Freenet6


TSP v6v4 Tunnel Profile draft


IPv6 over IPv4 profile for Tunnel Setup Protocol (TSP)
draft-vg-ngtrans-tsp-v6v4profile-01.txt

Status of this Memo

This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at http://
www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

This Internet-Draft will expire on December 30, 2002.

Copyright Notice

Copyright (C) The Internet Society (2002). All Rights Reserved.

Abstract

This document proposes a tunnel profile to setup IPv6 over IPv4
tunnels to be used with the Tunnel Setup Protocol (TSP) [8].

Blanchet Expires December 30, 2002 [Page 1]

Internet-Draft IPv6 over IPv4 profile for TSP July 2002

Table of Contents

1. Rationale for an IPv6 tunnel setup protocol . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Why a Tunnel Setup Protocol . . . . . . . . . . . . . . . . . 3
4. The IPv6 over IPv4 tunnel profile . . . . . . . . . . . . . . 4
4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4.2 Client element . . . . . . . . . . . . . . . . . . . . . . . . 5
4.3 Server element . . . . . . . . . . . . . . . . . . . . . . . . 5
4.4 broker element . . . . . . . . . . . . . . . . . . . . . . . . 5
5. Tunnel request . . . . . . . . . . . . . . . . . . . . . . . . 5
5.1 Host Tunnel request and Reply . . . . . . . . . . . . . . . . 5
5.2 Router Tunnel request with a /48 prefix delegation, and reply 6
5.3 Router Tunnel Request with a /48 prefix delegation and RIP
routing, and Reply . . . . . . . . . . . . . . . . . . . . . . 7
5.4 Router Tunnel Request with a /48 prefix delegation and BGP
peering, and Reply . . . . . . . . . . . . . . . . . . . . . . 8
6. Error codes . . . . . . . . . . . . . . . . . . . . . . . . . 9
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
8. Security considerations . . . . . . . . . . . . . . . . . . . 10
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Author's Address . . . . . . . . . . . . . . . . . . . . . . . 11
A. IPv6 over IPv4 tunnel DTD . . . . . . . . . . . . . . . . . . 11
Full Copyright Statement . . . . . . . . . . . . . . . . . . . 13

1. Rationale for an IPv6 tunnel setup protocol

Many IPv6 transition techniques uses tunnelling to overlay an IPv6
network over an IPv4 network. Some are manual, some are automatic
like 6to4 by embedding the IPv4 address of the gateway in the IPv6
address, some are semi-automatic like the tunnel broker.

The operation of the protocol defined in this document, known as
Tunnel Setup Protocol, allows dual stack (IPv4/IPv6) nodes to
negotiate the establishment of a configured tunnel (IPv6 over IPv4)
to a Tunnel Broker according to the IPv6 Tunnel Broker model proposed
in RFC 3053 [1]

The protocol solves the problem of authentication and the negotiation
between any dual stack node and Tunnel Broker by proposing a set of
messages to be exchanged between nodes and Tunnel Brokers. Moreover,
it enables the two parties to negociate prefix, dns delegation and
routing info.

2. Terminology

Tunnel Broker (TB) In a Tunnel Broker model, the broker is taking
charge of all communication between Tunnel Servers (TS) and Tunnel
Clients (TC). Tunnel clients query brokers for a tunnel and the
broker find a suitable tunnel server, ask the Tunnel server to
setup the tunnel and send the tunnel information to the Tunnel
Client.

Tunnel Server (TS) Tunnel Servers are providing the specific tunnel
service to a Tunnel Client. It can reveive the tunnel request
from a Tunnel Broker (as in the Tunnel Broker model) or directly
from the Tunnel Client as in the Tunnel Setup Protocol option.

Tunnel Client (TC) The Tunnel Client is the entity that need a tunnel
for a particular service or connectivity. A Tunnel Client can be
a host or a router.

