[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt

To: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Subject: Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
From: Fred Templin <ftemplin@iprg.nokia.com>
Date: Thu, 11 Sep 2003 10:50:03 -0700
Cc: Mauro Tortonesi <mtortonesi@ing.unife.it>, v6ops@ops.ietf.org
References: <200309111341.h8BDfXHN090888@givry.rennes.enst-bretagne.fr>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01

Francis Dupont wrote:

=> this is different: IPv4-mapped IPv6 addresses on the wire have far
more opponents than IPv4-mapped IPv6 addresses in the API.


I have never seen the "IPv4-mapped IPv6 addresses on the wire"
argument raised in relation to ISATAP, but since ISATAP
addresses also embed an IPv4 address in the interface identifier
I assume that some may see this as a concern.

For the record, if the site is not concerned about exposing L2
addresses to the outside it can certainly deploy ISATAP such
that nodes use ISATAP addresses as the IPv6 source address in
packets they send (e.g., by configuring the ISATAP router(s)
to send RAs with the L and A bits set in prefix options so that
nodes will naturally autoconfigure ISATAP addresses). But,
this is not the only option; indeed, there are at least two ways
in which sites can be configured such that nodes configure
non-ISATAP addresses and use them as the IPv6 source
addresses in packets they send:

 1) A site can configure its ISATAP router(s) to send RAs
   with the M/O bits set (or, to not send RAs at all) so that nodes
   naturally invoke stateful address autoconfiguration (RFC 2462,
   section 5.5). Each ISATAP node receives a non-ISATAP IPv6
   address delegation (V6) from the router/server for use as the
   IPv6 source address in packets it sends. The ISATAP router
   records a route mapping V6 to the node's link-local ISATAP
   address (LL) for each address it delegates so that return
   traffic is tunnled to the correct L2 address.

No ISATAP addresses are sent over the wire.

 2) A site can configure its ISATAP router(s) to send RAs with
   the L bit not set and the A bit set in prefix options so that nodes
   naturally invoke stateless address autoconfiguration (RFC 2462,
   section 5.5). Each ISATAP node autoconfigures a non-ISATAP
   IPv6 address (V6) and assigns it to a  loopback interface. The
   node will additionally send an RA back to the ISATAP router
   with a prefix option containing V6 and with the L and A bits
   not set. The ISATAP router records a route mapping V6->LL
   so that return traffic is tunnled to the correct L2 address.

Again, no ISATAP addresses are sent over the wire.

There are other options for assigning non-ISATAP addresses
to nodes in an ISATAP site (e.g., manual configuration). But,
it should be clear that sites not wishing to expose their L2
addresses to the outside when using ISATAP have several
options at their disposal. For more information, please refer
to the latest ISATAP draft at:

http://isatap.com

Fred
ftemplin@iprg.nokia.com

Follow-Ups:
- Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

References:
- Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

Prev by Date: RE: Potential MIB work?
Next by Date: Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
Previous by thread: Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
Next by thread: Re: draft-cmetz-v6ops-v4mapped-api-harmful-00.txt and draft-itojun-v6ops-v4mapped-harmful-01.txt
Index(es):
- Date
- Thread