Network Working Group B. Carpenter Request for Comments: 3056 K. Moore Category: Standards Track February 2001
Network Working Group B. Carpenter Request for Comments: 3056 K. Moore Category: Standards Track February 2001
Connection of IPv6 Domains via IPv4 Clouds
通过IPv4云连接IPv6域
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2001). All Rights Reserved.
版权所有(C)互联网协会(2001年)。版权所有。
Abstract
摘要
This memo specifies an optional interim mechanism for IPv6 sites to communicate with each other over the IPv4 network without explicit tunnel setup, and for them to communicate with native IPv6 domains via relay routers. Effectively it treats the wide area IPv4 network as a unicast point-to-point link layer. The mechanism is intended as a start-up transition tool used during the period of co-existence of IPv4 and IPv6. It is not intended as a permanent solution.
此备忘录指定了一种可选的临时机制,用于IPv6站点通过IPv4网络相互通信而无需显式隧道设置,以及通过中继路由器与本机IPv6域通信。它有效地将广域IPv4网络视为单播点对点链路层。该机制旨在作为IPv4和IPv6共存期间使用的启动转换工具。这不是一个永久性的解决方案。
The document defines a method for assigning an interim unique IPv6 address prefix to any site that currently has at least one globally unique IPv4 address, and specifies an encapsulation mechanism for transmitting IPv6 packets using such a prefix over the global IPv4 network.
本文档定义了一种方法,用于将临时唯一IPv6地址前缀分配给当前至少具有一个全局唯一IPv4地址的任何站点,并指定了一种封装机制,用于在全局IPv4网络上使用此前缀传输IPv6数据包。
The motivation for this method is to allow isolated IPv6 domains or hosts, attached to an IPv4 network which has no native IPv6 support, to communicate with other such IPv6 domains or hosts with minimal manual configuration, before they can obtain natuve IPv6 connectivity. It incidentally provides an interim globally unique IPv6 address prefix to any site with at least one globally unique IPv4 address, even if combined with an IPv4 Network Address Translator (NAT).
此方法的动机是允许连接到不支持本机IPv6的IPv4网络的独立IPv6域或主机在获得natuve IPv6连接之前,以最少的手动配置与其他此类IPv6域或主机通信。顺便说一句,它向至少具有一个全局唯一IPv4地址的任何站点提供临时全局唯一IPv6地址前缀,即使与IPv4网络地址转换器(NAT)结合使用也是如此。
Table of Contents
目录
1. Introduction................................................. 2 1.1. Terminology................................................ 4 2. IPv6 Prefix Allocation....................................... 5 2.1 Address Selection........................................... 6 3. Encapsulation in IPv4........................................ 6 3.1. Link-Local Address and NUD................................. 7 4. Maximum Transmission Unit.................................... 7 5. Unicast scenarios, scaling, and transition to normal prefixes 8 5.1 Simple scenario - all sites work the same................... 8 5.2 Mixed scenario with relay to native IPv6................... 9 5.2.1 Variant scenario with ISP relay.......................... 12 5.2.2 Summary of relay router configuration.................... 12 5.2.2.1. BGP4+ not used........................................ 12 5.2.2.2. BGP4+ used............................................ 12 5.2.2.3. Relay router scaling.................................. 13 5.2.3 Unwilling to relay....................................... 13 5.3 Sending and decapsulation rules............................ 13 5.4 Variant scenario with tunnel to IPv6 space................. 14 5.5 Fragmented Scenarios....................................... 14 5.6 Multihoming................................................ 16 5.7 Transition Considerations.................................. 16 5.8 Coexistence with firewall, NAT or RSIP..................... 16 5.9 Usage within Intranets..................................... 17 5.10 Summary of impact on routing.............................. 18 5.11. Routing loop prevention.................................. 18 6. Multicast and Anycast....................................... 19 7. ICMP messages............................................... 19 8. IANA Considerations......................................... 19 9. Security Considerations..................................... 19 Acknowledgements............................................... 20 References..................................................... 20 Authors' Addresses............................................. 22 Intellectual Property.......................................... 22 Full Copyright Statement....................................... 23
1. Introduction................................................. 2 1.1. Terminology................................................ 4 2. IPv6 Prefix Allocation....................................... 5 2.1 Address Selection........................................... 6 3. Encapsulation in IPv4........................................ 6 3.1. Link-Local Address and NUD................................. 7 4. Maximum Transmission Unit.................................... 7 5. Unicast scenarios, scaling, and transition to normal prefixes 8 5.1 Simple scenario - all sites work the same................... 8 5.2 Mixed scenario with relay to native IPv6................... 9 5.2.1 Variant scenario with ISP relay.......................... 12 5.2.2 Summary of relay router configuration.................... 12 5.2.2.1. BGP4+ not used........................................ 12 5.2.2.2. BGP4+ used............................................ 12 5.2.2.3. Relay router scaling.................................. 13 5.2.3 Unwilling to relay....................................... 13 5.3 Sending and decapsulation rules............................ 13 5.4 Variant scenario with tunnel to IPv6 space................. 14 5.5 Fragmented Scenarios....................................... 14 5.6 Multihoming................................................ 16 5.7 Transition Considerations.................................. 16 5.8 Coexistence with firewall, NAT or RSIP..................... 16 5.9 Usage within Intranets..................................... 17 5.10 Summary of impact on routing.............................. 18 5.11. Routing loop prevention.................................. 18 6. Multicast and Anycast....................................... 19 7. ICMP messages............................................... 19 8. IANA Considerations......................................... 19 9. Security Considerations..................................... 19 Acknowledgements............................................... 20 References..................................................... 20 Authors' Addresses............................................. 22 Intellectual Property.......................................... 22 Full Copyright Statement....................................... 23
This memo specifies an optional interim mechanism for IPv6 sites to communicate with each other over the IPv4 network without explicit tunnel setup, and for them to communicate with native IPv6 domains via relay routers. Effectively it treats the wide area IPv4 network as a unicast point-to-point link layer. The mechanism is intended as a start-up transition tool used during the period of co-existence of IPv4 and IPv6. It is not intended as a permanent solution.
此备忘录指定了一种可选的临时机制,用于IPv6站点通过IPv4网络相互通信而无需显式隧道设置,以及通过中继路由器与本机IPv6域通信。它有效地将广域IPv4网络视为单播点对点链路层。该机制旨在作为IPv4和IPv6共存期间使用的启动转换工具。这不是一个永久性的解决方案。
The document defines a method for assigning an interim unique IPv6 address prefix to any site that currently has at least one globally unique IPv4 address, and specifies an encapsulation mechanism for transmitting IPv6 packets using such a prefix over the global IPv4 network. It also describes scenarios for using such prefixes during the co-existence phase of IPv4 to IPv6 transition. Note that these scenarios are only part of the total picture of transition to IPv6. Also note that this is considered to be an interim solution and that sites should migrate when possible to native IPv6 prefixes and native IPv6 connectivity. This will be possible as soon as the site's ISP offers native IPv6 connectivity.
本文档定义了一种方法,用于将临时唯一IPv6地址前缀分配给当前至少具有一个全局唯一IPv4地址的任何站点,并指定了一种封装机制,用于在全局IPv4网络上使用此前缀传输IPv6数据包。它还描述了在IPv4到IPv6过渡的共存阶段使用这些前缀的场景。请注意,这些场景只是过渡到IPv6的总体情况的一部分。还请注意,这被认为是一种临时解决方案,站点应尽可能迁移到本机IPv6前缀和本机IPv6连接。只要该站点的ISP提供本机IPv6连接,这将成为可能。
The basic mechanism described in the present document, which applies to sites rather than individual hosts, will scale indefinitely by limiting the number of sites served by a given relay router (see Section 5.2). It will introduce no new entries in the IPv4 routing table, and exactly one new entry in the native IPv6 routing table (see Section 5.10).
本文件中描述的基本机制适用于站点而非单个主机,将通过限制给定中继路由器服务的站点数量来无限扩展(见第5.2节)。它不会在IPv4路由表中引入新条目,在本机IPv6路由表中只引入一个新条目(请参见第5.10节)。
Although the mechanism is specified for an IPv6 site, it can equally be applied to an individual IPv6 host or very small site, as long as it has at least one globally unique IPv4 address. However, the latter case raises serious scaling issues which are the subject of further study [SCALE].
尽管该机制是为IPv6站点指定的,但只要它至少有一个全局唯一的IPv4地址,就可以同样地应用于单个IPv6主机或非常小的站点。然而,后一种情况引起了严重的比例问题,需要进一步研究[比例]。
The motivation for this method is to allow isolated IPv6 sites or hosts, attached to a wide area network which has no native IPv6 support, to communicate with other such IPv6 domains or hosts with minimal manual configuration.
此方法的动机是允许连接到不支持本机IPv6的广域网的独立IPv6站点或主机以最少的手动配置与其他此类IPv6域或主机通信。
IPv6 sites or hosts connected using this method do not require IPv4- compatible IPv6 addresses [MECH] or configured tunnels. In this way IPv6 gains considerable independence of the underlying wide area network and can step over many hops of IPv4 subnets. The abbreviated name of this mechanism is 6to4 (not to be confused with [6OVER4]). The 6to4 mechanism is typically implemented almost entirely in border routers, without specific host modifications except a suggested address selection default. Only a modest amount of router configuration is required.
