Internet Engineering Task Force (IETF) F. Templin, Ed. Request for Comments: 6706 Boeing Research & Technology Category: Experimental August 2012 ISSN: 2070-1721
Internet Engineering Task Force (IETF) F. Templin, Ed. Request for Comments: 6706 Boeing Research & Technology Category: Experimental August 2012 ISSN: 2070-1721
Asymmetric Extended Route Optimization (AERO)
非对称扩展航路优化(AERO)
Abstract
摘要
Nodes attached to common multi-access link types (e.g., multicast-capable, shared media, non-broadcast multiple access (NBMA), etc.) can exchange packets as neighbors on the link, but they may not always be provisioned with sufficient routing information for optimal neighbor selection. Such nodes should therefore be able to discover a trusted intermediate router on the link that provides both forwarding services to reach off-link destinations and redirection services to inform the node of an on-link neighbor that is closer to the final destination. This redirection can provide a useful route optimization, since the triangular path from the ingress link neighbor, to the intermediate router, and finally to the egress link neighbor may be considerably longer than the direct path from ingress to egress. However, ordinary redirection may lead to operational issues on certain link types and/or in certain deployment scenarios. This document therefore introduces an Asymmetric Extended Route Optimization (AERO) capability that addresses the issues.
连接到公共多址链路类型(例如,支持多播、共享媒体、非广播多址(NBMA)等)的节点可以作为链路上的邻居交换数据包,但它们可能并不总是被提供足够的路由信息以进行最佳邻居选择。因此,这样的节点应该能够在链路上发现一个受信任的中间路由器,该路由器既提供到达非链路目的地的转发服务,又提供重定向服务,以通知节点更接近最终目的地的链路上邻居。这种重定向可以提供有用的路由优化,因为从入口链路邻居到中间路由器,最后到出口链路邻居的三角形路径可能比从入口到出口的直接路径长得多。但是,在某些链路类型和/或某些部署场景中,普通重定向可能会导致操作问题。因此,本文件介绍了解决这些问题的非对称扩展航路优化(AERO)功能。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation.
本文件不是互联网标准跟踪规范;它是为检查、实验实施和评估而发布的。
This document defines an Experimental Protocol for the Internet community. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文档为互联网社区定义了一个实验协议。本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6706.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6706.
Copyright Notice
版权公告
Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2012 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................4 2. Terminology .....................................................6 3. Motivation ......................................................7 4. Example Use Cases ...............................................8 5. Requirements ....................................................9 6. Asymmetric Extended Route Optimization (AERO) ..................10 6.1. AERO Link Dynamic Routing .................................10 6.2. AERO Node Behavior ........................................11 6.2.1. AERO Node Types ....................................11 6.2.2. AERO Host Behavior .................................11 6.2.3. Edge AERO Router Behavior ..........................11 6.2.4. Intermediate AERO Router Behavior ..................12 6.3. AERO Reference Operational Scenario .......................12 6.4. AERO Specification ........................................14 6.4.1. Traditional Redirection Approaches .................14 6.4.2. AERO Concept of Operations .........................15 6.4.3. Conceptual Data Structures and Protocol Constants ..16 6.4.4. Data Origin Authentication .........................17 6.4.5. AERO Redirection Message Format ....................18 6.4.6. Sending Predirects .................................20 6.4.7. Processing Predirects and Sending Redirects ........21 6.4.8. Forwarding Redirects ...............................22 6.4.9. Processing Redirects ...............................23 6.4.10. Sending Periodic Predirect Keepalives .............24 6.4.11. Neighbor Reachability Considerations ..............26 6.4.12. Mobility Considerations ...........................26 6.4.13. Link-Layer Address Change Considerations ..........27 6.4.14. Prefix Re-provisioning Considerations .............28 6.4.15. Backward Compatibility ............................29 7. IANA Considerations ............................................29 8. Security Considerations ........................................29 9. Acknowledgements ...............................................29 10. References ....................................................30 10.1. Normative References .....................................30 10.2. Informative References ...................................30 Appendix A. Intermediate Router Interworking ......................32
1. Introduction ....................................................4 2. Terminology .....................................................6 3. Motivation ......................................................7 4. Example Use Cases ...............................................8 5. Requirements ....................................................9 6. Asymmetric Extended Route Optimization (AERO) ..................10 6.1. AERO Link Dynamic Routing .................................10 6.2. AERO Node Behavior ........................................11 6.2.1. AERO Node Types ....................................11 6.2.2. AERO Host Behavior .................................11 6.2.3. Edge AERO Router Behavior ..........................11 6.2.4. Intermediate AERO Router Behavior ..................12 6.3. AERO Reference Operational Scenario .......................12 6.4. AERO Specification ........................................14 6.4.1. Traditional Redirection Approaches .................14 6.4.2. AERO Concept of Operations .........................15 6.4.3. Conceptual Data Structures and Protocol Constants ..16 6.4.4. Data Origin Authentication .........................17 6.4.5. AERO Redirection Message Format ....................18 6.4.6. Sending Predirects .................................20 6.4.7. Processing Predirects and Sending Redirects ........21 6.4.8. Forwarding Redirects ...............................22 6.4.9. Processing Redirects ...............................23 6.4.10. Sending Periodic Predirect Keepalives .............24 6.4.11. Neighbor Reachability Considerations ..............26 6.4.12. Mobility Considerations ...........................26 6.4.13. Link-Layer Address Change Considerations ..........27 6.4.14. Prefix Re-provisioning Considerations .............28 6.4.15. Backward Compatibility ............................29 7. IANA Considerations ............................................29 8. Security Considerations ........................................29 9. Acknowledgements ...............................................29 10. References ....................................................30 10.1. Normative References .....................................30 10.2. Informative References ...................................30 Appendix A. Intermediate Router Interworking ......................32
Nodes attached to common multi-access link types (e.g., multicast-capable, shared media, non-broadcast multiple access (NBMA), etc.) can exchange packets as neighbors on the link, but they may not always be provisioned with sufficient routing information for optimal neighbor selection. Such nodes should therefore be able to discover a trusted intermediate router on the link that provides both default forwarding services to reach off-link destinations and redirection services to inform the node of an on-link neighbor that is closer to the final destination.
连接到公共多址链路类型(例如,支持多播、共享媒体、非广播多址(NBMA)等)的节点可以作为链路上的邻居交换数据包,但它们可能并不总是被提供足够的路由信息以进行最佳邻居选择。因此,这样的节点应该能够在链路上发现一个可信的中间路由器,该路由器既提供到达非链路目的地的默认转发服务,也提供重定向服务,以通知节点更接近最终目的地的链路上邻居。
+--------------+ | Router A | | (D->C) | +--------------+ | X--------+--------+--------+------X | | +----------+---+ +---+----------+ | Node B | | Router C | | (default->A) | +-------+------+ +--------------+ .-. ,-( _)-. .-(_ IPv6 )-. (__ EUN ) `-(______)-' +-------+------+ | Node D | +--------------+
+--------------+ | Router A | | (D->C) | +--------------+ | X--------+--------+--------+------X | | +----------+---+ +---+----------+ | Node B | | Router C | | (default->A) | +-------+------+ +--------------+ .-. ,-( _)-. .-(_ IPv6 )-. (__ EUN ) `-(______)-' +-------+------+ | Node D | +--------------+
Figure 1: Traditional Multi-Access Link Redirection
图1:传统的多址链路重定向
Figure 1 shows a traditional multi-access link redirection scenario. In this figure, node ('B') is provisioned with only a default route with router ('A') as the next hop. Router ('A'), in turn, has a more specific route that lists router ('C') as the next-hop neighbor on the link for the End User Network (EUN) attached to node ('D').
图1显示了一个传统的多访问链路重定向场景。在该图中,节点('B')仅配置了一条默认路由,路由器('a')作为下一跳。路由器('A')又有一个更具体的路由,该路由将路由器('C')列为连接到节点('D')的终端用户网络(EUN)链路上的下一跳邻居。
If node ('B') has a packet to send to node ('D'), node ('B') is obliged to send its initial packets via router ('A'). Router ('A') then forwards the packet to router ('C') and also returns a redirection control message to inform ('B') that ('C') is, in fact, an on-link neighbor that is closer to the final destination ('D'). After receiving the redirection control message, node ('B') can place a more specific route in its forwarding table so that future packets destined to node ('D') can be sent directly via router ('C'), as shown in Figure 2.
如果节点('B')有一个数据包要发送到节点('D'),则节点('B')必须通过路由器('a')发送其初始数据包。路由器('A')然后将数据包转发给路由器('C'),并且还返回重定向控制消息,通知('B')事实上('C')是一个链路上的邻居,距离最终目的地('D')较近。在接收到重定向控制消息后,节点('B')可以在其转发表中放置一个更具体的路由,以便将来发送到节点('D')的数据包可以直接通过路由器('C')发送,如图2所示。
+--------------+ | Router A | | (D->C) | +--------------+ | X--------+--------+--------+------X | | +----------+---+ +---+----------+ | Node B | | Router C | | (default->A) | +-------+------+ | (D->C) | .-. +--------------+ ,-( _)-. .-(_ IPv6 )-. (__ EUN ) `-(______)-' +-------+------+ | Node D | +--------------+
+--------------+ | Router A | | (D->C) | +--------------+ | X--------+--------+--------+------X | | +----------+---+ +---+----------+ | Node B | | Router C | | (default->A) | +-------+------+ | (D->C) | .-. +--------------+ ,-( _)-. .-(_ IPv6 )-. (__ EUN ) `-(______)-' +-------+------+ | Node D | +--------------+
Figure 2: More Specific Route Following Redirection
图2:重定向后更具体的路由
This traditional redirection can provide a useful route optimization, since the triangular path from the ingress link neighbor, to the intermediate router, and finally to the egress link neighbor may be considerably longer than the direct path from ingress to egress. However, ordinary redirection may lead to operational issues on certain link types and/or in certain deployment scenarios.
这种传统的重定向可以提供有用的路由优化,因为从入口链路邻居到中间路由器,最后到出口链路邻居的三角形路径可能比从入口到出口的直接路径长得多。但是,在某些链路类型和/或某些部署场景中,普通重定向可能会导致操作问题。
For example, when an ingress link neighbor accepts an ordinary redirection control message, it has no way of knowing whether the egress link neighbor is ready and willing to accept packets directly without forwarding through an intermediate router. Likewise, the egress has no way of knowing that the ingress is authorized to forward packets from the claimed network-layer source address. (This is especially important for very large links, since any node on the link can spoof the network-layer source address with low probability of detection even if the link-layer source address cannot be spoofed.) Additionally, the ingress would have no way of knowing whether the direct path to the egress has failed, nor whether the final destination has moved away from the egress to some other network attachment point.
