Network Working Group X. Li
Internet-Draft C. Bao
Intended status: Informational G. Han
Expires: January 10, 2013 CERNET Center/Tsinghua
University
W. Dec
Cisco Systems
July 9, 2012
MAP Testing Results
draft-xli-softwire-map-testing-00
Abstract
This document presents the testing results of a unified code
accommodating encapsulation and translation modes of Mapping of
Address and Port (MAP). Experiments show that the unified MAP CE is
not only supporting MAP-E and MAP-T modes, but also backward
compatible with AFTR of dual-stack lite and stateless/stateful NAT64.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 10, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
Li, et al. Expires January 10, 2013 [Page 1]
Internet-Draft MAP Testing Results July 2012
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Testing Topology . . . . . . . . . . . . . . . . . . . . . 3
2. MAP specifications . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Mapping Rules and the Address Formats . . . . . . . . . . 3
2.2. Port Mapping Algorithm . . . . . . . . . . . . . . . . . . 4
2.3. Forwarding Modes . . . . . . . . . . . . . . . . . . . . . 4
2.4. Implementation . . . . . . . . . . . . . . . . . . . . . . 5
3. MAP Testing . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1. MAP-T . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2. MAP-E . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.3. Mixed MAP-T/MAP-E . . . . . . . . . . . . . . . . . . . . 6
4. Backward Compatibility Testing . . . . . . . . . . . . . . . . 7
4.1. AFTR of dual-stack lite . . . . . . . . . . . . . . . . . 7
4.2. NAT64 with double translation . . . . . . . . . . . . . . 8
5. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 8
6. Security Considerations . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9
9. Normative References . . . . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10
Li, et al. Expires January 10, 2013 [Page 2]
Internet-Draft MAP Testing Results July 2012
1. Introduction
Generic mechanism for mapping between an IPv4 prefix, address or
parts of thereof, and transport layer ports and an IPv6 prefix or
address with translation mode and encapsulation mode is specified in
[I-D.ietf-softwire-map]. This document presents testing results of a
unified code containing translation and encapsulation modes of
Mapping of Address and Port (MAP). The backward compatibility of MAP
CE with AFTR of dual-stack lite and NAT64 of stateful translation are
also presented.
1.1. Testing Topology
The testing topology is shown in the following figure.
----- ------
.-| CE.0|---|Host.0|
/ ----- ------
------ ----- |
/ The \ ----- / An \ | ----- ------
| IPv4 |--| BR |---| IPv6 |------| CE.1|---|Host.1|
\Internet/ | | ^ \Network/ | ----- ------
------ ----- | ----- |
| \ ----- ------
tcpdump -| CE.K|---|Host.K|
----- ------
Figure 1: Generic testing topology
Where, BR is the MAP Border Relay, CE is the MAP Customer Edge. Both
BR and CE can be configured in translation mode (MAP-T) or
encapsulation mode (MAP-E), independently. A tcpdump process is
running between BR and CE to get the packet header information.
2. MAP specifications
The code tested in this document follows the MAP specification
defined in [I-D.ietf-softwire-map], which contains the Mapping Rules,
the Port Mapping Algorithm and the Forwarding Mode. The explicit
address format and configuration parameters used for the code are
presented in the following sections.
2.1. Mapping Rules and the Address Formats
The address format of Basic Mapping Rule (BMR) and Forwarding Mapping
Rule (FMR) are defined in the following figure. Also note that
translation mode (MAP-T) and encapsulation mode (MAP-E) have the same
Li, et al. Expires January 10, 2013 [Page 3]
Internet-Draft MAP Testing Results July 2012
address format of BMR/FMR.
<-- n bits -->|<o bits>|<-m bits>|< 8>|<---- L>=32 ------>|<--56-L-->
|0 63| 127|
+-------------+--------+---------+----+--------------+----+---------+
| IPv6 prefix |EA bits |Subnet-id| u | IPv4 address |PSID| 0 |
+-------------+--------+---------+----+--------------+----+---------+
<End-user IPv6 prefix >|
Figure 2: BMR/FMR in translation and encapsulation modes
The address format of Default Mapping Rule is different for
translation (MAP-T) and encapsulation (MAP-E), as shown in the
following figures.
|0 63| 127|
+--------------------------------+----+--------------+--------------+
| BR prefix | u | IPv4 address | 0 |
+--------------------------------+----+--------------+--------------+
Figure 3: DMR in translation mode
|0 127|
+-------------------------------------------------------------------+
| BR IPv6 address |
+-------------------------------------------------------------------+
Figure 4: DMR in encapsulation mode
The testing presented in this document is for the Hubs and Spokes
scenario, and therefore, only BMR and DMR are required in each CE.
