idnits 2.17.1 draft-xu-softwire-mesh-multicast-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 20 instances of too long lines in the document, the longest one being 18 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 377: '... in [4], and MUST be set to zero; "suffix" field is reserved for...' RFC 2119 keyword, line 378: '...e extensions and SHOULD be set to zero...' RFC 2119 keyword, line 415: '...consumption. For this reason, RP' MAY...' RFC 2119 keyword, line 530: '...urces that support mesh multicast MUST...' RFC 2119 keyword, line 550: '.... Here, the E-IPv6 address of RP MUST...' (1 more instance...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 9, 2011) is 4674 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'RFC4301' on line 621 == Unused Reference: '1' is defined on line 639, but no explicit reference was found in the text == Unused Reference: '2' is defined on line 642, but no explicit reference was found in the text == Unused Reference: '3' is defined on line 645, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 651, but no explicit reference was found in the text == Unused Reference: '7' is defined on line 658, but no explicit reference was found in the text ** Downref: Normative reference to an Informational RFC: RFC 3991 (ref. '2') ** Obsolete normative reference: RFC 2373 (ref. '3') (Obsoleted by RFC 3513) ** Obsolete normative reference: RFC 4601 (ref. '5') (Obsoleted by RFC 7761) ** Downref: Normative reference to an Informational RFC: RFC 4925 (ref. '6') == Outdated reference: A later version (-03) exists of draft-boucadair-behave-64-multicast-address-format-02 Summary: 6 errors (**), 0 flaws (~~), 9 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Xu 3 Internet-Draft Y. Cui 4 Expires: January 10, 2012 S. Yang 5 Tsinghua University 6 C. Metz 7 G. Shepherd 8 Cisco Systems 9 July 9, 2011 11 Softwire Mesh Multicast 12 draft-xu-softwire-mesh-multicast-02 14 Abstract 16 The Internet needs support IPv4 and IPv6 packets. Both address 17 families and their attendant protocol suites support multicast of the 18 single-source and any-source varieties. As part of the transition to 19 IPv6, there will be scenarios where a backbone network running one IP 20 address family internally (referred to as internal IP or I-IP) will 21 provide transit services to attached client networks running another 22 IP address family (referred to as external IP or E-IP). It is 23 expected that the I-IP backbone will offer unicast and multicast 24 transit services to the client E-IP networks. 26 Softwires Mesh is a solution for supporting E-IP unicast and 27 multicast across an I-IP backbone. This document describes the 28 mechanisms for supporting Internet-style multicast across a set of 29 E-IP and I-IP networks supporting softwires mesh. 31 Status of this Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at http://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on January 10, 2012. 48 Copyright Notice 50 Copyright (c) 2011 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (http://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 This document may contain material from IETF Documents or IETF 64 Contributions published or made publicly available before November 65 10, 2008. The person(s) controlling the copyright in some of this 66 material may not have granted the IETF Trust the right to allow 67 modifications of such material outside the IETF Standards Process. 68 Without obtaining an adequate license from the person(s) controlling 69 the copyright in such materials, this document may not be modified 70 outside the IETF Standards Process, and derivative works of it may 71 not be created outside the IETF Standards Process, except to format 72 it for publication as an RFC or to translate it into languages other 73 than English. 75 Table of Contents 77 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 78 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 79 3. Scenarios of Interest . . . . . . . . . . . . . . . . . . . . 7 80 3.1. IPv4-over-IPv6 . . . . . . . . . . . . . . . . . . . . . . 7 81 3.2. IPv6-over-IPv4 . . . . . . . . . . . . . . . . . . . . . . 