使用此方法连接的IPv6站点或主机不需要与IPv4兼容的IPv6地址[MECH]或配置的隧道。通过这种方式,IPv6获得了底层广域网的相当大的独立性,并且可以跨越IPv4子网的多个跃点。该机制的缩写名为6to4(不要与[6OVER4]混淆)。6to4机制通常几乎完全在边界路由器中实现,除了建议的默认地址选择之外,没有特定的主机修改。只需要少量的路由器配置。
Sections 2 to 4 of this document specify the 6to4 scheme technically. Section 5 discusses some, but not all, usage scenarios, including routing aspects, for 6to4 sites. Scenarios for isolated 6to4 hosts are not discussed in this document. Sections 6 to 9 discuss other general considerations.
本文件第2节至第4节从技术上规定了6to4方案。第5节讨论了6to4站点的一些(但不是全部)使用场景,包括路由方面。本文档中不讨论独立6to4主机的方案。第6至第9节讨论了其他一般考虑事项。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
The terminology of [IPV6] applies to this document.
[IPV6]的术语适用于本文件。
6to4 pseudo-interface: 6to4 encapsulation of IPv6 packets inside IPv4 packets occurs at a point that is logically equivalent to an IPv6 interface, with the link layer being the IPv4 unicast network. This point is referred to as a pseudo-interface. Some implementors may treat it exactly like any other interface and others may treat it like a tunnel end-point.
6to4伪接口:IPv4数据包中IPv6数据包的6to4封装发生在逻辑上等同于IPv6接口的点上,链路层是IPv4单播网络。这一点被称为伪接口。一些实现者可能会像对待任何其他接口一样对待它,而其他人可能会像对待隧道端点一样对待它。
6to4 prefix: an IPv6 prefix constructed according to the rule in Section 2 below.
6to4前缀:根据下面第2节中的规则构造的IPv6前缀。
6to4 address: an IPv6 address constructed using a 6to4 prefix.
6to4地址:使用6to4前缀构造的IPv6地址。
Native IPv6 address: an IPv6 address constructed using another type of prefix than 6to4.
本机IPv6地址:使用除6to4以外的其他前缀类型构造的IPv6地址。
6to4 router (or 6to4 border router): an IPv6 router supporting a 6to4 pseudo-interface. It is normally the border router between an IPv6 site and a wide-area IPv4 network.
6to4路由器(或6to4边界路由器):支持6to4伪接口的IPv6路由器。它通常是IPv6站点和广域IPv4网络之间的边界路由器。
6to4 host: an IPv6 host which happens to have at least one 6to4 address. In all other respects it is a standard IPv6 host.
6to4主机:碰巧至少有一个6to4地址的IPv6主机。在所有其他方面,它都是标准的IPv6主机。
Note: an IPv6 node may in some cases use a 6to4 address for a configured tunnel. Such a node may function as an IPv6 host using a 6to4 address on its configured tunnel interface, and it may also serve as a IPv6 router for other hosts via a 6to4 pseudo-interface, but these are distinct functions.
注意:IPv6节点在某些情况下可能会对已配置的隧道使用6to4地址。这种节点可以在其配置的隧道接口上使用6to4地址作为IPv6主机,也可以通过6to4伪接口作为其他主机的IPv6路由器,但这些是不同的功能。
6to4 site: a site running IPv6 internally using 6to4 addresses, therefore containing at least one 6to4 host and at least one 6to4 router.
6to4站点:在内部使用6to4地址运行IPv6的站点,因此包含至少一个6to4主机和至少一个6to4路由器。
Relay router: a 6to4 router configured to support transit routing between 6to4 addresses and native IPv6 addresses.
中继路由器:配置为支持6to4地址和本机IPv6地址之间的传输路由的6to4路由器。
6to4 exterior routing domain: a routing domain interconnecting a set of 6to4 routers and relay routers. It is distinct from an IPv6 site's interior routing domain, and distinct from all native IPv6 exterior routing domains.
6to4外部路由域:连接一组6to4路由器和中继路由器的路由域。它不同于IPv6站点的内部路由域,也不同于所有本机IPv6外部路由域。
Suppose that a subscriber site has at least one valid, globally unique 32-bit IPv4 address, referred to in this document as V4ADDR. This address MUST be duly allocated to the site by an address registry (possibly via a service provider) and it MUST NOT be a private address [RFC 1918].
假设订户站点至少有一个有效的、全局唯一的32位IPv4地址,在本文档中称为V4ADDR。该地址必须由地址注册处(可能通过服务提供商)正式分配给站点,且不得为私人地址[RFC 1918]。
The IANA has permanently assigned one 13-bit IPv6 Top Level Aggregator (TLA) identifier under the IPv6 Format Prefix 001 [AARCH, AGGR] for the 6to4 scheme.Its numeric value is 0x0002, i.e., it is 2002::/16 when expressed as an IPv6 address prefix.
IANA已在IPv6格式前缀001[AARCH,AGGR]下为6to4方案永久分配了一个13位IPv6顶级聚合器(TLA)标识符。其数值为0x0002,即当表示为IPv6地址前缀时为2002::/16。
The subscriber site is then deemed to have the following IPv6 address prefix, without any further assignment procedures being necessary:
然后,用户站点被视为具有以下IPv6地址前缀,无需任何进一步的分配程序:
Prefix length: 48 bits Format prefix: 001 TLA value: 0x0002 NLA value: V4ADDR
前缀长度:48位格式前缀:001 TLA值:0x0002 NLA值:V4ADDR
This is illustrated as follows:
这说明如下:
| 3 | 13 | 32 | 16 | 64 bits | +---+------+-----------+--------+--------------------------------+ |FP | TLA | V4ADDR | SLA ID | Interface ID | |001|0x0002| | | | +---+------+-----------+--------+--------------------------------+
| 3 | 13 | 32 | 16 | 64 bits | +---+------+-----------+--------+--------------------------------+ |FP | TLA | V4ADDR | SLA ID | Interface ID | |001|0x0002| | | | +---+------+-----------+--------+--------------------------------+
Thus, this prefix has exactly the same format as normal /48 prefixes assigned according to [AGGR]. It can be abbreviated as 2002:V4ADDR::/48. Within the subscriber site it can be used exactly like any other valid IPv6 prefix, e.g., for automated address assignment and discovery according to the normal mechanisms such as [CONF, DISC], for native IPv6 routing, or for the "6over4" mechanism [6OVER4].
因此,该前缀与根据[AGGR]分配的普通/48前缀的格式完全相同。它可以缩写为2002:V4ADDR::/48。在订户站点内,它可以完全像任何其他有效的IPv6前缀一样使用,例如,根据[CONF,DISC]等正常机制用于自动地址分配和发现,用于本机IPv6路由,或用于“6over4”机制[6over4]。
Note that if the IPv4 address is assigned dynamically, the corresponding IPv6 prefix will also be dynamic in nature, with the same lifetime.
请注意,如果IPv4地址是动态分配的,则相应的IPv6前缀在本质上也是动态的,具有相同的生存期。
To ensure the correct operation of 6to4 in complex topologies, source and destination address selection must be appropriately implemented. If the source IPv6 host sending a packet has at least one 2002:: address assigned to it, and if the set of IPv6 addresses returned by the DNS for the destination host contains at least one 2002:: address, then the source host must make an appropriate choice of the source and destination addresses to be used. The mechanisms for address selection in general are under study at the time of writing [SELECT]. Subject to those general mechanisms, the principle that will normally allow correct operation of 6to4 is this:
为确保6to4在复杂拓扑中的正确运行,必须适当地执行源地址和目标地址选择。如果发送数据包的源IPv6主机至少分配了一个2002::地址,并且如果目标主机的DNS返回的IPv6地址集至少包含一个2002::地址,则源主机必须对要使用的源地址和目标地址进行适当的选择。在撰写本文时,地址选择的一般机制正在研究中[SELECT]。根据这些一般机制,通常允许6to4正确运行的原则如下:
If one host has only a 6to4 address, and the other one has both a 6to4 and a native IPv6 address, then the 6to4 address should be used for both.
如果一台主机只有6to4地址,而另一台主机同时具有6to4和本机IPv6地址,则6to4地址应同时用于这两个主机。
If both hosts have a 6to4 address and a native IPv6 address, then either the 6to4 address should be used for both, or the native IPv6 address should be used for both. The choice should be configurable. The default configuration should be native IPv6 for both.
如果两台主机都有6to4地址和本机IPv6地址,则应将6to4地址同时用于这两个主机,或将本机IPv6地址同时用于这两个主机。选择应该是可配置的。对于这两种情况,默认配置都应为本机IPv6。
IPv6 packets from a 6to4 site are encapsulated in IPv4 packets when they leave the site via its external IPv4 connection. Note that the IPv4 interface that is carrying the 6to4 traffic is notionally equivalent to an IPv6 interface, and is referred to below as a pseudo-interface, although this phrase is not intended to define an implementation technique. V4ADDR MUST be configured on the IPv4 interface.
