idnits 2.17.1 draft-xli-softwire-map-testing-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 15 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 6 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. == There are 10 instances of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 23, 2014) is 3383 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-13) exists of draft-ietf-softwire-map-12 ** Obsolete normative reference: RFC 6145 (Obsoleted by RFC 7915) Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group X. Li 3 Internet-Draft C. Bao 4 Intended status: Informational G. Han 5 Expires: June 26, 2015 CERNET Center/Tsinghua University 6 W. Dec 7 Cisco Systems 8 December 23, 2014 10 MAP Interoperability Testing Results 11 draft-xli-softwire-map-testing-05 13 Abstract 15 This document presents the testing results of a unified code 16 accommodating encapsulation and translation modes of Mapping of 17 Address and Port (MAP). Experiments show that the unified MAP CE is 18 not only supporting MAP-E and MAP-T modes, but also backward 19 compatible with AFTR of dual-stack lite and stateless/stateful NAT64. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on June 26, 2015. 38 Copyright Notice 40 Copyright (c) 2014 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Testing Topology . . . . . . . . . . . . . . . . . . . . 2 57 2. MAP specifications . . . . . . . . . . . . . . . . . . . . . 3 58 2.1. Mapping Rules and the Address Formats . . . . . . . . . . 3 59 2.2. Port Mapping Algorithm . . . . . . . . . . . . . . . . . 4 60 2.3. Forwarding Modes . . . . . . . . . . . . . . . . . . . . 4 61 2.4. Implementation . . . . . . . . . . . . . . . . . . . . . 4 62 3. MAP Testing . . . . . . . . . . . . . . . . . . . . . . . . . 5 63 3.1. MAP-T . . . . . . . . . . . . . . . . . . . . . . . . . . 5 64 3.2. MAP-E . . . . . . . . . . . . . . . . . . . . . . . . . . 6 65 3.3. 1:1 mode MAP-T/MAP-E . . . . . . . . . . . . . . . . . . 6 66 3.4. Mixed MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . . 7 67 4. Backward Compatibility Testing . . . . . . . . . . . . . . . 8 68 4.1. AFTR of dual-stack lite . . . . . . . . . . . . . . . . . 8 69 4.2. NAT64 with double translation . . . . . . . . . . . . . . 8 70 5. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 9 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 74 9. Normative References . . . . . . . . . . . . . . . . . . . . 9 75 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 77 1. Introduction 79 Generic mechanism for mapping between an IPv4 prefix, address or 80 parts of thereof, and transport layer ports and an IPv6 prefix or 81 address with translation mode and encapsulation mode are specified in 82 [I-D.ietf-softwire-map-t] [I-D.ietf-softwire-map]. This document 83 presents testing results of a unified code containing translation and 84 encapsulation modes of Mapping of Address and Port (MAP). The 85 backward compatibility of MAP CE with AFTR of dual-stack lite and 86 NAT64 of stateful translation are also presented. 88 1.1. Testing Topology 90 The testing topology is shown in the following figure. 92 ----- ------ 93 .-| CE.0|---|Host.0| 94 / ----- ------ 95 ------ ----- | 96 / The \ ----- / An \ | ----- ------ 97 | IPv4 |--| BR |---| IPv6 |------| CE.1|---|Host.1| 98 \Internet/ | | ^ \Network/ | ----- ------ 99 ------ ----- | ----- | 100 | \ ----- ------ 101 tcpdump -| CE.K|---|Host.K| 102 ----- ------ 104 Figure 1: Generic testing topology 106 Where, BR is the MAP Border Relay, CE is the MAP Customer Edge. Both 107 BR and CE can be configured in translation mode (MAP-T) or 108 encapsulation mode (MAP-E), independently. A tcpdump process is 109 running between BR and CE to get the packet header information. 111 2. MAP specifications 113 The code tested in this document follows the MAP specification 114 defined in [I-D.ietf-softwire-map-t] [I-D.ietf-softwire-map], which 115 contain the Mapping Rules, the Port Mapping Algorithm and the 116 Forwarding Mode. The explicit address format and configuration 117 parameters used for the code are presented in the following sections. 