8 82 4. IPv4-over-IPv6 . . . . . . . . . . . . . . . . . . . . . . . . 10 83 4.1. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . 10 84 4.2. Source Address Mapping . . . . . . . . . . . . . . . . . . 10 85 4.3. Group Address Mapping . . . . . . . . . . . . . . . . . . 12 86 4.4. Actions performed by AFBR . . . . . . . . . . . . . . . . 12 87 5. IPv6-over-IPv4 . . . . . . . . . . . . . . . . . . . . . . . . 14 88 5.1. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . 14 89 5.2. Source Address Mapping . . . . . . . . . . . . . . . . . . 14 90 5.3. Group Address Mapping . . . . . . . . . . . . . . . . . . 16 91 5.4. Actions performed by AFBR . . . . . . . . . . . . . . . . 16 92 6. Security Considerations . . . . . . . . . . . . . . . . . . . 17 93 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 94 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 95 8.1. Normative References . . . . . . . . . . . . . . . . . . . 19 96 8.2. Informative References . . . . . . . . . . . . . . . . . . 19 97 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 20 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 21 100 1. Introduction 102 The Internet needs to support IPv4 and IPv6 packets. Both address 103 families and their attendant protocol suites support multicast of the 104 single-source and any-source varieties. As part of the transition to 105 IPv6, there will be scenarios where a backbone network running one IP 106 address family internally (referred to as internal IP or I-IP) will 107 provide transit services to attached client networks running another 108 IP address family (referred to as external IP or E-IP). 110 The preferred solution is to leverage the multicast functions, 111 inherent in the I-IP backbone, to efficiently and scalably tunnel 112 encapsulated client E-IP multicast packets inside an I-IP core tree 113 rooted at one or more ingress AFBR nodes and branching out to one or 114 more egress AFBR leaf nodes. 116 [6] outlines the requirements for the softwires mesh scenario 117 including multicast. It is straightforward to envisage that client 118 E-IP multicast sources and receivers will reside in different client 119 E-IP networks connected to an I-IP backbone network. This requires 120 that the client E-IP source-rooted or shared tree will need to 121 traverse the I-IP backbone network. 123 One method to accomplish this is to re-use the multicast VPN approach 124 outlined in [10]. MVPN-like schemes can support the softwire mesh 125 scenario and achieve a "many-to-one" mapping between the E-IP client 126 multicast trees and transit core multicast trees. The advantage of 127 this approach is that the number of trees in the I-IP backbone 128 network scales less than linearly with the number of E-IP client 129 trees. Corporate enterprise networks and by extension multicast VPNs 130 have been known to run applications that create a large amount of 131 (S,G) states. Aggregation at the edge contains the (S,G) states that 132 need to be maintained by the network operator supporting the customer 133 VPNs. The disadvantage of this approach is possible inefficient 134 bandwidth and resource utilization if multicast packets are delivered 135 to a receiver AFBR with no attached E-IP receiver. 137 Internet-style multicast is somewhat different in that the trees 138 tends to be relatively sparse and source-rooted. The need for 139 multicast aggregation at the edge (where many customer multicast 140 trees are mapped into a few or one backbone multicast trees) does not 141 exist and to date has not been identified. Thus the need for a basic 142 or closer alignment with E-IP and I-IP multicast procedures emerges. 144 A framework on how to support such methods is described in [8]. In 145 this document, a more detailed discussion supporting the "one-to-one" 146 mapping schemes for the IPv6 over IPv4 and IPv4 over IPv6 scenarios 147 will be discussed. 