Discussion on Host-based IPv6 Translation denghui@chinamobile.com
Outline • Conventional IPv4 application support • Network scenarios • Why we need host based translation • Vs DS Lite, NAT64, Double NAT • Signaling procedure of PNAT44COM • What to do next?
Plenty of IPv4 legacy on the host side (By Teemu) I. Applications – IPv6 has not generally been a real requirement for applications – Many applications are IPv4-only, percentage unknown – Many legacy applications will never see update to IPv6 II. Runtime environments – All runtime environments do not support IPv4, while most should – A common runtime environment in mobile environment is Java Platform, Micro Edition (Java ME). It has Mobile Information Device Profile, of which newest version 2.0 (MIDP 2.0) that is IPv4-only . IPv6 support is coming with MIDP 3, but it is not yet standardized III. External devices – A host may implement internet connection sharing for other hosts – These hosts are not necessarily IPv6 capable at all, or may run IPv4-only applications, or IPv4-only runtimes..
The host side… (by Teemu) • will feel strong incentive to support IPv6 only after networks start actually providing IPv6 connectivity • Should not be forced to upgrade everything due IPv6 deployment • will have a long IPv4 tail
… (by Sheng Jiang) • A virtual Scenario has not been answered yet: How to support conventional IPv4 applications in IPv6 only network without encapsulation IPv6 APP | IPv4 APP IPv6 APP | IPv4 APP IPv6-only Dual Dual stack stack IPv6 APP | IPv4 APP IPv6 APP | IPv4 APP IPv6-only Dual Dual stack stack IPv4 IPv6
Scenarios (H1 talk with H2) •H1 could know H2’s address either by DNS or referal, but H1’s application has no idea how to setup the tunnel between H1 and H2. •Communication between H1 and H2 could be 4-4,4-6, and 6-4 •Direct IPv6 routing will benefit for such communication IPv4 app IPv4 appIPv6 app Server IPv6 IPv4 Stack Stack H2 IPv4 H3 IPv6 only network network 4-6/4-4/6-4 PNAT64 6-4/4-4 IPv4 appIPv6 app H1 IPv6 IPv4 Stack Stack Scenarios we consider are multiple possibilities: • PNAT44COM: IPv4-IPv4 application communicate within/through IPv6 network; • PNAT46COM: IPv4-IPv6 application communicate within/through IPv6 network • PNAT64COM: IPv6-IPv4 application communicate within/through IPv6 network
Network Scenarios IPv6 Appl. IPv4 Appl. Scenarios Descriptions PNAT Host(IPv4 app) <—> Socket API IPv4 server PNAT modules PNAT44COM TCP/UDP/IPv4-6 PNAT Host 1(IPv4 app) <—> PNAT Host 2(IPv4 app) Network card driver PNAT Host 1 DNSv4 DNSv6 IPv4 site IPv6 site Access Router PNAT64 (DHCPv6) PNAT Host 2 IPv4 server IPv6 Appl. IPv4 Appl. Scenarios Descriptions Socket API PNAT Host 1(IPv4 app) <—> PNAT modules PNAT46COM PNAT Host 2(IPv6 app) TCP/UDP/IPv4-6 PNAT Host 1(IPv6 app) <—> Network card driver PNAT64COM PNAT Host 2(IPv4 app) PNAT Host 1(IPv6 app) <—> PNAT66COM PNAT Host 2(IPv6 app)
Why we need host based translation – How to support conventional IPv4 applications in IPv6 only network, IPhone store already has more than 60,000 applications. – The implementation of operator’s service has been long-time running, quite stable, and hard to upgrade. – Modify the host is very difficulty, but modify the host’s network stack is not that difficulty. – Operator customize the host more than before.
Translation in the host vs in the network • The first hop of the network is IPv6 only • The major difference: – Supporting the conventional IPv4 application is mandatory requirement for the operators.
Translation vs Tunneling • This is not comparison between them, but for special host scenarios. • The difference: – Communication need to be directly route each other to avoid tunnel mesh, other than passing through the tunneling aggregation point. (CGN) – Different IP families need to talk each other.
PNAT vs Dual-stack Lite • The major difference: – Within IPv6 network communication, it need not go through any CGN. – 3GPP QoS will be based out IP header other than inside IP header – For MTU, translation is a little better than tunneling. – DNS synthesis problems - DNSSEC relations?
Compatible with NAT64, not DNS64 • The current framework document assumes that DNS queries go to a DNS64 if sent over an IPv6-only network. Is there a reason to change this assumption? – PNAT is compatible with NAT64, but it doesn’t compatible with DNS64, the reason is PNAT host need to identify the peer side IP type.
Avoid double NAT issue • http://tools.ietf.org/html/draft-durand-v6ops- natv4v6v4-01. – Since PNAT could identify the peer side IP type based on DNS resolve result, so it could know whether it need do ALG inside the host or not, the issue has been avoided.