119 2.1. Mapping Rules and the Address Formats 121 The address format of Basic Mapping Rule (BMR) and Forwarding Mapping 122 Rule (FMR) are defined in the following figure. Also note that 123 translation mode (MAP-T) and encapsulation mode (MAP-E) have the same 124 address format of BMR/FMR. 126 <-- n bits -->||<-m bits>|< 8>|<---- L>=32 ------>|<--56-L--> 127 |0 63| 127| 128 +-------------+--------+---------+----+--------------+----+---------+ 129 | IPv6 prefix |EA bits |Subnet-id| u | IPv4 address |PSID| 0 | 130 +-------------+--------+---------+----+--------------+----+---------+ 131 | 133 Figure 2: BMR/FMR in translation and encapsulation modes 135 The address format of Default Mapping Rule is different for 136 translation (MAP-T) and encapsulation (MAP-E), as shown in the 137 following figures. 139 |0 63| 127| 140 +--------------------------------+----+--------------+--------------+ 141 | BR prefix | u | IPv4 address | 0 | 142 +--------------------------------+----+--------------+--------------+ 144 Figure 3: DMR in translation mode 146 |0 127| 147 +-------------------------------------------------------------------+ 148 | BR IPv6 address | 149 +-------------------------------------------------------------------+ 151 Figure 4: DMR in encapsulation mode 153 The testing presented in this document is for the Hubs and Spokes 154 scenario, and therefore, only BMR and DMR are required in each CE. 156 2.2. Port Mapping Algorithm 158 The port mapping algorithm is called Generalized Modulus Algorithm 159 (GMA), which contains the sharing ratio (R=2^k), the maximum number 160 of contiguous ports (M=2^m) and the Port-Set Identifiers (PSID). 162 2.3. Forwarding Modes 164 The MAP has two forwarding modes, the translation (MAP-T) and 165 encapsulation (MAP-E). The header processing algorithms of the 166 translation and the encapsulation modes are defined in [RFC6145] and 167 [RFC2473], respectively. 169 2.4. Implementation 171 The MAP specification is implemented in Linux environment under GPL 172 [map-code]. 174 The CE related configuration parameters are: 176 -i specify the name of the Ethernet device connected to IPv4 world 178 -I specify the name of the Ethernet device connected to IPv6 world 180 -H specify in CE mode 182 -a specify the IPv4 address and mask of the host behind the CE 183 -P specify the IPv6 rule prefix and prefix length of the host behind 184 the CE 186 -R specify the associated IPv4 address sharing ratio R of the host 187 behind the CE 189 -M specify the associated M parameter of the host behind the CE 190 device 192 -o specify the PSID of the host behind the CE 194 -N specify in NAT44 mode. The '-A' option is required. 196 -A specify the public IPv4 address and mask which the host behind the 197 CE device is mapped into. In this case, the '-a' option will 198 specify the private IPv4 network and prefix length 200 -X specify the IPv6 prefix is not containing EA-bits 202 3. MAP Testing 204 The configuration examples and the testing results of the MAP's 205 translation mode (MAP-T), the encapsulation mode (MAP-E), MAP-T/MAP-E 206 1:1 modes and the mixed MAP-T/MAP-E modes are shown in this section. 208 The basic testing method is from an IPv4 host connected to CE to ping 209 an IPv4 server (202.112.35.254) connected to BR. The tcpdump records 210 the packet headers of the echo request and echo reply messages. 212 3.1. MAP-T 214 The MAP CE in MAP-T mode is configured as: 216 utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T 218 utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A 219 202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 0 -c 1440 -T 221 The tcpdump data samples are: 223 09:42:16.526809 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 224 2001:da8:b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 18177, 225 length 40 227 09:42:16.527448 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 228 2001:da8:b4b6:100:ca:2675:100:0: ICMP6, echo reply, seq 18177, 229 length 40 231 3.2. MAP-E 233 The MAP CE in MAP-E mode is configured as: 235 utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E 237 utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A 238 202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 8 -c 1400 -E 240 The tcpdump data samples are: 242 09:38:43.326429 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 243 2001:da8:b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: 244 ICMP echo request, id 1040, seq 32512, length 40 246 09:38:43.327786 IP6 2001:da8:b4b6:ffff:1234::5678 > 247 2001:da8:b4b6:180:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: 248 ICMP echo reply, id 1040, seq 32512, length 40 250 3.3. 