Network Working Group                                           T. Ogura
Request for Comments: 3572                                   M. Maruyama
Category: Informational                      NTT Network Innovation Labs
                                                              T. Yoshida
                                                      Werk Mikro Systems
                                                               July 2003
        
Network Working Group                                           T. Ogura
Request for Comments: 3572                                   M. Maruyama
Category: Informational                      NTT Network Innovation Labs
                                                              T. Yoshida
                                                      Werk Mikro Systems
                                                               July 2003
        

Internet Protocol Version 6 over MAPOS (Multiple Access Protocol Over SONET/SDH)

MAPOS上的Internet协议版本6(SONET/SDH上的多址协议)

Status of this Memo

本备忘录的状况

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。

Copyright Notice

版权公告

Copyright (C) The Internet Society (2003). All Rights Reserved.

版权所有(C)互联网协会(2003年)。版权所有。

IESG Note

IESG注释

This memo documents a way of carrying IPv6 packets over MAPOS networks. This document is NOT the product of an IETF working group nor is it a standards track document. It has not necessarily benefited from the widespread and in-depth community review that standards track documents receive.

此备忘录记录了通过MAPOS网络承载IPv6数据包的方法。本文件不是IETF工作组的产品,也不是标准跟踪文件。它不一定从标准跟踪文件所接受的广泛和深入的社区审查中获益。

Abstract

摘要

Multiple Access Protocol over SONET/SDH (MAPOS) is a high-speed link-layer protocol that provides multiple access capability over a Synchronous Optical NETwork/Synchronous Digital Hierarchy (SONET/SDH).

SONET/SDH多址接入协议(MAPOS)是一种高速链路层协议,在同步光网络/同步数字体系(SONET/SDH)上提供多址接入能力。

This document specifies the frame format for encapsulating an IPv6 datagram in a MAPOS frame. It also specifies the method of forming IPv6 interface identifiers, the method of detecting duplicate addresses, and the format of the Source/Target Link-layer Addresses option field used in IPv6 Neighbor Discovery messages.

本文档指定了将IPv6数据报封装在MAPOS框架中的框架格式。它还指定了形成IPv6接口标识符的方法、检测重复地址的方法以及IPv6邻居发现消息中使用的源/目标链路层地址选项字段的格式。

Table of Contents

目录

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Frame Format for Encapsulating IPv6 Datagrams. . . . . . . . .  3
       2.1.  Frame Format . . . . . . . . . . . . . . . . . . . . . .  3
       2.2.  Maximum Transmission Unit (MTU). . . . . . . . . . . . .  3
       2.3.  Destination Address Mapping. . . . . . . . . . . . . . .  4
             2.3.1.  Unicast. . . . . . . . . . . . . . . . . . . . .  4
            2.3.2.  Multicast . . . . . . . . . . . . . . . . . . . .  4
   3.  Interface Identifier . . . . . . . . . . . . . . . . . . . . .  6
   4.  Duplicate Address Detection. . . . . . . . . . . . . . . . . .  8
   5.  Source/Target Link-layer Address Option. . . . . . . . . . . .  9
   6.  Security Considerations. . . . . . . . . . . . . . . . . . . . 10
       6.1.  Issues concerning Link-layer Addresses . . . . . . . . . 10
             6.1.1.  Protection against fraudulent reception
                     of traffic . . . . . . . . . . . . . . . . . . . 10
             6.1.2.  Protection against improper traffic. . . . . . . 11
       6.2.  Uniqueness of Interface Identifiers. . . . . . . . . . . 11
   7.  References. . . .  . . . . . . . . . . . . . . . . . . . . . . 12
   8.  Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 13
   9.  Full Copyright Statement . . . . . . . . . . . . . . . . . . . 14
        
   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Frame Format for Encapsulating IPv6 Datagrams. . . . . . . . .  3
       2.1.  Frame Format . . . . . . . . . . . . . . . . . . . . . .  3
       2.2.  Maximum Transmission Unit (MTU). . . . . . . . . . . . .  3
       2.3.  Destination Address Mapping. . . . . . . . . . . . . . .  4
             2.3.1.  Unicast. . . . . . . . . . . . . . . . . . . . .  4
            2.3.2.  Multicast . . . . . . . . . . . . . . . . . . . .  4
   3.  Interface Identifier . . . . . . . . . . . . . . . . . . . . .  6
   4.  Duplicate Address Detection. . . . . . . . . . . . . . . . . .  8
   5.  Source/Target Link-layer Address Option. . . . . . . . . . . .  9
   6.  Security Considerations. . . . . . . . . . . . . . . . . . . . 10
       6.1.  Issues concerning Link-layer Addresses . . . . . . . . . 10
             6.1.1.  Protection against fraudulent reception
                     of traffic . . . . . . . . . . . . . . . . . . . 10
             6.1.2.  Protection against improper traffic. . . . . . . 11
       6.2.  Uniqueness of Interface Identifiers. . . . . . . . . . . 11
   7.  References. . . .  . . . . . . . . . . . . . . . . . . . . . . 12
   8.  Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 13
   9.  Full Copyright Statement . . . . . . . . . . . . . . . . . . . 14
        
1. Introduction
1. 介绍

Multiple Access Protocol over SONET/SDH (MAPOS) [1][2] is a high-speed link-layer protocol that provides multiple access capability over SONET/SDH. Its frame format is based on the HDLC-like (High Level Data Link Control) framing [3] for PPP. A component called a "Frame Switch" [1] allows multiple nodes (hosts and routers) to be connected together in a star topology to form a LAN. Using long-haul SONET/SDH links, the nodes on such a "SONET-LAN" can span a wide geographical area.

