going down, then v6 routes will still be 278 exchanged, thus leading to a blackhole. 280 o In some implementations, carrying v4 routes in a BGP session over 281 v6 transport (or vica-versa) results in the BGP next-hops in the 282 wrong address family, which must be fixed using routing policy 283 before the routes can be used. 285 Given these disadvantages, option (b) is the better choice in most 286 situations, and this is the choice selected in most networks today. 288 2.5. eBGP Endpoints: Global or Link-Local Addresses? 290 When running eBGP over IPv6, there are two options for the addresses 291 to use at each end of the eBGP session (or more properly, the 292 underlying TCP session): 294 a. Use link-local addresses for the eBGP session, OR 296 b. Use global addresses for the eBGP session. 298 Note that the choice here is the addresses to use for the eBGP 299 sessions, and not whether the link itself has global (or unique- 300 local) addresses. In particular, it is quite possible for the eBGP 301 session to use link-local addresses even when the link has global 302 addresses. 304 The big attraction for option (a) is security: an eBGP session using 305 link-local addresses is impossible to attack from a device that is 306 off-link. This provides very strong protection against TCP RST and 307 similar attacks. Though there are other ways to get an equivalent 308 level of security (e.g. GTSM [RFC5082], MD5 [RFC5925], or ACLs), 309 these other ways require additional configuration which can be 310 forgotten or potentially mis-configured. 312 However, there are a number of small disadvantages to using link- 313 local addresses: 315 o Using link-local addresses only works for single-hop eBGP 316 sessions; it does not work for multi-hop sessions. 318 o One must use "next-hop self" at both endpoints, otherwise 319 redistributing routes learned via eBGP into iBGP will not work. 320 (Some products enable "next-hop self" in this situation 321 automatically). 323 o Operators and their tools are used to referring to eBGP sessions 324 by address only, something that is not possible with link-local 325 addresses. 327 o If one is configuring parallel eBGP sessions for IPv4 and IPv6 328 routes, then using link-local addresses for the IPv6 session 329 introduces an extra difference between the two sessions which 330 could otherwise be avoided. 332 o On some products, an eBGP session using a link-local address is 333 more complex to configure than a session that use a global 334 address. 336 o If hardware or other issues cause one to move the cable to a 337 different local interface, then reconfiguration is required at 338 both ends: at the local end because the interface has changed (and 339 with link-local addresses, the interface must always be specified 340 along with the address), and at the remote end because the link- 341 local address has likely changed. (Contrast this with using 342 global addresses, where less re-configuration is required at the 343 local end, and no reconfiguration is required at the remote end). 345 o Finally, a strict interpretation of RFC 2545 can be seen as 346 forbidding running eBGP between link-local addresses, as RFC 2545 347 requires the BGP next-hop field to contain at least a global 348 address. 350 For these reasons, most operators today choose to have their eBGP 351 sessions use global addresses. 353 2.6. IGP Choice 355 One of the main decisions for an IPv6 implementor is the choice of 356 IGP (Interior Gateway Protocol) within the network. The primary 357 choices are the IETF protocols of RIP [RFC2080], OSPF [RFC2328] 358 [RFC5340] and IS-IS [RFC5120] [RFC5308], though some operators may 359 consider non-IETF protocols. Here we limit our discussion to the 360 pros and cons of OSPF vs. IS-IS. 362 Considering just OSPF vs. IS-IS, the options are: 364 a. Use OSPFv2 for IPv4 and OSPFv3 for IPv6, OR 366 b. Use OSPFv3 for both IPv4 and IPv6, OR 368 c. Use OSPFv2 for IPv4, and IS-IS for IPv6, OR 370 d. Use IS-IS for IPv4 and IPv6, OR 372 e. Use IS-IS for IPv4 and OSPFv3 for IPv6. 