Internet Engineering Task Force X. Liu Internet-Draft B. Yan Intended status: Informational CNIC / Chinese Academy of Expires: May 9, 2013 Sciences C. Bao X. Li CERNET Center / Tsinghua University November 5, 2012 Experience from Double Translation and Encapsulation (MAP) Testing draft-liu-softwire-experience-map-01 Abstract This document discusses the experiences of using Mapping of Address and Port (MAP). Network setup and testing results using MAP-Translation (MAP-T), MAP- Encapsulation (MAP-E) and mixed MAP-T/MAP-E are described in this document. Relationships among native IPv6, single translation, double translation, and encapsulation are also discussed. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 9, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. Liu, et al. Expires May 9, 2013 [Page 1] Internet-Draft Experience from MAP Testing November 2012 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Technology and Terminology . . . . . . . . . . . . . . . . . . 3 3. Network and Experiment Setup . . . . . . . . . . . . . . . . . 4 3.1. Network Topology . . . . . . . . . . . . . . . . . . . . . 4 3.2. Test Content . . . . . . . . . . . . . . . . . . . . . . . 5 4. General Experiences . . . . . . . . . . . . . . . . . . . . . 6 5. Discussion of relationships among native IPv6, single translation, double translation and encapsulation . . . . . . 6 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 9.1. Normative References . . . . . . . . . . . . . . . . . . . 7 9.2. Informative References . . . . . . . . . . . . . . . . . . 8 Appendix A. Configuration Files . . . . . . . . . . . . . . . . . 8 A.1. MAP-T Core Configuration . . . . . . . . . . . . . . . . . 9 A.2. MAP-E Core Configuration . . . . . . . . . . . . . . . . . 10 A.3. MAP-T CPE Configuration . . . . . . . . . . . . . . . . . 11 A.4. MAP-E CPE Configuration . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 Liu, et al. Expires May 9, 2013 [Page 2] Internet-Draft Experience from MAP Testing November 2012 1. Introduction In recent years, many researchers focus on the IPv6-only network. Users or applications in IPv6-only environment may meet with difficulties when visiting IPv4 resources, e.g. big data visiting or migration. From May 2012, CNIC (Computer Network Information Center) in Chinese Academy of Sciences performed a series of experiments on the comparison with native IPv6 and single translation using NAT64/DNS64 [RFC6144][RFC6145][RFC6146]. Although many applications work correctly, there are problems that single translation cannot solve, these problems are also mentioned in IETF's IPv6-only experiences [RFC6586] and [I-D.draft-hazeyama-widecamp-ipv6-only-experience]: Several OSes and devices do not work in IPv6-only network; access difficulties happen when IPv4 address literal is embedded in the application; ALG problem, e.g. FTP; etc. Double translation or encapsulation can solve the problems we have when single translation is used. This document presents our experience from the network experiment using double translation and encapsulation named Mapping of Address and Port (MAP). Common applications are tested in MAP-T, MAP-E, and mixed MAP-T/MAP-E modes. We refer to the IETF's MAP-T testing results [I-D.draft-cordeiro-softwire-experience-mapt], we add some applications test with Chinese applications, and try to clarify new issues on the relationships among native IPv6, single translation, double translation, and encapsulation in the environment. Subjectively, we didn't find significant differences when using applications in MAP-T, and MAP-E mode. MAP-T can support IPv6-only server. 