例如,当入口链路邻居接受普通重定向控制消息时,它无法知道出口链路邻居是否准备好并愿意直接接受分组而不通过中间路由器转发。类似地,出口无法知道入口被授权转发来自所声称的网络层源地址的分组。(这对于非常大的链路尤其重要,因为链路上的任何节点都可以欺骗网络层源地址,即使链路层源地址不能被欺骗,检测概率也很低。)此外,入口将无法知道到出口的直接路径是否失败,也不知道最终目的地是否已从出口移动到其他网络连接点。
Therefore, a new approach is required that can enable redirection signaling from the egress to the ingress link node under the mediation of a trusted intermediate router. The mechanism is asymmetric (since only the forward direction from the ingress to the egress is optimized) and extended (since the redirection extends
因此,需要一种新的方法,该方法能够在可信中间路由器的调解下实现从出口到入口链路节点的重定向信令。该机制是不对称的(因为只有从入口到出口的前进方向得到优化)和扩展的(因为重定向扩展)
forward to the egress before reaching back to the ingress). This document therefore introduces an Asymmetric Extended Route Optimization (AERO) capability that addresses the issues.
在返回入口之前,向前到达出口)。因此,本文件介绍了解决这些问题的非对称扩展航路优化(AERO)功能。
While the AERO mechanisms were initially designed for the specific purpose of NBMA tunnel virtual interfaces (e.g., see [RFC2529], [RFC5214], [RFC5569], and [VET]), they can also be applied to any multiple access link types that support redirection. The AERO techniques are discussed herein with reference to IPv6 [RFC2460][RFC4861][RFC4862][RFC3315]; however, they can also be applied to any other network-layer protocol (e.g., IPv4 [RFC0791][RFC0792][RFC2131], etc.) that provides a redirection service (details of operation for other network-layer protocols are out of scope).
While the AERO mechanisms were initially designed for the specific purpose of NBMA tunnel virtual interfaces (e.g., see [RFC2529], [RFC5214], [RFC5569], and [VET]), they can also be applied to any multiple access link types that support redirection. The AERO techniques are discussed herein with reference to IPv6 [RFC2460][RFC4861][RFC4862][RFC3315]; however, they can also be applied to any other network-layer protocol (e.g., IPv4 [RFC0791][RFC0792][RFC2131], etc.) that provides a redirection service (details of operation for other network-layer protocols are out of scope).
This document is an Experimental RFC; therefore, it does not seek to define a new standard for the Internet. Experimental status instead of Standards Track has been used since the document proposes a new and different dynamic routing mechanism. Experimentation will focus on candidate multi-access link types that can connect large numbers of neighboring nodes where the use of existing dynamic routing protocols may be impractical. Examples include NBMA tunnel virtual links, large bridged campus LANs, etc.
本文件为实验性RFC;因此,它并不寻求为互联网定义新的标准。由于文件提出了一种新的、不同的动态路由机制,因此使用了实验状态代替标准跟踪。实验将集中在候选的多址链路类型上,这些类型可以连接大量的相邻节点,在这些节点上使用现有的动态路由协议可能是不切实际的。示例包括NBMA隧道虚拟链路、大型桥接校园局域网等。
The terminology in the normative references applies; the following terms are defined within the scope of this document:
规范性引用文件中的术语适用;本文件范围内定义了以下术语:
AERO link any link (either physical or virtual) over which the AERO mechanisms can be applied. (For example, a virtual overlay of tunnels can serve as an AERO link.)
气动连杆可以应用气动机构的任何连杆(物理或虚拟)。(例如,隧道的虚拟覆盖层可以用作航空链路。)
AERO interface a node's attachment to an AERO link.
AERO接口节点到AERO链接的附件。
AERO node a router or host that is connected to an AERO link and that participates in the AERO protocol on that link.
AERO节点连接到AERO链路并参与该链路上的AERO协议的路由器或主机。
intermediate AERO router ("intermediate router") a router that configures an advertising router interface on an AERO link over which it can provide default forwarding and redirection services for other AERO nodes.
中间AERO路由器(“中间路由器”)在AERO链路上配置广告路由器接口的路由器,可通过该路由器为其他AERO节点提供默认转发和重定向服务。
edge AERO router ("edge router") a router that configures a non-advertising router interface on an AERO link over which it can connect End User Networks (EUNs) to the AERO link.
edge AERO路由器(“edge router”)在AERO链路上配置非广告路由器接口的路由器,可通过该接口将终端用户网络(EUN)连接到AERO链路。
AERO host a simple host on an AERO link.
AERO主机AERO链接上的简单主机。
ingress AERO node ("ingress node") a node that injects packets into an AERO link.
入口AERO节点(“入口节点”)将数据包注入AERO链路的节点。
egress AERO node ("egress node") a node that receives packets from an AERO link.
出口航空节点(“出口节点”)从航空链路接收数据包的节点。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
AERO was designed to operate as an on-demand route optimization function for nodes attached to a single multi-access link, i.e., similar to the standard IPv6 redirection mechanism based on ICMPv6 messaging [RFC4443][RFC4861]. However, AERO differs in that the target of the redirection first receives a pre-authorization notification, after which it returns route optimization information to the source of the original packet. This scenario calls into question whether a standard dynamic routing protocol could be used instead of AERO, but a number of considerations indicate that standard routing protocols may be poorly suited for the use cases AERO was designed to address.
AERO的设计目的是为连接到单个多址链路的节点提供按需路由优化功能,即类似于基于ICMPv6消息[RFC4443][RFC4861]的标准IPv6重定向机制。然而,AERO的不同之处在于,重定向目标首先接收预授权通知,然后将路由优化信息返回到原始数据包的源。该场景引发了一个问题,即是否可以使用标准动态路由协议来代替AERO,但许多考虑因素表明,标准路由协议可能不适合AERO设计用于解决的用例。
First, AERO is designed to work on very large multiple access links that may connect a mix of many thousands of routers and hosts. Traditional proactive dynamic routing protocols such as OSPF, IS-IS, RIP, OLSR (Optimized Link State Routing), and TBRPF (Topology Dissemination Based on Reverse-Path Forwarding) may be inefficient in such environments due to the control message overhead scaling when large numbers of routers are present and/or when link capacity is low.
首先,AERO设计用于连接成千上万路由器和主机的超大多址链路。传统的主动式动态路由协议,如OSPF、IS-IS、RIP、OLSR(优化链路状态路由)和TBRPF(基于反向路径转发的拓扑传播)在这样的环境中可能效率低下,因为当存在大量路由器和/或链路容量较低时,控制消息开销会增加。
Second, AERO is designed to work on-demand of data packet arrival, but it only seeks to discover neighbors on the same link and not distant nodes that may be located many link hops away. Reactive dynamic routing protocols such as Ad hoc On-Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) also operate on-demand; however, they flood specialized route discovery messages that reach all nodes on the link and may further traverse multiple link hops
其次,AERO设计用于按需处理数据包到达,但它只寻求发现同一链路上的邻居,而不是可能位于多个链路跳距之外的遥远节点。反应式动态路由协议,如adhoc按需距离向量(AODV)和动态源路由(DSR)也按需运行;但是,它们会将专用路由发现消息大量发送到链路上的所有节点,并可能进一步穿越多个链路跳
before a route reply is received. This requires a multicast-capable network and does not ensure delivery of the original data packet, which may be dropped or delayed during route discovery.
在收到路由回复之前。这需要具有多播功能的网络,并且不能确保原始数据包的交付,原始数据包可能在路由发现期间被丢弃或延迟。
Additionally, AERO is designed to override an existing route to a destination if the existing route directs traffic along a sub-optimal path via an extraneous router on the shared link. AERO nodes send data packets over a preexisting working route, and they may subsequently receive notification of a better route based on route optimization feedback from a trusted on-link neighbor. This stands in contrast to on-demand routing protocols that were designed to operate when no preexisting working routes are present and that multicast explicit route request messages to receive a route reply rather than simply unicast forwarding the data packet via a preexisting route.
此外,如果现有路由通过共享链路上的外部路由器沿次优路径引导流量,则AERO设计用于覆盖现有路由到目的地。AERO节点通过预先存在的工作路由发送数据包,并且它们随后可以基于来自可信链路上邻居的路由优化反馈接收关于更好路由的通知。这与按需路由协议形成对比,按需路由协议设计为在不存在预先存在的工作路由时运行,并且多播显式路由请求消息以接收路由应答,而不是简单地通过预先存在的路由单播转发数据包。
Finally, AERO requires less control message and/or processing overhead than standard dynamic routing protocols on links for which the number of routes that must be maintained by each router is far smaller than the total number of routers on the link, and the routes maintained by each router may be changing over time. For example, on a link that connects N nodes, it will often be the case that each node will only communicate with a small number of link neighbors, and the set of neighbors may change dynamically over time. Therefore, the number of active neighbor pairs on the link is V*N (where V is a small variable number) instead of N**2. This is especially important on very large links, e.g., for values of N such as 1,000 or more.
最后,与标准动态路由协议相比,AERO在链路上需要更少的控制消息和/或处理开销,对于这些链路,每个路由器必须维护的路由数量远小于链路上路由器的总数,并且每个路由器维护的路由可能会随时间而变化。例如,在连接N个节点的链路上,通常情况下每个节点仅与少量链路邻居通信,并且邻居集可能随时间动态变化。因此,链路上的活动邻居对的数量是V*N(其中V是一个小的变量数),而不是N**2。这在非常大的链接上尤其重要,例如,对于N的值,例如1000或更多。
AERO was designed to satisfy numerous operational use cases. As a first example, a hypothetical major airline has deployed an overlay network on top of the global Internet to track the aircraft in its fleet. The global Internet therefore acts as the "link" over which the overlay network is configured. Each aircraft acts as a mobile router that fronts for an internal network that includes various devices controlled and monitored by the airline. However, it would be impractical for each aircraft to track the changing locations of all other aircraft in the fleet due to control message overhead on limited capacity communication links.