149 2. Terminology 151 An example of a softwire mesh network supporting multicast is 152 illustrated in Figure 1. A multicast source S is located in one E-IP 153 client network, while candidate E-IP group receivers are located in 154 the same or different E-IP client networks that all share a common 155 I-IP transit network. When E-IP sources and receivers are not local 156 to each other, they can only communicate with each other through the 157 I-IP core. There may be several E-IP sources for some multicast 158 group residing in different client E-IP networks. In the case of 159 shared trees, the E-IP sources, receivers and RPs might be located in 160 different client E-IP networks. In the simple case the resources of 161 the I-IP core are managed by a single operator although the inter- 162 provider case is not precluded. 164 ._._._._. ._._._._. 165 | | | | -------- 166 | E-IP | | E-IP |--|Source S| 167 | network | | network | -------- 168 ._._._._. ._._._._. 169 | | 170 AFBR upstream AFBR 171 | | 172 __+____________________+__ 173 / : : : : \ 174 | : : : : | E-IP Multicast 175 | : I-IP transit core : | message should 176 | : : : : | get across the 177 | : : : : | I-IP transit core 178 \_._._._._._._._._._._._._./ 179 + + 180 downstream AFBR downstream AFBR 181 | | 182 ._._._._ ._._._._ 183 -------- | | | | -------- 184 |Receiver|-- | E-IP | | E-IP |--|Receiver| 185 -------- |network | |network | -------- 186 ._._._._ ._._._._ 188 Figure 1: Softwire Mesh Multicast Framework 190 Terminology used in this document: 192 o Address Family Border Router (AFBR) - A dual-stack router 193 interconnecting two or more networks using different IP address 194 families. In the context of softwire mesh multicast, the AFBR runs 195 E-IP and I-IP control planes to maintain E-IP and I-IP multicast 196 states respectively and performs the appropriate encapsulation/ 197 decapsulation of client E-IP multicast packets for transport across 198 the I-IP core. An AFBR will act as a source and/or receiver in an 199 I-IP multicast tree. 201 o Upstream AFBR: The AFBR router that is located at the upstream of a 202 multicast data flow. 204 o Downstream AFBR: The AFBR router that is located at the downstream 205 of a multicast data flow. 207 o I-IP (Internal IP). This refers to the form of IP (i.e., either 208 IPv4 or IPv6) that is supported by the core (or backbone) network. 209 An I-IPv6 core network runs IPv6 and an I-IPv4 core network runs 210 IPv4. 212 o E-IP (External IP) This refers to the form of IP (i.e. either IPv4 213 or IPv6) that is supported by the client network(s) attached to the 214 I-IP transit core. An E-IPv6 client network runs IPv6 and an E-IPv4 215 client network runs IPv4. 217 o I-IP core tree. A single-source or multi-source distribution tree 218 rooted at one or more AFBR source nodes and branched out to one or 219 more AFBR leaf nodes. An I-IP core Tree is built using standard IP 220 or MPLS multicast signaling protocols operating exclusively inside 221 the I-IP core network. An I-IP core Tree is used to tunnel E-IP 222 multicast packets belonging to E-IP trees across the I-IP core. 223 Another name for an I-IP core Tree is multicast or multipoint 224 softwire. 226 o E-IP client tree. A single-source or multi-source distribution 227 tree rooted at one or more hosts or routers located inside a client 228 E-IP network and branched out to one or more leaf nodes located in 229 the same or different client E-IP networks. 231 3. Scenarios of Interest 233 This section describes the two different scenarios where softwires 234 mesh multicast will apply. 236 3.1. IPv4-over-IPv6 238 ._._._._. ._._._._. 239 | IPv4 | | IPv4 | -------- 240 | Client | | Client |--|Source S| 241 | network | | network | -------- 242 ._._._._. ._._._._. 243 | | 244 AFBR upstream AFBR(A) 245 | | 246 __+____________________+__ 247 / : : : : \ 248 | : : : : | 249 | : IPv6 transit core : | 250 | : : : : | 251 | : : : : | 252 \_._._._._._._._._._._._._./ 253 + + 254 downstream AFBR(C) downstream AFBR(D) 255 | | 256 ._._._._ ._._._._ 257 -------- | IPv4 | | IPv4 | -------- 258 |Receiver|-- | Client | | Client |--|Receiver| 259 -------- |network | | network| -------- 260 ._._._._ ._._._._ 262 Figure 2: IPv4-over-IPv6 Scenario 264 In this scenario, the E-IP client networks run IPv4 and I-IP core 265 runs IPv6. This scenario is illustrated in Figure 2. 