2. Technology and Terminology In this document, the following terms are used. "MAP-T" refers to MAP double stateless translation based solution for providing IPv4 hosts connectivity to and across an IPv6 domain, as defined by [I-D.draft-ietf-softwire-map-t]. Liu, et al. Expires May 9, 2013 [Page 3] Internet-Draft Experience from MAP Testing November 2012 "MAP-E" refers to MAP Encapsulation based solution with an automatic tunneling mechanism for providing IPv4 connectivity service to end users over service provider's IPv6 network, as defined by [I-D.draft-ietf-softwire-map]. 3. Network and Experiment Setup 3.1. Network Topology ------ | Host | | 3 | ------ |IPv6 ---------- +--------+ / CSTNET \ IPv4 ------ IPv6| IPv6 |IPv6 ------ IPv4 ------ | IPv4 Network |----| MAP |----| only |----| MAP |----| Host | \ (Net 1) / | Core | | Router | | CPE | | 1 | ---------- ------ +--------+ ------ ------ | | |IPv6 |IPv4 ------ | |-------| Host | ---------- | 2 | / CSTNET \ ------ | IPv6 Network | \ (Net 2) / ---------- Network Topology Figure 1 The MAP core and MAP CPE support both MAP-T and MAP-E modes, running Fedora 11 and MAP-T 2.2c and MAP-E 2.2c software developed by CERNET (http://mapt.ivi2.org:8039/mapt.html). We use three host machines in the experiment, Host 1 and Host 2 are IPv4-only PC with Windows 7 and Linux Ubuntu 12.04, Host 3 is IPv6- only PC with Windows 7. Net 1 is an IPv4 network with public valid IPv4 address, Net 2 is an IPv6 network with public valid IPv6 address. Both Net 1 and Net 2 are supported by CSTNET. The configuration of MAP-T/MAP-E core, MAP-T/MAP-E CPE is shown in Appendix part. DHCP function is not used in this experiment. Liu, et al. Expires May 9, 2013 [Page 4] Internet-Draft Experience from MAP Testing November 2012 3.2. Test Content We tested difference applications in different OS:Windows 7 and Linux Ubuntu 12.04. +------------------+--------------+---------------------------------+ | content | categories | applications | +------------------+--------------+---------------------------------+ | Normal | Browser | Internet Explorer, Mozilla | | Applications | | Firefox, Google Chrome, Safari | | | On-line | Flash, Java applets | | | games | | | Client/Server | Web | IPv4/IPv6 website: Google.com, | | Applications | | Yahoo.com; | | | | IPv4 website: Baidu.com, | | | | Yahoo.com.cn | | | e-mail | Gmail, Yahoo mail, Hotmail | | | video stream | Address-based indexing: | | | | youku.com, ku6.com | | | | Domain name-based indexing: | | | | Sina video | | Peer to Peer | File | BitTorrent | | Applications | distribution | | | | VOIP | Skype, Voipcheap | | | IPTV | PPTV | | | Instant | Client Messaging: MSN | | | Messaging | Messenger, QQ, Skype | | | | Web Messaging: Renren, Weibo | | Security | Antivirus | 360, AVG | +------------------+--------------+---------------------------------+ Table 1: Test Content Besides the applications tested in [draft-cordeiro-softwire-experience-mapt], we add applications with Chinese characteristics, like Baidu.com, Yahoo.com.cn (IPv4 website); video stream series; PPTV (IPTV), QQ (Instant Messaging), 360 (Antivirus). In Web test, we separate IPv4/IPv6 website and IPv4 website for checking whether A or AAAA record is received. In video-stream test, we separate Address-based indexing and Domain name-based indexing. Since in former single translation (NAT64) test, only Domain name-based indexing video-stream works well, problem occurs when visiting video-stream with IPv4 address literals indexing. Liu, et al. Expires May 9, 2013 [Page 5] Internet-Draft Experience from MAP Testing November 2012 Security test, like Firewall, IPSEC, VPN are not tested in this experiment. Applications with IPv4 address literals, like HTTP, SSH, VNC are not tested in this experiment. 