1:1 mode MAP-T/MAP-E 252 The 1:1 mode MAP-T/MAP-E means that each CE has its own mapping rule 253 with or without the IPv4 address sharing. 255 The MAP CE in MAP-T 1:1 mode is configured as: 257 utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T 259 utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A 260 202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1440 261 -T 263 The tcpdump data samples are: 265 22:53:30.977999 IP6 2001:da8:b4b6:2700:ca:2675:100:0 > 266 2001:da8:b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 7113, 267 length 40 269 22:53:30.978876 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 270 2001:da8:b4b6:2700:ca:2675:100:0: ICMP6, echo reply, seq 7113, 271 length 40 273 The MAP CE in MAP-E 1:1 mode is configured as: 275 utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E 276 utils/ivictl -s -i eth1 -I eth0 -H -X -N -a 192.168.1.0/24 -A 277 202.38.117.1/24 -P 2001:da8:b4b6:2700::/64 -R 16 -M 2 -o 8 -c 1400 278 -E 280 The tcpdump data samples are: 282 22:56:29.661058 IP6 2001:da8:b4b6:2700:ca:2675:180:0 > 283 2001:da8:b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: 284 ICMP echo request, id 4113, seq 7276, length 40 286 22:56:29.661751 IP6 2001:da8:b4b6:ffff:1234::5678 > 287 2001:da8:b4b6:2700:ca:2675:180:0: IP 202.112.35.254 > 288 202.38.117.1: ICMP echo reply, id 4113, seq 7276, length 40 290 3.4. Mixed MAP-T/MAP-E 292 The CE and BR can be configured in different modes, for example CE 293 can be configured in translation mode and BR can be configured in 294 encapsulation mode. The reason is that the forwarding mode is only 295 required in the IPv4 to IPv6 direction, while it can be automatically 296 identified by checking the value of the next header in the IPv6 297 packets in the IPv6 to IPv4 direction. This feature provides great 298 flexibility to the users and operators to select desired forwarding 299 mode without dropping a single packet in different forwarding mode. 300 The following are two examples of BR and CE in different forwarding 301 modes with the configurations shown in MAP-T and MAP-E sections. 303 When BR is in T mode and CE is in E mode, the tcpdump data samples 304 are: 306 09:39:48.829067 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 307 2001:da8:b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: 308 ICMP echo request, id 1040, seq 47104, length 40 310 09:39:48.833054 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 311 2001:da8:b4b6:180:ca:2675:180:0: ICMP6, echo reply, seq 47104, 312 length 40 314 When BR is in E mode and CE is in T mode, the tcpdump data samples 315 are: 317 09:44:11.692130 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 318 2001:da8:b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 41473, 319 length 40 321 09:44:11.693044 IP6 2001:da8:b4b6:ffff:1234::5678 > 322 2001:da8:b4b6:100:ca:2675:100:0: IP 202.112.35.254 > 202.38.117.1: 323 ICMP echo reply, id 1024, seq 41473, length 40 325 4. Backward Compatibility Testing 327 The MAP CE is backward compatible to dual-stack lite in the E mode 328 and to NAT64 in the T mode. 330 4.1. AFTR of dual-stack lite 332 Dual-stack lite is a stateful encapsulation technology defined in 333 [RFC6333]. For the testing, the MAP BR is replaced by dual-stack 334 lite AFTR [dual-stack-lite-code]. 