idnits 2.17.1 draft-templin-aerolink-24.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == The 'Obsoletes: ' line in the draft header should list only the _numbers_ of the RFCs which will be obsoleted by this document (if approved); it should not include the word 'RFC' in the list. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 2, 2014) is 3615 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC0768' is defined on line 1326, but no explicit reference was found in the text == Unused Reference: 'RFC0792' is defined on line 1332, but no explicit reference was found in the text == Unused Reference: 'RFC2460' is defined on line 1338, but no explicit reference was found in the text == Unused Reference: 'RFC4862' is defined on line 1362, but no explicit reference was found in the text == Unused Reference: 'RFC0879' is defined on line 1373, but no explicit reference was found in the text == Unused Reference: 'RFC6204' is defined on line 1425, but no explicit reference was found in the text == Unused Reference: 'RFC6691' is defined on line 1437, but no explicit reference was found in the text == Unused Reference: 'RFC6706' is defined on line 1440, but no explicit reference was found in the text == Unused Reference: 'RFC6980' is defined on line 1456, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) ** Obsolete normative reference: RFC 3633 (Obsoleted by RFC 8415) ** Obsolete normative reference: RFC 6434 (Obsoleted by RFC 8504) -- Obsolete informational reference (is this intentional?): RFC 879 (Obsoleted by RFC 7805, RFC 9293) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 5996 (Obsoleted by RFC 7296) -- Obsolete informational reference (is this intentional?): RFC 6204 (Obsoleted by RFC 7084) -- Obsolete informational reference (is this intentional?): RFC 6691 (Obsoleted by RFC 9293) Summary: 4 errors (**), 0 flaws (~~), 11 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group F. Templin, Ed. 3 Internet-Draft Boeing Research & Technology 4 Obsoletes: rfc6706 (if approved) June 2, 2014 5 Intended status: Standards Track 6 Expires: December 4, 2014 8 Transmission of IPv6 Packets over AERO Links 9 draft-templin-aerolink-24.txt 11 Abstract 13 This document specifies the operation of IPv6 over tunnel virtual 14 Non-Broadcast, Multiple Access (NBMA) links using Asymmetric Extended 15 Route Optimization (AERO). Nodes attached to AERO links can exchange 16 packets via trusted intermediate routers on the link that provide 17 forwarding services to reach off-link destinations and/or redirection 18 services to inform the node of an on-link neighbor that is closer to 19 the final destination. Operation of the IPv6 Neighbor Discovery (ND) 20 protocol over AERO links is based on an IPv6 link local address 21 format known as the AERO address. Authentication and admission 22 control are supported by the Dynamic Host Configuration Protocol for 23 IPv6 (DHCPv6). 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on December 4, 2014. 42 Copyright Notice 44 Copyright (c) 2014 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. Asymmetric Extended Route Optimization (AERO) . . . . . . . . 5 62 3.1. AERO Node Types . . . . . . . . . . . . . . . . . . . . . 5 63 3.2. AERO Addresses . . . . . . . . . . . . . . . . . . . . . 6 64 3.3. AERO Interface Characteristics . . . . . . . . . . . . . 6 65 3.3.1. Coordination of Multiple Underlying Interfaces . . . 8 66 3.4. AERO Interface Neighbor Cache Maintenace . . . . . . . . 8 67 3.5. AERO Interface Data Origin Authentication . . . . . . . . 10 68 3.6. AERO Interface MTU Considerations . . . . . . . . . . . . 10 69 3.7. AERO Interface Encapsulation, Re-encapsulation and 70 Decapsulation . . . . . . . . . . . . . . . . . . . . . . 12 71 3.8. AERO Router Discovery, Prefix Delegation and Address 72 Configuration . . . . . . . . . . . . . . . . . . . . . . 13 73 3.8.1. AERO Client Behavior . . . . . . . . . . . . . . . . 13 74 3.8.2. AERO Server Behavior . . . . . . . . . . . . . . . . 15 75 3.9. AERO Redirection . . . . . . . . . . . . . . . . . . . . 16 76 3.9.1. Reference Operational Scenario . . . . . . . . . . . 16 77 3.9.2. Classical Redirection Approaches . . . . . . . . . . 18 78 3.9.3. Concept of Operations . . . . . . . . . . . . . . . . 19 79 3.9.4. Message Format . . . . . . . . . . . . . . . . . . . 19 80 3.9.5. Sending Predirects . . . . . . . . . . . . . . . . . 20 81 3.9.6. Processing Predirects and Sending Redirects . . . . . 21 82 3.9.7. Re-encapsulating and Relaying Redirects . . . . . . . 23 83 3.9.8. Processing Redirects . . . . . . . . . . . . . . . . 23 84 3.10. Neighbor Reachability Maintenance . . . . . . . . . . . . 24 85 3.11. Mobility and Link-Layer Address Change Considerations . . 25 86 3.12. Encapsulation Protocol Version Considerations . . . . . . 26 87 3.13. Multicast Considerations . . . . . . . . . . . . . . . . 27 88 3.14. Operation on AERO Links Without DHCPv6 Services . . . . . 27 89 3.15. Operation on Server-less AERO Links . . . . . . . . . . . 27 90 3.16. Other Considerations . . . . . . . . . . . . . . . . . . 27 91 4. Implementation Status . . . . . . . . . . . . . . . . . . . . 28 92 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 93 6. Security Considerations . . . . . . . . . . . . . . . . . . . 28 94 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 29 95 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 29 96 8.1. Normative References . . . . . . . . . . . . . . . . . . 29 97 8.2. Informative References . . . . . . . . . . . . . . . . . 30 98 Appendix A. AERO Server and Relay Interworking . . . . . . . . . 32 99 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 34 101 1. Introduction 103 This document specifies the operation of IPv6 over tunnel virtual 104 Non-Broadcast, Multiple Access (NBMA) links using Asymmetric Extended 105 Route Optimization (AERO). Nodes attached to AERO links can exchange 106 packets via trusted intermediate routers on the link that provide 107 forwarding services to reach off-link destinations and/or redirection 108 services to inform the node of an on-link neighbor that is closer to 109 the final destination. This redirection provides a route 110 optimization capability that addresses the requirements outlined in 111 [RFC5522]. 113 Nodes on AERO links use an IPv6 link-local address format known as 114 the AERO Address. This address type has properties that avoid 115 duplication and statelessly link IPv6 Neighbor Discovery (ND) 116 [RFC4861] to IPv6 routing. The AERO link can be used for tunneling 117 to neighboring nodes on either IPv6 or IPv4 networks, i.e., AERO 118 views the IPv6 and IPv4 networks as equivalent links for tunneling. 119 Authentication and admission control are supported by the Dynamic 120 Host Configuration Protocol for IPv6 (DHCPv6) [RFC3315]. The 121 remainder of this document presents the AERO specification. 123 2. Terminology 125 The terminology in the normative references applies; the following 126 terms are defined within the scope of this document: 128 AERO link 129 a Non-Broadcast, Multiple Access (NBMA) tunnel virtual overlay 130 configured over a node's attached IPv6 and/or IPv4 networks. All 131 nodes on the AERO link appear as single-hop neighbors from the 132 perspective of IPv6. 134 AERO interface 135 a node's attachment to an AERO link. 137 AERO address 138 an IPv6 link-local address assigned to an AERO interface and 139 constructed as specified in Section 3.2. 141 AERO node 142 a node that is connected to an AERO link and that participates in 143 IPv6 Neighbor Discovery over the link. 145 AERO Client ("client") 146 a node that configures either a host interface or a router 147 interface on an AERO link. 149 AERO Server ("server") 150 a node that configures a router interface on an AERO link over 151 which it can provide default forwarding and redirection services 152 for other AERO nodes. 154 AERO Relay ("relay") 155 a node that relays IPv6 packets between Servers on the same AERO 156 link, and/or that forwards IPv6 packets between the AERO link and 157 the IPv6 Internet. An AERO Relay may or may not also be 158 configured as an AERO Server. 160 ingress tunnel endpoint (ITE) 161 an AERO interface endpoint that injects tunneled packets into an 162 AERO link. 164 egress tunnel endpoint (ETE) 165 an AERO interface endpoint that receives tunneled packets from an 166 AERO link. 168 underlying network 169 a connected IPv6 or IPv4 network routing region over which AERO 170 nodes tunnel IPv6 packets. 172 underlying interface 173 an AERO node's interface point of attachment to an underlying 174 network. 176 link-layer address 177 an IP address assigned to an AERO node's underlying interface. 178 When UDP encapsulation is used, the UDP port number is also 179 considered as part of the link-layer address. Link-layer 180 addresses are used as the encapsulation header source and 181 destination addresses. 183 network layer address 184 the source or destination address of the encapsulated IPv6 packet. 186 end user network (EUN) 187 an IPv6 network attached to a downstream interface of an AERO 188 Client (where the AERO interface is seen as the upstream 189 interface). 