来自6to4站点的IPv6数据包通过其外部IPv4连接离开站点时,将封装在IPv4数据包中。请注意,承载6to4通信量的IPv4接口在概念上等同于IPv6接口,下面称之为伪接口,尽管该短语不用于定义实现技术。必须在IPv4接口上配置V4ADDR。
IPv6 packets are transmitted in IPv4 packets [RFC 791] with an IPv4 protocol type of 41, the same as has been assigned [MECH] for IPv6 packets that are tunneled inside of IPv4 frames. The IPv4 header contains the Destination and Source IPv4 addresses. One or both of these will be identical to the V4ADDR field of an IPv6 prefix formed as specified above (see section 5 for more details). The IPv4 packet body contains the IPv6 header and payload.
IPv6数据包以IPv4数据包[RFC 791]的形式传输,IPv4协议类型为41,这与为IPv4帧内隧道传输的IPv6数据包分配的[MECH]相同。IPv4标头包含目标和源IPv4地址。其中一个或两个字段将与如上所述形成的IPv6前缀的V4ADDR字段相同(有关更多详细信息,请参阅第5节)。IPv4数据包正文包含IPv6标头和有效负载。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol 41 | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IPv6 header and payload ... / +-------+-------+-------+-------+-------+------+------+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol 41 | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IPv6 header and payload ... / +-------+-------+-------+-------+-------+------+------+
The IPv4 Time to Live will be set as normal [RFC 791], as will the encapsulated IPv6 hop limit [IPv6]. Other considerations are as described in Section 4.1.2 of [MECH].
IPv4生存时间将设置为正常[RFC 791],封装的IPv6跃点限制[IPv6]也将设置为正常。其他注意事项如[MECH]第4.1.2节所述。
The link-local address of a 6to4 pseudo-interface performing 6to4 encapsulation would, if needed, be formed as described in Section 3.7 of [MECH]. However, no scenario is known in which such an address would be useful, since a peer 6to4 gateway cannot determine the appropriate link-layer (IPv4) address to send to.
如果需要,执行6to4封装的6to4伪接口的链路本地地址将按照[MECH]第3.7节所述形成。但是,由于对等6to4网关无法确定要发送到的适当链路层(IPv4)地址,因此目前还不知道这种地址在哪种情况下有用。
Neighbor Unreachability Detection (NUD) is handled as described in Section 3.8 of [MECH].
邻居不可达性检测(NUD)的处理如[MECH]第3.8节所述。
MTU size considerations are as described for tunnels in [MECH].
MTU尺寸考虑因素如[MECH]中隧道所述。
If the IPv6 MTU size proves to be too large for some intermediate IPv4 subnet, IPv4 fragmentation will ensue. While undesirable, this is not necessarily disastrous, unless the fragments are delivered to different IPv4 destinations due to some form of IPv4 anycast. The IPv4 "do not fragment" bit SHOULD NOT be set in the encapsulating IPv4 header.
如果证明IPv6 MTU大小对于某些中间IPv4子网太大,则IPv4碎片将随之出现。虽然不希望出现这种情况,但这并不一定是灾难性的,除非由于某种形式的IPv4选播,片段被传递到不同的IPv4目的地。不应在封装IPv4标头中设置IPv4“不分段”位。
The simplest deployment scenario for 6to4 is to use it between a number of sites, each of which has at least one connection to a shared IPv4 Internet. This could be the global Internet, or it could be a corporate IP network. In the case of the global Internet, there is no requirement that the sites all connect to the same Internet service provider. The only requirement is that any of the sites is able to send IPv4 packets with protocol type 41 to any of the others. By definition, each site has an IPv6 prefix in the format defined in Section 2. It will therefore create DNS records for these addresses. For example, site A which owns IPv4 address 192.1.2.3 will create DNS records with the IPv6 prefix {FP=001,TLA=0x0002,NLA=192.1.2.3}/48 (i.e., 2002:c001:0203::/48). Site B which owns address 9.254.253.252 will create DNS records with the IPv6 prefix {FP=001,TLA=0x0002,NLA=9.254.253.252}/48 (i.e., 2002:09fe:fdfc::/48).
6to4最简单的部署方案是在多个站点之间使用它,每个站点至少有一个到共享IPv4 Internet的连接。这可能是全球互联网,也可能是企业IP网络。就全球互联网而言,不要求所有网站都连接到同一互联网服务提供商。唯一的要求是任何一个站点都能够向其他任何站点发送协议类型为41的IPv4数据包。根据定义,每个站点都具有第2节中定义的格式的IPv6前缀。因此,它将为这些地址创建DNS记录。例如,拥有IPv4地址192.1.2.3的站点A将创建具有IPv6前缀{FP=001,TLA=0x0002,NLA=192.1.2.3}/48(即,2002:c001:0203::/48)的DNS记录。拥有地址9.254.253.252的站点B将创建具有IPv6前缀{FP=001,TLA=0x0002,NLA=9.254.253.252}/48(即,2002:09fe:fdfc::/48)的DNS记录。
When an IPv6 host on site B queries the DNS entry for a host on site A, or otherwise obtains its address, it obtains an address with the prefix {FP=001,TLA=0x0002,NLA=192.1.2.3}/48 and whatever SLA and Interface ID applies. The converse applies when a host on site A queries the DNS for a host on site B. IPv6 packets are formed and transmitted in the normal way within both sites.
当站点B上的IPv6主机查询站点a上主机的DNS条目或以其他方式获取其地址时,它将获取前缀为{FP=001、TLA=0x0002、NLA=192.1.2.3}/48的地址,以及应用的任何SLA和接口ID。当站点a上的主机向DNS查询站点B上的主机时,情况正好相反。IPv6数据包在两个站点内以正常方式形成和传输。
_______________________________ | | | Wide Area IPv4 Network | |_______________________________| / \ 192.1.2.3/ 9.254.253.252\ _______________________________/_ ____________________\____________ | / | | \ | |IPv4 Site A ########## | |IPv4 Site B ########## | | ____________________# 6to4 #_ | | ____________________# 6to4 #_ | || # router # || || # router # || ||IPv6 Site A ########## || ||IPv6 Site B ########## || ||2002:c001:0203::/48 || ||2002:09fe:fdfc::/48 || ||_______________________________|| ||_______________________________|| | | | | |_________________________________| |_________________________________|
_______________________________ | | | Wide Area IPv4 Network | |_______________________________| / \ 192.1.2.3/ 9.254.253.252\ _______________________________/_ ____________________\____________ | / | | \ | |IPv4 Site A ########## | |IPv4 Site B ########## | | ____________________# 6to4 #_ | | ____________________# 6to4 #_ | || # router # || || # router # || ||IPv6 Site A ########## || ||IPv6 Site B ########## || ||2002:c001:0203::/48 || ||2002:09fe:fdfc::/48 || ||_______________________________|| ||_______________________________|| | | | | |_________________________________| |_________________________________|
Within a 6to4 site, addresses with the 2002::/16 prefix, apart from those with the local 2002:V4ADDR::/48 prefix, will be handled like any other non-local IPv6 address, i.e., by a default or explicit route towards the 6to4 border router.
在6to4站点中,除了带有本地2002:V4ADDR::/48前缀的地址外,带有2002::/16前缀的地址将像处理任何其他非本地IPv6地址一样进行处理,即通过指向6to4边界路由器的默认或显式路由进行处理。
When an outgoing packet reaches the 6to4 router, it is encapsulated as defined in Section 3, according to the additional sending rule defined in Section 5.3. Incoming packets are decapsulated according to the additional decapsulation rule defined in Section 5.3. The additional sending and decapsulation rules are the only changes to IPv6 forwarding, and they occur only at border routers. No IPv4 routing information is imported into IPv6 routing (nor vice versa).
当传出数据包到达6to4路由器时,根据第5.3节中定义的附加发送规则,按照第3节中的定义对其进行封装。根据第5.3节中定义的附加脱封规则对传入数据包进行脱封。附加的发送和解除封装规则是对IPv6转发的唯一更改,并且它们仅发生在边界路由器上。不会将IPv4路由信息导入IPv6路由(反之亦然)。
In this scenario, any number of 6to4 sites can interoperate with no tunnel configuration, and no special requirements from the IPv4 service. All that is required is the appropriate DNS entries and the additional sending and decapsulation rules configured in the 6to4 router. This router SHOULD also generate the appropriate IPv6 prefix announcements [CONF, DISC].
在这种情况下,任何数量的6to4站点都可以互操作,无需隧道配置,也无需IPv4服务的特殊要求。所需的只是适当的DNS条目以及6to4路由器中配置的附加发送和解除封装规则。此路由器还应生成适当的IPv6前缀公告[CONF,DISC]。
Although site A and site B will each need to run IPv6 routing internally, they do not need to run an IPv6 exterior routing protocol in this simple scenario; IPv4 exterior routing does the job for them.