3. Why a Tunnel Setup Protocol

There are current proposals about deploying configured tunnels over
IPv4 network. The Tunnel Broker method (RFC3053) [1] intends to use
Web browers and servers to allow end-users to request configured
tunnel but there is no real negociation between end-user and Tunnel
Broker. If end-users use dynamic IPv4 addresses, a manual operation
must be done to update the Tunnel Broker. This manual operation
implies to be done over a security layer to ensure a secure
authentication of end-users.

 

Blanchet Expires December 30, 2002 [Page 3]

Internet-Draft IPv6 over IPv4 profile for TSP July 2002

The IPv6 over IPv4 tunnels for home to Internet access method [5] is
proposing a secure method to solve the problem of dynamic IP address
changes at end-users sides by using neighbor discovery protocol [2]
functions and IPsec. This proposed method is dependant of IPsec
implementors that have to modify their implementations to handle
virtual interfaces for IPv6.

A Tunnel Broker implementation with a web interface revealed many
practical problems :

o Using Web interfaces for Tunnel Broker limits the scalability of
deploying IPv6 networks and hosts at very large scale over
Internet. Web interface requires manual operation from end-users.

o End-users that uses dynamic IPv4 addresses must go back manually
to the Tunnel Broker's web interface each time their IPv4 address
changes

The Tunnel Setup Protocol (TSP) approach proposes a negociation of
tunnel parameters between Tunnel clients and Tunnel Servers. The
proposed protocol is able to handle different kinds of tunnel over
IPv4 such as IPv6 configured tunnel, DVMRP tunnels over IPv4 for
multicast and others. In the current document, examples of the
protocol are focused on IPv6 configured tunnel.

4. The IPv6 over IPv4 tunnel profile

4.1 Overview

This profile uses the included DTD for the xml format of the message.
The dtd contains the description of the tunnel XML message. This
message is used by the TSP compliant server to provide IPv6 over
tunnels service. Action for the specified tunnel is provided in the
'action' atribute of the 'tunnel' message. Valid actions for this
profile are : 'create', 'info' and 'delete'.

The 'create' action is used to request a new tunnel or update an
existing tunnel. The 'info' action is used to request current
properties of an existing tunnel. The 'delete' action is used to
remove an existing tunnel from the server.

The 'tunnel' message contains three elements:

client Client's information

server Server's information

broker List of other server's

 

Blanchet Expires December 30, 2002 [Page 4]

Internet-Draft IPv6 over IPv4 profile for TSP July 2002

4.2 Client element

The client element contains 2 elements: 'address' and 'router'.
These elements are used to describe the client needs and will be used
by the server to create the appropriate tunnel. This is the only
element sent by a client.

The 'address' element is used to identify the client IPv4 endpoint of
the tunnel. The client MUST send only an IPv4 address to the server.
The server will then return the IPv6 address endpoint and domain name
inside the 'client' element when the tunnel is created or updated.

Optionaly a client can send a 'router' element to ask for a prefix
delegation. The 'router' element contains the 'router protocol'
attribute which specify the routing method to be use between the
server and the client. If no attribute is specified the the routing
will use static routes. Routing method may include 'rip' or 'bgp'.
If 'bgp' is used, the client MUST sent a valid AS number within the
'as' element.

4.3 Server element

The 'server' element contains 2 elements: 'address' and 'router'.
These elements are used to describe the server's tunnel endpoint.
The 'address' element is used to provide both IPv4 and IPv6 addresses
of the server's tunnel endpoint, while the 'router' element provides
information for the routing method choosen by the client.

4.4 broker element

The 'broker' element is used by a server to provide a alternate list
of servers to a client in the case where the server is not able to
provide the requested tunnel.

The 'broker' element will contain a series of 'address' element.

5. Tunnel request

This section presents multiple examples of requests.

5.1 Host Tunnel request and Reply

A simple tunnel request consist of a 'tunnel' element which contains
only an 'address' element