336 The MAP CE is configured as: 338 utils/ivictl -r -d -P 2001::1/128 340 utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A 341 10.255.255.1/24 -P 2001:da8:b001:1009::/64 -R 16 -M 2 -o 0 -c 1400 342 -E 344 The tcpdump data samples are: 346 22:48:42.536559 IP6 2001:da8:b001:1009:a:ffff:100:0 > 2001::1: IP 347 10.255.255.1 > 202.112.35.254: ICMP echo request, id 1024, seq 348 41473, length 40 350 22:48:42.539352 IP6 2001::1 > 2001:da8:b001:1009:a:ffff:100:0: IP 351 202.112.35.254 > 10.255.255.1: ICMP echo reply, id 1024, seq 352 41473, length 40 354 4.2. NAT64 with double translation 356 NAT64 is a stateful translation technology defined in [RFC6146] and 357 [RFC6145]. For the testing, the MAP BR is replaced by NAT64 358 [nat64-code]. 360 The MAP CE is configured as: 362 utils/ivictl -r -d -P 2001:da8:b4b6:1000::/64 -T 364 utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A 365 2.2.2.2/32 -P 2001:da8:b001:fff9::/64 -R 16 -M 2 -o 0 -c 1440 -T 367 The tcpdump data samples are: 369 09:24:16.478385 IP6 2001:da8:b001:fff9:2:202:200:0 > 370 2001:da8:b4b6:1000:ca:7023:fe00:0: ICMP6, echo request, seq 25600, 371 length 40 372 09:24:16.479638 IP6 2001:da8:b4b6:1000:ca:7023:fe00:0 > 373 2001:da8:b001:fff9:2:202:200:0: ICMP6, echo reply, seq 25600, 374 length 40 376 Note that for this scenario, the CE defined in [RFC6877] can also 377 achieve this goal. 379 5. Conclusions 381 Although only the echo request/echo reply testing results with the 382 corresponding MAP CE configuration examples are presented in this 383 document, the TCP/UDP applications are also tested in CERNET/CERNET2 384 successfully. The concluding remarks are: 386 o A unified MAP can support MAP-T, MAP-E, 1:1 mode MAP-T/MAP-E and 387 even the mixed modes without introducing additional complexity. 389 o A unified MAP CE can be configured to support MAP-T, MAP-E, 1:1 390 mode MAP-T/MAP-E, mixed MAP-T/MAP-E, and backward compatible with 391 stateless NAT64, stateful NAT64 and dual-stack lite. 393 6. Security Considerations 395 This document does not introduce any new security considerations. 397 7. IANA Considerations 399 None. 401 8. Acknowledgments 403 The authors would like to acknowledge the following contributors of 404 this document: Weicai Wang, Wentao Shang and Rajiv Asati. 406 9. Normative References 408 [I-D.ietf-softwire-map] 409 Troan, O., Dec, W., Li, X., Bao, C., Matsushima, S., 410 Murakami, T., and T. Taylor, "Mapping of Address and Port 411 with Encapsulation (MAP)", draft-ietf-softwire-map-12 412 (work in progress), November 2014. 414 [I-D.ietf-softwire-map-t] 415 Li, X., Bao, C., Dec, W., Troan, O., Matsushima, S., and 416 T. Murakami, "Mapping of Address and Port using 417 Translation (MAP-T)", draft-ietf-softwire-map-t-08 (work 418 in progress), December 2014. 420 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 421 IPv6 Specification", RFC 2473, December 1998. 423 [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation 424 Algorithm", RFC 6145, April 2011. 426 [RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful 427 NAT64: Network Address and Protocol Translation from IPv6 428 Clients to IPv4 Servers", RFC 6146, April 2011. 430 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 431 Stack Lite Broadband Deployments Following IPv4 432 Exhaustion", RFC 6333, August 2011. 434 [RFC6877] Mawatari, M., Kawashima, M., and C. Byrne, "464XLAT: 435 Combination of Stateful and Stateless Translation", RFC 436 6877, April 2013. 438 [dual-stack-lite-code] 439 "Dual-stack Lite Code: 440 http://www.isc.org/software/aftr/11", . 442 [map-code] 443 "MAP Code: http://mapt.ivi2.org:8039/mapt.html", . 445 [nat64-code] 446 "NAT64 Code: http://ecdysis.viagenie.ca/download.html", . 448 Authors' Addresses 450 Xing Li 451 CERNET Center/Tsinghua University 452 Room 225, Main Building, Tsinghua University 453 Beijing 100084 454 CN 456 Phone: +86 10-62785983 457 Email: xing@cernet.edu.cn 459 Congxiao Bao 460 CERNET Center/Tsinghua University 461 Room 225, Main Building, Tsinghua University 462 Beijing 100084 463 CN 465 Phone: +86 10-62785983 466 Email: congxiao@cernet.edu.cn 467 Guoliang Han 468 CERNET Center/Tsinghua University 469 Room 225, Main Building, Tsinghua University 470 Beijing 100084 471 CN 473 Phone: +86 10-62785983 474 Email: bupthgl@gmail.com 476 Wojciech Dec 477 Cisco Systems 478 Haarlerbergpark Haarlerbergweg 13-19 479 Amsterdam, NOORD-HOLLAND 1101 CH 480 Netherlands 482 Email: wdec@cisco.com