虽然站点A和站点B都需要在内部运行IPv6路由,但在这个简单的场景中,它们不需要运行IPv6外部路由协议;IPv4外部路由为他们完成了这项工作。
It is RECOMMENDED that in any case each site should use only one IPv4 address per 6to4 router, and that should be the address assigned to the external interface of the 6to4 router. Single-homed sites therefore SHOULD use only one IPv4 address for 6to4 routing. Multi-homed sites are discussed briefly in section 5.6.
建议在任何情况下,每个站点只应为每个6to4路由器使用一个IPv4地址,该地址应分配给6to4路由器的外部接口。因此,单主站点应仅使用一个IPv4地址进行6to4路由。第5.6节简要讨论了多宿主站点。
Because of the lack of configuration, and the distributed deployment model, there are believed to be no particular scaling issues with the basic 6to4 mechanism apart from encapsulation overhead. Specifically, it introduces no new entries in IPv4 routing tables.
由于缺乏配置和分布式部署模型,人们认为除了封装开销外,基本6to4机制不存在特定的扩展问题。具体来说,它在IPv4路由表中不引入新条目。
During the transition to IPv6 we can expect some sites to fit the model just described (isolated sites whose only connectivity is the IPv4 Internet), whereas others will be part of larger islands of native or tunneled IPv6 using normal IPv6 TLA address space. The 6to4 sites will need connectivity to these native IPv6 islands and vice versa. In the 6to4 model, this connectivity is accomplished by IPv6 routers which possess both 6to4 and native IPv6 addresses. Although they behave essentially as standard IPv6 routers, for the purposes of this document they are referred to as relay routers to distinguish them from routers supporting only 6to4, or only native IPv6.
在过渡到IPv6的过程中,我们可以期望一些站点符合刚才描述的模型(其唯一连接是IPv4 Internet的孤立站点),而其他站点将是使用正常IPv6 TLA地址空间的本机或隧道IPv6更大孤岛的一部分。6to4站点将需要连接到这些本机IPv6孤岛,反之亦然。在6to4模型中,这种连接由同时拥有6to4和本机IPv6地址的IPv6路由器完成。尽管它们的行为基本上与标准IPv6路由器相同,但在本文档中,它们被称为中继路由器,以区别于仅支持6to4或仅支持本机IPv6的路由器。
There must be at least one router acting as a relay between the 6to4 domain and a given native IPv6 domain. There is nothing special about it; it is simply a normal router which happens to have at least
必须至少有一个路由器充当6to4域和给定本机IPv6域之间的中继。没有什么特别的;它只是一个普通的路由器,碰巧至少有
one logical 6to4 pseudo-interface and at least one other IPv6 interface. Since it is a 6to4 router, it implements the additional sending and decapsulation rules defined in Section 5.3.
一个逻辑6to4伪接口和至少一个其他IPv6接口。由于它是一个6to4路由器,它实现了第5.3节中定义的附加发送和解除封装规则。
We now have three distinct classes of routing domain to consider:
我们现在有三类不同的路由域需要考虑:
1. the internal IPv6 routing domain of each 6to4 site; 2. an exterior IPv6 routing domain interconnecting a given set of 6to4 border routers, including relay routers, among themselves, i.e., a 6to4 exterior routing domain; 3. the exterior IPv6 routing domain of each native IPv6 island.
1. 每个6to4站点的内部IPv6路由域;2.外部IPv6路由域,该外部IPv6路由域互连包括中继路由器在内的一组给定的6to4边界路由器,即6to4外部路由域;3.每个本机IPv6孤岛的外部IPv6路由域。
1. The internal routing domain of a 6to4 site behaves as described in section 5.1.
1. 6to4站点的内部路由域的行为如第5.1节所述。
2. There are two deployment options for a 6to4 exterior routing domain:
2. 6to4外部路由域有两个部署选项:
2.1 No IPv6 exterior routing protocol is used. The 6to4 routers using a given relay router each have a default IPv6 route pointing to the relay router. The relay router MAY apply source address based filters to accept traffic only from specific 6to4 routers.
2.1 未使用IPv6外部路由协议。使用给定中继路由器的6to4路由器都有一个指向中继路由器的默认IPv6路由。中继路由器可应用基于源地址的过滤器,以仅接受来自特定6to4路由器的流量。
2.2 An IPv6 exterior routing protocol is used. The set of 6to4 routers using a given relay router obtain native IPv6 routes from the relay router using a routing protocol such as BGP4+ [RFC 2283, BGP4+]. The relay router will advertise whatever native IPv6 routing prefixes are appropriate on its 6to4 pseudo-interface. These prefixes will indicate the regions of native IPv6 topology that the relay router is willing to relay to. Their choice is a matter of routing policy. It is necessary for network operators to carefully consider desirable traffic patterns and topology when choosing the scope of such routing advertisements. The relay router will establish BGP peering only with specific 6to4 routers whose traffic it is willing to accept.
2.2 使用IPv6外部路由协议。使用给定中继路由器的一组6to4路由器使用诸如BGP4+[RFC 2283,BGP4+]之类的路由协议从中继路由器获取本机IPv6路由。中继路由器将在其6to4伪接口上公布任何适当的本机IPv6路由前缀。这些前缀将指示中继路由器愿意中继到的本机IPv6拓扑区域。他们的选择取决于路由策略。在选择这样的路由广告的范围时,网络运营商必须仔细考虑期望的业务模式和拓扑。中继路由器将仅与愿意接受其流量的特定6to4路由器建立BGP对等。
Although this solution is more complex, it provides effective policy control, i.e., BGP4+ policy determines which 6to4 routers are able to use which relay router.
虽然此解决方案更复杂,但它提供了有效的策略控制,即BGP4+策略确定了哪些6to4路由器能够使用哪个中继路由器。
3. A relay router MUST advertise a route to 2002::/16 into the native IPv6 exterior routing domain. It is a matter of routing policy how far this routing advertisement of 2002::/16 is propagated in the native IPv6 routing system. Since there will in general be multiple relay routers advertising it, network operators will require to filter it in a managed way. Incorrect policy in this area will lead to potential unreachability or to perverse traffic patterns.
3. 中继路由器必须将到2002::/16的路由播发到本机IPv6外部路由域。这是一个路由策略问题,即2002::/16的路由公告在本机IPv6路由系统中传播的距离。由于通常会有多个中继路由器对其进行广告宣传,网络运营商将要求以一种有管理的方式对其进行过滤。这方面不正确的政策将导致潜在的不可访问性或反常的交通模式。
6to4 prefixes more specific than 2002::/16 must not be propagated in native IPv6 routing, to prevent pollution of the IPv6 routing table by elements of the IPv4 routing table. Therefore, a 6to4 site which also has a native IPv6 connection MUST NOT advertise its 2002::/48 routing prefix on that connection, and all native IPv6 network operators MUST filter out and discard any 2002:: routing prefix advertisements longer than /16.
6to4前缀比2002更具体::/16不得在本机IPv6路由中传播,以防止IPv4路由表的元素污染IPv6路由表。因此,同时具有本机IPv6连接的6to4站点不得在该连接上播发其2002::/48路由前缀,并且所有本机IPv6网络运营商必须过滤掉并丢弃任何长于/16的2002::路由前缀播发。
Sites which have at least one native IPv6 connection, in addition to a 6to4 connection, will therefore have at least one IPv6 prefix which is not a 2002:: prefix. Such sites' DNS entries will reflect this and DNS lookups will return multiple addresses. If two such sites need to interoperate, whether the 6to4 route or the native route will be used depends on IPv6 address selection by the individual hosts (or even applications).
因此,除了6to4连接之外,至少有一个本机IPv6连接的站点将至少有一个不是2002::前缀的IPv6前缀。此类站点的DNS条目将反映这一点,DNS查找将返回多个地址。如果两个这样的站点需要互操作,是否使用6to4路由或本机路由取决于单个主机(甚至应用程序)选择的IPv6地址。
Now consider again the example of the previous section. Suppose an IPv6 host on site B queries the DNS entry for a host on site A, and the DNS returns multiple IPv6 addresses with different prefixes.
现在再考虑上一节的例子。假设站点B上的IPv6主机查询站点a上主机的DNS条目,并且DNS返回具有不同前缀的多个IPv6地址。
____________________________ ______________________ | | | | | Wide Area IPv4 Network | | Native IPv6 | | | | Wide Area Network | |____________________________| |______________________| / \ // 192.1.2.3/ 9.254.253.252\ // 2001:0600::/48 ____________/_ ____________________\_________//_ / | | \ // | ########## | |IPv4 Site B ########## | __# 6to4 #_ | | ____________________# 6to4 #_ | # router # || || # router # || ########## || ||IPv6 Site B ########## || || ||2002:09fe:fdfc::/48 || __Site A_____|| ||2001:0600::/48_________________|| as before | | | ______________| |_________________________________|
____________________________ ______________________ | | | | | Wide Area IPv4 Network | | Native IPv6 | | | | Wide Area Network | |____________________________| |______________________| / \ // 192.1.2.3/ 9.254.253.252\ // 2001:0600::/48 ____________/_ ____________________\_________//_ / | | \ // | ########## | |IPv4 Site B ########## | __# 6to4 #_ | | ____________________# 6to4 #_ | # router # || || # router # || ########## || ||IPv6 Site B ########## || || ||2002:09fe:fdfc::/48 || __Site A_____|| ||2001:0600::/48_________________|| as before | | | ______________| |_________________________________|
If the host picks the 6to4 prefix according to some rule for multiple prefixes, it will simply send packets to an IPv6 address formed with the prefix {FP=001,TLA=0x0002,NLA=192.1.2.3}/48. It is essential that they are sourced from the prefix {FP=001,TLA=0x0002,NLA=9.254.253.252}/48 for two-way connectivity to be possible. The address selection mechanism of Section 2.1 will ensure this.