SONET/SDH上的多址协议(MAPOS)[1][2]是一种高速链路层协议,提供SONET/SDH上的多址能力。其帧格式基于PPP的类似HDLC(高级数据链路控制)的帧[3]。称为“帧交换机”[1]的组件允许多个节点(主机和路由器)以星形拓扑连接在一起,以形成LAN。使用长距离SONET/SDH链路,这种“SONET-LAN”上的节点可以跨越广泛的地理区域。

This document specifies the frame format for encapsulating an Internet Protocol version 6 (IPv6) [4] datagram in a MAPOS frame, the method of forming IPv6 interface identifiers, the method of detecting duplicate addresses, and the format of the Source/Target Link-layer Addresses option field used in Neighbor Discovery messages such as Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, and Redirect messages.

本文件规定了将互联网协议版本6(IPv6)[4]数据报封装在MAPOS帧中的帧格式、形成IPv6接口标识符的方法、检测重复地址的方法,以及在诸如路由器请求、路由器通告、邻居请求、邻居通告和重定向消息的邻居发现消息中使用的源/目标链路层地址选项字段的格式。

In the remainder of this document, the term "MAPOS" is used unless the distinction between MAPOS version 1 [1] and MAPOS 16 [2] is required.

在本文件的其余部分中,除非需要区分MAPOS版本1[1]和MAPOS 16[2],否则使用术语“MAPOS”。

2. Frame Format for Encapsulating IPv6 Datagrams
2. 用于封装IPv6数据报的帧格式
2.1. Frame Format
2.1. 帧格式

MAPOS uses the same HDLC-like framing as PPP-over-SONET, described in [3]. The MAPOS frame begins and ends with a flag sequence 01111110 (0x7E), and the MAPOS frame header contains address, control, and protocol fields. The address field contains a destination HDLC address. In MAPOS 16, the address field is extended to 16 bits, and the control field of MAPOS version 1 is omitted. The frame check sequence (FCS) field is 16 bits long by default, but a 32-bit FCS may be used optionally. Details of the MAPOS frame format are described in [1][2].

MAPOS使用与SONET上的PPP相同的类似HDLC的帧,如[3]所述。MAPOS帧以标志序列01111110(0x7E)开始和结束,MAPOS帧头包含地址、控制和协议字段。地址字段包含目标HDLC地址。在MAPOS 16中,地址字段扩展为16位,省略了MAPOS版本1的控制字段。默认情况下,帧检查序列(FCS)字段的长度为16位,但可以选择使用32位FCS。[1][2]中介绍了MAPOS帧格式的详细信息。

An IPv6 datagram is encapsulated in the MAPOS frame. In the case of encapsulating an IPv6 datagram, the protocol field must contain the value 0x0057 (hexadecimal). The IPv6 datagram is stored in the information field which follows immediately after the protocol field. That is, this field contains the IPv6 header followed immediately by the payload. Figure 1 shows the frame format. The fields are transmitted from left to right.

IPv6数据报封装在MAPOS框架中。在封装IPv6数据报的情况下,协议字段必须包含值0x0057(十六进制)。IPv6数据报存储在紧跟在协议字段之后的信息字段中。也就是说,此字段包含紧接着有效负载的IPv6标头。图1显示了框架格式。字段从左向右传输。

   +----------+----------+----------+----------+
   |          |          | Control/ | Protocol |
   |   Flag   | Address  | Address  |  16 bits |
   | 01111110 |  8 bits  |  8 bits  | (0x0057) |
   +----------+----------+----------+----------+
      +-------------+------------+----------+-----------
      |             |            |          | Inter-frame
      | IPv6 header |    FCS     |   Flag   | fill or next
      | and payload | 16/32 bits | 01111110 | address
      +-------------+------------+----------+------------
        
   +----------+----------+----------+----------+
   |          |          | Control/ | Protocol |
   |   Flag   | Address  | Address  |  16 bits |
   | 01111110 |  8 bits  |  8 bits  | (0x0057) |
   +----------+----------+----------+----------+
      +-------------+------------+----------+-----------
      |             |            |          | Inter-frame
      | IPv6 header |    FCS     |   Flag   | fill or next
      | and payload | 16/32 bits | 01111110 | address
      +-------------+------------+----------+------------
        

Figure 1. Frame format.