191 Throughout the document, the simple terms "Client", "Server" and 192 "Relay" refer to "AERO Client", "AERO Server" and "AERO Relay", 193 respectively. Capitalization is used to distinguish these terms from 194 DHCPv6 client/server/relay. This is an important distinction, since 195 an AERO Server may be a DHCPv6 relay, and an AERO Relay may be a 196 DHCPv6 server. 198 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 199 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 200 document are to be interpreted as described in [RFC2119]. 202 3. Asymmetric Extended Route Optimization (AERO) 204 The following sections specify the operation of IPv6 over Asymmetric 205 Extended Route Optimization (AERO) links: 207 3.1. AERO Node Types 209 AERO Relays relay packets between nodes connected to the same AERO 210 link and also forward packets between the AERO link and the native 211 IPv6 network. The relaying process entails re-encapsulation of IPv6 212 packets that were received from a first AERO node and are to be 213 forwarded without modification to a second AERO node. 215 AERO Servers configure their AERO interfaces as router interfaces, 216 and provide default routing services to AERO Clients. AERO Servers 217 configure a DHCPv6 relay or server function and facilitate DHCPv6 218 Prefix Delegation (PD) exchanges. An AERO Server may also act as an 219 AERO Relay. 221 AERO Clients act as requesting routers to receive IPv6 prefixes 222 through a DHCPv6 PD exchange via AERO Servers over the AERO link. 223 (Each client MAY associate with multiple Servers, but associating 224 with many Servers may result in excessive control message overhead.) 225 Each AERO Client receives at least a /64 prefix delegation, and may 226 receive even shorter prefixes. 228 AERO Clients that act as routers configure their AERO interfaces as 229 router interfaces and sub-delegate portions of their received prefix 230 delegations to links on EUNs. End system applications on AERO 231 Clients that act as routers bind to EUN interfaces (i.e., and not the 232 AERO interface). 234 AERO Clients that act as ordinary hosts configure their AERO 235 interfaces as host interfaces and assign one or more IPv6 addresses 236 taken from their received prefix delegations to the AERO interface 237 but DO NOT assign the delegated prefix itself to the AERO interface. 238 Instead, the host assigns the delegated prefix to a "black hole" 239 route so that unused portions of the prefix are nullified. End 240 system applications on AERO Clients that act as hosts bind directly 241 to the AERO interface. 243 3.2. AERO Addresses 245 An AERO address is an IPv6 link-local address assigned to an AERO 246 interface and with an IPv6 prefix embedded within the interface 247 identifier. The AERO address is formatted as: 249 fe80::[IPv6 prefix] 251 The AERO address begins with the prefix fe80::/64 and includes in its 252 interface identifier the base /64 prefix taken from the Client's 253 delegated IPv6 prefix. The base prefix is determined by masking the 254 delegated prefix with the prefix length. For example, if an AERO 255 Client has received the prefix delegation: 257 2001:db8:1000:2000::/56 259 it would construct its AERO address as: 261 fe80::2001:db8:1000:2000 263 The AERO address remains stable as the Client moves between 264 topological locations, i.e., even if its underlying address changes. 266 Each AERO Server configures the AERO address fe80:: as an AERO 267 interface Subnet Router Anycast address; this corresponds to the IPv6 268 prefix '::/0'. 270 3.3. AERO Interface Characteristics 272 AERO interfaces use IPv6-in-IPv6 encapsulation [RFC2473] to exchange 273 tunneled packets with AERO neighbors attached to an underlying IPv6 274 network, and use IPv6-in-IPv4 encapsulation [RFC4213] to exchange 275 tunneled packets with AERO neighbors attached to an underlying IPv4 276 network. AERO interfaces can also operate over secured tunnel types 277 such as IPsec [RFC4301] or TLS [RFC5246]. When Network Address 278 Translator (NAT) traversal and/or filtering middlebox traversal may 279 be necessary, a UDP header is further inserted immediately above the 280 IP encapsulation header. 282 Servers assign the AERO address fe80:: to their AERO interfaces as a 283 (link-local) Subnet Router Anycast address. Servers and Relays also 284 configure an administratively assigned link-local address fe80::ID 285 (where ID is an integer value between [1, (2^32-1))) to support the 286 operation of the IPv6 Neighbor Discovery protocol and the inter- 287 Server/Relay routing system (see: [IRON]). 289 Clients initially use a temporary IPv6 link-local source address 290 fe80::ffff:ffff in the DHCPv6 PD exchanges used to receive an IPv6 291 prefix and derive an AERO address. After the Client receives a 292 prefix delegation, it assigns the corresponding AERO address to the 293 AERO interface and discontinues use of the temporary address. DHCPv6 294 is therefore used to bootstrap the assignment of unique link-local 295 addresses on the AERO interface for subsequent use in IPv6 ND 296 messaging. 298 AERO interfaces maintain a neighbor cache and use an adaptation of 299 standard unicast IPv6 ND messaging. AERO interfaces use unicast 300 Neighbor Solicitation (NS), Neighbor Advertisement (NA), Router 301 Solicitation (RS) and Router Advertisement (RA) messages the same as 302 for any IPv6 link. AERO interfaces use two redirection message types 303 -- the first being the standard Redirect message and the second known 304 as a Predirect message (see Section 3.9). AERO links further use 305 link-local-only addressing; hence, Clients ignore any Prefix 306 Information Options (PIOs) they may receive in RA messages. 308 AERO interface Redirect/Predirect messages include Target Link Layer 309 Address Options (TLLAOs) formatted as shown in Figure 1: 311 0 1 2 3 312 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 313 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 314 | Type = 2 | Length = 3 | Reserved | 315 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 316 | Link ID | Preference | UDP Port Number (or 0) | 317 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 318 | | 319 +-- --+ 320 | | 321 +-- IP Address --+ 322 | | 323 +-- --+ 324 | | 325 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 327 Figure 1: AERO Target Link Layer Address Option (TLLAO) Format 329 In this format, Link ID is an integer value between 0 and 255 330 corresponding to an underlying interface of the source/target node, 331 and Preference is an integer value between 0 and 255 indicating the 332 node's preference for this underlying interface, with 0 being highest 333 preference and 255 being lowest. UDP Port Number and IP Address are 334 set to the addresses used by the target node when it sends 335 encapsulated packets over the underlying interface. When no UDP 336 encapsulation is used, UDP Port Number is set to 0. When the 337 encapsulation IP address family is IPv4, IP Address is formed as an 338 IPv4-compatible IPv6 address [RFC4291]. 340 AERO interface Redirect/Predirect messages can both update and create 341 neighbor cache entries. Redirect/Predirect messages SHOULD include a 342 Timestamp option (see Section 5.3 of [RFC3971]) that other AERO nodes 343 can use to verify the message time of origin. 345 AERO interface NS/NA/RS/RA messages only update existing neighbor 346 cache entires and do not create new neighbor cache entries. NS/RS 347 messages SHOULD include a Nonce option (see Section 5.3 of 348 [RFC3971]). If an NS/RS message contains a Nonce option, the 349 recipient MUST echo the option back in the corresponding NA/RA 350 response. Unsolicited NA/RA messages are not used on AERO 351 interfaces, and SHOULD be ignored on receipt. 353 3.3.1. Coordination of Multiple Underlying Interfaces 355 AERO interfaces may be configured over multiple underlying 356 interfaces. For example, common handheld devices of the modern era 357 have both wireless local area network (aka "WiFi") and cellular 358 wireless links. These links are typically used "one at a time" with 359 low-cost WiFi preferred and highly-available cellular wireless as a 360 cold standby. In a more complex example, aircraft frequently have 361 many wireless data link types (e.g. satellite-based, terrestrial, 362 directional point-to-point, etc.) with diverse performance and cost 363 properties. 365 If a Client's multiple underlying interfaces are used "one at a time" 366 (i.e., all other interfaces are inactive while one interface is 367 active), then Predirect/Redirect messages MUST include only a single 368 TLLAO with Link ID set to 0. 370 If the Client has multiple active underlying interfaces, then from 371 the perspective of IPv6 ND it would appear to have a single link- 372 local address with multiple link-layer addresses. In that case, 373 Predirect/Redirect messages MAY include multiple TLLAOs (each with a 374 different Link ID), and NS/NA/RS/NA messages include a single S/TLLAO 375 (with Link ID set to a value that identifies the underlying link). 376 Further details on coordination of multiple active underlying 377 interfaces are outside the scope of this specification. 