374 Note that options (a), (c), and (e) involve running two different 375 routing protocols, while options (b) and (d) involve running just one 376 routing protocol. 378 o A big factor in the choice is the protocol the operator is 379 currently using for routing IPv4. Option (e) is unlikely to be a 380 good choice for an operator currently using OSPF for IPv4 routing, 381 and similarly option (a) is unlikely to be a good choice for an 382 operator currently using IS-IS. 384 o A pro for options (a), (c), and (e), which use two routing 385 protocols, is that they give a hard separation between IPv4 and 386 IPv6 routing. Thus a problem with one protocol or one set of 387 routes is unlikely to affect the other. 389 o There are two cons for options (a), (c), and (e). One con is that 390 two sets of all the protocol mechanisms need to be maintained. On 391 a larger modern router, this is unlikely to be a problem, but on 392 some edge devices this might be an issue. The second con is that 393 some operational staff must be familiar with both protocols. For 394 many routing problems, the protocols are sufficiently similar that 395 they can be considered identical, but some problems require a 396 detailed knowledge of the differences. 398 o Option (b) requires the use of new protocol extensions that allow 399 OSPFv3 to also route IPv4. At the time of writing, these 400 extensions are still quite new. 402 3. General Observations 404 There are two themes that run though many of the design choices in 405 this document. This section presents some general discussion on 406 these two themes. 408 3.1. Use of Link-Local Addresses 410 The proper use of link-local addresses is a common theme in the IPv6 411 network design choices. Link-layer addresses are, of course, always 412 present in an IPv6 network, but current network design practice 413 mostly ignores them, despite efforts such as 414 [I-D.ietf-opsec-lla-only]. 416 There are three main reasons for this current practice: 418 o Network operators are concerned about the volatility of link-local 419 addresses based on MAC addresses, despite the fact that this 420 concern can be overcome by manually-configuring link-local 421 addresses; 423 o It is impossible to ping a link-local address from a device that 424 is not on the same subnet. This is a troubleshooting 425 disadvantage, though it can also be viewed as a security 426 advantage. 428 o Most operators are currently running networks that carry both IPv4 429 and IPv6 traffic, and wish to harmonize their IPv4 and IPv6 design 430 and operational practices where possible. 432 3.2. Separation of IPv4 and IPv6 434 Currently, most operators are running or planning to run networks 435 that carry both IPv4 and IPv6 traffic. Hence the question: To what 436 degree should IPv4 and IPv6 be kept separate? As can be seen above, 437 this breaks into two sub-questions: To what degree should IPv4 and 438 IPv6 traffic be kept separate, and to what degree should IPv4 and 439 IPv6 routing information be kept separate? 441 The general consensus around the first question is that IPv4 and IPv6 442 traffic should generally be mixed together. This recommendation is 443 driven by the operational simplicity of mixing the traffic, plus the 444 general observation that the service being offered to the end user is 445 Internet connectivity and most users do not know or care about the 446 differences between IPv4 and IPv6. Thus it is very desirable to mix 447 IPv4 and IPv6 on the same link to the end user. On other links, 448 separation is possible but more operationally complex, though it does 449 occasionally allow the operator to work around limitations on network 450 devices. The situation here is roughly comparable to IP and MPLS 451 traffic: many networks mix the two traffic types on the same links 452 without issues. 