图1。帧格式。

2.2. Maximum Transmission Unit (MTU)
2.2. 最大传输单位(MTU)

The length of the information field of the MAPOS frame may vary, but shall not exceed 65,280 (64K - 256) octets [1][2]. The default maximum transmission unit (MTU) is 65,280 octets.

MAPOS帧的信息字段长度可能不同,但不得超过65280(64K-256)个八位组[1][2]。默认最大传输单元(MTU)为65280个八位字节。

However, the MTU size may be reduced by a Router Advertisement [5] containing an MTU option that specifies a smaller MTU, or by manual configuration of each node. If a Router Advertisement received on a MAPOS interface has an MTU option specifying an MTU larger than 65,280, or larger than a manually configured value, that MTU option may be logged for the system management but must be otherwise ignored.

然而,可以通过包含指定较小MTU的MTU选项的路由器公告[5],或者通过手动配置每个节点来减小MTU大小。如果在MAPOS接口上接收的路由器播发具有MTU选项,该MTU选项指定的MTU大于65280或大于手动配置的值,则该MTU选项可能会被记录用于系统管理,但必须被忽略。

2.3. Destination Address Mapping
2.3. 目标地址映射

This section specifies the method of mapping an IPv6 destination address to the address field in the MAPOS frame header.

本节指定将IPv6目标地址映射到MAPOS帧头中的地址字段的方法。

2.3.1. Unicast
2.3.1. 单播

In unicasting, the address field of a MAPOS frame contains the HDLC address that has been assigned via NSP (Node Switch Protocol) [6] to the MAPOS interface, which has the IPv6 unicast destination address.

在单播中,MAPOS帧的地址字段包含通过NSP(节点交换协议)[6]分配给MAPOS接口的HDLC地址,该接口具有IPv6单播目标地址。

In order to determine the destination HDLC address that corresponds to an IPv6 unicast destination address, the sender uses Link-layer Address Resolution described in [5].

为了确定与IPv6单播目标地址相对应的目标HDLC地址,发送方使用[5]中描述的链路层地址解析。

2.3.2. Multicast
2.3.2. 多播

Address resolution is never performed on IPv6 multicast addresses. An IPv6 multicast destination address is mapped to the address field in the MAPOS frame header as described below for MAPOS version 1 and MAPOS 16.

从未对IPv6多播地址执行地址解析。IPv6多播目标地址映射到MAPOS帧头中的地址字段,如下所述,适用于MAPOS版本1和MAPOS 16。

MAPOS version 1:

MAPOS版本1:

The address field of the MAPOS version 1 frame header contains an 8- bit-wide destination HDLC address [1]. The least significant bit (LSB) of the field must always be 1 to indicate the end of the field. The most significant bit (MSB) is used to indicate whether the frame is a unicast or a multicast frame.

MAPOS版本1帧头的地址字段包含一个8位宽的目标HDLC地址[1]。字段的最低有效位(LSB)必须始终为1,以指示字段的结尾。最高有效位(MSB)用于指示帧是单播还是多播帧。

In the case of an IPv6 multicast, the MSB of the address field is 1 to indicate that the frame is multicast. As described above, the LSB of the address field is 1. The other six bits of the address field must contain the lowest-order six bits of the IPv6 multicast address. Figure 2 shows the address field of the MAPOS version 1 frame header in the case of an IPv6 multicast, where D(1) through D(6) represent the lowest-order six bits of the IPv6 multicast address. Exceptions arise when these six bits are either all zeros or all ones. In these cases, they should be altered to the bit sequence 111110. That is, the address field should be 0xFD (hexadecimal).

在IPv6多播的情况下,地址字段的MSB为1,表示帧是多播的。如上所述,地址字段的LSB为1。地址字段的其他六位必须包含IPv6多播地址的最低六位。图2显示了IPv6多播情况下MAPOS版本1帧头的地址字段,其中D(1)到D(6)表示IPv6多播地址的最低六位。当这六位不是全零就是全一时,就会出现例外情况。在这些情况下,应将它们更改为位序列11111 0。也就是说,地址字段应该是0xFD(十六进制)。

                      MSB           LSB
                      +-+-+-+-+-+-+-+-+
                      | |           | |
                      |1|D(6) - D(1)|1|
                      | |           | |
                      +-+-+-+-+-+-+-+-+
                       ^             ^
                       |             |
                       |             EA bit (always 1)
                       1 (multicast)
        
                      MSB           LSB
                      +-+-+-+-+-+-+-+-+
                      | |           | |
                      |1|D(6) - D(1)|1|
                      | |           | |
                      +-+-+-+-+-+-+-+-+
                       ^             ^
                       |             |
                       |             EA bit (always 1)
                       1 (multicast)
        

Figure 2. Address mapping in multicasting (MAPOS version 1).

图2。多播中的地址映射(MAPOS版本1)。

MAPOS 16:

MAPOS 16:

The address field of the MAPOS 16 frame header contains the 16-bit-wide destination HDLC address [2]. The LSB of the first octet must always be 0 to indicate the continuation of this field, and the LSB of the second octet must always be 1 to indicate the end of this field. The MSB of the first octet is used to indicate whether the frame is a unicast or a multicast frame.