如果主机根据多个前缀的某些规则选择6to4前缀,它将简单地将数据包发送到由前缀{FP=001,TLA=0x0002,NLA=192.1.2.3}/48构成的IPv6地址。它们必须来源于前缀{FP=001,TLA=0x0002,NLA=9.254.253.252}/48,以便实现双向连接。第2.1节的地址选择机制将确保这一点。
The previous scenario assumes that the relay router is provided by a cooperative 6to4 user site. A variant of this is for an Internet Service Provider, that already offers native IPv6 connectivity, to operate a relay router. Technically this is no different from the previous scenario; site B is simply an internal 6to4 site of the ISP, possibly containing only one system, i.e., the relay router itself.
前面的场景假设中继路由器由协作的6to4用户站点提供。一种变体是让已经提供本机IPv6连接的Internet服务提供商操作中继路由器。从技术上讲,这与之前的场景没有什么不同;站点B只是ISP的内部6to4站点,可能只包含一个系统,即中继路由器本身。
A relay router participates in IPv6 unicast routing protocols on its native IPv6 interface and may do so on its 6to4 pseudo-interface, but these are independent routing domains with separate policies, even if the same protocol, probably BGP4+, is used in both cases.
中继路由器在其本机IPv6接口上参与IPv6单播路由协议,也可以在其6to4伪接口上参与IPv6单播路由协议,但这些是具有单独策略的独立路由域,即使在这两种情况下都使用相同的协议(可能是BGP4+)。
A relay router also participates in IPv4 unicast routing protocols on its IPv4 interface used to support 6to4, but this is not further discussed here.
中继路由器还参与其IPv4接口上的IPv4单播路由协议,该接口用于支持6to4,但此处不作进一步讨论。
On its native IPv6 interface, the relay router MUST advertise a route to 2002::/16. It MUST NOT advertise a longer 2002:: routing prefix on that interface. Routing policy within the native IPv6 routing domain determines the scope of that advertisement, thereby limiting the visibility of the relay router in that domain.
在其本机IPv6接口上,中继路由器必须播发到2002::/16的路由。它不能在该接口上公布更长的2002::routing前缀。本机IPv6路由域中的路由策略确定该播发的范围,从而限制该域中中继路由器的可见性。
IPv6 packets received by the relay router whose next hop IPv6 address matches 2002::/16 will be routed to its 6to4 pseudo-interface and treated according to the sending rule of Section 5.1.
下一跳IPv6地址与2002::/16匹配的中继路由器接收到的IPv6数据包将路由到其6to4伪接口,并根据第5.1节的发送规则进行处理。
If BGP4+ is not deployed in the 6to4 exterior routing domain (option 2.1 of Section 5.2), the relay router will be configured to accept and relay all IPv6 traffic only from its client 6to4 sites. Each 6to4 router served by the relay router will be configured with a default IPv6 route to the relay router (for example, Site A's default IPv6 route ::/0 would point to the relay router's address under prefix 2002:09fe:fdfc::/48).
如果BGP4+未部署在6to4外部路由域中(第5.2节的选项2.1),则中继路由器将配置为仅接受和中继来自其客户端6to4站点的所有IPv6流量。中继路由器服务的每个6to4路由器将配置到中继路由器的默认IPv6路由(例如,站点a的默认IPv6路由::/0将指向前缀2002:09fe:fdfc::/48下的中继路由器地址)。
If BGP4+ is deployed in the 6to4 exterior routing domain (option 2.2 of Section 5.2), the relay router advertises IPv6 native routing prefixes on its 6to4 pseudo-interface, peering only with the 6to4 routers that it serves. (An alternative is that these routes could be advertised along with IPv4 routes using BGP4 over IPv4, rather than by running a separate BGP4+ session.) The specific routes
如果BGP4+部署在6to4外部路由域中(第5.2节的选项2.2),中继路由器在其6to4伪接口上播发IPv6本机路由前缀,仅与它所服务的6to4路由器进行对等。(另一种选择是,这些路由可以通过IPv4上的BGP4与IPv4路由一起发布,而不是运行单独的BGP4+会话。)特定路由
advertised depend on applicable routing policy, but they must be chosen from among those reachable through the relay router's native IPv6 interface. In the simplest case, a default route to the whole IPv6 address space could be advertised. When multiple relay routers are in use, more specific routing prefixes would be advertised according to the desired routing policy. The usage of BGP4+ is completely standard so is not discussed further in this document.
播发取决于适用的路由策略,但必须从中继路由器的本机IPv6接口可访问的路由策略中进行选择。在最简单的情况下,可以公布到整个IPv6地址空间的默认路由。当使用多个中继路由器时,将根据所需的路由策略通告更具体的路由前缀。BGP4+的使用完全是标准的,因此在本文档中不作进一步讨论。
Relay routers introduce the potential for scaling issues. In general a relay router should not attempt to serve more sites than any other transit router, allowing for the encapsulation overhead.
中继路由器引入了潜在的扩展问题。一般来说,考虑到封装开销,中继路由器不应尝试为比任何其他传输路由器更多的站点提供服务。
It may arise that a site has a router with both 6to4 pseudo-interfaces and native IPv6 interfaces, but is unwilling to act as a relay router. Such a site MUST NOT advertise any 2002:: routing prefix into the native IPv6 domain and MUST NOT advertise any native IPv6 routing prefixes or a default IPv6 route into the 6to4 domain. Within the 6to4 domain it will behave exactly as in the basic 6to4 scenario of Section 5.1.
可能会出现这样的情况:站点的路由器同时具有6to4伪接口和本机IPv6接口,但不愿意充当中继路由器。此类站点不得向本机IPv6域播发任何2002::路由前缀,也不得向6to4域播发任何本机IPv6路由前缀或默认IPv6路由。在6to4域中,其行为与第5.1节中的基本6to4场景完全相同。
The only change to standard IPv6 forwarding is that every 6to4 router (and only 6to4 routers) MUST implement the following additional sending and decapsulation rules.
标准IPv6转发的唯一变化是每个6to4路由器(并且只有6to4路由器)必须实现以下附加的发送和解除封装规则。
In the sending rule, "next hop" refers to the next IPv6 node that the packet will be sent to, which is not necessarily the final destination, but rather the next IPv6 neighbor indicated by normal IPv6 routing mechanisms. If the final destination is a 6to4 address, it will be considered as the next hop for the purpose of this rule. If the final destination is not a 6to4 address, and is not local, the next hop indicated by routing will be the 6to4 address of a relay router.
在发送规则中,“下一跳”是指数据包将被发送到的下一个IPv6节点,它不一定是最终目的地,而是由正常IPv6路由机制指示的下一个IPv6邻居。如果最终目的地是6to4地址,则在本规则中,它将被视为下一个跃点。如果最终目的地不是6to4地址,并且不是本地的,则路由指示的下一跳将是中继路由器的6to4地址。
ADDITIONAL SENDING RULE for 6to4 routers
6to4路由器的附加发送规则
if the next hop IPv6 address for an IPv6 packet does match the prefix 2002::/16, and does not match any prefix of the local site then apply any security checks (see Section 8); encapsulate the packet in IPv4 as in Section 3,
如果IPv6数据包的下一跳IPv6地址与前缀2002::/16匹配,并且与本地站点的任何前缀不匹配,则应用任何安全检查(参见第8节);如第3节所述,将数据包封装在IPv4中,
with IPv4 destination address = the NLA value V4ADDR extracted from the next hop IPv6 address; queue the packet for IPv4 forwarding.
IPv4目标地址=从下一跳IPv6地址提取的NLA值V4ADDR;将数据包排队以进行IPv4转发。
A simple decapsulation rule for incoming IPv4 packets with protocol type 41 MUST be implemented:
必须为协议类型为41的传入IPv4数据包实施简单的解除封装规则:
ADDITIONAL DECAPSULATION RULE for 6to4 routers
6to4路由器的附加解封装规则
apply any security checks (see Section 8); remove the IPv4 header; submit the packet to local IPv6 routing.
apply any security checks (see Section 8); remove the IPv4 header; submit the packet to local IPv6 routing.