454 By contrast, there is more of an argument for carrying IPv6 routing 455 information over IPv6 transport, while leaving IPv4 routing 456 information on IPv4 transport. By doing this, one gets fate-sharing 457 between the control and data plane for each IP protocol version: if 458 the data plane fails for some reason, then often the control plane 459 will too. 461 4. IANA Considerations 463 This document makes no requests of IANA. 465 5. Security Considerations 467 (TBD) 469 6. Acknowledgements 471 Many, many people in the V6OPS working group provided comments and 472 suggestions that made their way into this document. A partial list 473 includes: Rajiv Asati, Fred Baker, Michael Behringer, Marc Blanchet, 474 Ron Bonica, Randy Bush, Cameron Byrne, Brian Carpenter, KK 475 Chittimaneni, Tim Chown, Lorenzo Colitti, Gert Doering, Bill Fenner, 476 Kedar K Gaonkar, Chris Grundemann, Steinar Haug, Ray Hunter, Joel 477 Jaeggli, Victor Kuarsingh, Ivan Pepelnjak, Alexandru Petrescu, Rob 478 Shakir, Mark Smith, Jean-Francois Tremblay, Tina Tsou, Dan York, and 479 Xuxiaohu. 481 The authors would also like to thank Pradeep Jain and Alastair 482 Johnson for helpful comments on a very preliminary version of this 483 document. 485 7. Informative References 487 [I-D.ietf-idr-bgp-multisession] 488 Scudder, J., Appanna, C., and I. Varlashkin, "Multisession 489 BGP", draft-ietf-idr-bgp-multisession-07 (work in 490 progress), September 2012. 492 [I-D.ietf-idr-dynamic-cap] 493 Ramachandra, S. and E. Chen, "Dynamic Capability for 494 BGP-4", draft-ietf-idr-dynamic-cap-14 (work in progress), 495 December 2011. 497 [I-D.ietf-opsec-lla-only] 498 Behringer, M. and E. Vyncke, "Using Only Link-Local 499 Addressing Inside an IPv6 Network", draft-ietf-opsec-lla- 500 only-07 (work in progress), February 2014. 502 [I-D.ietf-v6ops-enterprise-incremental-ipv6] 503 Chittimaneni, K., Chown, T., Howard, L., Kuarsingh, V., 504 Pouffary, Y., and E. Vyncke, "Enterprise IPv6 Deployment 505 Guidelines", draft-ietf-v6ops-enterprise-incremental- 506 ipv6-05 (work in progress), January 2014. 508 [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080, 509 January 1997. 511 [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. 513 [RFC4852] Bound, J., Pouffary, Y., Klynsma, S., Chown, T., and D. 514 Green, "IPv6 Enterprise Network Analysis - IP Layer 3 515 Focus", RFC 4852, April 2007. 517 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 518 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 519 September 2007. 521 [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. 522 Pignataro, "The Generalized TTL Security Mechanism 523 (GTSM)", RFC 5082, October 2007. 525 [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi 526 Topology (MT) Routing in Intermediate System to 527 Intermediate Systems (IS-ISs)", RFC 5120, February 2008. 529 [RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308, October 530 2008. 532 [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF 533 for IPv6", RFC 5340, July 2008. 535 [RFC5375] Van de Velde, G., Popoviciu, C., Chown, T., Bonness, O., 536 and C. Hahn, "IPv6 Unicast Address Assignment 537 Considerations", RFC 5375, December 2008. 539 [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP 540 Authentication Option", RFC 5925, June 2010. 542 [RFC5963] Gagliano, R., "IPv6 Deployment in Internet Exchange Points 543 (IXPs)", RFC 5963, August 2010. 545 [RFC6180] Arkko, J. and F. Baker, "Guidelines for Using IPv6 546 Transition Mechanisms during IPv6 Deployment", RFC 6180, 547 May 2011. 549 [RFC6342] Koodli, R., "Mobile Networks Considerations for IPv6 550 Deployment", RFC 6342, August 2011. 552 [RFC6782] Kuarsingh, V. and L. Howard, "Wireline Incremental IPv6", 553 RFC 6782, November 2012. 555 [RFC6883] Carpenter, B. and S. Jiang, "IPv6 Guidance for Internet 556 Content Providers and Application Service Providers", RFC 557 6883, March 2013. 559 Authors' Addresses 561 Philip Matthews 562 Alcatel-Lucent 563 600 March Road 564 Ottawa, Ontario K2K 2E6 565 Canada 567 Phone: +1 613-784-3139 568 Email: philip_matthews@magma.ca 569 Victor Kuarsingh 570 Dyn 571 150 Dow Street 572 Manchester, NH 03101 573 USA 575 Email: victor@jvknet.com