379 3.4. AERO Interface Neighbor Cache Maintenace 381 Each AERO interface maintains a conceptual neighbor cache that 382 includes an entry for each neighbor it communicates with on the AERO 383 link, the same as for any IPv6 interface (see [RFC4861]). Neighbor 384 cache entries are created and maintained as follows: 386 When an AERO Server relays a DHCPv6 Reply message to an AERO Client, 387 it creates or updates a neighbor cache entry for the Client based on 388 the AERO address corresponding to the prefix in the IA_PD option as 389 the Client's network layer address and with the Client's 390 encapsulation IP address and UDP port number as the link-layer 391 address. 393 When an AERO Client receives a DHCPv6 Reply message from an AERO 394 Server, it creates or updates a neighbor cache entry for the Server 395 based on link-local address in the Reply as the network layer address 396 and the Server's encapsulation IP address and UDP port number as the 397 link-layer address. 399 When an AERO Client receives a valid Predirect message it creates or 400 updates a neighbor cache entry for the Predirect target network-layer 401 and link-layer addresses, and also creates an IPv6 forwarding table 402 entry for the predirected (source) prefix. The node then sets an 403 "ACCEPT" timer for the neighbor and uses this timer to determine 404 whether messages received from the predirected neighbor can be 405 accepted. 407 When an AERO Client receives a valid Redirect message it creates or 408 updates a neighbor cache entry for the redirected target network- 409 layer and link-layer addresses, and also creates an IPv6 forwarding 410 table entry for the redirected (destination) prefix. The node then 411 sets a "FORWARD" timer for the neighbor and uses this timer to 412 determine whether packets can be sent directly to the redirected 413 neighbor. The node also maintains a constant value MAX_RETRY to 414 limit the number of keepalives sent when a neighbor may have gone 415 unreachable. 417 When an AERO Client receives a valid NS message it (re)sets the 418 ACCEPT timer for the neighbor to ACCEPT_TIME. 420 When an AERO Client receives a valid NA message, it (re)sets the 421 FORWARD timer for the neighbor to FORWARD_TIME. 423 It is RECOMMENDED that FORWARD_TIME be set to the default constant 424 value 30 seconds to match the default REACHABLE_TIME value specified 425 for IPv6 neighbor discovery [RFC4861]. 427 It is RECOMMENDED that ACCEPT_TIME be set to the default constant 428 value 40 seconds to allow a 10 second window so that the AERO 429 redirection procedure can converge before the ACCEPT timer decrements 430 below FORWARD_TIME. 432 It is RECOMMENDED that MAX_RETRY be set to 3 the same as described 433 for IPv6 neighbor discovery address resolution in Section 7.3.3 of 434 [RFC4861]. 436 Different values for FORWARD_TIME, ACCEPT_TIME, and MAX_RETRY MAY be 437 administratively set, if necessary, to better match the AERO link's 438 performance characteristics; however, if different values are chosen, 439 all nodes on the link MUST consistently configure the same values. 440 In particular, ACCEPT_TIME SHOULD be set to a value that is 441 sufficiently longer than FORWARD_TIME to allow the AERO redirection 442 procedure to converge. 444 3.5. AERO Interface Data Origin Authentication 446 AERO nodes use a simple data origin authentication for encapsulated 447 packets they receive from other nodes. In particular, AERO nodes 448 accept encapsulated packets with a link-layer source address 449 belonging to one of their current AERO Servers and accept 450 encapsulated packets with a link-layer source address that is correct 451 for the network-layer source address. 453 The AERO node considers the link-layer source address correct for the 454 network-layer source address if there is an IPv6 forwarding table 455 entry that matches the network-layer source address as well as a 456 neighbor cache entry corresponding to the next hop that includes the 457 link-layer address and the ACCEPT timer is non-zero. 459 3.6. AERO Interface MTU Considerations 461 The AERO link Maximum Transmission Unit (MTU) is 64KB minus the 462 encapsulation overhead for IPv4 [RFC0791] and 4GB minus the 463 encapsulation overhead for IPv6 [RFC2675]. This is the most that 464 IPv4 and IPv6 (respectively) can convey within the constraints of 465 protocol constants, but actual sizes available for tunneling will 466 frequently be much smaller. 468 The base tunneling specifications for IPv4 and IPv6 typically set a 469 static MTU on the tunnel interface to 1500 bytes minus the 470 encapsulation overhead or smaller still if the tunnel is likely to 471 incur additional encapsulations on the path. This can result in path 472 MTU related black holes when packets that are too large to be 473 accommodated over the AERO link are dropped, but the resulting ICMP 474 Packet Too Big (PTB) messages are lost on the return path. As a 475 result, AERO nodes use the following MTU mitigations to accommodate 476 larger packets. 478 AERO nodes set their AERO interface MTU to the larger of the 479 underlying interface MTU minus the encapsulation overhead, and 1500 480 bytes. (If there are multiple underlying interfaces, the node sets 481 the AERO interface MTU according to the largest underlying interface 482 MTU, or 64KB /4G minus the encapsulation overhead if the largest MTU 483 cannot be determined.) AERO nodes optionally cache other per- 484 neighbor MTU values in the underlying IP path MTU discovery cache 485 initialized to the underlying interface MTU. 487 AERO nodes admit packets that are no larger than 1280 bytes minus the 488 encapsulation overhead (*) as well as packets that are larger than 489 1500 bytes into the tunnel without fragmentation, i.e., as long as 490 they are no larger than the AERO interface MTU before encapsulation 491 and also no larger than the cached per-neighbor MTU following 492 encapsulation. For IPv4, the node sets the "Don't Fragment" (DF) bit 493 to 0 for packets no larger than 1280 bytes minus the encapsulation 494 overhead (*) and sets the DF bit to 1 for packets larger than 1500 495 bytes. If a large packet is lost in the path, the node may 496 optionally cache the MTU reported in the resulting PTB message or may 497 ignore the message, e.g., if there is a possibility that the message 498 is spurious. 500 For packets destined to an AERO node that are larger than 1280 bytes 501 minus the encapsulation overhead (*) but no larger than 1500 bytes, 502 the node uses IP fragmentation to fragment the encapsulated packet 503 into two pieces (where the first fragment contains 1024 bytes of the 504 original IPv6 packet) then admits the fragments into the tunnel. If 505 the encapsulation protocol is IPv4, the node admits each fragment 506 into the tunnel with DF set to 0 and subject to rate limiting to 507 avoid reassembly errors [RFC4963][RFC6864]. For both IPv4 and IPv6, 508 the node also sends a 1500 byte probe message (**) to the neighbor, 509 subject to rate limiting. 511 To construct a probe, the node prepares an NS message with a Nonce 512 option plus trailing padding octets added to a length of 1500 bytes 513 without including the length of the padding in the IPv6 Payload 514 Length field. The node then encapsulates the NS in the encapsulation 515 headers (while including the length of the padding in the 516 encapsulation header length fields), sets DF to 1 (for IPv4) and 517 sends the padded NS message to the neighbor. If the neighbor returns 518 an NA message with a correct Nonce value, the node may then send 519 whole packets within this size range and (for IPv4) relax the rate 520 limiting requirement. (Note that the trailing padding SHOULD NOT be 521 included within the Nonce option itself but rather as padding beyond 522 the last option in the NS message; otherwise, the (large) Nonce 523 option would be echoed back in the solicited NA message and may be 524 lost at a link with a small MTU along the reverse path.) 525 AERO nodes MUST be capable of reassembling packets up to 1500 bytes 526 plus the encapsulation overhead length. It is therefore RECOMMENDED 527 that AERO nodes be capable of reassembling at least 2KB. 529 (*) Note that if it is known without probing that the minimum Path 530 MTU to an AERO node is MINMTU bytes (where 1280 < MINMTU < 1500) then 531 MINMTU can be used instead of 1280 in the fragmentation threshold 532 considerations listed above. 534 (**) It is RECOMMENDED that no probes smaller than 1500 bytes be used 535 for MTU probing purposes, since smaller probes may be fragmented if 536 there is a nested tunnel somewhere on the path to the neighbor. 537 Probe sizes larger than 1500 bytes MAY be used, but may be 538 unnecessary since original sources are expected to implement 539 [RFC4821] when sending large packets. 541 3.7. AERO Interface Encapsulation, Re-encapsulation and Decapsulation 543 AERO interfaces encapsulate IPv6 packets according to whether they 544 are entering the AERO interface for the first time or if they are 545 being forwarded out the same AERO interface that they arrived on. 546 This latter form of encapsulation is known as "re-encapsulation". 548 AERO interfaces encapsulate packets per the specifications in 549 [RFC2473][RFC4213][RFC4301][RFC5246] except that the interface copies 550 the "Hop Limit", "Traffic Class" and "Congestion Experienced" values 551 in the packet's IPv6 header into the corresponding fields in the 552 encapsulation header. For packets undergoing re-encapsulation, the 553 AERO interface instead copies the "TTL/Hop Limit", "Type of Service/ 554 Traffic Class" and "Congestion Experienced" values in the original 555 encapsulation header into the corresponding fields in the new 556 encapsulation header (i.e., the values are transferred between 557 encapsulation headers and *not* copied from the encapsulated packet's 558 network-layer header). 