267 Because of the much larger IPv6 group address space, it will not be a 268 problem to map individual client E-IPv4 tree to a specific I-IPv6 269 core tree. This simplifies operations on the AFBR because it becomes 270 possible to algorithmically map an IPv4 group/source address to an 271 IPv6 group/source address and vice-versa. 273 The IPv4-over-IPv6 scenario is an emerging requirement as network 274 operators build out native IPv6 backbone networks. These networks 275 naturally support native IPv6 services and applications but it is 276 with near 100% certainty that legacy IPv4 networks handling unicast 277 and multicast will need to be accommodated. 279 3.2. IPv6-over-IPv4 281 ._._._._. ._._._._. 282 | IPv6 | | IPv6 | -------- 283 | Client | | Client |--|Source S| 284 | network | | network | -------- 285 ._._._._. ._._._._. 286 | | 287 AFBR upstream AFBR 288 | | 289 __+____________________+__ 290 / : : : : \ 291 | : : : : | 292 | : IPv4 transit core : | 293 | : : : : | 294 | : : : : | 295 \_._._._._._._._._._._._._./ 296 + + 297 downstream AFBR downstream AFBR 298 | | 299 ._._._._ ._._._._ 300 -------- | IPv6 | | IPv6 | -------- 301 |Receiver|-- | Client | | Client |--|Receiver| 302 -------- |network | | network| -------- 303 ._._._._ ._._._._ 305 Figure 3: IPv6-over-IPv4 Scenario 307 In this scenario, the E-IP Client Networks run IPv6 while the I-IP 308 core runs IPv4 and is illustrated in Figure 3. 310 IPv6 multicast group addresses are longer than IPv4 multicast group 311 addresses. It will not be possible to perform an algorithmic IPv6 - 312 to - IPv4 address mapping without the risk of multiple IPv6 group 313 addresses mapped to the same IPv4 address resulting in unnecessary 314 bandwidth and resource consumption. Therefore additional efforts 315 will be required to ensure that client E-IPv6 multicast packets can 316 be injected into the correct I-IPv4 multicast trees at the AFBRs. 317 This clear mismatch in IPv6 and IPv4 group address lengths means that 318 it will not be possible to perform a one-to-one mapping between IPv6 319 and IPv4 group addresses unless the IPv6 group address is scoped. 321 As mentioned earlier this scenario is common in the MVPN environment. 322 As native IPv6 deployments and multicast applications emerge from the 323 outer reaches of the greater public IPv4 Internet, it is envisaged 324 that the IPv6 over IPv4 softwire mesh multicast scenario will be a 325 necessary feature supported by network operators. 327 4. IPv4-over-IPv6 329 4.1. Mechanism 331 Routers in the client E-IPv4 networks contain routes to all other 332 client E-IPv4 networks. Through the set of known and deployed 333 mechanisms, E-IPv4 hosts and routers have discovered or learned of 334 (S,G) or (*,G) IPv4 addresses. Any I-IP multicast state instantiated 335 in the core is referred to as (S',G') or (*,G') and is of course 336 separated from E-IP multicast state. 338 Suppose a downstream AFBR receives an E-IPv4 PIM Join/Prune message 339 from the E-IPv4 network for either an (S,G) tree or a (*,G) tree. 340 The AFBR can translate the E-IPv4 PIM message into an I-IPv6 PIM 341 message with the latter being directed towards I-IP IPv6 address of 342 the upstream AFBR. When the I-IPv6 PIM message arrives at the 343 upstream AFBR, it should be translated back into an E-IPv4 PIM 344 message. The result of these actions is the construction of E-IPv4 345 trees and a corresponding I-IP tree in the I-IP network. 347 In this case it is incumbent upon the AFBR routers to perform PIM 348 message conversions in the control plane and IP group address 349 conversions or mappings in the data plane. It becomes possible to 350 devise an algorithmic one-to-one IPv4-to-IPv6 address mapping at 351 AFBRs. 