AERO的设计是为了满足众多的操作用例。第一个例子是,一家假设的大型航空公司在全球互联网上部署了一个覆盖网络,以跟踪其机队中的飞机。因此,全球互联网充当覆盖网络配置的“链路”。每架飞机都充当一个移动路由器,面向一个内部网络,该网络包括由航空公司控制和监控的各种设备。然而,由于容量有限的通信链路上的控制消息开销,每架飞机都无法跟踪机队中所有其他飞机的变化位置。
In this example, an aircraft ('A') en route to its destination needs to report its ETA and communicate passenger itineraries to other en route aircraft that will be servicing passenger connections. ('A') knows the overlay network addresses of the other aircraft, but does not know the current underlay address mappings. ('A') sends its initial messages targeted to the other aircraft via an airline central dispatch router ('D'), which may be located in a far away
在本例中,一架飞往目的地的飞机(“A”)需要报告其ETA,并将乘客行程告知将为乘客连接提供服务的其他途中飞机。('A')知道其他飞机的覆盖网络地址,但不知道当前参考底图地址映射。('A')通过可能位于远处的航空公司中央调度路由器('D')向其他飞机发送其初始消息
location. ('D') forwards the messages, but also initiates the AERO redirection procedure to step out of the triangular path and allow direct aircraft-to-aircraft communications.
地方('D')转发消息,但也会启动航空重定向程序,以跳出三角形路径,并允许飞机之间的直接通信。
In a second example, Mobile Ad hoc Networks (MANETs) are often deployed in environments with a high degree of mobility, attrition, and very limited wireless communications link bandwidth. Such environments typically also require the use of network-layer security mechanisms that view the MANET as a "link" over which encrypted messages are forwarded in an overlay network. In such environments, a dynamic routing protocol running in the overlay network may serve to add unacceptable additional congestion to the already overtaxed wireless links. In that case, the AERO route optimization mechanism can eliminate costly extraneous routing hops without imparting additional control message overhead.
在第二个示例中,移动自组织网络(manet)通常部署在具有高度移动性、损耗和非常有限的无线通信链路带宽的环境中。这种环境通常还需要使用网络层安全机制,将MANET视为在覆盖网络中转发加密消息的“链路”。在这样的环境中,覆盖网络中运行的动态路由协议可能会给已经超负荷的无线链路增加不可接受的额外拥塞。在这种情况下,AERO route optimization mechanism可以消除代价高昂的无关路由跳数,而不会带来额外的控制消息开销。
In a further example, a large campus LAN that is joined by Layer 2 (L2) bridges may connect many thousands of routers and hosts that appear to share a single common multi-access link. In that case, the AERO mechanisms can be applied to satisfy the necessary intra-link route optimization functions without employing an adjunct dynamic routing protocol that may be inefficient for reasons mentioned above.
在另一个示例中,由第2层(L2)网桥连接的大型校园LAN可以连接数千个路由器和主机,这些路由器和主机似乎共享一个公共多址链路。在这种情况下,可以应用AERO机制来满足必要的链路内路由优化功能,而无需采用由于上述原因可能效率低下的附加动态路由协议。
The route optimization mechanism must satisfy the following requirements:
路由优化机制必须满足以下要求:
Req 1: Off-load traffic from performance-critical gateways. The mechanism must offload sustained transit though an intermediate AERO router that would otherwise become a traffic concentrator.
请求1:来自性能关键网关的卸载流量。该机制必须通过一个中间的AERO路由器卸载持续的传输,否则该路由器将成为流量集中器。
Req 2: Support route optimization. The ingress AERO node should be able to send packets directly to the egress node without forwarding through an intermediate router for route optimization purposes.
请求2:支持路由优化。入口AERO节点应能够直接向出口节点发送数据包,而无需通过中间路由器进行转发,以实现路由优化。
Req 3: Support scaling. For scaling purposes, support interworking and control message forwarding between multiple intermediate routers (see Appendix A).
要求3:支持缩放。出于扩展目的,支持多个中间路由器之间的互通和控制消息转发(见附录A)。
Req 4: Do not circumvent ingress filtering. The mechanism must not open an attack vector where network-layer source address spoofing is enabled even when link-layer source address spoofing is disabled.
要求4:不要绕过入口过滤。该机制必须不打开一个攻击向量,即使在链路层源地址欺骗被禁用时,网络层源地址欺骗也能被启用。
Req 5: Do not expose packets to loss due to filtering. The ingress AERO node must have a way of knowing that the egress AERO node will accept its forwarded packets.
请求5:不要使数据包因过滤而丢失。入口AERO节点必须知道出口AERO节点将接受其转发的数据包。
Req 6: Do not expose packets to loss due to path failure. The ingress AERO node must have a way of discovering whether the AERO egress node has gone unreachable on the route optimized path.
请求6:不要使数据包因路径故障而丢失。入口AERO节点必须有一种方法来发现AERO出口节点是否在路由优化路径上无法到达。
Req 7: Do not introduce routing loops. Intermediate routers must not invoke a route optimization that would cause a routing loop to form.
请求7:不要引入路由循环。中间路由器不得调用会导致形成路由循环的路由优化。
Req 8: Support mobility. The mechanism must continue to work even if the final destination node/network moves from a first egress node and re-associates with a second egress node.
要求8:支持机动性。即使最终目的地节点/网络从第一出口节点移动并与第二出口节点重新关联,该机制也必须继续工作。
Req 9: Support link layer address changes. The mechanism must continue to work even if the Layer 2 addresses of ingress and/or egress AERO nodes change.
请求9:支持链路层地址更改。即使入口和/或出口AERO节点的第2层地址发生变化,该机制也必须继续工作。
Req 10: Support network renumbering. The mechanism must provide graceful transition when an AERO node's attached EUN is renumbered.
要求10:支持网络重新编号。当AERO节点的附加EUN重新编号时,该机制必须提供优雅的过渡。
The following sections specify an Asymmetric Extended Route Optimization (AERO) capability that fulfills the requirements specified in Section 5.
以下各节规定了满足第5节规定要求的非对称扩展航路优化(AERO)能力。
In many AERO link use case scenarios (e.g., small enterprise networks, small and stable MANETs, etc.), routers can engage in a traditional dynamic routing protocol so that routing/forwarding tables can be populated and standard forwarding between routers can be used. In other scenarios (e.g., large enterprise/ISP networks, cellular service provider networks, dynamic MANETs, etc.), this might be impractical due to routing protocol control message scaling issues.
在许多AERO link用例场景中(例如,小型企业网络、小型和稳定的MANET等),路由器可以采用传统的动态路由协议,以便填充路由/转发表,并使用路由器之间的标准转发。在其他场景中(例如,大型企业/ISP网络、蜂窝服务提供商网络、动态MANET等),由于路由协议控制消息扩展问题,这可能是不切实际的。
When a traditional dynamic routing protocol cannot be used, the mechanisms specified in this section can provide a useful on-demand route discovery capability. When both traditional dynamic routing
当无法使用传统的动态路由协议时,本节中指定的机制可以提供有用的按需路由发现功能。当传统的动态路由
protocols and the AERO mechanism are active on the same link, routes discovered by the dynamic routing protocol should take precedence over those discovered by AERO.
协议和AERO机制在同一链路上处于活动状态,动态路由协议发现的路由应优先于AERO发现的路由。
The following sections discuss characteristics of nodes attached to links over which AERO can be used.
以下各节将讨论连接到可以使用AERO的链接的节点的特征。
Intermediate AERO routers configure their AERO link interfaces as advertising router interfaces (see [RFC4861], Section 6.2.2); therefore, they may send Router Advertisement (RA) messages that include non-zero Router Lifetimes.
中间航空路由器将其航空链路接口配置为广告路由器接口(见[RFC4861],第6.2.2节);因此,它们可以发送包括非零路由器生存期的路由器广告(RA)消息。
Edge AERO routers configure their AERO link interfaces as non-advertising router interfaces.
Edge AERO路由器将其AERO link接口配置为非广告路由器接口。
AERO hosts configure their AERO link interfaces as simple host interfaces.
AERO主机将其AERO link接口配置为简单主机接口。
AERO hosts observe the IPv6 host requirements defined in [RFC6434], except that AERO hosts also engage in the AERO route optimization procedure as specified in Section 6.4.
航空主机遵守[RFC6434]中定义的IPv6主机要求,但航空主机也参与第6.4节中规定的航空路由优化程序。
Edge AERO routers observe the IPv6 router requirements defined in [RFC6434] except that they act as "hosts" on their non-advertising AERO link router interfaces in the same fashion as for IPv6 Customer Premises Equipment (CPE) routers [RFC6204]. Edge routers can then acquire managed prefix delegations aggregated by an intermediate router through the use of, e.g., DHCPv6 Prefix Delegation [RFC3633], administrative configuration, etc.
Edge AERO路由器遵守[RFC6434]中定义的IPv6路由器要求,但它们在其非广告AERO link路由器接口上充当“主机”,方式与IPv6客户场所设备(CPE)路由器[RFC6204]相同。然后,边缘路由器可以通过使用例如DHCPv6前缀委派[RFC3633]、管理配置等来获取由中间路由器聚合的受管前缀委派。
After the edge router acquires prefixes, it can sub-delegate them to nodes and links within its attached EUNs, then it can forward any outbound packets coming from its EUNs via the intermediate router. The edge router also engages in the AERO route optimization procedure as specified in Section 6.4.
在边缘路由器获取前缀后,它可以将前缀再委托给其连接的EUN内的节点和链路,然后它可以通过中间路由器转发来自其EUN的任何出站数据包。边缘路由器还参与第6.4节规定的航空航线优化程序。
Intermediate AERO routers observe the IPv6 router requirements defined in [RFC6434] and respond to Router Solicitation (RS) messages from AERO hosts and edge routers on their advertising AERO link router interfaces by returning an RA message. Intermediate routers further configure a DHCP relay/server function on their AERO links and/or provide an administrative interface for delegation of network-layer addresses and prefixes.
中间AERO路由器遵守[RFC6434]中定义的IPv6路由器要求,并通过返回RA消息来响应来自AERO主机和边缘路由器在其广告AERO link路由器接口上的路由器请求(RS)消息。中间路由器进一步在其AERO链路上配置DHCP中继/服务器功能,和/或为网络层地址和前缀的委派提供管理接口。
When the intermediate router completes a stateful network-layer address or prefix delegation transaction (e.g., as a DHCPv6 relay/ server, etc.), it establishes forwarding table entries that list the link-layer address of the client AERO node as the link-layer address of the next hop toward the delegated network-layer addresses/ prefixes.