MAPOS 16帧头的地址字段包含16位宽的目标HDLC地址[2]。第一个八位字节的LSB必须始终为0以指示此字段的继续,第二个八位字节的LSB必须始终为1以指示此字段的结束。第一个八位组的MSB用于指示帧是单播还是多播帧。

In the case of an IPv6 multicast, the MSB of the first octet is 1 to indicate that the frame is multicast. As described above, the LSB of the first octet is 0 and the LSB of the second octet is 1. The other 13 bits of the address field must contain the lowest-order 13 bits of the IPv6 multicast address. Figure 3 shows the address field of the MAPOS 16 frame header in the case of an IPv6 multicast, where D(1) through D(13) represent the lowest-order 13 bits of the IPv6 multicast address. Exceptions arise when these 13 bits are either all zeros or all ones. In these cases, the address field should be 0xFEFD (hexadecimal).

在IPv6多播的情况下,第一个八位组的MSB为1,表示该帧是多播的。如上所述,第一个八位组的LSB为0,第二个八位组的LSB为1。地址字段的其他13位必须包含IPv6多播地址的最低顺序13位。图3显示了IPv6多播情况下MAPOS 16帧头的地址字段,其中D(1)到D(13)表示IPv6多播地址的最低13位。当这13位为全零或全1时,会出现例外情况。在这些情况下,地址字段应为0xFEFD(十六进制)。

          MSB                           LSB
          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
          | |           | |             | |
          |1|D(13)-D(8) |0|  D(7)-D(1)  |1|
          | |           | |             | |
          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
           ^             ^               ^
           |             |               |
           |             |               +-- EA bit (always 1)
           |             +-- EA bit (always 0)
           1 (multicast)
        
          MSB                           LSB
          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
          | |           | |             | |
          |1|D(13)-D(8) |0|  D(7)-D(1)  |1|
          | |           | |             | |
          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
           ^             ^               ^
           |             |               |
           |             |               +-- EA bit (always 1)
           |             +-- EA bit (always 0)
           1 (multicast)
        

Figure 3. Address mapping in multicasting (MAPOS 16).

图3。多播中的地址映射(MAPOS 16)。

3. Interface Identifier
3. 接口标识符

This section specifies the method of forming the interface identifier [7].

本节规定了形成接口标识符的方法[7]。

A node that has one or more MAPOS interfaces must create one or more EUI-64 [8] based interface identifiers. Here, it should be noted that deriving interface identifiers from HDLC addresses of MAPOS interfaces is undesirable for the following reasons.

具有一个或多个MAPOS接口的节点必须创建一个或多个基于EUI-64[8]的接口标识符。这里,应当注意,出于以下原因,从MAPOS接口的HDLC地址派生接口标识符是不可取的。

1. When a node is connected to a frame switch, an HDLC address is assigned to the interface of the node from the frame switch via NSP [6]. (In the remainder of this document, the term "MAPOS address" is used to refer to the address.) The value of the MAPOS address assigned to the interface depends on the combination of the switch number of the frame switch and the port number of the frame switch to which the interface is connected. The switch number is required to be unique only within a MAPOS multi-switch environment [6]; that is, there can be frame switches that have the same switch number in different MAPOS multi-switch environment separated by IP routers. Therefore, the uniqueness of a MAPOS address is guaranteed only within a MAPOS multi-switch environment.

1. 当节点连接到帧交换机时,通过NSP将HDLC地址从帧交换机分配给节点的接口[6]。(在本文档的其余部分中,术语“MAPOS地址”用于指代地址。)分配给接口的MAPOS地址的值取决于帧交换机的交换机号和接口连接到的帧交换机的端口号的组合。交换机编号仅在MAPOS多交换机环境中要求唯一[6];也就是说,在不同的MAPOS多交换机环境中,可以存在由IP路由器分隔的具有相同交换机编号的帧交换机。因此,只有在MAPOS多交换机环境中才能保证MAPOS地址的唯一性。

Furthermore, if an implementation ensures that the link between the interface of the node and the port of the frame switch is hot-swappable, the port number of the frame switch or the frame switch connected to the interface of the node can be changed, so the MAPOS address assigned to the interface can also be changed without performing a system re-start of the node.

此外,如果实现确保节点的接口和帧交换机的端口之间的链路是可热插拔的,则可以改变帧交换机的端口号或连接到节点的接口的帧交换机的端口号,因此,分配给接口的MAPOS地址也可以更改,而无需执行节点的系统重新启动。

In short, the global uniqueness of a MAPOS address is not guaranteed, and a MAPOS address is not a built-in address but can be changed without performing a system re-start. Thus, if an interface identifier were derived from a MAPOS address, it could also be changed without a system re-start. This would not follow the recommendation in [7].