353 4.2. Source Address Mapping 355 There are two kinds of multicast --- ASM and SSM. It's possible for 356 I-IP network and E-IP network to support different kinds of 357 multicast, and the source address translation rules may vary a lot. 358 There are four scenarios to be discussed in detail: 360 o E-IP network supports SSM, I-IP network supports SSM 361 One possible way to make sure that the translated I-IPv6 PIM 362 message reaches upstream AFBR is to set S' to a virtual IPv6 363 address that leads to the upstream AFBR. Figure 4 is the 364 recommended address format based on [9]: 366 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 367 | 0-------------32--40--48--56--64--72--80--88--96--104---------| 368 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 369 | prefix |v4(32) | u | suffix |source address | 370 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 372 Figure 4: IPv4-Embedded IPv6 Virtual Source Address Format 373 In this address format, the "prefix" field contains a "Well-Known" 374 prefix or a ISP-defined prefix. An existing "Well-Known" prefix 375 is 64:ff9b, which is defined in [9]; "v4" field is the IP address 376 of one of upstream AFBR's E-IPv4 interface; "u" field is defined 377 in [4], and MUST be set to zero; "suffix" field is reserved for 378 future extensions and SHOULD be set to zero; "source address" 379 field stores the original S. 380 To make it feasible, the /32 prefix must be known to every AFBR, 381 and AFBRs should not only announce the /96 prefixes of S' to the 382 I-IPv6 network, but also announce the IP addresses of upstream 383 AFBRs' E-IPv4 interface presented in the "v4" field to other AFBRs 384 by MPBGP. In this way, when a downstream AFBR receives a (S,G) 385 message, it can translate it into (S',G') by looking up the IP 386 address of the corresponding AFBR's E-IPv4 interface. Since S' is 387 globally unique and the /96 prefix of S' is known to every router 388 in I-IPv6 network, the translated message will eventually arrive 389 at the corresponding upstream AFBR, and the upstream AFBR can 390 translate the message back to (S,G). 392 o E-IP network supports SSM, I-IP network supports ASM 393 Since any network that supports ASM should also support SSM, we 394 can construct a SSM tree in I-IP network. The operation in this 395 scenario is the same as that in the first scenario. 397 o E-IP network supports ASM, I-IP network supports SSM 398 ASM and SSM have the same PIM message format. The main 399 differences between ASM and SSM are RP and (*,G) messages. To 400 make this scenario feasible, we must be able to translate (*,G) 401 messages into (S',G') messages at downstream AFBRs, and translate 402 it back at upstream AFBRs. Assume RP' is the upstream AFBR that 403 locates between RP and the downstream AFBR. When downstream AFBR 404 receives an E-IPv4 PIM (*,G) message, S' can be generated 405 according to the format specified in Figure 4, with "v4" field 406 setting to the IP address of one of RP's E-IPv4 interface and 407 "source address" field setting to *(the IPv4 address of RP). The 408 translated message will eventually arrive at RP'. RP' checks the 409 "source address" field and find the IPv4 address of RP, so RP' 410 judges that this is originally a (*,G) message, then it translates 411 the message back to (*,G) message and forward it to RP. 412 Traveling all the way from sources to the RP, and then back down 413 the shared tree may result in the multicast data packets passing 414 through RP' twice, which brings about undesirable increased 415 latency or bandwidth consumption. For this reason, RP' MAY 416 perform a "cut-through", namely when RP' receives multicast data 417 packets sent from sources to RP, it not only forwards them to RP, 418 but also forwards them directly onto the multicast tree built in 419 the I-IPv6 network. (S,G,rpt) messages should be sent towards RP 420 to avoid reduplication. 422 o E-IP network supports ASM, I-IP network supports ASM 423 To keep it as simple as possible, we treat I-IP network as SSM and 424 the solution is the same as the third scenario. 426 4.3. Group Address Mapping 428 For IPv4-over-IPv6 scenario, a simple algorithmic mapping between 429 IPv4 multicast group addresses and IPv6 group addresses is supported. 