A 6to4 site which has no IPv6 connections to the "native" IPv6 Internet can acquire effective connectivity to the v6 Internet via a "configured tunnel" (using the terminology in [MECH]) to a cooperating router which does have IPv6 access, but which does not need to be a 6to4 router. Such tunnels could be autoconfigured using an IPv4 anycast address, but this is outside of the scope of this document. Alternatively a tunnel broker can be used. This scenario would be suitable for a small user-managed site.
没有到“本机”IPv6 Internet的IPv6连接的6to4站点可以通过“配置的隧道”(使用[MECH]中的术语)与具有IPv6访问权但不需要是6to4路由器的协作路由器获得到v6 Internet的有效连接。这样的隧道可以使用IPv4选播地址自动配置,但这超出了本文档的范围。或者,可以使用隧道代理。此场景适用于小型用户管理的站点。
These mechanisms are not described in detail in this document.
本文件中未详细描述这些机制。
If there are multiple relay routers between native IPv6 and the 6to4 world, different parts of the 6to4 world will be served by different relays. The only complexity that this introduces is in the scoping of 2002::/16 routing advertisements within the native IPv6 world. Like any BGP4+ advertisements, their scope must be correctly defined by routing policy to ensure that traffic to 2002::/16 follows the intended paths.
如果本机IPv6和6to4世界之间存在多个中继路由器,则6to4世界的不同部分将由不同的中继提供服务。这带来的唯一复杂性是2002年的范围界定::/16本机IPv6世界中的路由播发。与任何BGP4+播发一样,其范围必须由路由策略正确定义,以确保到2002::/16的流量遵循预期路径。
If there are multiple IPv6 stubs all interconnected by 6to4 through the global IPv4 Internet, this is a simple generalization of the basic scenarios of sections 5.1. and 5.2 and no new issues arise. This is shown in the following figure. Subject to consistent configuration of routing advertisements, there are no known issues with this scenario.
如果有多个IPv6存根都通过全球IPv4互联网由6to4互连,这是第5.1节基本场景的简单概括。和5.2,不会出现新问题。如下图所示。根据路由播发的一致配置,此场景没有已知问题。
______________ | AS3 | |_IPv6 Network_| Both AS1 and AS2 advertise | AS1 | AS2 | 2002::/16, but only one of |______|_______| them reaches AS3. // \\ __________//_ _\\__________ ______________ | 6to4 Relay1 | | 6to4 Relay2 | | IPv6 Network | |_____________| |_____________| | AS4 | | | |______________| ________|______________________|________ | | | ______|______ | Global IPv4 Network |-----| 6to4 Relay3 | |________________________________________| |_____________| | | | | ____|___ ___|____ ____|___ ___|____ | 6to4 | | 6to4 | | 6to4 | | 6to4 | | Site A | | Site B | | Site C | | Site D | |________| |________| |________| |________|
______________ | AS3 | |_IPv6 Network_| Both AS1 and AS2 advertise | AS1 | AS2 | 2002::/16, but only one of |______|_______| them reaches AS3. // \\ __________//_ _\\__________ ______________ | 6to4 Relay1 | | 6to4 Relay2 | | IPv6 Network | |_____________| |_____________| | AS4 | | | |______________| ________|______________________|________ | | | ______|______ | Global IPv4 Network |-----| 6to4 Relay3 | |________________________________________| |_____________| | | | | ____|___ ___|____ ____|___ ___|____ | 6to4 | | 6to4 | | 6to4 | | 6to4 | | Site A | | Site B | | Site C | | Site D | |________| |________| |________| |________|
If multiple IPv6 stubs are interconnected through multiple, disjoint IPv4 networks (i.e., a fragmented IPv4 world) then the 6to4 world is also fragmented; this is the one scenario that must be avoided. It is illustrated below to show why it does not work, since the 2002::/16 advertisement from Relay1 will be invisible to Relay2, and vice versa. Sites A and B therefore have no connectivity to sites C and D.
如果多个IPv6存根通过多个不相交的IPv4网络互连(即,一个碎片化的IPv4世界),那么6to4世界也是碎片化的;这是必须避免的一种情况。下图说明了为什么它不起作用,因为Relay1的2002::/16广告对Relay2不可见,反之亦然。因此,站点A和B与站点C和D没有连接。
______________ | AS3 | |_IPv6 Network_| Both AS1 and AS2 advertise | AS1 | AS2 | 2002::/16, but sites A and B |______|_______| cannot reach C and D. // \\ __________//_ _\\__________ | 6to4 Relay1 | | 6to4 Relay2 | |_____________| |_____________| | | ________|_______ _______|________ | IPv4 Network | | IPv4 Network | | Segment 1 | | Segment 2 | |________________| |________________| | | | | ____|___ ___|____ ____|___ ___|____ | 6to4 | | 6to4 | | 6to4 | | 6to4 | | Site A | | Site B | | Site C | | Site D | |________| |________| |________| |________|
______________ | AS3 | |_IPv6 Network_| Both AS1 and AS2 advertise | AS1 | AS2 | 2002::/16, but sites A and B |______|_______| cannot reach C and D. // \\ __________//_ _\\__________ | 6to4 Relay1 | | 6to4 Relay2 | |_____________| |_____________| | | ________|_______ _______|________ | IPv4 Network | | IPv4 Network | | Segment 1 | | Segment 2 | |________________| |________________| | | | | ____|___ ___|____ ____|___ ___|____ | 6to4 | | 6to4 | | 6to4 | | 6to4 | | Site A | | Site B | | Site C | | Site D | |________| |________| |________| |________|
Sites which are multihomed on IPv4 MAY extend the 6to4 scenario by using a 2002:: prefix for each IPv4 border router, thereby obtaining a simple form of IPv6 multihoming by using multiple simultaneous IPv6 prefixes and multiple simultaneous relay routers.
在IPv4上多址的站点可以通过为每个IPv4边界路由器使用2002::前缀来扩展6to4场景,从而通过使用多个同时的IPv6前缀和多个同时的中继路由器来获得简单形式的IPv6多址。
If the above rules for routing advertisements and address selection are followed, then a site can migrate from using 6to4 to using native IPv6 connections over a long period of co-existence, with no need to stop 6to4 until it has ceased to be used. The stages involved are
如果遵循上述路由播发和地址选择规则,则站点可以在长期共存的情况下从使用6to4迁移到使用本机IPv6连接,而无需停止6to4,直到停止使用。所涉及的阶段包括:
1. Run IPv6 on site using any suitable implementation. True native IPv6, [6OVER4], or tunnels are all acceptable.
1. 使用任何合适的实现在现场运行IPv6。真正的本机IPv6、[6OVER4]或隧道都是可以接受的。
2. Configure a border router (or router plus IPv4 NAT) connected to the external IPv4 network to support 6to4, including advertising the appropriate 2002:: routing prefix locally. Configure IPv6 DNS entries using this prefix. At this point the 6to4 mechanism is automatically available, and the site has obtained a "free" IPv6 prefix.
2. 配置连接到外部IPv4网络的边界路由器(或路由器加IPv4 NAT)以支持6to4,包括在本地公布适当的2002::routing前缀。使用此前缀配置IPv6 DNS条目。此时,6to4机制自动可用,站点已获得“免费”IPv6前缀。
3. Identify a 6to4 relay router willing to relay the site's traffic to the native IPv6 world. This could either be at another cooperative 6to4 site, or an ISP service. If no exterior routing protocol is in use in the 6to4 exterior routing domain, the site's 6to4 router will be configured with a default IPv6 route pointing to that relay router's 6to4 address. If an exterior routing protocol such as BGP4+ is in use, the site's 6to4 router will be configured to establish appropriate BGP peerings.
3. 确定愿意将站点流量中继到本机IPv6世界的6to4中继路由器。这可能是在另一个合作的6to4站点,也可能是ISP服务。如果6to4外部路由域中未使用外部路由协议,则站点的6to4路由器将配置指向该中继路由器6to4地址的默认IPv6路由。如果使用BGP4+等外部路由协议,则站点的6to4路由器将配置为建立适当的BGP对等。
4. When native external IPv6 connectivity becomes available, add a second (native) IPv6 prefix to both the border router configuration and the DNS configuration. At this point, an address selection rule will determine when 6to4 and when native IPv6 will be used.
4. 当本机外部IPv6连接可用时,向边界路由器配置和DNS配置添加第二个(本机)IPv6前缀。此时,地址选择规则将确定何时使用6to4和何时使用本机IPv6。
5. When 6to4 usage is determined to have ceased (which may be several years later), remove the 6to4 configuration.
5. 当确定6to4使用已停止时(可能是几年后),请卸下6to4配置。
The 6to4 mechanisms appear to be unaffected by the presence of a firewall at the border router.
6to4机制似乎不受边界路由器上防火墙的影响。
If the site concerned has very limited global IPv4 address space, and is running an IPv4 network address translator (NAT), all of the above mechanisms remain valid. The NAT box must also contain a fully functional IPv6 router including the 6to4 mechanism. The address used for V4ADDR will simply be a globally unique IPv4 address allocated to the NAT. In the example of Section 5.1 above, the 6to4 routers would also be the sites' IPv4 NATs, which would own the globally unique IPv4 addresses 192.1.2.3 and 9.254.253.252.