560 When AERO UDP encapsulation is used, the AERO interface encapsulates 561 the packet per the specifications in [RFC2473][RFC4213] except that 562 it inserts a UDP header between the encapsulation header and IPv6 563 packet header. The AERO interface sets the UDP source port to a 564 constant value that it will use in each successive packet it sends, 565 sets the UDP checksum field to zero (see: [RFC6935][RFC6936]) and 566 sets the UDP length field to the length of the IPv6 packet plus 8 567 bytes for the UDP header itself. For packets sent via a Server, the 568 AERO interface sets the UDP destination port to 8060 (i.e., the IANA- 569 registered port number for AERO) when AERO-only encapsulation is 570 used. For packets sent to a neighboring Client, the AERO interface 571 sets the UDP destination port to the port value stored in the 572 neighbor cache entry for this neighbor. 574 The AERO interface next sets the IP protocol number in the 575 encapsulation header to the appropriate value for the first protocol 576 layer within the encapsulation (e.g., IPv6, UDP, IPsec, etc.). When 577 IPv6 is used as the encapsulation protocol, the interface then sets 578 the flow label value in the encapsulation header the same as 579 described in [RFC6438]. When IPv4 is used as the encapsulation 580 protocol, the AERO interface sets the DF bit as discussed in 581 Section 3.6. 583 AERO interfaces decapsulate packets destined either to the node 584 itself or to a destination reached via an interface other than the 585 receiving AERO interface. When AERO UDP encapsulation is used (i.e., 586 when a UDP header with destination port 8060 is present) the 587 interface examines the first octet of the encapsulated packet. If 588 the most significant four bits of the first octet encode the value 589 '0110' (i.e., the version number value for IPv6), the packet is 590 accepted and the encapsulating UDP header is discarded; otherwise, 591 the packet is discarded. 593 Further decapsulation then proceeds according to the appropriate 594 tunnel type [RFC2473][RFC4213][RFC4301][RFC5246]. 596 3.8. AERO Router Discovery, Prefix Delegation and Address Configuration 598 3.8.1. AERO Client Behavior 600 AERO Clients observe the IPv6 node requirements defined in [RFC6434]. 601 AERO Clients first discover the link-layer addresses of AERO Servers 602 via static configuration, or through an automated means such as DNS 603 name resolution. In the absence of other information, the Client 604 resolves the Fully-Qualified Domain Name (FQDN) 605 "linkupnetworks.domainname", where "domainname" is the DNS domain 606 appropriate for the Client's attached underlying network. After 607 discovering the link-layer addresses, the Client associates with one 608 or more of the corresponding Servers. 610 To associate with a Server, the Client acts as a requesting router to 611 request an IPv6 prefix through DHCPv6 PD [RFC3315][RFC3633][RFC6355] 612 using fe80::ffff:ffff as the IPv6 source address, 613 'All_DHCP_Relay_Agents_and_Servers' as the IPv6 destination address 614 and the link-layer address of the Server as the link-layer 615 destination address. The Client includes a DHCPv6 Unique Identifier 616 (DUID) in the Client Identifier option of its DHCPv6 messages (as 617 well as DHCPv6 authentication options if necessary) to identify 618 itself to the DHCPv6 server. If the Client is pre-provisioned with 619 an IPv6 prefix associated with the AERO service, it MAY also include 620 the prefix in an IA_PD option in its DHCPv6 Request to indicate its 621 preferred prefix to the DHCPv6 server. The Client then sends the 622 encapsulated DHCPv6 request via an underlying interface. 624 When the Client receives its prefix delegation via a Reply from the 625 DHCPv6 server, it creates a neighbor cache entry with the Server's 626 link-local address (i.e., fe80::ID) as the network layer address and 627 the Server's encapsulation address as the link-layer addresses. 628 Next, the Client assigns the link-local AERO address taken from the 629 delegated prefix to the AERO interface and sub-delegates the prefix 630 to nodes and links within its attached EUNs (the AERO link-local 631 address thereafter remains stable as the Client moves). The Client 632 also sets both the ACCEPT and FORWARD timers for each Server to 633 infinity, since the Client will remain with this Server unless it 634 explicitly terminates the association. The Client further renews its 635 prefix delegation by performing DHCPv6 Renew/Reply exchanges with its 636 AERO address as the IPv6 source address, 637 'All_DHCP_Relay_Agents_and_Servers' as the IPv6 destination address, 638 the link-layer address of a Server as the link-layer destination 639 address and the same DUID and authentication information. If the 640 Client wishes to associate with multiple Servers, it can perform 641 DHCPv6 Renew/Reply exchanges via each of the Servers. 643 The Client then sends an RS message to each of its associated Servers 644 to receive an RA message with a default router lifetime and any other 645 link-specific parameters. When the Client receives an RA message, it 646 configures or updates a default route according to the default router 647 lifetime but ignores any Prefix Information Options (PIOs) included 648 in the RA message since the AERO link is link-local-only. The Client 649 further ignores any RS messages it might receive, since only Servers 650 may process RS messages. 652 The Client then sends periodic RS messages to each Server (subject to 653 rate limiting) to obtain new RA messages for Neighbor Unreachability 654 Detection (NUD), to refresh any network state, and to update the 655 default router lifetime and any other link-specific parameters. The 656 Client can also forward IPv6 packets destined to networks beyond its 657 local EUNs via a Server as an IPv6 default router. The Server may in 658 turn return a redirection message informing the Client of a neighbor 659 on the AERO link that is topologically closer to the final 660 destination as specified in Section 3.9. 662 Note that, since the Client's AERO address is configured from the 663 unique DHCPv6 prefix delegation it receives, there is no need for 664 Duplicate Address Detection (DAD) on AERO links. Other nodes 665 maliciously attempting to hijack an authorized Client's AERO address 666 will be denied due to an unacceptable link-layer address and/or 667 security parameters (see: Security Considerations). 669 3.8.2. AERO Server Behavior 671 AERO Servers observe the IPv6 router requirements defined in 672 [RFC6434] and further configure a DHCPv6 relay function on their AERO 673 links. When the AERO Server relays a Client's DHCPv6 PD messages to 674 the DHCPv6 server, it wraps each message in a "Relay-forward" message 675 per [RFC3315] and includes a DHCPv6 Interface Identifier option that 676 encodes a value that identifies the AERO link to the DHCPv6 server. 678 The Server then includes the Client's link-layer address in a DHCPv6 679 Client Link Layer Address Option (CLLAO) [RFC6939] with the link- 680 layer address format shown in Figure 1 (i.e., Link ID followed by 681 Preference followed by UDP Port Number followed by IP Address). The 682 Server sets the CLLAO 'option-length' field to 22 (2 plus the length 683 of the link-layer address) and sets the 'link-layer type' field to 684 TBD (see: IANA Considerations). The Server finally includes a DHCPv6 685 Echo Request Option (ERO) [RFC4994] that encodes the option code for 686 the CLLAO in a 'requested-option-code-n' field. The CLLAO 687 information will therefore subsequently be echoed back in the DHCPv6 688 Server's "Relay-reply" message. 690 When the DHCPv6 server issues the IPv6 prefix delegation in a "Relay- 691 reply" message via the AERO Server (acting as a DHCPv6 relay), the 692 AERO Server obtains the Client's link-layer address from the echoed 693 CLLAO option and obtains the Client's delegated prefix from the 694 included IA_PD option. The Server then creates a neighbor cache 695 entry for the Client's AERO address with the Client's link-layer 696 address as the link-layer address for the neighbor cache entry. The 697 neighbor cache entry is created with both ACCEPT and FORWARD timers 698 set to infinity, since the Client will remain with this Server unless 699 it explicitly terminates the association. (However, the Server 700 SHOULD set a finite expiration timer for the neighbor cache entry 701 itself in case the Client goes unreachable for an extended period of 702 time.) 704 The Server also configures an IPv6 forwarding table entry that lists 705 the Client's AERO address as the next hop toward the delegated IPv6 706 prefix with a lifetime derived from the DHCPv6 lease lifetime. The 707 Server finally injects the Client's prefix as an IPv6 route into the 708 inter-Server/Relay routing system (see: [IRON]) then relays the 709 DHCPv6 message to the Client while using fe80::ID as the IPv6 source 710 address, the link-local address found in the "peer address" field of 711 the Relay-reply message as the IPv6 destination address, and the 712 Client's link-layer address as the destination link-layer address. 