430 [11] has already defined an applicable format. Figure 5 is a 431 reminder of the format: 433 | 8 | 4 | 4 | 16 | 4 | 60 | 32 | 434 +--------+----+----+-----------+----+------------------+----------+ 435 |11111111|0011|scop|00.......00|64IX| sub-group-id |v4 address| 436 +--------+----+----+-----------+----+------------------+----------+ 437 +-+-+-+-+ 438 IPv4-IPv6 Interconnection bits (64IX): |M|r|r|r| 439 +-+-+-+-+ 441 Figure 5: IPv4-Embedded IPv6 Multicast Address Format: SSM Mode 443 The high order bits of the I-IPv6 address range will be fixed for 444 mapping purposes. With this scheme, each IPv4 multicast address can 445 be mapped into an IPv6 multicast address(with the assigned prefix), 446 and each IPv6 multicast address with the assigned prefix can be 447 mapped into IPv4 multicast address. 449 4.4. Actions performed by AFBR 451 The following actions are performed by AFBRs: 453 o Receive E-IPv4 PIM messages 454 When a downstream AFBR receives an E-IPv4 PIM message, it should 455 check the address family of the next-hop towards the destination. 456 If the address family is IPv4, the AFBR should forward the message 457 without any translation; otherwise it should take the following 458 operation. 460 o Translate E-IPv4 PIM messages into I-IPv6 PIM messages 461 E-IPv4 PIM message with S(or *) and G is translated into I-IPv6 462 PIM message with S' and G' following the rules specified above. 464 o Transmit I-IPv6 PIM messages 465 The downstream AFBR sends the I-IPv6 PIM message to the upstream 466 AFBR. When the upstream AFBR receives this I-IPv6 PIM message, it 467 checks the prefix of the source address and judges that the 468 message is a translated message, then translates the message back 469 to E-IPv4 PIM message and sends it towards source or RP. 471 o Process and forward multicast data 472 On receiving multicast data from upstream routers, the AFBR looks 473 up its forwarding table to check the IP address of each outgoing 474 interface. If there exists at least one outgoing interface whose 475 IP address family is different from the incoming interface, the 476 AFBR should encapsulate/decapsulate this packet and forward it to 477 the outgoing interface(s), and then forward the data to the other 478 outgoing interfaces without encapsulation/decapsulation. 480 5. IPv6-over-IPv4 482 5.1. Mechanism 484 Routers in the client E-IPv6 networks contain routes to all other 485 client E-IPv6 networks. Through the set of known and deployed 486 mechanisms, E-IPv6 hosts and routers have discovered or learned of 487 (S,G) or (*,G) IPv6 addresses. Any I-IP multicast state instantiated 488 in the core is referred to as (S',G') or (*,G') and is of course 489 separated from E-IP multicast state. 491 This particular scenario introduces unique challenges. Unlike the 492 IPv4-over-IPv6 scenario, it's impossible to map all of the IPv6 493 multicast address space into the IPv4 address space to address the 494 one-to-one Softwire Multicast requirement. To coordinate with the 495 "IPv4-over-IPv6" scenario and keep the solution as simple as 496 possible, one possible solution to this problem is to limit the scope 497 of the E-IPv6 source addresses for mapping, such as applying a "Well- 498 Known" prefix or a ISP-defined prefix. 500 5.2. Source Address Mapping 502 There are two kinds of multicast --- ASM and SSM. It's possible for 503 I-IP network and E-IP network to support different kind of multicast, 504 and the source address translation rules may vary a lot. There are 505 four scenarios to be discussed in detail: 507 o E-IP network supports SSM, I-IP network supports SSM 508 To make sure that the translated I-IPv4 PIM message reaches the 509 upstream AFBR, we need to set S' to an IPv4 address that leads to 510 the upstream AFBR. But due to the non-"one-to-one" mapping of 511 E-IPv6 to I-IPv4 unicast address, the upstream AFBR is unable to 512 remap the I-IPv4 source address to the original E-IPv6 source 513 address without any constraints. 514 We apply a fixed IPv6 prefix and static mapping to solve this 515 problem. A recommended source address format is defined in [9]. 516 Figure 6 is a reminder of the format: 518 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 519 | 0-------------32--40--48--56--64--72--80--88--96--104---------| 520 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 521 | prefix(96) | v4(32) | 522 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 524 Figure 6: IPv4-Embedded IPv6 Source Address Format 525 In this address format, the "prefix" field contains a "Well-Known" 526 prefix or a ISP-defined prefix. An existing "Well-Known" prefix 527 is 64:ff9b, which is defined in [9]; "v4" field is the 528 corresponding I-IPv4 source address. 