2.2. Port Mapping Algorithm
The port mapping algorithm is called Generalized Modulus Algorithm
(GMA), which contains the sharing ratio (R=2^k), the maximum number
of contiguous ports (M=2^m) and the Port-Set Identifiers (PSID).
2.3. Forwarding Modes
The MAP has two forwarding modes, the translation (MAP-T) and
encapsulation (MAP-E). The header processing algorithms of the
Li, et al. Expires January 10, 2013 [Page 4]
Internet-Draft MAP Testing Results July 2012
translation and the encapsulation modes are defined in [RFC6145] and
[RFC2473], respectively.
2.4. Implementation
The MAP specification is implemented in Linux environment under GPL
[map-code].
The CE related configuration parameters are:
-i specify the name of the Ethernet device connected to IPv4 world
-I specify the name of the Ethernet device connected to IPv6 world
-H specify in CE mode
-a specify the IPv4 address and mask of the host behind the CE
-P specify the IPv6 rule prefix and prefix length of the host behind
the CE
-R specify the associated IPv4 address sharing ratio R of the host
behind the CE
-M specify the associated M parameter of the host behind the CE
device
-o specify the PSID of the host behind the CE
-N specify in NAT44 mode. The '-A' option is required.
-A specify the public IPv4 address and mask which the host behind the
CE device is mapped into. In this case, the '-a' option will
specify the private IPv4 network and prefix length
-X specify the IPv6 prefix is not containing EA-bits
3. MAP Testing
The configuration examples and the testing results of the MAP's
translation mode (MAP-T), the encapsulation mode (MAP-E), the mixed
MAP-T/MAP-E modes are shown in this section.
The basic testing method is from an IPv4 host connected to CE to ping
an IPv4 server (202.112.35.254) connected to BR. The tcpdump records
the packet headers of the echo request and echo reply messages.
Li, et al. Expires January 10, 2013 [Page 5]
Internet-Draft MAP Testing Results July 2012
3.1. MAP-T
The MAP CE in MAP-T mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff::/64 -T
utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 0 -c 1440 -T
The tcpdump data samples are:
09:42:16.526809 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8:
b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 18177, length
40
09:42:16.527448 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8:
b4b6:100:ca:2675:100:0: ICMP6, echo reply, seq 18177, length 40
3.2. MAP-E
The MAP CE in MAP-E mode is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:ffff:1234::5678/128 -E
utils/ivictl -s -i eth1 -I eth0 -H -N -a 192.168.1.0/24 -A
202.38.117.1/24 -P 2001:da8:b4b6::/48 -R 16 -M 2 -o 8 -c 1400 -E
The tcpdump data samples are:
09:38:43.326429 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8:
b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo
request, id 1040, seq 32512, length 40
09:38:43.327786 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6:
180:ca:2675:180:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo
reply, id 1040, seq 32512, length 40
3.3. Mixed MAP-T/MAP-E
The CE and BR can be configured in different modes, for example CE
can be configured in translation mode and BR can be configured in
encapsulation mode. The reason is that the forwarding mode is only
required in the IPv4 to IPv6 direction, while it can be automatically
identified by checking the value of the next header in the IPv6
packets in the IPv6 to IPv4 direction. This feature provides great
flexibility to the users and operators to select desired forwarding
mode without dropping a single packet in different forwarding mode.
The following are two examples of BR and CE in different forwarding
Li, et al. Expires January 10, 2013 [Page 6]
Internet-Draft MAP Testing Results July 2012
modes with the configurations shown in MAP-T and MAP-E sections.
When BR is in T mode and CE is in E mode, the tcpdump data samples
are:
09:39:48.829067 IP6 2001:da8:b4b6:180:ca:2675:180:0 > 2001:da8:
b4b6:ffff:1234::5678: IP 202.38.117.1 > 202.112.35.254: ICMP echo
request, id 1040, seq 47104, length 40
09:39:48.833054 IP6 2001:da8:b4b6:ffff:ca:7023:fe00:0 > 2001:da8:
b4b6:180:ca:2675:180:0: ICMP6, echo reply, seq 47104, length 40
When BR is in E mode and CE is in T mode, the tcpdump data samples
are:
09:44:11.692130 IP6 2001:da8:b4b6:100:ca:2675:100:0 > 2001:da8:
b4b6:ffff:ca:7023:fe00:0: ICMP6, echo request, seq 41473, length
40
09:44:11.693044 IP6 2001:da8:b4b6:ffff:1234::5678 > 2001:da8:b4b6:
100:ca:2675:100:0: IP 202.112.35.254 > 202.38.117.1: ICMP echo
reply, id 1024, seq 41473, length 40
4. Backward Compatibility Testing
The MAP CE is backward compatible to dual-stack lite in the E mode
and to NAT64 in the T mode.