714 Servers respond to RS/NS messages from Clients on their AERO 715 interfaces by returning an RA/NA message. The Server SHOULD NOT 716 include PIOs in the RA messages it sends to Clients, since the Client 717 will ignore any such options. 719 Servers ignore any RA messages they may receive from a Client. 720 Servers MAY examine RA messages received from other Servers for 721 consistency verification purposes. 723 When the Server forwards a packet via the same AERO interface on 724 which it arrived, it initiates an AERO route optimization procedure 725 as specified in Section 3.9. 727 3.9. AERO Redirection 729 3.9.1. Reference Operational Scenario 731 Figure 2 depicts the AERO redirection reference operational scenario. 732 The figure shows an AERO Server('A'), two AERO Clients ('B', 'D') and 733 three ordinary IPv6 hosts ('C', 'E', 'F'): 735 .-(::::::::) 736 .-(::: IPv6 :::)-. +-------------+ 737 (:::: Internet ::::)--| Host F | 738 `-(::::::::::::)-' +-------------+ 739 `-(::::::)-' 2001:db8:2::1 740 | 741 +--------------+ 742 | AERO Server A| 743 | (C->B; E->D) | 744 +--------------+ 745 fe80::ID 746 L2(A) 747 | 748 X-----+-----------+-----------+--------X 749 | AERO Link | 750 L2(B) L2(C) 751 fe80::2001:db8:0:0 fe80::2001:db8:1:0 .-. 752 +--------------+ +--------------+ ,-( _)-. 753 | AERO Client B| | AERO Client C| .-(_ IPv6 )-. 754 | (default->A) | | (default->A) |--(__ EUN ) 755 +--------------+ +--------------+ `-(______)-' 756 2001:DB8:0::/48 2001:DB8:1::/48 | 757 | 2001:db8:1::1 758 .-. +-------------+ 759 ,-( _)-. 2001:db8:0::1 | Host E | 760 .-(_ IPv6 )-. +-------------+ +-------------+ 761 (__ EUN )--| Host D | 762 `-(______)-' +-------------+ 764 Figure 2: AERO Reference Operational Scenario 766 In Figure 2, AERO Server ('A') connects to the AERO link and connects 767 to the IPv6 Internet, either directly or via an AERO Relay (not 768 shown). Server ('A') assigns the address fe80::ID to its AERO 769 interface with link-layer address L2(A). Server ('A') next arranges 770 to add L2(A) to a published list of valid Servers for the AERO link. 772 AERO Client ('B') receives the IPv6 prefix 2001:db8:0::/48 in a 773 DHCPv6 PD exchange via AERO Server ('A') then assigns the address 774 fe80::2001:db8:0:0 to its AERO interface with link-layer address 775 L2(B). Client ('B') configures a default route and neighbor cache 776 entry via the AERO interface with next-hop address fe80::ID and link- 777 layer address L2(A), then sub-delegates the prefix 2001:db8:0::/48 to 778 its attached EUNs. IPv6 host ('D') connects to the EUN, and 779 configures the address 2001:db8:0::1. 781 AERO Client ('C') receives the IPv6 prefix 2001:db8:1::/48 in a 782 DHCPv6 PD exchange via AERO Server ('A') then assigns the address 783 fe80::2001:db8:1:0 to its AERO interface with link-layer address 784 L2(C). Client ('C') configures a default route and neighbor cache 785 entry via the AERO interface with next-hop address fe80::ID and link- 786 layer address L2(A), then sub-delegates the prefix 2001:db8:1::/48 to 787 its attached EUNs. IPv6 host ('E') connects to the EUN, and 788 configures the address 2001:db8:1::1. 790 Finally, IPv6 host ('F') connects to an IPv6 network outside of the 791 AERO link domain. Host ('F') configures its IPv6 interface in a 792 manner specific to its attached IPv6 link, and assigns the address 793 2001:db8:2::1 to its IPv6 link interface. 795 3.9.2. Classical Redirection Approaches 797 With reference to Figure 2, when the IPv6 source host ('D') sends a 798 packet to an IPv6 destination host ('E'), the packet is first 799 forwarded via the EUN to AERO Client ('B'). Client ('B') then 800 forwards the packet over its AERO interface to AERO Server ('A'), 801 which then re-encapsulates and forwards the packet to AERO Client 802 ('C'), where the packet is finally forwarded to the IPv6 destination 803 host ('E'). When Server ('A') re-encapsulates and forwards the 804 packet back out on its advertising AERO interface, it must arrange to 805 redirect Client ('B') toward Client ('C') as a better next-hop node 806 on the AERO link that is closer to the final destination. However, 807 this redirection process applied to AERO interfaces must be more 808 carefully orchestrated than on ordinary links since the parties may 809 be separated by potentially many underlying network routing hops. 811 Consider a first alternative in which Server ('A') informs Client 812 ('B') only and does not inform Client ('C') (i.e., "classical 813 redirection"). In that case, Client ('C') has no way of knowing that 814 Client ('B') is authorized to forward packets from the claimed source 815 address, and it may simply elect to drop the packets. Also, Client 816 ('B') has no way of knowing whether Client ('C') is performing some 817 form of source address filtering that would reject packets arriving 818 from a node other than a trusted default router, nor whether Client 819 ('C') is even reachable via a direct path that does not involve 820 Server ('A'). 822 Consider a second alternative in which Server ('A') informs both 823 Client ('B') and Client ('C') separately, via independent redirection 824 control messages (i.e., "augmented redirection"). In that case, if 825 Client ('B') receives the redirection control message but Client 826 ('C') does not, subsequent packets sent by Client ('B') could be 827 dropped due to filtering since Client ('C') would not have a route to 828 verify the claimed source address. Also, if Client ('C') receives 829 the redirection control message but Client ('B') does not, subsequent 830 packets sent in the reverse direction by Client ('C') would be lost. 832 Since both of these alternatives have shortcomings, a new redirection 833 technique (i.e., "AERO redirection") is needed. 835 3.9.3. Concept of Operations 837 Again, with reference to Figure 2, when source host ('D') sends a 838 packet to destination host ('E'), the packet is first forwarded over 839 the source host's attached EUN to Client ('B'), which then forwards 840 the packet via its AERO interface to Server ('A'). 842 Server ('A') then re-encapsulates and forwards the packet out the 843 same AERO interface toward Client ('C') and also sends an AERO 844 "Predirect" message forward to Client ('C') as specified in 845 Section 3.9.5. The Predirect message includes Client ('B')'s 846 network- and link-layer addresses as well as information that Client 847 ('C') can use to determine the IPv6 prefix used by Client ('B') . 848 After Client ('C') receives the Predirect message, it process the 849 message and returns an AERO Redirect message destined for Client 850 ('B') via Server ('A') as specified in Section 3.9.6. During the 851 process, Client ('C') also creates or updates a neighbor cache entry 852 for Client ('B') and creates an IPv6 forwarding table entry for 853 Client ('B')'s IPv6 prefix. 855 When Server ('A') receives the Redirect message, it re-encapsulates 856 the message and forwards it on to Client ('B') as specified in 857 Section 3.9.7. The message includes Client ('C')'s network- and 858 link-layer addresses as well as information that Client ('B') can use 859 to determine the IPv6 prefix used by Client ('C'). After Client 860 ('B') receives the Redirect message, it processes the message as 861 specified in Section 3.9.8. During the process, Client ('B') also 862 creates or updates a neighbor cache entry for Client ('C') and 863 creates an IPv6 forwarding table entry for Client ('C')'s IPv6 864 prefix. 866 Following the above Predirect/Redirect message exchange, forwarding 867 of packets from Client ('B') to Client ('C') without involving Server 868 ('A) as an intermediary is enabled. The mechanisms that support this 869 exchange are specified in the following sections. 871 3.9.4. Message Format 873 AERO Redirect/Predirect messages use the same format as for ICMPv6 874 Redirect messages depicted in Section 4.5 of [RFC4861], but also 875 include a new "Prefix Length" field taken from the low-order 8 bits 876 of the Redirect message Reserved field (valid values for the Prefix 877 Length field are 0 through 64). The Redirect/Predirect messages are 878 formatted as shown in Figure 3: 880 0 1 2 3 881 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 882 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 883 | Type (=137) | Code (=0/1) | Checksum | 884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 | Reserved | Prefix Length | 886 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 887 | | 888 + + 889 | | 890 + Target Address + 891 | | 892 + + 893 | | 894 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 895 | | 896 + + 897 | | 898 + Destination Address + 899 | | 900 + + 901 | | 902 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 903 | Options ... 904 +-+-+-+-+-+-+-+-+-+-+-+- 906 Figure 3: AERO Redirect/Predirect Message Format 908 3.9.5. Sending Predirects 910 When a Server forwards a packet out the same AERO interface that it 911 arrived on, the Server sends a Predirect message forward toward the 912 AERO Client nearest the destination instead of sending a Redirect 913 message back to the Client nearest the source. 