简而言之,不保证MAPOS地址的全局唯一性,并且MAPOS地址不是内置地址,但可以在不执行系统重新启动的情况下进行更改。因此,如果接口标识符是从MAPOS地址派生的,那么也可以在不重新启动系统的情况下对其进行更改。这不符合[7]中的建议。

2. In the case of a point-to-point connection between two nodes, the same MAPOS address is assigned to each interface. Specifically, in the case of MAPOS version 1, the assigned address is 0x03 [6], and in the case of MAPOS 16, the assigned address is 0x0003 [2]. It is not easy to achieve link-locality of the interface identifier in a strict manner using the same Link-layer address.

2. 如果两个节点之间存在点对点连接,则为每个接口分配相同的MAPOS地址。具体而言,在MAPOS版本1的情况下,分配的地址是0x03[6],在MAPOS 16的情况下,分配的地址是0x0003[2]。使用相同的链路层地址严格实现接口标识符的链路局部性并不容易。

For the above reasons, nodes with MAPOS interfaces must not derive their interface identifiers from their MAPOS addresses.

出于上述原因,具有MAPOS接口的节点不得从其MAPOS地址派生其接口标识符。

The following are methods of forming an interface identifier in the order of preference. These are almost the same as the methods described in [9] except that a MAPOS address must not be used as a source of uniqueness when an IEEE global identifier is unavailable.

以下是按优先顺序形成接口标识符的方法。这些方法与[9]中描述的方法几乎相同,只是当IEEE全局标识符不可用时,不得将MAPOS地址用作唯一性源。

1) If an IEEE global identifier (EUI-48 or EUI-64) is available anywhere on the node, it should be used to construct the interface identifier due to its uniqueness. When extracting an IEEE global identifier from another device on the node, care should be taken to ensure that the extracted identifier is presented in canonical ordering [10].

1) 如果IEEE全局标识符(EUI-48或EUI-64)在节点上的任何位置都可用,则由于其唯一性,应使用它来构造接口标识符。从节点上的另一个设备提取IEEE全局标识符时,应注意确保提取的标识符以规范顺序呈现[10]。

The only transformation from an EUI-64 identifier is to invert the "u" bit (universal/local bit in IEEE EUI-64 terminology). For example, for a globally unique EUI-64 identifier as shown in Figure 4:

EUI-64标识符的唯一转换是反转“u”位(IEEE EUI-64术语中的通用/本地位)。例如,对于图4所示的全局唯一EUI-64标识符:

   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc0gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        
   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc0gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        

Figure 4. Globally unique EUI-64 identifier.

图4。全局唯一的EUI-64标识符。

where "c" are the bits of the assigned company_id, "0" is the value of the universal/local bit to indicate global scope, "g" is the group/individual bit, and "e" are the bits of the extension identifier, the IPv6 interface identifier would be as shown in Figure 5. The only change is inverting the value of the universal/local bit.

其中“c”是分配的公司id的位,“0”是表示全局范围的通用/本地位的值,“g”是组/单个位,“e”是扩展标识符的位,IPv6接口标识符如图5所示。唯一的变化是反转通用/本地位的值。

   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc1gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        
   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc1gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        

Figure 5. IPv6 interface identifier derived from a globally unique EUI-64 identifier.

图5。从全局唯一的EUI-64标识符派生的IPv6接口标识符。

In the case of an EUI-48 identifier, it is first converted to the EUI-64 format by inserting two octets, with hexadecimal values of 0xFF and 0xFE, in the middle of the 48-bit MAC (between the company_id and extension-identifier portions of the EUI-48 value).

在EUI-48标识符的情况下,首先在48位MAC的中间插入两个八位字节(0xFF和0xFE的十六进制值)(UEY-YID和EUI-48值的扩展标识符部分之间),将其转换为EUI64格式。

For example, for a globally unique 48-bit EUI-48 identifier as shown in Figure 6:

例如,对于图6所示的全局唯一48位EUI-48标识符:

   MSB                                              LSB
   |0              1|1              3|3              4|
   |0              5|6              1|2              7|
   +----------------+----------------+----------------+
   |cccccc0gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+
        
   MSB                                              LSB
   |0              1|1              3|3              4|
   |0              5|6              1|2              7|
   +----------------+----------------+----------------+
   |cccccc0gcccccccc|cccccccceeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+
        

Figure 6. Globally unique EUI-48 identifier.

图6。全局唯一的EUI-48标识符。

where "c" are the bits of the assigned company_id, "0" is the value of the universal/local bit to indicate global scope, "g" is the group/individual bit, and "e" are the bits of the extension identifier, the IPv6 interface identifier would be as shown in Figure 7.

其中“c”是分配的公司id的位,“0”是通用/本地位的值,以指示全局范围,“g”是组/单个位,“e”是扩展标识符的位,IPv6接口标识符如图7所示。

   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc1gcccccccc|cccccccc11111111|11111110eeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        
   MSB                                                               LSB
   |0              1|1              3|3              4|4              6|
   |0              5|6              1|2              7|8              3|
   +----------------+----------------+----------------+----------------+
   |cccccc1gcccccccc|cccccccc11111111|11111110eeeeeeee|eeeeeeeeeeeeeeee|
   +----------------+----------------+----------------+----------------+
        

Figure 7. IPv6 interface identifier derived from a globally unique EUI-48 identifier.