当中间路由器完成有状态网络层地址或前缀委派事务(例如,作为DHCPv6中继/服务器等)时,它将建立转发表条目,其中列出客户端AERO节点的链路层地址,作为下一跳到委派网络层地址/前缀的链路层地址。
When the intermediate router forwards a packet out the same AERO interface on which it arrived, it initiates an AERO route optimization procedure as specified in Section 6.4.
当中间路由器将数据包转发出其到达的同一航空接口时,它将启动第6.4节规定的航空路由优化程序。
Figure 3 depicts the AERO reference operational scenario. The figure shows an intermediate AERO router ('A'), two edge AERO routers ('B', 'D'), an AERO host ('F'), and three ordinary IPv6 hosts ('C', 'E', 'G'):
图3描述了航空参考运行场景。该图显示了一个中间AERO路由器('A')、两个边缘AERO路由器('B','D')、一个AERO主机('F')和三个普通IPv6主机('C','E','G'):
.-(::::::::) .-(::: IPv6 :::)-. +-------------+ (:::: Internet ::::)--| Host G | `-(::::::::::::)-' +-------------+ `-(::::::)-' 2001:db8:3::1 | +--------------+ +--------------+ | Intermediate | | AERO Host F | | AERO Router A| | (default->A) | | (C->B; E->D) | +--------------+ +--------------+ 2001:db8:2:1 L3(A) L3(F) L3(A) L2(F) | | X-----+-----------+-----------+-----------+---X | AERO Link | L2(B) L2(D) L3(B) L3(D) +--------------+ +--------------+ .-. | AERO Edge | | AERO Edge | ,-( _)-. | Router B | | Router D | .-(_ IPv6 )-. | (default->A) | | (default->A) |--(__ EUN ) +--------------+ +--------------+ `-(______)-' 2001:db8:0::/48 2001:db8:1::/48 | | 2001:db8:1::1 .-. +-------------+ ,-( _)-. 2001:db8:0::1 | Host E | .-(_ IPv6 )-. +-------------+ +-------------+ (__ EUN )--| Host C | `-(______)-' +-------------+
.-(::::::::) .-(::: IPv6 :::)-. +-------------+ (:::: Internet ::::)--| Host G | `-(::::::::::::)-' +-------------+ `-(::::::)-' 2001:db8:3::1 | +--------------+ +--------------+ | Intermediate | | AERO Host F | | AERO Router A| | (default->A) | | (C->B; E->D) | +--------------+ +--------------+ 2001:db8:2:1 L3(A) L3(F) L3(A) L2(F) | | X-----+-----------+-----------+-----------+---X | AERO Link | L2(B) L2(D) L3(B) L3(D) +--------------+ +--------------+ .-. | AERO Edge | | AERO Edge | ,-( _)-. | Router B | | Router D | .-(_ IPv6 )-. | (default->A) | | (default->A) |--(__ EUN ) +--------------+ +--------------+ `-(______)-' 2001:db8:0::/48 2001:db8:1::/48 | | 2001:db8:1::1 .-. +-------------+ ,-( _)-. 2001:db8:0::1 | Host E | .-(_ IPv6 )-. +-------------+ +-------------+ (__ EUN )--| Host C | `-(______)-' +-------------+
Figure 3: AERO Reference Operational Scenario
图3:航空参考运行场景
In Figure 3, the intermediate AERO router ('A') connects to the AERO link and connects to the IPv6 Internet, either directly or via other IPv6 routers (not shown). Intermediate router ('A') configures an AERO link interface with a link-local network-layer address L3(A) and with link-layer address L2(A). The intermediate router ('A') next arranges to add L2(A) to a published list of valid intermediate routers for the link.
在图3中,中间AERO路由器(“A”)直接或通过其他IPv6路由器(未显示)连接到AERO链路并连接到IPv6互联网。中间路由器(“A”)将航空链路接口配置为链路本地网络层地址L3(A)和链路层地址L2(A)。中间路由器(“A”)接下来安排将L2(A)添加到已发布的链路有效中间路由器列表中。
AERO node ('B') is an AERO edge router that connects to the AERO link via an interface with link-local network-layer address L3(B) and with link-layer address L2(B). Node ('B') configures a default route with next-hop network-layer address L3(A) via the AERO interface, and it assigns the network-layer prefix 2001:db8:0::/48 to its attached EUN link. IPv6 host ('C') attaches to the EUN, and it configures the network-layer address 2001:db8:0::1.
AERO节点(“B”)是一个AERO边缘路由器,通过链路本地网络层地址L3(B)和链路层地址L2(B)的接口连接到AERO链路。节点(“B”)通过AERO接口使用下一跳网络层地址L3(a)配置默认路由,并将网络层前缀2001:db8:0::/48分配给其连接的EUN链路。IPv6主机(“C”)连接到EUN,并配置网络层地址2001:db8:0::1。
AERO node ('D') is an AERO edge router that connects to the AERO link via an interface with link-local network-layer address L3(D) and with link-layer address L2(D). Node ('D') configures a default route with next-hop network-layer address L3(A) via the AERO interface, and it assigns the network-layer prefix 2001:db8:1::/48 to its attached EUN link. IPv6 host ('E') attaches to the EUN, and it configures the network-layer address 2001:db8:1::1.
AERO节点(“D”)是一个AERO边缘路由器,通过链路本地网络层地址L3(D)和链路层地址L2(D)的接口连接到AERO链路。节点(“D”)通过AERO接口使用下一跳网络层地址L3(a)配置默认路由,并将网络层前缀2001:db8:1::/48分配给其连接的EUN链路。IPv6主机(“E”)连接到EUN,并配置网络层地址2001:db8:1::1。
AERO host ('F') connects to the AERO link via an interface with link-local network-layer address L3(F) and with link-layer address L2(F). Host ('F') configures a default route with next-hop network-layer address L3(A) via the AERO interface, and it assigns the network-layer address 2001:db8:2::1 to the AERO interface.
AERO主机(“F”)通过带有链路本地网络层地址L3(F)和链路层地址L2(F)的接口连接到AERO链路。主机('F')通过AERO接口使用下一跳网络层地址L3(a)配置默认路由,并将网络层地址2001:db8:2::1分配给AERO接口。
Finally, IPv6 host ('G') connects to an IPv6 network outside of the AERO link domain. Host ('G') configures its IPv6 interface in a manner specific to its attached IPv6 link, and it assigns the network-layer address 2001:db8:3::1 to its IPv6 link interface.
最后,IPv6主机(“G”)连接到AERO link域之外的IPv6网络。主机(“G”)以特定于其连接的IPv6链路的方式配置其IPv6接口,并将网络层地址2001:db8:3::1分配给其IPv6链路接口。
In these arrangements, intermediate router ('A') must maintain state that associates the delegated network-layer addresses/prefixes with the link-local network-layer addresses of the correct edge routers and/or hosts on the AERO link. The nodes must, in turn, maintain at least a default route that points to intermediate router ('A'), and they can discover more-specific routes either via a proactive dynamic routing protocol or via the AERO mechanisms specified in Section 6.4.
在这些安排中,中间路由器(“A”)必须保持将委托网络层地址/前缀与航空链路上正确边缘路由器和/或主机的链路本地网络层地址相关联的状态。反过来,节点必须至少维护一条指向中间路由器(“a”)的默认路由,并且它们可以通过主动动态路由协议或第6.4节中规定的AERO机制发现更具体的路由。
Section 6.3 describes the AERO reference operational scenario. We now discuss the operation and protocol details of AERO with respect to this reference scenario.
第6.3节描述了航空参考运行场景。现在,我们讨论有关此参考场景的AERO的操作和协议细节。
With reference to Figure 3, when the IPv6 source host ('C') sends a packet to an IPv6 destination host ('E'), the packet is first forwarded via the EUN to ingress AERO node ('B'). The ingress node ('B') then forwards the packet over its AERO interface to intermediate router ('A'), which then forwards the packet to egress AERO node ('D'), where the packet is finally forwarded to the IPv6 destination host ('E'). When intermediate router ('A') forwards the packet back out on its advertising AERO interface, it must arrange to redirect ingress node ('B') toward egress node ('D') as a better next-hop node on the AERO link that is closer to the final destination. However, this redirection process should only occur if there is assurance that both the ingress and egress nodes are willing participants.
参考图3,当IPv6源主机(“C”)向IPv6目标主机(“E”)发送数据包时,数据包首先通过EUN转发到入口AERO节点(“B”)。入口节点('B')然后通过其AERO接口将数据包转发给中间路由器('A'),中间路由器('A'),然后将数据包转发给出口AERO节点('D'),其中数据包最终转发到IPv6目标主机('E')。当中间路由器('A')将数据包转发回其广告AERO接口时,它必须安排将入口节点('B')重定向到出口节点('D'),作为AERO链路上更接近最终目的地的下一跳节点。然而,只有在保证入口和出口节点都是自愿参与者的情况下,才应该发生此重定向过程。
Consider a first alternative in which intermediate router ('A') informs ingress node ('B') only and does not inform egress node ('D') (i.e., "traditional redirection"). In that case, the egress node has no way of knowing that the ingress is authorized to forward packets from their claimed source network-layer addresses, and it may simply elect to drop the packets. Also, the ingress node has no way of knowing whether the egress is performing some form of source address filtering that would reject packets arriving from a node other than a trusted default router, nor whether the egress is even reachable via a direct path that does not involve the intermediate router. Finally, the ingress node has no way of knowing whether the final destination has moved away from the egress node.
考虑中间路由器(A)只通知入口节点(“B”)而不通知出口节点(“否”)(即,“传统重定向”)的第一替代方案。在这种情况下,出口节点无法知道入口被授权转发来自其声称的源网络层地址的分组,并且出口节点可以简单地选择丢弃分组。此外,入口节点无法知道出口是否正在执行某种形式的源地址过滤,该过滤将拒绝来自除可信默认路由器之外的节点的分组,也无法知道出口是否甚至可以通过不涉及中间路由器的直接路径到达。最后,入口节点无法知道最终目的地是否已从出口节点移开。
Consider a second alternative in which intermediate router ('A') informs both ingress node ('B') and egress node ('D') separately, via independent redirection control messages (i.e., "augmented redirection"). In that case, several conditions can occur that could result in communication failures. First, if the ingress receives the redirection control message but the egress does not, subsequent packets sent by the ingress could be dropped due to filtering since the egress would not have neighbor state to verify their source network-layer addresses. Second, if the egress receives the redirection control message but the ingress does not, subsequent packets sent in the reverse direction by the egress would be lost. Finally, timing issues surrounding the establishment and garbage collection of neighbor state at the ingress and egress nodes could yield unpredictable behavior. For example, unless the timing were carefully coordinated through some form of synchronization loop, there would invariably be instances in which one node has the correct neighbor state and the other node does not resulting in non-deterministic packet loss.