915 In the reference operational scenario, when Server ('A') forwards a 916 packet sent by Client ('B') toward Client ('C'), it also sends a 917 Predirect message forward toward Client ('C'), subject to rate 918 limiting (see Section 8.2 of [RFC4861]). Server ('A') prepares the 919 Predirect message as follows: 921 o the link-layer source address is set to 'L2(A)' (i.e., the 922 underlying address of Server ('A')). 924 o the link-layer destination address is set to 'L2(C)' (i.e., the 925 underlying address of Client ('C')). 927 o the network-layer source address is set to fe80:ID (i.e., the 928 link-local address of Server ('A')). 930 o the network-layer destination address is set to fe80::2001:db8:1:0 931 (i.e., the AERO address of Client ('C')). 933 o the Type is set to 137. 935 o the Code is set to 1 to indicate "Predirect". 937 o the Prefix Length is set to the length of the prefix to be applied 938 to Target address. 940 o the Target Address is set to fe80::2001:db8:0::0 (i.e., the AERO 941 address of Client ('B')). 943 o the Destination Address is set to the IPv6 source address of the 944 packet that triggered the Predirection event. 946 o the message includes a TLLAO with Link ID and Preference set to 947 appropriate values for the underlying interface, and with UDP Port 948 Number and IP Address set to 'L2(B)'. 950 o the message includes a Timestamp option. 952 o the message includes a Redirected Header Option (RHO) that 953 contains the originating packet truncated to ensure that at least 954 the network-layer header is included but the size of the message 955 does not exceed 1280 bytes. 957 Server ('A') then sends the message forward to Client ('C'). 959 3.9.6. Processing Predirects and Sending Redirects 961 When Client ('C') receives a Predirect message, it accepts the 962 message only if the message has a link-layer source address of the 963 Server, i.e. 'L2(A)'. Client ('C') further accepts the message only 964 if it is willing to serve as a redirection target. Next, Client 965 ('C') validates the message according to the ICMPv6 Redirect message 966 validation rules in Section 8.1 of [RFC4861]. 968 In the reference operational scenario, when Client ('C') receives a 969 valid Predirect message, it either creates or updates a neighbor 970 cache entry that stores the Target Address of the message as the 971 network-layer address of Client ('B') and stores the link-layer 972 address found in the TLLAO as the link-layer address(es) of Client 973 ('B'). Client ('C') then sets the neighbor cache entry ACCEPT timer 974 with timeout value ACCEPT_TIME. Next, Client ('C') applies the 975 Prefix Length to the Interface Identifier portion of the Target 976 Address and records the resulting IPv6 prefix in its IPv6 forwarding 977 table. 979 After processing the message, Client ('C') prepares a Redirect 980 message response as follows: 982 o the link-layer source address is set to 'L2(C)' (i.e., the link- 983 layer address of Client ('C')). 985 o the link-layer destination address is set to 'L2(A)' (i.e., the 986 link-layer address of Server ('A')). 988 o the network-layer source address is set to fe80::2001:db8:1:0 989 (i.e., the AERO address of Client ('C')). 991 o the network-layer destination address is set to fe80::2001:db8:0:0 992 (i.e., the AERO address of Client ('B')). 994 o the Type is set to 137. 996 o the Code is set to 0 to indicate "Redirect". 998 o the Prefix Length is set to the length of the prefix to be applied 999 to Target address. 1001 o the Target Address is set to fe80::2001:db8:1:0 (i.e., the AERO 1002 address of Client ('C')). 1004 o the Destination Address is set to the IPv6 destination address of 1005 the packet that triggered the Redirection event. 1007 o the message includes a TLLAO with Link ID and Preference set to 1008 appropriate values for the underlying interface, and with UDP Port 1009 Number and IP Address set to '0'. 1011 o the message includes a Timestamp option. 1013 o the message includes as much of the RHO copied from the 1014 corresponding AERO Predirect message as possible such that at 1015 least the network-layer header is included but the size of the 1016 message does not exceed 1280 bytes. 1018 After Client ('D') prepares the Redirect message, it sends the 1019 message to Server ('A'). 1021 3.9.7. Re-encapsulating and Relaying Redirects 1023 When Server ('A') receives a Redirect message from Client ('C'), it 1024 validates the message according to the ICMPv6 Redirect message 1025 validation rules in Section 8.1 of [RFC4861] and also verifies that 1026 Client ('C') is authorized to use the Prefix Length in the Redirect 1027 message when applied to the AERO address in the network-layer source 1028 of the Redirect message. If validation fails, Server ('A') discards 1029 the message; otherwise, it copies the correct UDP Port number and IP 1030 Address into the TLLAO supplied by Client ('C'). 1032 Server ('A') then re-encapsulates the Redirect and relays it on to 1033 Client ('B') by changing the link-layer source address of the message 1034 to 'L2(A)', changing the link-layer destination address to 'L2(B)' 1035 and changing the network layer source address to fe80::ID. Server 1036 ('A') finally forwards the re-encapsulated message to Client ('B') 1037 without decrementing the network-layer IPv6 header Hop Limit field. 1039 While not shown in Figure 2, AERO Relays relay Redirect and Predirect 1040 messages in exactly this same fashion described above. See Figure 4 1041 in Appendix A for an extension of the reference operational scenario 1042 that includes Relays. 1044 3.9.8. Processing Redirects 1046 When Client ('B') receives the Redirect message, it accepts the 1047 message only if it has a link-layer source address of the Server, 1048 i.e. 'L2(A)'. Next, Client ('B') validates the message according to 1049 the ICMPv6 Redirect message validation rules in Section 8.1 of 1050 [RFC4861]. Following validation, Client ('B') then processes the 1051 message as follows. 1053 In the reference operational scenario, when Client ('B') receives the 1054 Redirect message, it either creates or updates a neighbor cache entry 1055 that stores the Target Address of the message as the network-layer 1056 address of Client ('C') and stores the link-layer address found in 1057 the TLLAO as the link-layer address of Client ('C'). Client ('B') 1058 then sets the neighbor cache entry FORWARD timer with timeout value 1059 FORWARD_TIME. Next, Client ('B') applies the Prefix Length to the 1060 Interface Identifier portion of the Target Address and records the 1061 resulting IPv6 prefix in its IPv6 forwarding table. 1063 Now, Client ('B') has an IPv6 forwarding table entry for 1064 Client('C')'s prefix and a neighbor cache entry with a valid FORWARD 1065 time, while Client ('C') has an IPv6 forwarding table entry for 1066 Client ('B')'s prefix with a valid ACCEPT time. Thereafter, Client 1067 ('B') may forward ordinary network-layer data packets directly to 1068 Client ("C") without involving Server ('A') and Client ('C') can 1069 verify that the packets came from an acceptable source. (In order 1070 for Client ('C') to forward packets to Client ('B') a corresponding 1071 Predirect/Redirect message exchange is required in the reverse 1072 direction.) 1074 3.10. Neighbor Reachability Maintenance 1076 AERO nodes send unicast NS messages to elicit NA messages from 1077 neighbors the same as described for Neighbor Unreachability Detection 1078 (NUD) in [RFC4861]. When an AERO node sends an NS/NA message, it 1079 MUST use its AERO address as the IPv6 source address and the AERO 1080 address of the neighbor as the IPv6 destination address. When an 1081 AERO node receives an NS/NA message, it accepts the message if it has 1082 a neighbor cache entry for the neighbor; otherwise, it ignores the 1083 message. 1085 When a source Client is redirected to a target Client it SHOULD test 1086 the direct path to the target by sending an initial NS message to 1087 elicit a solicited NA response. While testing the path, the source 1088 Client SHOULD continue sending packets via the Server until target 1089 Client reachability has been confirmed. The source Client SHOULD 1090 thereafter continue to test the direct path to the target Client (see 1091 Section 7.3 of [RFC4861]) in order to keep neighbor cache entries 1092 alive. In particular, the source Client sends NS messages to the 1093 target Client subject to rate limiting in order to receive solicited 1094 NA messages. If at any time the direct path appears to be failing, 1095 the source Client can resume sending packets via the Server which may 1096 or may not result in a new redirection event. 1098 When a target Client receives an NS message from a source Client, it 1099 resets the ACCEPT timer to ACCEPT_TIME if a neighbor cache entry 1100 exists; otherwise, it discards the NS message. 1102 When a source Client receives a solicited NA message from a target 1103 Client, it resets the FORWARD timer to FORWARD_TIME if a neighbor 1104 cache entry exists; otherwise, it discards the NA message. 1106 When the FORWARD timer on a neighbor cache entry expires, the source 1107 Client resumes sending any subsequent packets via the Server and may 1108 (eventually) receive a new Redirect message. When the ACCEPT timer 1109 on a neighbor cache entry expires, the target Client discards any 1110 subsequent packets received directly from the source Client. When 1111 both the FORWARD and ACCEPT timers on a neighbor cache entry expire, 1112 the Client deletes both the neighbor cache entry and the 1113 corresponding IPv6 forwarding table entry. 