如果相关站点的全局IPv4地址空间非常有限,并且正在运行IPv4网络地址转换器(NAT),则上述所有机制仍然有效。NAT盒还必须包含一个功能齐全的IPv6路由器,包括6to4机制。用于V4ADDR的地址将只是分配给NAT的全局唯一IPv4地址。在上面第5.1节的示例中,6to4路由器也将是站点的IPv4 NAT,它将拥有全局唯一的IPv4地址192.1.2.3和9.254.253.252。
Combining a 6to4 router with an IPv4 NAT in this way offers the site concerned a globally unique IPv6 /48 prefix, automatically, behind the IPv4 address of the NAT. Thus every host behind the NAT can become an IPv6 host with no need for additional address space allocation, and no intervention by the Internet service provider. No address translation is needed by these IPv6 hosts.
以这种方式将6to4路由器与IPv4 NAT相结合,可为相关站点自动在NAT的IPv4地址后面提供一个全局唯一的IPv6/48前缀。因此,NAT后面的每个主机都可以成为IPv6主机,而不需要额外的地址空间分配,也不需要Internet服务提供商的干预。这些IPv6主机不需要地址转换。
A more complex situation arises if a host is more than one NAT hop away from the globally unique IPv4 address space, since only the outermost NAT has a unique IPv4 address. All IPv6 hosts in this situation must use addresses derived from the 2002: prefix constructed from the global IPv4 address of the outermost NAT. The IPv4 addresses of the inner NATs are not globally unique and play no part in the 6to4 mechanism, and 6to4 encapsulation and decapsulation can only take place at the outermost NAT.
如果主机与全局唯一IPv4地址空间的距离超过一个NAT跃点,则会出现更复杂的情况,因为只有最外层的NAT具有唯一的IPv4地址。在这种情况下,所有IPv6主机都必须使用从最外层NAT的全局IPv4地址构造的2002:前缀派生的地址。内部NAT的IPv4地址不是全局唯一的,在6to4机制中不起作用,6to4封装和解封装只能在最外层NAT进行。
The Realm-Specific IP (RSIP) mechanism [RSIP] can also co-exist with 6to4. If a 6to4 border router is combined with an RSIP border router, it can support IPv6 hosts using 6to4 addresses, IPv4 hosts using RSIP, or dual stack hosts using both. The RSIP function provides fine-grained management of dynamic global IPv4 address allocation and the 6to4 function provides a stable IPv6 global address to each host. As with NAT, the IPv4 address used to construct the site's 2002: prefix will be one of the global addresses of the RSIP border router.
领域特定IP(RSIP)机制[RSIP]也可以与6to4共存。如果6to4边界路由器与RSIP边界路由器相结合,它可以支持使用6to4地址的IPv6主机、使用RSIP的IPv4主机或同时使用这两种地址的双栈主机。RSIP函数为动态全局IPv4地址分配提供细粒度管理,6to4函数为每个主机提供稳定的IPv6全局地址。与NAT一样,用于构建站点2002:前缀的IPv4地址将是RSIP边界路由器的全局地址之一。
There is nothing to stop the above scenario being deployed within a private corporate network as part of its internal transition to IPv6; the corporate IPv4 backbone would serve as the virtual link layer for individual corporate sites using 2002:: prefixes. The V4ADDR MUST be a duly allocated global IPv4 address, which MUST be unique within the private network. The Intranet thereby obtains globally unique IPv6 addresses even if it is internally using private IPv4 addresses [RFC 1918].
作为向IPv6的内部过渡的一部分,在私有公司网络中部署上述场景是无法阻止的;公司IPv4主干网将用作使用2002::前缀的各个公司站点的虚拟链路层。V4ADDR必须是适当分配的全局IPv4地址,该地址在专用网络中必须是唯一的。因此,内部网即使在内部使用专用IPv4地址,也会获得全局唯一的IPv6地址[RFC 1918]。
IGP (site) routing will treat the local site's 2002::/48 prefix exactly like a native IPv6 site prefix assigned to the local site. There will also be an IGP route to the generic 2002::/16 prefix, which will be a route to the site's 6to4 router, unless this is handled as a default route.
IGP(站点)路由将处理本地站点的2002::/48前缀,与分配给本地站点的本机IPv6站点前缀完全相同。还将有一个到通用2002::/16前缀的IGP路由,该前缀将是到站点6to4路由器的路由,除非将其作为默认路由处理。
EGP (i.e., BGP) routing will include advertisements for the 2002::/16 prefix from relay routers into the native IPv6 domain, whose scope is limited by routing policy. This is the only non-native IPv6 prefix advertised by BGP.
EGP(即BGP)路由将包括从中继路由器到本机IPv6域的2002::/16前缀的广告,其范围受路由策略的限制。这是BGP发布的唯一非本机IPv6前缀。
It will be necessary for 6to4 routers to obtain routes to relay routers in order to access the native IPv6 domain. In the simplest case there will be a manually configured default IPv6 route to a relay router's address under the prefix {FP=001,TLA=0x0002,NLA=V4ADDR}/48, where V4ADDR is the IPv4 address of the relay router. Such a route could be used to establish a BGP session for the exchange of additional IPv6 routes.
为了访问本机IPv6域,6to4路由器必须获得到中继路由器的路由。在最简单的情况下,在前缀{FP=001,TLA=0x0002,NLA=V4ADDR}/48下,将有一个到中继路由器地址的手动配置的默认IPv6路由,其中V4ADDR是中继路由器的IPv4地址。这种路由可用于建立BGP会话以交换额外的IPv6路由。
By construction, unicast IPv6 traffic within a 6to4 domain will follow exactly the same path as unicast IPv4 traffic.
通过构造,6to4域中的单播IPv6通信将遵循与单播IPv4通信完全相同的路径。
Since 6to4 has no impact on IPv4 routing, it cannot induce routing loops in IPv4. Since 2002: prefixes behave exactly like standard IPv6 prefixes, they will not create any new mechanisms for routing loops in IPv6 unless misconfigured. One very dangerous misconfiguration would be an announcement of the 2002::/16 prefix into a 6to4 exterior routing domain, since this would attract all 6to4 traffic into the site making the announcement. Its 6to4 router would then resend non-local 6to4 traffic back out, forming a loop.
因为6to4对IPv4路由没有影响,所以它不能在IPv4中诱导路由循环。自2002年以来:前缀的行为与标准IPv6前缀完全相同,除非配置错误,否则它们不会为IPv6中的路由循环创建任何新机制。一个非常危险的错误配置是将2002::/16前缀发布到6to4外部路由域中,因为这将吸引所有6to4流量进入发布公告的站点。然后,它的6to4路由器将重新发送非本地6to4通信,形成一个环路。
The 2002::/16 routing prefix may be legitimately advertised into the native IPv6 routing domain by a relay router, and into an IPv6 site's local IPv6 routing domain; hence there is a risk of misconfiguration causing it to be advertised into a 6to4 exterior routing domain.
2002::/16路由前缀可通过中继路由器合法地播发到本机IPv6路由域,并播发到IPv6站点的本地IPv6路由域;因此,存在配置错误的风险,从而导致将其发布到6to4外部路由域中。
To summarize, the 2002::/16 prefix MUST NOT be advertised to a 6to4 exterior routing domain.
总而言之,2002::/16前缀不能播发到6to4外部路由域。
It is not possible to assume the general availability of wide-area IPv4 multicast, so (unlike [6OVER4]) the 6to4 mechanism must assume only unicast capability in its underlying IPv4 carrier network. An IPv6 multicast routing protocol is needed [MULTI].
无法假定广域IPv4多播的普遍可用性,因此(与[6OVER4]不同),6to4机制必须假定其底层IPv4载波网络中只有单播能力。需要IPv6多播路由协议[MULTI]。
The allocated anycast address space [ANYCAST] is compatible with 2002:: prefixes, i.e., anycast addresses formed with such prefixes may be used inside a 6to4 site.
所分配的选播地址空间[anycast]与2002::前缀兼容,即,用这些前缀形成的选播地址可以在6to4站点内使用。
ICMP "unreachable" and other messages returned by the IPv4 routing system will be returned to the 6to4 router that generated a encapsulated 2002:: packet. However, this router will often be unable to return an ICMPv6 message to the originating IPv6 node, due to the lack of sufficient information in the "unreachable" message. This means that the IPv4 network will appear as an undiagnosable link layer for IPv6 operational purposes. Other considerations are as described in Section 4.1.3 of [MECH].
IPv4路由系统返回的ICMP“不可访问”和其他消息将返回到生成封装的2002::数据包的6to4路由器。但是,由于“无法访问”消息中缺少足够的信息,此路由器通常无法将ICMPv6消息返回到发起IPv6节点。这意味着,出于IPv6操作目的,IPv4网络将显示为不可诊断的链路层。其他注意事项如[MECH]第4.1.3节所述。
No assignments by the IANA are required beyond the special TLA value 0x0002 already assigned.