4. General Experiences For MAP-T and MAP-E test, subjectively we didn't find significant differences compared to native IPv4 environment using Windows 7 and Ubuntu 12.04: in Internet Applications (Normal) test, the browsers and online game works correctly; in Internet Applications (C/S) test, we visited the website, e-mail, video stream without problems, only IPv4 resources are visited; in Internet Applications (P2P) test, we also had good experience with file distribution, VOIP, IPTV, and instant messaging; in security application, the antivirus software works correctly and can be updated. For mixed MAP-T/MAP-E test, since the forwarding mode is only required in the IPv4 to IPv6 direction, and it can be automatically identified by checking the value of the next header in IPv6 packets in the IPv6 to IPv4 direction. In the test, we first set MAP core with MAP-T mode and CPE with MAP-E mode; then set MAP core with MAP-E mode and CPE with MAP-T mode. The applications also work correctly. 5. Discussion of relationships among native IPv6, single translation, double translation and encapsulation For the new users, we suggest to build IPv6-only network and the transition of IPv4 to IPv6 includes four types: native IPv6, single translation, double translation, encapsulation. In this scenario, the host first tries to visit server in native mode (IPv6 to IPv6); If the host and server are in different environment, the host tries single translation (IPv6 to IPv4); If there are access difficulties using single translation (ALG, IPv4- only application, etc), the host tries double translation (IPv6 to Liu, et al. Expires May 9, 2013 [Page 6] Internet-Draft Experience from MAP Testing November 2012 IPv4 to IPv6); For some applications (IPSec), if double translation doesn't work, the host uses encapsulation (IPv4 over IPv6). The topology shown in Figure 1 concludes the four steps: The process Host 1/Host 2 - CPE - IPv6 Router - core - IPv4 Internet is for double translation and encapsulation; The process Host 3 - IPv6 Router - IPv6 Network is for native IPv6; The process Host 1/Host 2 - CPE - IPv6 Router - IPv6 Network is for single translation. 6. Acknowledgements We would like to thank Guoliang Han from CERNET/Tsinghua University, and Dujuan Gu, Shuangjian Yan from CNIC/Chinese Academy of Sciences on this experiment. 7. IANA Considerations This document has no IANA implications. 8. Security Considerations This document has no security implications. 9. References 9.1. Normative References [I-D.ietf-softwire-map] Troan, O., Dec, W., Li, X., Bao, C., Matsushima, S., and T. Murakami, "Mapping of Address and Port with Encapsulation (MAP)", draft-ietf-softwire-map-02 (work in progress), September 2012. [I-D.ietf-softwire-map-t] Li, X., Bao, C., Dec, W., Troan, O., Matsushima, S., and T. Murakami, "Mapping of Address and Port using Translation (MAP-T)", draft-ietf-softwire-map-t-00 (work in progress), October 2012. Liu, et al. Expires May 9, 2013 [Page 7] Internet-Draft Experience from MAP Testing November 2012 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 9.2. Informative References [I-D.cordeiro-softwire-experience-mapt] Cordeiro, E., Carnier, R., and A. Moreiras, "Experience from MAP-T Testing", draft-cordeiro-softwire-experience-mapt-00 (work in progress), September 2012. [I-D.hazeyama-widecamp-ipv6-only-experience] Hazeyama, H., Hiromi, R., Ishihara, T., and O. Nakamura, "Experiences from IPv6-Only Networks with Transition Technologies in the WIDE Camp Autumn 2012", draft-hazeyama-widecamp-ipv6-only-experience-02 (work in progress), October 2012. [I-D.xli-softwire-map-testing] Li, X., Bao, C., Han, G., and W. Dec, "MAP Testing Results", draft-xli-softwire-map-testing-00 (work in progress), July 2012. [RFC6586] Arkko, J. and A. Keranen, "Experiences from an IPv6-Only Network", RFC 6586, April 2012. Appendix A. Configuration Files Liu, et al. Expires May 9, 2013 [Page 8] Internet-Draft Experience from MAP Testing November 2012 A.1. MAP-T Core Configuration #!