考虑第二种选择,中间路由器(A')通过独立的重定向控制消息(即“增强重定向”)分别通知入口节点(“B”)和出口节点(“否”)。在这种情况下,可能会出现几种可能导致通信故障的情况。首先,如果入口接收到重定向控制消息但出口没有,则入口发送的后续分组可能由于过滤而被丢弃,因为出口将没有邻居状态来验证其源网络层地址。第二,如果出口接收到重定向控制消息,但入口没有,则出口以相反方向发送的后续分组将丢失。最后,围绕入口和出口节点的邻居状态的建立和垃圾收集的定时问题可能会产生不可预测的行为。例如,除非通过某种形式的同步循环仔细协调定时,否则总会有这样的情况,其中一个节点具有正确的邻居状态,而另一个节点不会导致不确定的分组丢失。
Since neither of these alternatives can satisfy the requirements listed in Section 5, a new redirection technique (i.e., "AERO redirection") is needed.
由于这两种方案都不能满足第5节中列出的要求,因此需要一种新的重定向技术(即“航空重定向”)。
AERO redirection is used on links for which the traditional redirection approaches described in Section 6.4.1 are insufficient to satisfy all requirements. We now discuss the concept of operations for this new approach.
航空重定向用于第6.4.1节中描述的传统重定向方法不足以满足所有要求的链路。我们现在讨论这种新方法的操作概念。
Again, with reference to Figure 3, when source host ('C') sends a packet to destination host ('E'), the packet is first forwarded over the source host's attached EUN to ingress node ('B'), which then forwards the packet via its AERO interface to intermediate router ('A').
再次参考图3,当源主机('C')向目标主机('E')发送数据包时,数据包首先通过源主机连接的EUN转发到入口节点('B'),然后入口节点通过其AERO接口转发数据包到中间路由器('a')。
Using AERO redirection, intermediate router ('A') then forwards the packet out the same AERO interface toward egress node ('D') and also sends an AERO "Predirect" message forward to the egress node as specified in Section 6.4.6. The AERO Predirect message includes the identity of ingress node ('B') as well as information that egress node ('D') can use to determine the longest-match prefixes that cover the source and destination network-layer addresses of the packet that triggered the predirection event. After egress node ('D') receives the AERO Predirect message, it process the message and returns an AERO Redirect message to the intermediate router ('A') as specified in Section 6.4.7. (During the process, it also creates or updates neighbor state for ingress node ('B'), and retains this (src, dst) "prefix pair" as ingress filtering information to accept future packets using addresses matched by the prefixes from ingress node ('B').)
使用AERO重定向,中间路由器('A')然后将数据包从同一AERO接口转发到出口节点('D'),并按照第6.4.6节的规定将AERO“Predirect”消息转发到出口节点。AERO Predirect消息包括入口节点('B')的标识以及出口节点('D')可用于确定覆盖触发预定向事件的分组的源和目标网络层地址的最长匹配前缀的信息。出口节点(“D”)接收到AERO预定向消息后,它处理该消息,并按照第6.4.7节的规定将AERO重定向消息返回给中间路由器(“A”)。(在此过程中,它还创建或更新入口节点('B')的邻居状态,并将此(src,dst)“前缀对”保留为入口过滤信息,以使用入口节点('B')前缀匹配的地址接受未来的数据包。)
When the intermediate router ('A') receives the AERO Redirect message, it processes the message and forwards it on to ingress node ('B') as specified in Section 6.4.8. The message includes the identity of egress node ('D') as well as information that ingress node ('B') can use to determine the longest-match prefixes that cover the source and destination network-layer addresses of the packet that triggered the redirection event. After ingress node ('B') receives the AERO Redirect message, it processes the message as specified in Section 6.4.9. (During the process, it also creates or updates neighbor state for egress node ('D'), and retains this prefix pair as forwarding information to forward future packets using addresses matched by the prefixes to the egress node ('D').)
当中间路由器(“A”)接收到AERO重定向消息时,它将处理该消息并将其转发到入口节点(“B”),如第6.4.8节所述。该消息包括出口节点('D')的标识以及入口节点('B')可用于确定覆盖触发重定向事件的数据包的源和目标网络层地址的最长匹配前缀的信息。入口节点(“B”)收到AERO重定向消息后,按照第6.4.9节的规定处理该消息。(在此过程中,它还创建或更新出口节点(“D”)的邻居状态,并保留此前缀对作为转发信息,以使用与出口节点(“D”)的前缀匹配的地址转发未来的数据包。)
Following the above AERO Predirect/Redirect message exchange, forwarding of packets with source and destination network-layer addresses covered by the longest-match prefix pair is enabled in the forward direction from ingress node ('B') to egress node ('D'). The mechanisms that enable this exchange are specified in the following sections.
在上述AERO预定向/重定向消息交换之后,在从入口节点('B')到出口节点('D')的转发方向上启用具有最长匹配前缀对所覆盖的源和目标网络层地址的数据包的转发。以下部分指定了启用此交换的机制。
Each AERO node maintains a per-AERO interface conceptual neighbor cache that includes an entry for each neighbor it communicates with on the AERO link, the same as for any IPv6 interface (see [RFC4861]).
每个AERO节点维护一个每AERO接口概念邻居缓存,该缓存包括它在AERO链路上与之通信的每个邻居的条目,与任何IPv6接口相同(请参见[RFC4861])。
Each AERO interface neighbor cache entry further maintains two lists of (src, dst) prefix pairs. The AERO node adds a prefix pair to the ACCEPT list if it has been informed by a trusted intermediate router that it is safe to accept packets from the neighbor using network-layer source and destination addresses covered by the prefix pair. The AERO node adds a prefix pair to the FORWARD list if it has been
每个AERO接口邻居缓存条目还维护两个(src、dst)前缀对列表。如果受信任的中间路由器通知AERO节点使用前缀对覆盖的网络层源地址和目标地址从邻居处接受数据包是安全的,则AERO节点会将前缀对添加到接受列表中。AERO节点将前缀对添加到转发列表(如果已添加)
informed by a trusted intermediate router that it is permitted to forward packets to the neighbor using network-layer addresses covered by the prefix pair.
由可信中间路由器通知,允许使用前缀对覆盖的网络层地址将数据包转发给邻居。
When the node adds a prefix pair to a neighbor cache entry ACCEPT list, it also sets an expiration timer for the prefix pair to ACCEPT_TIME seconds. When the node adds a prefix pair to a neighbor cache entry FORWARD list, it also sets an expiration timer for the prefix pair to FORWARD_TIME seconds. The node further maintains a keepalive interval KEEPALIVE_TIME used to limit the number of keepalive control messages. Finally, the node maintains a constant value MAX_RETRY to limit the number of keepalives sent when a neighbor has gone unreachable.
当节点将前缀对添加到邻居缓存条目接受列表时,它还将前缀对的过期计时器设置为接受时间秒。当节点将前缀对添加到邻居缓存条目转发列表时,它还将前缀对的过期计时器设置为转发时间秒。该节点还维护一个keepalive interval keepalive_TIME,用于限制keepalive控制消息的数量。最后,节点保持一个常量值MAX_RETRY,以限制当邻居无法访问时发送的keepalive数。
It is RECOMMENDED that FORWARD_TIME be set to the default constant value 30 seconds to match the default REACHABLE_TIME value specified for IPv6 neighbor discovery [RFC4861].
建议将转发时间设置为30秒的默认常量值,以匹配为IPv6邻居发现指定的默认可到达时间值[RFC4861]。
It is RECOMMENDED that ACCEPT_TIME be set to the default constant value 40 seconds to allow a 10 second window so that the AERO redirection procedure can converge before the ACCEPT_TIME timer decrements below FORWARD_TIME.
建议将ACCEPT_TIME设置为默认常量值40秒,以允许10秒的窗口,以便在ACCEPT_TIME计时器减至FORWARD_TIME以下之前,AERO重定向程序可以收敛。
It is RECOMMENDED that KEEPALIVE_TIME be set to the default constant value 5 seconds to providing timely reachability verification without causing excessive control message overhead.
建议将KEEPALIVE_TIME设置为默认常量值5秒,以提供及时的可达性验证,而不会导致过多的控制消息开销。
It is RECOMMENDED that MAX_RETRY be set to 3 the same as described for IPv6 neighbor discovery address resolution in Section 7.3.3 of [RFC4861].
建议将MAX_RETRY设置为3,与[RFC4861]第7.3.3节中描述的IPv6邻居发现地址解析相同。
Different values for FORWARD_TIME, ACCEPT_TIME, KEEPALIVE_TIME, and MAX_RETRY MAY be administratively set, if necessary, to better match the AERO link's performance characteristics; however, if different values are chosen, all nodes on the link MUST consistently configure the same values. ACCEPT_TIME SHOULD further be set to a value that is sufficiently longer than FORWARD time to allow the AERO redirection procedure to converge.
如有必要,可通过管理方式设置转发时间、接受时间、保持有效时间和最大重试时间的不同值,以更好地匹配航空链路的性能特征;但是,如果选择了不同的值,则链路上的所有节点必须一致地配置相同的值。ACCEPT_TIME(接受时间)应进一步设置为一个比前进时间长得多的值,以允许空气动力重定向程序收敛。
AERO nodes MUST employ a data origin authentication check for the packets they receive on an AERO interface. In particular, the node considers the network-layer source address correct for the link-layer source address if at least one of the following is true:
AERO节点必须对在AERO接口上接收的数据包进行数据源身份验证检查。特别地,如果以下至少一项为真,则节点认为网络层源地址对于链路层源地址是正确的:
o the network-layer source address is an on-link address that embeds the link-layer source address, or
o 网络层源地址是嵌入链路层源地址的链路上地址,或
o the network-layer source address is explicitly linked to the link-layer source address through per-neighbor state, or
o 网络层源地址通过每邻居状态显式链接到链路层源地址,或
o the link-layer source address is the address of a trusted intermediate AERO router.
o 链路层源地址是可信中间路由器的地址。
When the AERO node receives a packet on an AERO interface, it processes the packet further if it satisfies one of these data origin authentication conditions; otherwise, it drops the packet.