除已分配的特殊TLA值0x0002外,不需要IANA进行任何分配。
Implementors should be aware that, in addition to possible attacks against IPv6, security attacks against IPv4 must also be considered. Use of IP security at both IPv4 and IPv6 levels should nevertheless be avoided, for efficiency reasons. For example, if IPv6 is running encrypted, encryption of IPv4 would be redundant except if traffic analysis is felt to be a threat. If IPv6 is running authenticated, then authentication of IPv4 will add little. Conversely, IPv4 security will not protect IPv6 traffic once it leaves the 6to4 domain. Therefore, implementing IPv6 security is required even if IPv4 security is available.
实施者应该意识到,除了可能针对IPv6的攻击外,还必须考虑针对IPv4的安全攻击。出于效率考虑,应避免在IPv4和IPv6级别使用IP安全。例如,如果IPv6运行的是加密的,则IPv4的加密将是冗余的,除非流量分析被认为是一种威胁。如果IPv6运行的是经过身份验证的,那么IPv4的身份验证将不会增加多少。相反,一旦IPv6流量离开6to4域,IPv4安全将不会保护它。因此,即使IPv4安全可用,也需要实现IPv6安全。
By default, 6to4 traffic will be accepted and decapsulated from any source from which regular IPv4 traffic is accepted. If this is for any reason felt to be a security risk (for example, if IPv6 spoofing is felt to be more likely than IPv4 spoofing), then additional source address based packet filtering could be applied. A possible plausibility check is whether the encapsulating IPv4 address is consistent with the encapsulated 2002:: address. If this check is
默认情况下,6to4通信将被接受,并从接受常规IPv4通信的任何源中解除封装。如果出于任何原因认为这是一种安全风险(例如,如果认为IPv6欺骗比IPv4欺骗更有可能),则可以应用额外的基于源地址的数据包过滤。一个可能的合理性检查是封装的IPv4地址是否与封装的2002::address一致。如果这张支票是
applied, exceptions to it must be configured to admit traffic from relay routers (Section 5). 2002:: traffic must also be excepted from checks applied to prevent spoofing of "6 over 4" traffic [6OVER4].
应用时,必须将其例外配置为允许来自中继路由器的流量(第5节)。2002::为了防止“6对4”流量的欺骗,还必须将流量排除在检查之外[6OVER4]。
In any case, any 6to4 traffic whose source or destination address embeds a V4ADDR which is not in the format of a global unicast address MUST be silently discarded by both encapsulators and decapsulators. Specifically, this means that IPv4 addresses defined in [RFC 1918], broadcast, subnet broadcast, multicast and loopback addresses are unacceptable.
在任何情况下,如果源地址或目标地址嵌入了V4ADDR,而V4ADDR的格式不是全局单播地址,则封装器和解封装器必须以静默方式丢弃任何6to4通信量。具体而言,这意味着[RFC 1918]中定义的IPv4地址、广播、子网广播、多播和环回地址是不可接受的。
Acknowledgements
致谢
The basic idea presented above is probably not original, and we have had invaluable comments from Magnus Ahltorp, Harald Alvestrand, Jim Bound, Scott Bradner, Randy Bush, Matt Crawford, Richard Draves, Jun-ichiro itojun Hagino, Joel Halpern, Tony Hain, Andy Hazeltine, Bob Hinden, Geoff Huston, Perry Metzger, Thomas Narten, Erik Nordmark, Markku Savela, Ole Troan, Sowmini Varadhan, members of the Compaq IPv6 engineering team, and other members of the NGTRANS working group. Some text has been copied from [6OVER4]. George Tsirtsis kindly drafted two of the diagrams.
上面介绍的基本想法可能不是原创的,我们从马格努斯·阿尔托普、哈拉尔德·阿尔韦斯特朗、吉姆·邦德、斯科特·布拉德纳、兰迪·布什、马特·克劳福德、理查德·德拉斯、伊藤俊一郎·哈吉诺、乔尔·哈尔伯恩、托尼·海恩、安迪·哈泽尔廷、鲍勃·欣登、杰夫·休斯顿、佩里·梅茨格、托马斯·纳腾、埃里克·诺德马克、,Markku Savela、Ole Troan、Sowmini Varadhan、康柏IPv6工程团队成员以及NGTRANS工作组的其他成员。已从[6OVER4]复制了一些文本。乔治·齐尔茨(George Tsirtsis)很友好地起草了两张图表。
References
工具书类
[AARCH] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 2373, July 1998.
[AARCH]Hinden,R.和S.Deering,“IP版本6寻址体系结构”,RFC 23731998年7月。
[AGGR] Hinden., R, O'Dell, M. and S. Deering, "An IPv6 Aggregatable Global Unicast Address Format", RFC 2374, July 1998.
[AGGR]Hinden.,R,O'Dell,M.和S.Deering,“一种IPv6可聚合全球单播地址格式”,RFC 2374,1998年7月。
[API] Gilligan, R., Thomson, S., Bound, J. and W. Stevens, "Basic Socket Interface Extensions for IPv6", RFC 2553, March 1999.
[API]Gilligan,R.,Thomson,S.,Bound,J.和W.Stevens,“IPv6的基本套接字接口扩展”,RFC 2553,1999年3月。
[BGP4+] Marques, P. and F. Dupont, "Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing", RFC 2545, March 1999.
[BGP4+]Marques,P.和F.Dupont,“将BGP-4多协议扩展用于IPv6域间路由”,RFC 25451999年3月。
[CONF] Thomson, S. and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998.
[CONF]Thomson,S.和T.Narten,“IPv6无状态地址自动配置”,RFC 24621998年12月。
[DISC] Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998.
[DISC]Narten,T.,Nordmark,E.和W.Simpson,“IP版本6(IPv6)的邻居发现”,RFC 246112998年12月。
[IPV6] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.
[IPV6]Deering,S.和R.Hinden,“互联网协议,第6版(IPV6)规范”,RFC 2460,1998年12月。
[6OVER4] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4 Domains without Explicit Tunnels", RFC 2529, March 1999.
[6综述4]Carpenter,B.和C.Jung,“在没有明确隧道的IPv4域上传输IPv6”,RFC 2529,1999年3月。
[ANYCAST] Johnson, D. and S. Deering, "Reserved IPv6 Subnet Anycast Addresses", Work in Progress.
[ANYCAST]Johnson,D.和S.Deering,“保留IPv6子网选播地址”,工作正在进行中。
[MULTI] Thaler, D., "Support for Multicast over 6to4 Networks", Work in Progress.
[MULTI]Thaler,D.,“支持6to4网络上的多播”,正在进行中。
[SCALE] Hain, T., "6to4-relay discovery and scaling", Work in Progress.
[SCALE]Hain,T.,“6to4中继发现和扩展”,工作正在进行中。
[SELECT] Draves, R., "Default Address Selection for IPv6", Work in Progress.
[SELECT]Draves,R.,“IPv6的默认地址选择”,正在进行中。
[RFC 791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.
[RFC 791]Postel,J.,“互联网协议”,STD 5,RFC 7911981年9月。
[RFC 1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., de Groot, G. and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996.
[RFC 1918]Rekhter,Y.,Moskowitz,R.,Karrenberg,D.,de Groot,G.和E.Lear,“私人互联网地址分配”,BCP 5,RFC 1918,1996年2月。
[MECH] Gilligan, R. and E. Nordmark, "Transition Mechanisms for IPv6 Hosts and Routers", RFC 2893, August 2000.
[MECH]Gilligan,R.和E.Nordmark,“IPv6主机和路由器的过渡机制”,RFC 2893,2000年8月。
[RSIP] Borella, M., Grabelsky, D., Lo, J. and K. Tuniguchi, "Realm Specific IP: Protocol Specification", Work in Progress.
[RSIP]Borella,M.,Grabelsky,D.,Lo,J.和K.Tuniguchi,“领域特定IP:协议规范”,正在进行的工作。
[RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC 2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC 2283] Bates, T., Chandra, R., Katz, D. and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 2283, February 1998.
[RFC 2283]Bates,T.,Chandra,R.,Katz,D.和Y.Rekhter,“BGP-4的多协议扩展”,RFC 2283,1998年2月。
Authors' Addresses
作者地址
Brian E. Carpenter IBM iCAIR, Suite 150 1890 Maple Avenue Evanston IL 60201, USA
Brian E.Carpenter IBM iCAIR,美国伊利诺伊州埃文斯顿枫叶大道1890号150室,邮编60201
EMail: brian@icair.org
EMail: brian@icair.org
Keith Moore UT Computer Science Department 1122 Volunteer Blvd, Ste 203 Knoxville, TN 37996-3450 USA
基思·摩尔美国犹他州计算机科学部美国田纳西州诺克斯维尔203号志愿者大道1122号,邮编37996-3450
EMail: moore@cs.utk.edu
EMail: moore@cs.utk.edu
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何努力来确定任何此类权利。有关IETF在标准跟踪和标准相关文件中权利的程序信息,请参见BCP-11。可从IETF秘书处获得可供发布的权利声明副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果。
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涉及实施本标准所需技术的专有权利。请将信息发送给IETF执行董事。
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2001). All Rights Reserved.
版权所有(C)互联网协会(2001年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。