1115 If the source Client is unable to elicit an NA response from the 1116 target Client after MAX_RETRY attempts, it SHOULD consider the direct 1117 path unusable for forwarding purposes. Otherwise, the source Client 1118 considers the path usable and SHOULD thereafter process any link- 1119 layer errors as a hint that the direct path to the target Client has 1120 either failed or has become intermittent. 1122 3.11. Mobility and Link-Layer Address Change Considerations 1124 When a Client needs to change its link-layer address (e.g., due to a 1125 mobility event), it performs an immediate DHCPv6 Renew/Reply via each 1126 of its Servers using the new link-layer address as the source. The 1127 DHCPv6 Renew/Reply exchange will update each Server's neighbor cache. 1128 Next, the Client sends a Predirect message to each of its active 1129 neighbors via a Server as follows: 1131 o the link-layer source address is set to the Client's new link- 1132 layer address. 1134 o the link-layer destination address is set to the link-layer 1135 address of the Server. 1137 o the network-layer source address is set to the Client's AERO 1138 address. 1140 o the network-layer destination address is set to the neighbor's 1141 AERO address. 1143 o the Type is set to 137. 1145 o the Code is set to 1 to indicate "Predirect". 1147 o the Prefix Length is set to the length of the prefix to be applied 1148 to Target address. 1150 o the Target Address is set to the Client's AERO address. 1152 o the Destination Address contains the IPv6 source address of a NULL 1153 packet (i.e., a minimum-length IPv6 packet with Next Header set to 1154 'No Next Header') originating from an address within the Client's 1155 prefix. 1157 o the message includes a TLLAO with Link ID and Preference set to 1158 appropriate values for the underlying interface, and with UDP Port 1159 Number and IP Address set to 0. 1161 o the message includes a Timestamp option. 1163 o the message includes a Redirected Header Option (RHO) that 1164 contains the leading portion of the NULL packet without exceeding 1165 1280 bytes. 1167 When the Server receives the Predirect message, it copies the correct 1168 UDP port number and IP address into the TLLAO supplied by the Client, 1169 changes the link-layer source address to its own address, changes the 1170 link-layer destination address to the address of the neighbor, 1171 changes the network layer source address to fe80::ID, then forwards 1172 the Predirect message to the neighbor. When the neighbor receives 1173 the Predirect message, it returns a Redirect message the same as 1174 specified in Section 3.9. 1176 When a Client associates with a new Server, it issues a new DHCPv6 1177 Renew message via the new Server as the DHCPv6 relay. The new Server 1178 then relays the message to the DHCPv6 server and processes the 1179 resulting exchange. After the Client receives the resulting DHCPv6 1180 Reply message, it sends an RS message to the new Server to receive a 1181 new RA message. 1183 When a Client disassociates with an existing Server, it sends a 1184 "terminating RS" message to the old Server. The terminating RS 1185 message is prepared exactly the same as for an ordinary RS message, 1186 except that the Code field contains the value '1'. When the old 1187 Server receives the terminating RS message, it withdraws the IPv6 1188 route from the routing system and deletes the neighbor cache entry 1189 and IPv6 forwarding table entry for the Client. The old Server then 1190 returns an RA message with default router lifetime set to 0 which the 1191 Client can use to verify that the termination signal has been 1192 processed. The client then deletes both the default route and the 1193 neighbor cache entry for the old Server. (Note that the Client and 1194 the old Server MAY impose a small delay before deleting the neighbor 1195 cache and IPv6 forwarding table entries so that any packets already 1196 in the system can still be delivered to the Client.) 1198 3.12. Encapsulation Protocol Version Considerations 1200 A source Client may connect only to an IPvX underlying network, while 1201 the target Client connects only to an IPvY underlying network. In 1202 that case, the target and source Clients have no means for reaching 1203 each other directly (since they connect to underlying networks of 1204 different IP protocol versions) and so must ignore any redirection 1205 messages and continue to send packets via the Server. 1207 3.13. Multicast Considerations 1209 When the underlying network does not support multicast, AERO nodes 1210 map IPv6 link-scoped multicast addresses (including 1211 'All_DHCP_Relay_Agents_and_Servers') to the underlying IP address of 1212 a Server. 1214 When the underlying network supports multicast, AERO nodes use the 1215 multicast address mapping specification found in [RFC2529] for IPv4 1216 underlying networks and use a direct multicast mapping for IPv6 1217 underlying networks. (In the latter case, "direct multicast mapping" 1218 means that if the IPv6 multicast destination address of the 1219 encapsulated packet is "M", then the IPv6 multicast destination 1220 address of the encapsulating header is also "M".) 1222 3.14. Operation on AERO Links Without DHCPv6 Services 1224 When the AERO link does not provide DHCPv6 services, operation can 1225 still be accommodated through administrative configuration of 1226 prefixes on AERO Clients. In that case, administrative 1227 configurations of IPv6 routes and AERO interface neighbor cache 1228 entries on both the Server and Client are also necessary. However, 1229 this may preclude the ability for Clients to dynamically change to 1230 new Servers, and can expose the AERO link to misconfigurations unless 1231 the administrative configurations are carefully coordinated. 1233 3.15. Operation on Server-less AERO Links 1235 In some AERO link scenarios, there may be no Servers on the link and/ 1236 or no need for Clients to use a Server as an intermediary trust 1237 anchor. In that case, each Client can then act as its own Server to 1238 establish neighbor cache entries and IPv6 forwarding table entries by 1239 performing direct Client-to-Client Predirect/Redirect exchanges, and 1240 some other form of trust basis must be applied so that each Client 1241 can verify that the prospective neighbor is authorized to use its 1242 claimed prefix. 1244 When there is no Server on the link, Clients must arrange to receive 1245 prefix delegations and publish the delegations via a secure alternate 1246 prefix delegation authority through some means outside the scope of 1247 this document. 1249 3.16. Other Considerations 1251 IPv6 hosts serviced by an AERO Client can reach IPv4-only services 1252 via a NAT64 gateway [RFC6146] within the IPv6 network. 1254 AERO nodes can use the Default Address Selection Policy with DHCPv6 1255 option [RFC7078] the same as on any IPv6 link. 1257 All other (non-multicast) functions that operate over ordinary IPv6 1258 links operate in the same fashion over AERO links. 1260 4. Implementation Status 1262 An application-layer implementation is in progress. 1264 5. IANA Considerations 1266 The IANA is instructed to assign a new 2-octet Hardware Type number 1267 for AERO in the "arp-parameters" registry per Section 2 of [RFC5494]. 1268 The number is assigned from the 2-octet Unassigned range with 1269 Hardware Type "AERO" and with this document as the reference. 1271 6. Security Considerations 1273 AERO link security considerations are the same as for standard IPv6 1274 Neighbor Discovery [RFC4861] except that AERO improves on some 1275 aspects. In particular, AERO uses a trust basis between Clients and 1276 Servers, where the Clients only engage in the AERO mechanism when it 1277 is facilitated by a trust anchor. AERO also uses DHCPv6 1278 authentication for Client authentication and admissions control. 1280 AERO links must be protected against link-layer address spoofing 1281 attacks in which an attacker on the link pretends to be a trusted 1282 neighbor. Links that provide link-layer securing mechanisms (e.g., 1283 WiFi networks) and links that provide physical security (e.g., 1284 enterprise network wired LANs) provide a first line of defense that 1285 is often sufficient. In other instances, additional securing 1286 mechanisms such as Secure Neighbor Discovery (SeND) [RFC3971], IPsec 1287 [RFC4301] or TLS [RFC5246] may be necessary. 1289 AERO Clients MUST ensure that their connectivity is not used by 1290 unauthorized nodes on EUNs to gain access to a protected network, 1291 i.e., AERO Clients that act as IPv6 routers MUST NOT provide routing 1292 services for unauthorized nodes. (This concern is no different than 1293 for ordinary hosts that receive an IP address delegation but then 1294 "share" the address with unauthorized nodes via an IPv6/IPv6 NAT 1295 function.) 1297 On some AERO links, establishment and maintenance of a direct path 1298 between neighbors requires secured coordination such as through the 1299 Internet Key Exchange (IKEv2) protocol [RFC5996] to establish a 1300 security association. 