当AERO节点在AERO接口上接收到分组时,如果该分组满足这些数据源认证条件之一,则它进一步处理该分组;否则,它将丢弃数据包。
Note that on links in which link-layer address spoofing is possible, AERO nodes may require additional securing mechanisms. To address this, future work will define a strong data origin authentication scheme such as the use of digital signatures.
请注意,在可能存在链路层地址欺骗的链路上,AERO节点可能需要额外的安全机制。为了解决这个问题,未来的工作将定义一个强大的数据源身份验证方案,例如使用数字签名。
AERO Redirect/Predirect messages use the same format as for ICMPv6 Redirect messages depicted in Section 4.5 of [RFC4861]; however, the messages are encapsulated in a UDP header [RFC0768] to distinguish them from ordinary ICMPv6 Redirect messages. AERO Redirect messages therefore require a new UDP service port number 'AERO_PORT'.
AERO重定向/预定向消息使用与[RFC4861]第4.5节中描述的ICMPv6重定向消息相同的格式;但是,这些消息被封装在UDP头[RFC0768]中,以区别于普通ICMPv6重定向消息。因此,AERO重定向消息需要新的UDP服务端口号“AERO_port”。
AERO Redirect/Predirect messages are formatted as shown in Figure 4:
AERO重定向/预定向消息的格式如图4所示:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (=0) | Code (=0) | Checksum (=0) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Target Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Destination Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options ... +-+-+-+-+-+-+-+-+-+-+-+-
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (=0) | Code (=0) | Checksum (=0) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Target Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Destination Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options ... +-+-+-+-+-+-+-+-+-+-+-+-
Figure 4: AERO Redirect/Predirect Message Format
图4:AERO重定向/预定向消息格式
The AERO Redirect/Predirect message sender sets the 'Type' field to 0 (since this is not an actual ICMPv6 message), and it also sets the 'Checksum' field to 0 (since the UDP checksum will provide protection for the entire packet). The sender further sets the 'P' bit to 1 if this is a 'Predirect' message and sets the 'P' bit to 0 if this is a 'Redirect' message (as described below).
AERO Redirect/Predirect消息发送方将“Type”字段设置为0(因为这不是实际的ICMPv6消息),并将“Checksum”字段设置为0(因为UDP校验和将为整个数据包提供保护)。发送方进一步将“P”位设置为1(如果这是“Predirect”消息),并将“P”位设置为0(如果这是“Redirect”消息)(如下所述)。
The sender then encapsulates the AERO Redirect message in IP/UDP headers as shown in Figure 5:
然后,发送方将AERO重定向消息封装在IP/UDP头中,如图5所示:
+--------------------+ ~ IP header ~ +--------------------+ ~ UDP header ~ +--------------------+ | | ~ AERO Redirect ~ ~ Message ~ | | +--------------------+
+--------------------+ ~ IP header ~ +--------------------+ ~ UDP header ~ +--------------------+ | | ~ AERO Redirect ~ ~ Message ~ | | +--------------------+
Figure 5: AERO Message UDP Encapsulation Format
图5:AERO消息UDP封装格式
The AERO Redirect/Predirect message sender sets the UDP destination port number to 'AERO_PORT' and sets the UDP source port number to a (pseudo-)random value. The sender next sets the UDP length field to the length of the UDP message, then calculates the checksum across the message and writes the value into the UDP checksum field. Next, the sender sets the IP TTL/Hop-limit field to a small integer value chosen to provide a quick exit from any temporal routing loops. It is RECOMMENDED that the sender set IP TTL/Hop-limit to the value 8 unless it has better knowledge of the AERO link characteristics.
AERO Redirect/Predirect消息发送方将UDP目标端口号设置为“AERO_port”,并将UDP源端口号设置为(伪)随机值。发送方接下来将UDP长度字段设置为UDP消息的长度,然后计算整个消息的校验和,并将该值写入UDP校验和字段。接下来,发送方将IP TTL/Hop limit字段设置为一个小的整数值,以提供从任何临时路由循环的快速退出。建议发送方将IP TTL/Hop limit设置为值8,除非其对航空链路特性有更好的了解。
When an intermediate AERO router forwards a packet out the same AERO interface that it arrived on, the router sends an AERO Predirect message forward toward the egress AERO node instead of sending an ICMPv6 Redirect message back to the ingress AERO node.
当中间AERO路由器将数据包转发出其到达的同一AERO接口时,路由器向出口AERO节点发送AERO Predirect消息,而不是将ICMPv6重定向消息发送回入口AERO节点。
In the reference operational scenario, when the intermediate router ('A') forwards a packet sent by the ingress node ('B') toward the egress node ('D'), it also sends an AERO Predirect message forward toward the egress, subject to rate limiting (see Section 8.2 of [RFC4861]). The intermediate router ('A') prepares the AERO Predirect message as follows:
在参考操作场景中,当中间路由器('A')将入口节点('B')发送的数据包转发给出口节点('D')时,它还将根据速率限制(参见[RFC4861]第8.2节)向出口发送AERO预定向消息。中间路由器(‘A’)按如下方式准备AERO Predirect消息:
o the link-layer source address is set to 'L2(A)' (i.e., the link-layer address of the intermediate router).
o 链路层源地址设置为“L2(A)”(即中间路由器的链路层地址)。
o the link-layer destination address is set to 'L2(D)' (i.e., the link-layer address of the egress node).
o 链路层目的地地址设置为“L2(D)”(即,出口节点的链路层地址)。
o the network-layer source address is set to 'L3(A)' (i.e., the link-local network-layer address of the intermediate router).
o 网络层源地址设置为“L3(A)”(即中间路由器的链路本地网络层地址)。
o the network-layer destination address is set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 网络层目的地地址设置为“L3(D)”(即,出口节点的链路本地网络层地址)。
o the UDP destination port is set to 'AERO_PORT'.
o UDP目标端口设置为“AERO_端口”。
o the Target and Destination Addresses are both set to 'L3(B)' (i.e., the link-local network-layer address of the ingress node).
o 目标和目标地址都设置为“L3(B)”(即入口节点的链路本地网络层地址)。
o on links that require stateful address mapping, the message includes a Target Link Layer Address Option (TLLAO) set to 'L2(B)' (i.e., the link-layer address of the ingress node).
o 在需要有状态地址映射的链路上,消息包括设置为“L2(B)”的目标链路层地址选项(TLLAO)(即入口节点的链路层地址)。
o the message includes a Route Information Option (RIO) [RFC4191] that encodes the ingress node's network-layer address/prefix delegation that covers the network-layer source address of the originating packet.
o 该消息包括路由信息选项(RIO)[RFC4191],该选项对入口节点的网络层地址/前缀委派进行编码,该网络层地址/前缀委派覆盖发起分组的网络层源地址。
o the message includes a Redirected Header Option (RHO) that contains the originating packet truncated to ensure that at least the network-layer header is included but the size of the message does not exceed 1280 bytes.
o 该消息包括一个重定向头选项(RHO),其中包含被截断的原始数据包,以确保至少包括网络层头,但消息的大小不超过1280字节。
o the 'P' bit is set to P=1.
o “P”位设置为P=1。
The intermediate router ('A') then sends the message forward to the egress node ('D').
然后,中间路由器(“A”)将消息转发给出口节点(“D”)。
When the egress node ('D') receives an AERO Predirect message, it accepts the message only if it satisfies the data origin authentication requirements specified in Section 6.4.4. The egress further accepts the message only if it is willing to serve as a redirection target.
当出口节点(“D”)接收到AERO预定向消息时,仅当其满足第6.4.4节中规定的数据源身份验证要求时,才会接受该消息。出口仅在愿意用作重定向目标时才进一步接受消息。
Next, the egress node ('D') validates the message according to the ICMPv6 Redirect message validation rules in Section 8.1 of [RFC4861] with the exception that the message includes a Type value of 0, a Checksum value of 0 and a link-local address in the ICMP destination field that differs from the destination address of the packet header encapsulated in the RHO.
接下来,出口节点(“D”)根据[RFC4861]第8.1节中的ICMPv6重定向消息验证规则验证消息,但消息包含类型值0的情况除外,校验和值为0,ICMP目的地字段中的链路本地地址与RHO中封装的数据包头的目的地地址不同。
In the reference operational scenario, when the egress node ('D') receives a valid AERO Predirect message, it either creates or updates a neighbor cache entry that stores the Target address of the message (i.e., the link-local network-layer address of the ingress node ('B')). The egress node ('D') then records the prefix found in the RIO along with its own prefix that matches the network-layer destination address in the packet header found in the RHO with the neighbor cache entry as an acceptable (src, dst) prefix pair. The egress node ('D') then adds the prefix pair to the neighbor cache
在参考操作场景中,当出口节点(“D”)接收到有效的AERO Predirect消息时,它创建或更新存储消息目标地址(即,入口节点(“B”)的链路本地网络层地址)的邻居缓存条目。然后,出口节点('D')记录RIO中找到的前缀及其自己的前缀,该前缀与在RHO中找到的数据包头中的网络层目标地址相匹配,邻居缓存条目作为可接受的(src,dst)前缀对。出口节点('D')然后将前缀对添加到邻居缓存中
entry ACCEPT list, and sets/resets an expiration timer for the prefix pair to ACCEPT_TIME seconds. If the timer later expires, the egress node ('D') deletes the prefix pair.