/bin/sh # configure system profile echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 0 > /proc/sys/net/ipv6/conf/eth1/autoconf echo 0 > /proc/sys/net/ipv6/conf/eth0/autoconf # configure eth0 -- IPv4 interface /sbin/ifdown eth0 /sbin/ip link set eth0 up /sbin/ip addr add 159.226.15.173/30 dev eth0 /sbin/ip route add default via 159.226.15.129 dev eth0 control start utils/ivictl -r -p 159.226.15.174/32 -P 2001:cc0:2003:fff0::/60 -R 16 -M 1 -T utils/ivictl -r -d -P 2001:cc0:2003:ffff::/64 -T utils/ivictl -s -i eth0 -I eth1 service iptables stop service ip6tables stop Liu, et al. Expires May 9, 2013 [Page 9] Internet-Draft Experience from MAP Testing November 2012 A.2. MAP-E Core Configuration #!/bin/sh # configure system profile echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 0 > /proc/sys/net/ipv6/conf/eth1/autoconf echo 0 > /proc/sys/net/ipv6/conf/eth0/autoconf # configure eth0 -- IPv4 interface /sbin/ifdown eth0 /sbin/ip link set eth0 up /sbin/ip addr add 159.226.15.173/30 dev eth0 /sbin/ip route add default via 159.226.15.129 dev eth0 control start utils/ivictl -r -p 159.226.15.174/32 -P 2001:cc0:2003:fff0::/60 -R 16 -M 1 -E utils/ivictl -r -d -P 2001:cc0:2003:ffff::1/128 -E utils/ivictl -s -i eth0 -I eth1 service iptables stop service ip6tables stop Liu, et al. Expires May 9, 2013 [Page 10] Internet-Draft Experience from MAP Testing November 2012 A.3. MAP-T CPE Configuration #!/bin/sh # configure system profile echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 0 > /proc/sys/net/ipv6/conf/eth0.2/autoconf echo 0 > /proc/sys/net/ipv6/conf/br-lan/autoconf # configure eth1 -- IPv4 interface ifconfig br-lan 192.168.1.1/24 ./control start utils/ivictl -r -d -P 2001:cc0:2003:ffff::/64 utils/ivictl -s -i br-lan -I eth0.2 -H -N -a 192.168.1.0/24 -A 159.226.15.174/32 -P 2001:cc0:2003:fff0::/60 -R 16 -M 1 -o 0 -c 1440 -T #service iptables stop #service ip6tables stop A.4. MAP-E CPE Configuration #!/bin/sh # configure system profile echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 0 > /proc/sys/net/ipv6/conf/eth0.2/autoconf echo 0 > /proc/sys/net/ipv6/conf/br-lan/autoconf # configure eth1 -- IPv4 interface ifconfig br-lan 192.168.1.1/24 ./control start # encapsulate mode 1: /128 address is configured directly utils/ivictl -r -d -P 2001:cc0:2003:ffff::1/128 utils/ivictl -s -i br-lan -I eth0.2 -H -N -a 192.168.1.0/24 -A 159.226.15.174/32 -P 2001:cc0:2003:fff0::/60 -R 16 -M 1 -o 0 -c 1400 -E #service iptables stop #service ip6tables stop Liu, et al. Expires May 9, 2013 [Page 11] Internet-Draft Experience from MAP Testing November 2012 Authors' Addresses Xiaohan Liu CNIC / Chinese Academy of Sciences 4,4th South Street Zhongguancun, Haidian District Beijing, 100190 CN Email: liuxiaohan@cnic.cn Baoping Yan CNIC / Chinese Academy of Sciences 4,4th South Street Zhongguancun, Haidian District Beijing, 100190 CN Email: ybp@cnic.cn Congxiao Bao CERNET Center / Tsinghua University Room 225, Main Building, Tsinghua University Beijing, 100084 CN Email: congxiao@cernet.edu.cn Xing Li CERNET Center / Tsinghua University Room 225, Main Building, Tsinghua University Beijing, 100084 CN Email: xing@cernet.edu.cn Liu, et al. Expires May 9, 2013 [Page 12]