1302 7. Acknowledgements 1304 Discussions both on IETF lists and in private exchanges helped shape 1305 some of the concepts in this work. Individuals who contributed 1306 insights include Mikael Abrahamsson, Fred Baker, Stewart Bryant, 1307 Brian Carpenter, Wojciech Dec, Brian Haberman, Joel Halpern, Sascha 1308 Hlusiak, Lee Howard, Joe Touch and Bernie Volz. Members of the IESG 1309 also provided valuable input during their review process that greatly 1310 improved the document. Special thanks go to Stewart Bryant, Joel 1311 Halpern and Brian Haberman for their shepherding guidance. 1313 This work has further been encouraged and supported by Boeing 1314 colleagues including Keith Bartley, Dave Bernhardt, Cam Brodie, 1315 Balaguruna Chidambaram, Wen Fang, Anthony Gregory, Jeff Holland, Ed 1316 King, Gen MacLean, Kent Shuey, Mike Slane, Julie Wulff, Yueli Yang, 1317 and other members of the BR&T and BIT mobile networking teams. 1319 Earlier works on NBMA tunneling approaches are found in 1320 [RFC2529][RFC5214][RFC5569]. 1322 8. References 1324 8.1. Normative References 1326 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 1327 August 1980. 1329 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1330 1981. 1332 [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, 1333 RFC 792, September 1981. 1335 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1336 Requirement Levels", BCP 14, RFC 2119, March 1997. 1338 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1339 (IPv6) Specification", RFC 2460, December 1998. 1341 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 1342 IPv6 Specification", RFC 2473, December 1998. 1344 [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., 1345 and M. Carney, "Dynamic Host Configuration Protocol for 1346 IPv6 (DHCPv6)", RFC 3315, July 2003. 1348 [RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic 1349 Host Configuration Protocol (DHCP) version 6", RFC 3633, 1350 December 2003. 1352 [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure 1353 Neighbor Discovery (SEND)", RFC 3971, March 2005. 1355 [RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms 1356 for IPv6 Hosts and Routers", RFC 4213, October 2005. 1358 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1359 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1360 September 2007. 1362 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1363 Address Autoconfiguration", RFC 4862, September 2007. 1365 [RFC6434] Jankiewicz, E., Loughney, J., and T. Narten, "IPv6 Node 1366 Requirements", RFC 6434, December 2011. 1368 8.2. Informative References 1370 [IRON] Templin, F., "The Internet Routing Overlay Network 1371 (IRON)", Work in Progress, June 2012. 1373 [RFC0879] Postel, J., "TCP maximum segment size and related topics", 1374 RFC 879, November 1983. 1376 [RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4 1377 Domains without Explicit Tunnels", RFC 2529, March 1999. 1379 [RFC2675] Borman, D., Deering, S., and R. Hinden, "IPv6 Jumbograms", 1380 RFC 2675, August 1999. 1382 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 1383 Architecture", RFC 4291, February 2006. 1385 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1386 Internet Protocol", RFC 4301, December 2005. 1388 [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU 1389 Discovery", RFC 4821, March 2007. 1391 [RFC4963] Heffner, J., Mathis, M., and B. Chandler, "IPv4 Reassembly 1392 Errors at High Data Rates", RFC 4963, July 2007. 1394 [RFC4994] Zeng, S., Volz, B., Kinnear, K., and J. Brzozowski, 1395 "DHCPv6 Relay Agent Echo Request Option", RFC 4994, 1396 September 2007. 1398 [RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site 1399 Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214, 1400 March 2008. 1402 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1403 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 1405 [RFC5494] Arkko, J. and C. Pignataro, "IANA Allocation Guidelines 1406 for the Address Resolution Protocol (ARP)", RFC 5494, 1407 April 2009. 1409 [RFC5522] Eddy, W., Ivancic, W., and T. Davis, "Network Mobility 1410 Route Optimization Requirements for Operational Use in 1411 Aeronautics and Space Exploration Mobile Networks", RFC 1412 5522, October 2009. 1414 [RFC5569] Despres, R., "IPv6 Rapid Deployment on IPv4 1415 Infrastructures (6rd)", RFC 5569, January 2010. 1417 [RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen, 1418 "Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 1419 5996, September 2010. 1421 [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful 1422 NAT64: Network Address and Protocol Translation from IPv6 1423 Clients to IPv4 Servers", RFC 6146, April 2011. 1425 [RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O. 1426 Troan, "Basic Requirements for IPv6 Customer Edge 1427 Routers", RFC 6204, April 2011. 1429 [RFC6355] Narten, T. and J. Johnson, "Definition of the UUID-Based 1430 DHCPv6 Unique Identifier (DUID-UUID)", RFC 6355, August 1431 2011. 1433 [RFC6438] Carpenter, B. and S. Amante, "Using the IPv6 Flow Label 1434 for Equal Cost Multipath Routing and Link Aggregation in 1435 Tunnels", RFC 6438, November 2011. 1437 [RFC6691] Borman, D., "TCP Options and Maximum Segment Size (MSS)", 1438 RFC 6691, July 2012. 1440 [RFC6706] Templin, F., "Asymmetric Extended Route Optimization 1441 (AERO)", RFC 6706, August 2012. 1443 [RFC6864] Touch, J., "Updated Specification of the IPv4 ID Field", 1444 RFC 6864, February 2013. 1446 [RFC6935] Eubanks, M., Chimento, P., and M. Westerlund, "IPv6 and 1447 UDP Checksums for Tunneled Packets", RFC 6935, April 2013. 1449 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 1450 for the Use of IPv6 UDP Datagrams with Zero Checksums", 1451 RFC 6936, April 2013. 1453 [RFC6939] Halwasia, G., Bhandari, S., and W. Dec, "Client Link-Layer 1454 Address Option in DHCPv6", RFC 6939, May 2013. 1456 [RFC6980] Gont, F., "Security Implications of IPv6 Fragmentation 1457 with IPv6 Neighbor Discovery", RFC 6980, August 2013. 1459 [RFC7078] Matsumoto, A., Fujisaki, T., and T. Chown, "Distributing 1460 Address Selection Policy Using DHCPv6", RFC 7078, January 1461 2014. 1463 Appendix A. AERO Server and Relay Interworking 1465 Figure 2 depicts a reference AERO operational scenario with a single 1466 Server on the AERO link. In order to support scaling to larger 1467 numbers of nodes, the AERO link can deploy multiple Servers and 1468 Relays, e.g., as shown in Figure 4. 1470 .-(::::::::) 1471 .-(::: IPv6 :::)-. 1472 (:: Internetwork ::) 1473 `-(::::::::::::)-' 1474 `-(::::::)-' 1475 | 1476 +--------------+ +------+-------+ +--------------+ 1477 |AERO Server C | | AERO Relay D | |AERO Server E | 1478 | (default->D) | | (A->C; G->E) | | (default->D) | 1479 | (A->B) | +-------+------+ | (G->F) | 1480 +-------+------+ | +------+-------+ 1481 | | | 1482 X---+---+-------------------+------------------+---+---X 1483 | AERO Link | 1484 +-----+--------+ +--------+-----+ 1485 |AERO Client B | |AERO Client F | 1486 | (default->C) | | (default->E) | 1487 +--------------+ +--------------+ 1488 .-. .-. 1489 ,-( _)-. ,-( _)-. 1490 .-(_ IPv6 )-. .-(_ IPv6 )-. 1491 (__ EUN ) (__ EUN ) 1492 `-(______)-' `-(______)-' 1493 | | 1494 +--------+ +--------+ 1495 | Host A | | Host G | 1496 +--------+ +--------+ 1498 Figure 4: AERO Server/Relay Interworking 1500 In this example, Client ('B') associates with Server ('C'), while 1501 Client ('F') associates with Server ('E'). Furthermore, Servers 1502 ('C') and ('E') do not associate with each other directly, but rather 1503 have an association with Relay ('D') (i.e., a router that has full 1504 topology information concerning its associated Servers and their 1505 Clients). Relay ('D') connects to the AERO link, and also connects 1506 to the native IPv6 Internetwork. 1508 When host ('A') sends a packet toward destination host ('G'), IPv6 1509 forwarding directs the packet through the EUN to Client ('B'), which 1510 forwards the packet to Server ('C') in absence of more-specific 1511 forwarding information. Server ('C') forwards the packet, and it 1512 also generates an AERO Predirect message that is then forwarded 1513 through Relay ('D') to Server ('E'). When Server ('E') receives the 1514 message, it forwards the message to Client ('F'). 1516 After processing the AERO Predirect message, Client ('F') sends an 1517 AERO Redirect message to Server ('E'). Server ('E'), in turn, 1518 forwards the message through Relay ('D') to Server ('C'). When 1519 Server ('C') receives the message, it forwards the message to Client 1520 ('B') informing it that host 'G's EUN can be reached via Client 1521 ('F'), thus completing the AERO redirection. 1523 The network layer routing information shared between Servers and 1524 Relays must be carefully coordinated in a manner outside the scope of 1525 this document. In particular, Relays require full topology 1526 information, while individual Servers only require partial topology 1527 information (i.e., they only need to know the EUN prefixes associated 1528 with their current set of Clients). See [IRON] for an architectural 1529 discussion of routing coordination between Relays and Servers. 1531 Author's Address 1533 Fred L. Templin (editor) 1534 Boeing Research & Technology 1535 P.O. Box 3707 1536 Seattle, WA 98124 1537 USA 1539 Email: fltemplin@acm.org