输入ACCEPT list,并设置/重置前缀对的过期计时器以接受\u时间秒。如果计时器稍后过期,则出口节点(“D”)将删除前缀对。
After processing the message, the egress node ('D') prepares an AERO Redirect message response as follows:
在处理该消息之后,出口节点(“D”)准备一个AERO重定向消息响应,如下所示:
o the link-layer source address is set to 'L2(D)' (i.e., the link-layer address of the egress node).
o 链路层源地址设置为“L2(D)”(即,出口节点的链路层地址)。
o the link-layer destination address is set to 'L2(A)' (i.e., the link-layer address of the intermediate router).
o 链路层目标地址设置为“L2(A)”(即中间路由器的链路层地址)。
o the network-layer source address is set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 网络层源地址设置为“L3(D)”(即出口节点的链路本地网络层地址)。
o the network-layer destination address is set to 'L3(B)' (i.e., the link-local network-layer address of the ingress node).
o 网络层目标地址设置为“L3(B)”(即入口节点的链路本地网络层地址)。
o the UDP destination port is set to 'AERO_PORT'.
o UDP目标端口设置为“AERO_端口”。
o the Target and the Destination Addresses are both set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 目标地址和目的地址都设置为“L3(D)”(即,出口节点的链路本地网络层地址)。
o on links that require stateful address mapping, the message includes a Target Link Layer Address Option (TLLAO) set to 'L2(D)'.
o 在需要有状态地址映射的链路上,消息包括设置为“L2(D)”的目标链路层地址选项(TLLAO)。
o the message includes an RIO that encodes the egress node's network-layer address/prefix delegation that covers the network-layer destination address of the originating packet.
o 该消息包括对出口节点的网络层地址/前缀委托进行编码的RIO,该网络层地址/前缀委托覆盖发起分组的网络层目的地地址。
o the message includes as much of the RHO copied from the corresponding AERO Predirect message as possible such that at least the network-layer header is included but the size of the message does not exceed 1280 bytes.
o 消息包括从相应的AERO Predirect消息复制的尽可能多的RHO,以便至少包括网络层报头,但消息的大小不超过1280字节。
o the 'P' bit is set to P=0.
o “P”位设置为P=0。
After the egress node ('D') prepares the AERO Redirect message, it sends the message to the intermediate router ('A').
在出口节点('D')准备AERO重定向消息后,它将消息发送到中间路由器('A')。
When the intermediate router ('A') receives an AERO Redirect message, it accepts the message only if it satisfies the data origin authentication requirements specified in Section 6.4.4. Next, the intermediate router ('A') validates the message the same as described
当中间路由器(“A”)收到AERO重定向消息时,它仅在满足第6.4.4节规定的数据源身份验证要求时才接受该消息。接下来,中间路由器('A')按照所述方式验证消息
in Section 6.4.7. Following validation, the intermediate router ('A') processes the Redirect, and then forwards a corresponding Redirect on to the ingress node ('B') as follows.
在第6.4.7节中。验证之后,中间路由器(“A”)处理重定向,然后将相应的重定向转发到入口节点(“B”),如下所示。
In the reference operational scenario, the intermediate router ('A') receives the AERO Redirect message from the egress node ('D') and prepares to forward a corresponding AERO Redirect message to the ingress node ('B'). The intermediate router ('A') then verifies that the RIO encodes a network-layer address/prefix that the egress node ('D') is authorized to use, and it discards the message if verification fails. Otherwise, the intermediate router ('A') changes the link-layer source address of the message to 'L2(A)', changes the network-layer source address of the message to the link-local network-layer address 'L3(A)', and changes the link-layer destination address to 'L2(B)' . The intermediate router ('A') finally decrements the IP TTL/Hop-limit and forwards the message to the ingress node ('B').
在参考操作场景中,中间路由器(“A”)从出口节点(“D”)接收AERO重定向消息,并准备将相应的AERO重定向消息转发到入口节点(“B”)。然后,中间路由器(“A”)验证RIO是否对出口节点(“D”)有权使用的网络层地址/前缀进行编码,如果验证失败,它将丢弃消息。否则,中间路由器(“A”)将消息的链路层源地址更改为“L2(A)”,将消息的网络层源地址更改为链路本地网络层地址“L3(A)”,并将链路层目标地址更改为“L2(B)”。中间路由器(“A”)最终降低IP TTL/Hop限制,并将消息转发到入口节点(“B”)。
When the ingress node ('B') receives an AERO Redirect message (i.e., one with P=0), it accepts the message only if it satisfies the data origin authentication requirements specified in Section 6.4.4. Next, the ingress node ('B') validates the message the same as described in Section 6.4.6. Following validation, the ingress node ('B') then processes the message as follows.
当入口节点(“B”)接收到AERO重定向消息(即P=0的消息)时,它仅在满足第6.4.4节中规定的数据源身份验证要求时才接受该消息。接下来,入口节点('B')按照第6.4.6节所述验证消息。验证之后,入口节点('B')然后按如下方式处理消息。
In the reference operational scenario, when the ingress node ('B') receives the AERO Redirect message, it either creates or updates a neighbor cache entry that stores the Target address of the message (i.e., the link-local network-layer address of the egress node 'L3(D)'). The ingress node ('B') then records the (src, dst) prefix pair associated with the triggering packet in the neighbor cache entry FORWARD list, i.e., it records its prefix that matches the redirected packet's network-layer source address and the prefix listed in the RIO as the prefix pair. The ingress node ('B') then sets/resets an expiration timer for the prefix pair to FORWARD_TIME seconds. If the timer later expires, the ingress node ('B') deletes the entry.
在参考操作场景中,当入口节点(“B”)接收到AERO重定向消息时,它创建或更新存储消息目标地址的邻居缓存条目(即,出口节点“L3(D)”的链路本地网络层地址)。入口节点('B')然后在邻居缓存条目转发列表中记录与触发数据包相关联的(src,dst)前缀对,即,它记录其与重定向数据包的网络层源地址匹配的前缀和RIO中列出的前缀作为前缀对。入口节点('B')然后为前缀对设置/重置一个过期计时器,以转发\u时间秒。如果计时器稍后过期,入口节点(“B”)将删除该条目。
Now, the ingress node ('B') has a neighbor cache FORWARD list entry for the prefix pair, and the egress node ('D') has a neighbor cache ACCEPT list entry for the prefix pair. Therefore, the ingress node ('B') may forward ordinary network-layer data packets with network-layer source and destination addresses that match the prefix pair directly to the egress node ('D') without forwarding through the intermediate router ('A'). Note that the ingress node must have a way of informing the network layer of a route that associates the
现在,入口节点('B')具有前缀对的邻居缓存转发列表条目,而出口节点('D')具有前缀对的邻居缓存接受列表条目。因此,入口节点('B')可以将具有与前缀对匹配的网络层源地址和目的地址的普通网络层数据分组直接转发到出口节点('D'),而无需通过中间路由器('A')转发。注意,入口节点必须具有通知网络层与入口节点关联的路由的方式
destination prefix with this neighbor cache entry. The manner of establishing such a route (and deleting it when it is no longer necessary) is left to the implementation.
具有此邻居缓存项的目标前缀。建立这样一条路由的方式(并在不再需要时将其删除)留给实现。
To enable packet forwarding in the reverse direction, a separate AERO redirection operation is required that is the mirror-image of the forward operation described above but the link segments traversed in the forward and reverse directions may be different, i.e., the operations are asymmetric.
为了在反向上启用分组转发,需要单独的AERO重定向操作,该操作是上述正向操作的镜像,但是在正向和反向上穿过的链路段可能不同,即操作是不对称的。
In order to prevent prefix pairs from expiring while data packets are actively flowing, the ingress node ('B') can send AERO Predirect messages directly to the egress node ('D') as a "keepalive" to solicit AERO Redirect messages. The node should send such keepalive messages only when a data packet covered by the prefix pair has been sent recently, and should wait for at least KEEPALIVE_TIME seconds before sending each successive keepalive message in order to limit control message overhead.
为了防止前缀对在数据包活跃流动时过期,入口节点('B')可以将AERO Predirect消息作为“keepalive”直接发送到出口节点('D')以请求AERO重定向消息。节点应仅在前缀对覆盖的数据包最近已发送时发送此类keepalive消息,并应在发送每个连续keepalive消息之前等待至少keepalive_时间秒,以限制控制消息开销。
In the reference operational scenario, when the ingress node ('B') needs to refresh the FORWARD timer for a specific prefix pair, it can send an AERO Predirect message directly to the egress node ('D') prepared as follows:
在参考操作场景中,当入口节点('B')需要刷新特定前缀对的前向计时器时,它可以直接向出口节点('D')发送AERO Predirect消息,准备如下:
o the link-layer source address is set to 'L2(B)' (i.e., the link-layer address of the ingress node).
o 链路层源地址设置为“L2(B)”(即入口节点的链路层地址)。
o the link-layer destination address is set to 'L2(D)' (i.e., the link-layer address of the egress node).
o 链路层目的地地址设置为“L2(D)”(即,出口节点的链路层地址)。
o the network-layer source address is set to 'L3(B)' (i.e., the link-local network-layer address of the ingress node).
o 网络层源地址设置为“L3(B)”(即入口节点的链路本地网络层地址)。
o the network-layer destination address is set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 网络层目的地地址设置为“L3(D)”(即,出口节点的链路本地网络层地址)。
o the UDP destination port is set to 'AERO_PORT'.
o UDP目标端口设置为“AERO_端口”。
o the Predirect Target and Destination Addresses are both set to 'L3(B)' (i.e., the link-local network-layer address of the ingress node).
o 预定向目标和目标地址都设置为“L3(B)”(即,入口节点的链路本地网络层地址)。
o the message includes an RHO that contains the originating packet truncated to ensure that at least the network-layer header is included but the size of the message does not exceed 1280 bytes.
o 消息包括一个RHO,其中包含被截断的原始数据包,以确保至少包括网络层报头,但消息的大小不超过1280字节。
o the 'P' bit is set to P=1.
o “P”位设置为P=1。
When the egress node ('D') receives the AERO Predirect message, it validates the message the same as described in Section 6.4.6. Following validation, the egress node ('D') then resets its ACCEPT timer for the prefix pair that matches the originating packet's network-layer source and destination addresses to ACCEPT_TIME seconds, and it sends an AERO Redirect message directly to the ingress node ('B') prepared as follows:
当出口节点(“D”)接收到AERO Predirect消息时,它将按照第6.4.6节所述验证该消息。在验证之后,出口节点(“D”)然后将其前缀对的接受计时器重置为与原始数据包的网络层源地址和目标地址匹配的接受计时器,以接受\u时间秒,并直接向入口节点(“B”)发送AERO重定向消息,准备如下:
o the link-layer source address is set to 'L2(D)' (i.e., the link-layer address of the egress node).
o 链路层源地址设置为“L2(D)”(即,出口节点的链路层地址)。
o the link-layer destination address is set to 'L2(B)' (i.e., the link-layer address of the ingress node).
o 链路层目的地址设置为“L2(B)”(即,入口节点的链路层地址)。
o the network-layer source address is set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 网络层源地址设置为“L3(D)”(即出口节点的链路本地网络层地址)。
o the network-layer destination address is set to 'L3(B)' (i.e., the link-local network-layer address of the ingress node).
o 网络层目标地址设置为“L3(B)”(即入口节点的链路本地网络层地址)。
o the UDP destination port is set to 'AERO_PORT'.
o UDP目标端口设置为“AERO_端口”。
o the Redirect Target and Destination Addresses are both set to 'L3(D)' (i.e., the link-local network-layer address of the egress node).
o 重定向目标和目标地址都设置为“L3(D)”(即出口节点的链路本地网络层地址)。
o the message includes as much of the RHO copied from the corresponding AERO Predirect message as possible such that at least the network-layer header is included but the size of the message does not exceed 1280 bytes.
o 消息包括从相应的AERO Predirect消息复制的尽可能多的RHO,以便至少包括网络层报头,但消息的大小不超过1280字节。
o the 'P' bit is set to P=0.
o “P”位设置为P=0。
When the ingress node ('B') receives the AERO Redirect message, it validates the message the same as described in Section 6.4.6. Following validation, the ingress node ('B') then resets its FORWARD timer for the prefix pair that matches the originating packet's network-layer source and destination addresses to FORWARD_TIME seconds.