PNAT module in the host PNAT Socket Translation Host modules • PNAT inside the host will translate IPv4 socket API into IPv6 socket API • DNS IPv4 socket call can be translated into IPv6 socket call LIR prefix will be used for PNAT source address translation LIR prefix will be used for PNAT source address translation Well-know prefix will be used for PNAT destination address translation Well-know prefix will be used for PNAT destination address translation
Two possible ways to perform DHCPv6 process • PNAT host request IPv4 address , IPv6 prefix , both DNS4 and DNS6 server address from DHCPv6 server. There are two methods to achieve the goals Server Host SP DHCP Method 1: container RG client server option for server Host configuration Thanks the discussion Container option from James woodyatt Host DHCP Method 2: extension of Host Server DHCPv6 option to support IPv4 address option 1. solicit message assigning IPv4 address; For IPv6 prefix, RFC 3633 could 2 . Advertise be used 3. Request message 4. Reply message
PNAT Address translation and PNAT64 operations PNAT address translation PNAT64 operations • For the destination address • For the source address, all zero in 65-96 bits is to identify the case of private IPv4 address embedded Destination addr Actions • For the source address, all one in 65-96 WKP:: perform a translation operation bits is to identify the case of public IPv4 Source addr Actions address embedded Padding all one in Get rid of prefix, record the relationship 65-96 bits between IPv4 address and IPv6 prefix Padding all zero A normal NAT64 procedure in 65-96 bits Normal IPv6 A normal NAT64 procedure address
PNAT44COM signaling (private IPv4 address embedded in source address) PNAT host IPv4 Server DNS4 Server Socket Address DNS6 Server 11.1.1.1 IPv4 app. 22.1.1.1 DHCP PNAT64 translation translation DHCP discovery Public address pool 33.1.1.1 ~33.255.1.1 offer=LIR:: (IPv6 prefix)+10.1.1.1(IPv4)+DNS4/6 address DNS4 call Synthesize WKP gethostbyname() Identify peer’s IP type If it’s IPv4, send DNS S: LIR:0:0:a01:101 S: 33.1.1.1 DNS query (AAAA/A) query to DNS4 server D: WKP::b01:101:: D: 11.1.1.1 {DNS soc translation ->getaddrinfo()} DNS4 response DNS response (A: 22.1.1.1) Transmit data Synthesize WKP 10.1.1.1 A normal NAT64 IPv6 header S: LIR:0:0:a01:101 Socket translation-> S: 33.1.1.1 22.1.1.1 handling (ALG if it + IPv4 Payload D: WKP::1601:101:: D: 22.1.1.1 connect(); send()… is needed ) A normal NAT64 Socket translation-> S: WKP::1601:101:: S: 22.1.1.1 handling (ALG if it 22.1.1.1 D: LIR:0:0:a01:101 accept();recvmsg()… D: 33.1.1.1 is needed ) 10.1.1.1
PNAT44COM signaling (public IPv4 address embedded in source address) PNAT host IPv4 Server DNS4 Server Socket Address DNS6 Server 11.1.1.1 IPv4 app. 22.1.1.1 DHCP PNAT64 translation translation DHCP discovery No demand for maintaining public address pool offer=LIR:: (IPv6 prefix)+33.1.1.1(IPv4)+DNS4/6 address DNS4 call Synthesize WKP gethostbyname() Identify peer’s IP type If it’s IPv4, send DNS S: LIR:ffff:ffff:2101:101 S: 33.1.1.1 DNS query (AAAA/A) query to DNS4 server D: WKP::b01:101:: D: 11.1.1.1 {DNS soc translation ->getaddrinfo()} DNS4 response DNS response (A: 22.1.1.1) Transmit data Synthesize WKP 33.1.1.1 A normal NAT64 IPv6 header S: LIR:ffff:ffff:a01:101 Socket translation-> S: 33.1.1.1 22.1.1.1 handling (ALG if it + IPv4 Payload D: WKP::1601:101:: D: 22.1.1.1 connect(); send()… is needed ) A normal NAT64 Socket translation-> S: WKP::1601:101:: S: 22.1.1.1 handling (ALG if it D: LIR:ffff:ffff:a01:101 accept();recvmsg()… D: 33.1.1.1 22.1.1.1 is needed ) 33.1.1.1
Next? • We are doing the implementation, more than 5 vendors are involved in, hope we can finish by the early of Nov. this technology will be deployed in our network hopefully within this year, for IPv6 based HDTV service. • Will Behave WG consider to have host based translation solution work item? • How to proceed this work? (To chairs)
Appendix PNAT vs (BIA or BIS) • The difference: – There are no demands to retain mapping table in PNAT44COM, but BIA/BIS still needs – PNAT described in detail how it work together with PNAT64, but BIA/BIS doesn't. – PNAT host and PNAT64 will process differently for public and private IPv4 source address, but BIA/BIS couldn’t. – PNAT can identify peer application type (4 or 6) by responded A or AAAA records, so knows whether the host need to do ALG or not which could avoid NAT464 issue.
Recommend
More recommend