4.1. AFTR of dual-stack lite
Dual-stack lite is a stateful encapsulation technology defined in
[RFC6333]. For the testing, the MAP BR is replaced by dual-stack
lite AFTR [dual-stack-lite-code].
The MAP CE is configured as:
utils/ivictl -r -d -P 2001::1/128
utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A
10.255.255.1/24 -P 2001:da8:b001:1009::/64 -R 16 -M 2 -o 0 -c 1400
-E
The tcpdump data samples are:
22:48:42.536559 IP6 2001:da8:b001:1009:a:ffff:100:0 > 2001::1: IP
10.255.255.1 > 202.112.35.254: ICMP echo request, id 1024, seq
41473, length 40
Li, et al. Expires January 10, 2013 [Page 7]
Internet-Draft MAP Testing Results July 2012
22:48:42.539352 IP6 2001::1 > 2001:da8:b001:1009:a:ffff:100:0: IP
202.112.35.254 > 10.255.255.1: ICMP echo reply, id 1024, seq
41473, length 40
4.2. NAT64 with double translation
NAT64 is a stateful translation technology defined in [RFC6146] and
[RFC6145]. For the testing, the MAP BR is replaced by NAT64
[nat64-code].
The MAP CE is configured as:
utils/ivictl -r -d -P 2001:da8:b4b6:1000::/64 -T
utils/ivictl -s -i eth1 -I eth0 -H -N -X -a 192.168.1.0/24 -A
2.2.2.2/32 -P 2001:da8:b001:fff9::/64 -R 16 -M 2 -o 0 -c 1440 -T
The tcpdump data samples are:
09:24:16.478385 IP6 2001:da8:b001:fff9:2:202:200:0 > 2001:da8:
b4b6:1000:ca:7023:fe00:0: ICMP6, echo request, seq 25600, length
40
09:24:16.479638 IP6 2001:da8:b4b6:1000:ca:7023:fe00:0 > 2001:da8:
b001:fff9:2:202:200:0: ICMP6, echo reply, seq 25600, length 40
Note that for this scenario, the CE defined in
[I-D.ietf-v6ops-464xlat] can also achieve this goal.
5. Conclusions
Although only the echo request/echo reply testing results with the
corresponding MAP CE configuration examples are presented in this
document, the TCP/UDP applications are also tested in CERNET/CERNET2
successfully. The concluding remarks are:
o A unified MAP can support MAP-T, MAP-E and even the mixed modes
without introducing additional complexity.
o A unified MAP CE can be configured backward compatible with
stateless NAT64, stateful NAT64 and dual-stack lite.
6. Security Considerations
This document does not introduce any new security considerations.
Li, et al. Expires January 10, 2013 [Page 8]
Internet-Draft MAP Testing Results July 2012
7. IANA Considerations
None.
8. Acknowledgments
The authors would like to acknowledge the following contributors of
this document: Weicai Wang, Wentao Shang and Rajiv Asati.
9. Normative References
[I-D.ietf-softwire-map]
Troan, O., Dec, W., Li, X., Bao, C., Zhai, Y., Matsushima,
S., and T. Murakami, "Mapping of Address and Port (MAP)",
draft-ietf-softwire-map-01 (work in progress), June 2012.
[I-D.ietf-v6ops-464xlat]
Mawatari, M., Kawashima, M., and C. Byrne, "464XLAT:
Combination of Stateful and Stateless Translation",
draft-ietf-v6ops-464xlat-05 (work in progress), July 2012.
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, December 1998.
[RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
Algorithm", RFC 6145, April 2011.
[RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful
NAT64: Network Address and Protocol Translation from IPv6
Clients to IPv4 Servers", RFC 6146, April 2011.
[RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
Stack Lite Broadband Deployments Following IPv4
Exhaustion", RFC 6333, August 2011.
[dual-stack-lite-code]
"Dual-stack Lite Code:
http://www.isc.org/software/aftr/11".
[map-code]
"MAP Code: http://mapt.ivi2.org:8039/mapt.html".
[nat64-code]
"NAT64 Code: http://ecdysis.viagenie.ca/download.html".
Li, et al. Expires January 10, 2013 [Page 9]
Internet-Draft MAP Testing Results July 2012
Authors' Addresses
Xing Li
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: xing@cernet.edu.cn
Congxiao Bao
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: congxiao@cernet.edu.cn
Guoliang Han
CERNET Center/Tsinghua University
Room 225, Main Building, Tsinghua University
Beijing 100084
CN
Phone: +86 10-62785983
Email: bupthgl@gmail.com
Wojciech Dec
Cisco Systems
Haarlerbergpark Haarlerbergweg 13-19
Amsterdam, NOORD-HOLLAND 1101 CH
Netherlands
Phone:
Email: wdec@cisco.com
Li, et al. Expires January 10, 2013 [Page 10]