529 To make it feasible, the /96 prefix must be known to every AFBR, 530 every E-IPv6 address of sources that support mesh multicast MUST 531 follow the format specified in Figure 6, and the corresponding 532 upstream AFBR should announce the I-IPv4 address in "v4" field to 533 the I-IPv4 network. In this way, when a downstream AFBR receives 534 a (S,G) message, it can translate it into (S',G') by simply take 535 off the prefix in S. Since S' is known to every router in I-IPv4 536 network, the translated message will eventually arrive at the 537 corresponding upstream AFBR, and the upstream AFBR can translate 538 the message back to (S,G) by appending the prefix to S'. 540 o E-IP network supports SSM, I-IP network supports ASM 541 Since any network that supports ASM should also support SSM, we 542 can construct a SSM tree in I-IP network. The operation in this 543 scenario is the same as that in the first scenario. 545 o E-IP network supports ASM, I-IP network supports SSM 546 ASM and SSM have the same PIM message format. The main 547 differences between ASM and SSM are RP and (*,G) messages. To 548 make this scenario feasible, we must be able to translate (*,G) 549 messages into (S',G') messages at downstream AFBRs and translate 550 it back at upstream AFBRs. Here, the E-IPv6 address of RP MUST 551 follow the format specified in Figure 6. Assume RP' is the 552 upstream AFBR that locates between RP and the downstream AFBR. 553 When a downstream AFBR receives a (*,G) message, it can translate 554 it into (S',G') by simply take off the prefix in *(the E-IPv6 555 address of RP). Since S' is known to every router in I-IPv4 556 network, the translated message will eventually arrive at RP'. 557 RP' knows that S' is the mapped I-IPv4 address of RP, so RP' will 558 translate the message back to (*,G) by appending the prefix to S' 559 and forward it to RP. 560 Traveling all the way from sources to the RP, and then back down 561 the shared tree may result in the multicast data packets passing 562 through RP' twice, which brings about undesirable increased 563 latency or bandwidth consumption. For this reason, RP' MAY 564 perform a "cut-through", namely when RP' receives multicast data 565 packets sent from sources to RP, it not only forwards them to RP, 566 but also forwards them directly onto the multicast tree built in 567 the I-IPv6 network. (S,G,rpt) messages should be sent towards RP 568 to avoid reduplication. 570 o E-IP network supports ASM, I-IP network supports ASM 571 To keep it as simple as possible, we treat I-IP network as SSM and 572 the solution is the same as the third scenario. 574 5.3. Group Address Mapping 576 To keep one-to-one group address mapping simple, the group address 577 range of E-IP IPv6 can be reduced in a number of ways to limit the 578 scope of addresses that need to be mapped into the I-IP IPv4 space. 580 A recommended multicast address format is defined in [11]. The high 581 order bits of the E-IPv6 address range will be fixed for mapping 582 purposes. With this scheme, each IPv4 multicast address can be 583 mapped into an IPv6 multicast address(with the assigned prefix), and 584 each IPv6 multicast address with the assigned prefix can be mapped 585 into IPv4 multicast address. 587 5.4. Actions performed by AFBR 589 The following actions are performed by AFBRs 591 o Receive E-IPv6 PIM messages 592 When a downstream AFBR receives an E-IPv6 PIM message, it should 593 check the address family of the upstream router. If the address 594 family is IPv6, the AFBR should not translate this message; 595 otherwise it should take the following operation. 597 o Translate E-IPv6 PIM messages into I-IPv4 PIM messages 598 E-IPv6 PIM message with S(or *) and G is translated into I-IPv4 599 PIM message with S' and G' following the rules specified above. 