图7。从全局唯一的EUI-48标识符派生的IPv6接口标识符。

2) If an IEEE global identifier is not available, a different source of uniqueness should be used. Suggested sources of uniqueness include machine serial numbers, etc. MAPOS addresses must not be used.

2) 如果IEEE全局标识符不可用,则应使用不同的唯一性源。建议的唯一性来源包括机器序列号等。不得使用MAPOS地址。

In this case, the "u" bit of the interface identifier must be set to 0.

在这种情况下,接口标识符的“u”位必须设置为0。

3) If a good source of uniqueness cannot be found, it is recommended that a random number be generated. In this case the "u" bit of the interface identifier must be set to 0.

3) 如果无法找到良好的唯一性来源,建议生成一个随机数。在这种情况下,接口标识符的“u”位必须设置为0。

4. Duplicate Address Detection
4. 重复地址检测

Immediately after the system start-up, the MAPOS address has not yet been assigned to a MAPOS interface. The assignment is not completed until the adjacent frame switch, or adjacent node in the case of a point-to-point connection between two nodes, has delivered the MAPOS address to the interface via NSP [6]. Until then, no data transmission can be performed on the interface. Thus, a node must

系统启动后,MAPOS地址尚未分配给MAPOS接口。直到相邻帧交换机或相邻节点(如果是两个节点之间的点到点连接)通过NSP将MAPOS地址发送到接口[6],分配才完成。在此之前,无法在接口上执行数据传输。因此,节点必须

conduct duplicate address detection [11] on all unicast addresses of MAPOS interfaces after the MAPOS address assignment has been completed by NSP.

NSP完成MAPOS地址分配后,对MAPOS接口的所有单播地址执行重复地址检测[11]。

5. Source/Target Link-layer Address Option
5. 源/目标链路层地址选项

As specified in [5], the Source/Target Link-layer Address option is one of the options included in Neighbor Discovery messages. In [5], the length of the Source/Target Link-layer Address option field is specified in units of 8 octets. However, in the case of MAPOS, the length of the address field is 2 octets (MAPOS 16) or 1 octet (MAPOS version 1)[1][2]. Thus, if the exact form of the address field is embedded in the Link-layer Address field of the Source/Target Link-layer Address option field, the total length of the option field is 4 octets (MAPOS 16) or 3 octets (MAPOS version 1), both of which are shorter than 8 octets.

如[5]所述,源/目标链路层地址选项是邻居发现消息中包含的选项之一。在[5]中,源/目标链路层地址选项字段的长度以8个八位字节为单位指定。然而,在MAPOS的情况下,地址字段的长度为2个八位字节(MAPOS 16)或1个八位字节(MAPOS版本1)[1][2]。因此,如果地址字段的确切形式嵌入到源/目标链路层地址选项字段的链路层地址字段中,则选项字段的总长度为4个八位字节(MAPOS 16)或3个八位字节(MAPOS版本1),两者都小于8个八位字节。

For the above reason, in the case of MAPOS, the Link-layer Address field of the Source/Target Link-layer Address option must be extended with zeros in order to extend the length of the option field to 8 octets, and the Length field must be set to 1 as shown below.

出于上述原因,在MAPOS的情况下,源/目标链路层地址选项的链路层地址字段必须扩展为零,以便将选项字段的长度扩展为8个八位字节,并且长度字段必须设置为1,如下所示。

MAPOS version 1:

MAPOS版本1:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     All 0     |    Address    |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     All 0     |    Address    |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        

Fields:

领域:

Type: 1 for Source link-layer address. 2 for Target link-layer address.

类型:1表示源链接层地址。2表示目标链路层地址。

Length: 1 (in units of 8 octets).

长度:1(以8个八位字节为单位)。

Address: MAPOS version 1 8-bit address.

地址:MAPOS版本1 8位地址。

Figure 8. Format of the Source/Target Link-layer Address option field (MAPOS version 1).

图8。源/目标链接层地址选项字段的格式(MAPOS版本1)。

MAPOS 16:

MAPOS 16:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Link-layer Address        |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Link-layer Address        |             All 0             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        

Fields:

领域:

Type: 1 for Source link-layer address. 2 for Target link-layer address.

类型:1表示源链接层地址。2表示目标链路层地址。

Length: 1 (in units of 8 octets).

长度:1(以8个八位字节为单位)。

Link-layer Address: MAPOS 16 16-bit address.

链路层地址:MAPOS 16 16位地址。

Figure 9. Format of the Source/Target Link-layer Address option field (MAPOS 16).