601 o Transmit I-IPv4 PIM messages 602 The downstream AFBR sends the I-IPv4 PIM message to the upstream 603 AFBR. When the upstream AFBR receives this I-IPv4 PIM message, it 604 checks the source address and judges that the message is a 605 translated message, then translates the message back to E-IPv6 PIM 606 message and sends it towards source or RP. 608 o Process and forward multicast data 609 On receiving multicast data from upstream routers, the AFBR looks 610 up its forwarding table to check the IP address of each outgoing 611 interface. If there exists at least one outgoing interface whose 612 IP address family is different from the incoming interface, the 613 AFBR should encapsulate/decapsulate this packet and forward it to 614 the outgoing interface(s), and then forward the data to the other 615 outgoing interfaces without encapsulation/decapsulation. 617 6. Security Considerations 619 The AFBR routers could maintain secure communications through the use 620 of Security Architecture for the Internet Protocol as described 621 in[RFC4301]. But when adopting some schemes that will cause heavy 622 burden on routers, some attacker may use it as a tool for DDoS 623 attack. 625 7. IANA Considerations 627 When AFBRs perform address mapping, they should follow some 628 predefined rules, especially the IPv6 prefix for source address 629 mapping should be predefined, so that ingress AFBR and egress AFBR 630 can finish the mapping procedure correctly. The IPv6 prefix for 631 translation can be unified within only the transit core, or within 632 global area. In the later condition, the prefix should be assigned 633 by IANA. 635 8. References 637 8.1. Normative References 639 [1] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina, 640 "Generic Routing Encapsulation (GRE)", RFC 2784, March 2000. 642 [2] Foster, B. and F. Andreasen, "Media Gateway Control Protocol 643 (MGCP) Redirect and Reset Package", RFC 3991, February 2005. 645 [3] Hinden, R. and S. Deering, "IP Version 6 Addressing 646 Architecture", RFC 2373, July 1998. 648 [4] Hinden, R. and S. Deering, "IP Version 6 Addressing 649 Architecture", RFC 4291, February 2006. 651 [5] Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas, 652 "Protocol Independent Multicast - Sparse Mode (PIM-SM): 653 Protocol Specification (Revised)", RFC 4601, August 2006. 655 [6] Li, X., Dawkins, S., Ward, D., and A. Durand, "Softwire Problem 656 Statement", RFC 4925, July 2007. 658 [7] Wijnands, IJ., Boers, A., and E. Rosen, "The Reverse Path 659 Forwarding (RPF) Vector TLV", RFC 5496, March 2009. 661 [8] Wu, J., Cui, Y., Metz, C., and E. Rosen, "Softwire Mesh 662 Framework", RFC 5565, June 2009. 664 [9] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. Li, 665 "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, 666 October 2010. 668 8.2. Informative References 670 [10] Aggarwal, R., Bandi, S., Cai, Y., Morin, T., Rekhter, Y., 671 Rosen, E., Wijnands, I., and S. Yasukawa, "Multicast in MPLS/ 672 BGP IP VPNs", draft-ietf-l3vpn-2547bis-mcast-10 (work in 673 progress), January 2010. 675 [11] Boucadair, M., Qin, J., Lee, Y., Venaas, S., Li, X., and M. Xu, 676 "IPv4-Embedded IPv6 Multicast Address Format", 677 draft-boucadair-behave-64-multicast-address-format-02 (work in 678 progress), June 2011. 680 Appendix A. Acknowledgements 682 Wenlong Chen, Xuan Chen, Alain Durand, Yiu Lee, Jacni Qin and Stig 683 Venaas provided useful input into this document. 685 Authors' Addresses 687 Mingwei Xu 688 Tsinghua University 689 Department of Computer Science, Tsinghua University 690 Beijing 100084 691 P.R. China 693 Phone: +86-10-6278-5822 694 Email: xmw@cernet.edu.cn 696 Yong Cui 697 Tsinghua University 698 Department of Computer Science, Tsinghua University 699 Beijing 100084 700 P.R. China 702 Phone: +86-10-6278-5822 703 Email: cuiyong@tsinghua.edu.cn 705 Shu Yang 706 Tsinghua University 707 Department of Computer Science, Tsinghua University 708 Beijing 100084 709 P.R. China 711 Phone: +86-10-6278-5822 712 Email: yangshu@csnet1.cs.tsinghua.edu.cn 714 Chris Metz 715 Cisco Systems 716 170 West Tasman Drive 717 San Jose, CA 95134 718 USA 720 Phone: +1-408-525-3275 721 Email: chmetz@cisco.com 722 Greg Shepherd 723 Cisco Systems 724 170 West Tasman Drive 725 San Jose, CA 95134 726 USA 728 Phone: +1-541-912-9758 729 Email: shep@cisco.com