图9。源/目标链路层地址选项字段的格式(MAPOS 16)。

6. Security Considerations
6. 安全考虑

In MAPOS, a link-layer address (MAPOS address) is assigned to a network interface by a frame switch via NSP; unlike other link-layer protocols such as Ethernet that use a built-in address on a network interface. Security considerations derived from this are described in 6.1 and 6.2. Because there is no link-layer security in MAPOS, the same security considerations as those of other link-layer protocols would be applied to other points.

在MAPOS中,链路层地址(MAPOS地址)由帧交换机通过NSP分配给网络接口;与其他链路层协议(如以太网)不同,以太网在网络接口上使用内置地址。6.1和6.2中描述了由此产生的安全注意事项。由于MAPOS中没有链路层安全性,因此与其他链路层协议相同的安全注意事项将应用于其他点。

6.1. Issues concerning Link-layer Addresses
6.1. 关于链路层地址的问题
6.1.1. Protection against fraudulent reception of traffic
6.1.1. 防止欺诈性接收流量

In MAPOS, a MAPOS address is assigned by a frame switch, and it consists of the switch number and the port number of the switch to which the network interface is connected. (In the case of a point-to-point connection between two nodes, a fixed address is assigned to their network interfaces.) This brings the following advantages.

在MAPOS中,MAPOS地址由帧交换机分配,它由交换机号和网络接口连接到的交换机的端口号组成。(在两个节点之间进行点对点连接的情况下,为其网络接口分配一个固定地址。)这带来了以下优点。

1. The value of the MAPOS address of a MAPOS network interface indicates the location of the interface in the MAPOS network. In other words, the value itself of the destination address of a MAPOS frame defines the actual location of the network interface to which the frame should be finally delivered. Therefore, as long as MAPOS addresses of network interfaces of nodes that have

1. MAPOS网络接口的MAPOS地址值指示接口在MAPOS网络中的位置。换句话说,MAPOS帧的目标地址的值本身定义了帧最终应传递到的网络接口的实际位置。因此,只要MAPOS地址的网络接口的节点都有

been connected to the network through proper administrative process are held and frames are delivered only to those addresses, other nodes cannot receive frames unless their network interfaces are connected to the same ports of frame switches as those to which network interfaces of properly administered nodes are connected. This makes fraudulent reception of traffic difficult.

通过适当的管理过程连接到网络的节点被保留,并且帧仅传送到这些地址,其他节点无法接收帧,除非其网络接口连接到帧交换机的端口,与适当管理的节点的网络接口连接到的端口相同。这使得欺诈性接收流量变得困难。

2. In the case where MAPOS addresses are not administered as mentioned above, it is possible that a malicious node could hijack traffic by spoofing its IPv6 address in a response to an IPv6 Neighbor Discovery. Even in this case, the node must advertise the true MAPOS address of its network interface in the response so that it can receive successive frames. This makes it easy to pinpoint the location of the host.

2. 在如上所述未管理MAPOS地址的情况下,恶意节点可能会通过欺骗其IPv6地址来劫持流量,以响应IPv6邻居发现。即使在这种情况下,节点也必须在响应中公布其网络接口的真实MAPOS地址,以便能够接收连续帧。这样可以很容易地确定主机的位置。

6.1.2. Protection against improper traffic
6.1.2. 防止不正当交通

A MAPOS frame does not have a field for including its sender's address. Therefore, in the case where a node sends one-way improper traffic maliciously or accidentally, there is no way to obtain the sender's MAPOS address from the traffic and this leads to difficulty in identifying the node (because source IP addresses might be forged).

MAPOS框架没有包含其发件人地址的字段。因此,在节点恶意或意外地发送单向不正确通信的情况下,无法从通信中获取发送方的MAPOS地址,这导致难以识别节点(因为源IP地址可能是伪造的)。

An effective way to alleviate the difficulty is to moderate the size of MAPOS multi-switch environment [6]. A common approach is to separate it using IP routers. This makes it easy to identify the node sending improper traffic within the multi-switch environment. To secure the environment against improper traffic from outside it, boundary IP routers need to block it using packet filtering based on IP layer information.

缓解这一困难的有效方法是调节MAPOS多交换机环境的大小[6]。一种常见的方法是使用IP路由器将其分离。这使得在多交换机环境中很容易识别发送不正确流量的节点。为了保护环境免受来自外部的不正当通信,边界IP路由器需要使用基于IP层信息的包过滤来阻止它。

6.2. Uniqueness of Interface Identifiers
6.2. 接口标识符的唯一性

Global uniqueness of a MAPOS address is not guaranteed, and a MAPOS address is not a built-in address but can be changed without performing a system re-start if an implementation ensures that the link between the network interface of the node and the port of the frame switch is hot-swappable. Thus, an interface identifier must not be derived from a MAPOS address in order to ensure that the interface identifier is not changed without a system re-start.

不保证MAPOS地址的全局唯一性,并且MAPOS地址不是内置地址,但如果实现确保节点的网络接口和帧交换机端口之间的链路可热插拔,则可以在不执行系统重新启动的情况下进行更改。因此,不得从MAPOS地址派生接口标识符,以确保在未重新启动系统的情况下不会更改接口标识符。

As a consequence, in IP Version 6 over MAPOS, the existence of network interfaces other than MAPOS that have IEEE global identifier based addresses has great importance in creating interface identifiers. However, it may be common for there to be no such interfaces on a node, so a different source of uniqueness must be used. Therefore, sufficient care should be taken to prevent

因此,在MAPOS上的IP版本6中,除了MAPOS之外,存在具有基于IEEE全局标识符的地址的网络接口对于创建接口标识符非常重要。但是,节点上没有此类接口可能很常见,因此必须使用不同的唯一性源。因此,应采取足够的措施防止

duplication of interface identifiers. At present, there is no protection against duplication through accident or forgery.

接口标识符的重复。目前,没有防止意外或伪造造成复制的保护措施。

7. References
7. 工具书类

[1] Murakami, K. and M. Maruyama, "MAPOS - Multiple Access protocol over SONET/SDH Version 1", RFC 2171, June 1997.

[1] Murakami,K.和M.Maruyama,“MAPOS-SONET/SDH版本1上的多址协议”,RFC 2171,1997年6月。

[2] Murakami, K. and M. Maruyama, "MAPOS 16 - Multiple Access Protocol over SONET/SDH with 16 Bit Addressing", RFC 2175, June 1997.

[2] Murakami,K.和M.Maruyama,“MAPOS 16-SONET/SDH上具有16位寻址的多址协议”,RFC 2175,1997年6月。

[3] Simpson, W., Ed., "PPP in HDLC-like Framing", STD 51, RFC 1662, July 1994.

[3] 辛普森,W.,编辑,“HDLC类框架中的PPP”,STD 51,RFC 16621994年7月。

[4] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.

[4] Deering,S.和R.Hinden,“互联网协议,第6版(IPv6)规范”,RFC 2460,1998年12月。

[5] Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998.

[5] Narten,T.,Nordmark,E.和W.Simpson,“IP版本6(IPv6)的邻居发现”,RFC24611998年12月。

[6] Murakami, K. and M. Maruyama, "A MAPOS version 1 Extension - Node Switch Protocol", RFC 2173, June 1997.

[6] Murakami,K.和M.Maruyama,“MAPOS版本1扩展-节点切换协议”,RFC21731997年6月。

[7] Hinden, R. and S. Deering, "Internet Protocol Version 6 (IPv6) Addressing Architecture", RFC 3513, April 2003.

[7] Hinden,R.和S.Deering,“互联网协议版本6(IPv6)寻址体系结构”,RFC 3513,2003年4月。

[8] IEEE, "Guidelines of 64-bit Global Identifier (EUI-64) Registration Authority", http://standards.ieee.org/db/oui/tutorials/EUI64.html, March 1997.

[8] IEEE,“64位全局标识符(EUI-64)注册机构指南”,http://standards.ieee.org/db/oui/tutorials/EUI64.html,1997年3月。

[9] Haskin, D. and E. Allen, "IP Version 6 over PPP", RFC 2472, December 1998.

[9] Haskin,D.和E.Allen,“PPP上的IP版本6”,RFC 24721998年12月。

[10] Narten, T. and C. Burton, "A Caution On The Canonical Ordering Of Link-Layer Addresses", RFC 2469, December 1998.

[10] Narten,T.和C.Burton,“链路层地址规范排序的注意事项”,RFC 2469,1998年12月。

[11] Thompson, S. and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462, December 1998.

[11] Thompson,S.和T.Narten,“IPv6无状态地址自动配置”,RFC 2462,1998年12月。

8. Authors' Addresses
8. 作者地址

Tsuyoshi Ogura NTT Network Innovation Laboratories 3-9-11, Midori-cho Musashino-shi Tokyo 180-8585, Japan

日本东京武藏市中多里町大村NTT网络创新实验室3-9-11,180-8585

   EMail: ogura@core.ecl.net
        
   EMail: ogura@core.ecl.net
        

Mitsuru Maruyama NTT Network Innovation Laboratories 3-9-11, Midori-cho Musashino-shi Tokyo 180-8585, Japan

日本东京武藏野市中岛町3-9-11号丸山三郎NTT网络创新实验室,180-8585

   EMail: mitsuru@core.ecl.net
        
   EMail: mitsuru@core.ecl.net
        

Toshiaki Yoshida Werk Mikro Systems 250-1, Mikajiri Kumagaya Saitama 360-0843, Japan

Toshiaki Yoshida Werk Mikro Systems 250-1,Mikajiri Kumagaya Saitama 360-0843,日本

   EMail: yoshida@peta.arch.ecl.net
        
   EMail: yoshida@peta.arch.ecl.net
        
9. Full Copyright Statement
9. 完整版权声明

Copyright (C) The Internet Society (2003). All Rights Reserved.

版权所有(C)互联网协会(2003年)。版权所有。

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.

本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。

The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees.

上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。

This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Acknowledgement

确认

Funding for the RFC Editor function is currently provided by the Internet Society.

RFC编辑功能的资金目前由互联网协会提供。