当入口节点(“B”)接收到AERO重定向消息时,它将按照第6.4.6节所述的方式验证该消息。验证之后,入口节点(“B”)然后将其前缀对的转发计时器重置为转发时间秒,该前缀对与原始数据包的网络层源地址和目标地址相匹配。
In this process, if the ingress node sends MAX_RETRY AERO Predirect messages as keepalives without receiving an AERO Redirect message reply, it can either declare the prefix pair unreachable immediately or allow the pair to expire after FORWARD_TIME seconds.
在此过程中,如果入口节点将MAX_RETRY AERO Predirect消息作为keepalives发送,而没有收到AERO Redirect消息回复,则它可以声明前缀对无法立即访问,或者允许前缀对在FORWARD_时间秒后过期。
When the ingress node ('B') receives an AERO Redirect message informing it of a direct path to a new egress node ('D'), there is a question in point as to whether the new egress node ('D') can be reached directly without forwarding through an intermediate router ('A'). On some AERO links, it may be reasonable for the ingress node ('B') to (optimistically) assume that reachability is transitive, and to immediately begin forwarding data packets to the egress node ('D') without testing reachability.
当入口节点('B')接收到AERO重定向消息,通知其到新出口节点('D')的直接路径时,存在一个问题,即是否可以直接到达新出口节点('D'),而无需通过中间路由器('a')转发。在一些航空链路上,入口节点(“B”)可以(乐观地)假设可达性是可传递的,并且在不测试可达性的情况下立即开始向出口节点(“D”)转发数据分组。
On AERO links in which an optimistic assumption of transitive reachability may be unreasonable, however, the ingress node ('B') can defer the redirection until it tests the direct path to the egress node ('D'), e.g., by sending an IPv6 Neighbor Solicitation to elicit an IPv6 Neighbor Advertisement response. If the ingress node ('B') is unable to elicit a response after MAX_RETRY attempts, it should consider the direct path to the egress node ('D') to be unusable.
然而,在对可传递可达性的乐观假设可能不合理的航空链路上,入口节点(“B”)可以延迟重定向,直到它测试到出口节点(“D”)的直接路径为止,例如,通过发送IPv6邻居请求以引出IPv6邻居播发响应。如果入口节点(“B”)在Max尝试重试之后无法引发响应,则应考虑到出口节点(“否”)的直接路径不可用。
In either case, the ingress node ('B') can process any link errors corresponding to the data packets sent directly to the egress node ('D') as a hint that the direct path has either failed or has become intermittent. Conversely, the ingress node ('B') can further process any AERO Redirect messages received as evidence of neighbor reachability.
在任何一种情况下,入口节点('B')都可以处理与直接发送到出口节点('D')的数据分组相对应的任何链路错误,作为直接路径已失败或已成为间歇路径的提示。相反,入口节点('B')可以进一步处理作为邻居可达性证据接收的任何AERO重定向消息。
Again, with reference to Figure 3, egress node ('D') can configure both a non-advertising router interface on a provider AERO link and advertising router interfaces on its connected EUN links. When an EUN node ('E') in one of the egress node's connected EUNs moves to a different network point of attachment, however, it can release its network-layer address/prefix delegations that were registered with egress node ('D' ) and re-establish them via a different router.
同样,参考图3,出口节点(“D”)可以在提供商AERO链路上配置非广告路由器接口,并在其连接的EUN链路上配置广告路由器接口。然而,当出口节点的一个连接的EUN中的EUN节点(“E”)移动到不同的网络连接点时,它可以释放其在出口节点(“D”)中注册的网络层地址/前缀委派,并通过不同的路由器重新建立它们。
When the EUN node ('E') releases its network-layer address/prefix delegations, the egress node ('D') marks its forwarding table entries corresponding to the network-layer addresses/prefixes as "departed" and no longer responds to AERO Predirect messages for the departed addresses/prefixes. When egress node ('D') receives packets from an ingress node ('B') with network-layer source and destination addresses that match a prefix pair on the ACCEPT list, it forwards them to the last-known link-layer address of EUN node ('E') as a means for avoiding mobility-related packet loss during routing changes. Egress node ('D') also returns a NULL AERO Redirect message to inform the ingress node ('B') of the departure. The message is prepared as follows:
当EUN节点('E')释放其网络层地址/前缀委派时,出口节点('D')将其对应于网络层地址/前缀的转发表条目标记为“已离开”,并且不再响应已离开地址/前缀的AERO Predirect消息。当出口节点('D')从入口节点('B')接收到与接受列表上的前缀对匹配的网络层源地址和目的地址的数据包时,它将其转发到EUN节点('E')的最后一个已知链路层地址,作为避免路由更改期间与移动性相关的数据包丢失的一种方法。出口节点('D')还返回空AERO重定向消息,以通知入口节点('B')离开。电文编写如下:
o the link-layer source address is set to 'L2(D)'.
o 链路层源地址设置为“L2(D)”。
o the link-layer destination address is set to 'L2(B)'.
o 链路层目标地址设置为“L2(B)”。
o the network-layer source address is set to the link-local address 'L3(D)'.
o 网络层源地址设置为链路本地地址“L3(D)”。
o the network-layer destination address is set to the link-local address 'L3(B)'.
o 网络层目标地址设置为链路本地地址“L3(B)”。
o the UDP destination port is set to 'AERO_PORT'.
o UDP目标端口设置为“AERO_端口”。
o the Redirect Target and Destination Addresses are both set to NULL.
o 重定向目标和目标地址都设置为NULL。
o the message includes an RHO that contains as much of the original packet as possible such that at least the network-layer header is included but the size of the message does not exceed 1280 bytes.
o 消息包括一个RHO,该RHO包含尽可能多的原始分组,使得至少包括网络层报头,但消息的大小不超过1280字节。
o the 'P' bit is set to P=0.
o “P”位设置为P=0。
When ingress node ('B') receives the NULL AERO Redirect message, it deletes the prefix pair associated with the packet in the RHO from its list of forwarding entries corresponding to egress node ('D'). When egress node ('D')s ACCEPT_TIME timer for the prefix pair corresponding to the departed prefix expires, it deletes the prefix pairs from its list of ingress filtering entries corresponding to ingress node ('B').
当入口节点('B')接收到空AERO重定向消息时,它从其对应于出口节点('D')的转发条目列表中删除与RHO中的数据包相关联的前缀对。当出口节点('D')对应于离开前缀的前缀对的ACCEPT_时间计时器过期时,它将从其对应于入口节点('B')的入口过滤项列表中删除前缀对。
Eventually, any such correspondent AERO nodes will receive a NULL AERO Redirect message and will cease to use the egress node ('D') as a next hop. They will then revert to sending packets destined to the EUN node ('E') via a trusted intermediate router and may subsequently receive new AERO Redirect messages to discover that the EUN node ('E') is now associated with a new AERO edge router.
最终,任何此类对应的AERO节点将收到空AERO重定向消息,并将停止使用出口节点(“D”)作为下一跳。然后,它们将恢复通过受信任的中间路由器发送目的地为EUN节点(“E”)的数据包,并可能随后接收新的AERO重定向消息,以发现EUN节点(“E”)现在与新的AERO边缘路由器相关联。
Note that any packets forwarded by the egress node ('D') via a departed forwarding table entry may be lost if the (mobile) EUN node ('E') moves off-link with respect to its previous EUN point of attachment. This should not be a problem for large links (e.g., large cellular network deployments, large ISP networks, etc.) in which all/most mobility events are intra-link.
注意,如果(移动)EUN节点('E')相对于其先前的EUN连接点移出链路,则出口节点('D')经由离开的转发表条目转发的任何分组都可能丢失。对于所有/大多数移动事件都是链路内事件的大型链路(例如,大型蜂窝网络部署、大型ISP网络等),这不应该是一个问题。
When an ingress node needs to change its link-layer address, it deletes each FORWARD list entry that was established under the old link layer address, changes the link layer address, then allows
当入口节点需要更改其链路层地址时,它将删除在旧链路层地址下建立的每个转发列表条目,更改链路层地址,然后允许
packets to again flow through an intermediate router. Any egress node that receives the packets will also receive new AERO Predirect messages from the intermediate router. The egress node then deletes the ACCEPT entry that included the ingress node's old link-layer address and installs a new ACCEPT entry that includes the ingress node's new link-layer address. The egress then returns a new AERO Redirect message to the ingress node via the intermediate router, which the ingress node uses to establish a new FORWARD list entry.
数据包再次流经中间路由器。接收数据包的任何出口节点也将从中间路由器接收新的AERO Predirect消息。然后,出口节点删除包含入口节点的旧链路层地址的接受条目,并安装包含入口节点的新链路层地址的新接受条目。然后,出口通过中间路由器向入口节点返回新的AERO重定向消息,入口节点使用该路由器建立新的转发列表条目。
When an egress node needs to change its link-layer address, it deletes each entry in the ACCEPT list and SHOULD also send NULL AERO Redirect messages to the corresponding ingress node (i.e., the same as described for mobility operations in Section 6.4.12) before changing the link-layer address. Any ingress node that receives the NULL AERO Redirect messages will delete any corresponding FORWARD list entries and again allow packets to flow through an intermediate router. The egress then changes the link-layer address, and it sends new AERO Redirect messages in response to any AERO Predirect messages it receives from the intermediate router while using the new link-layer address.
当出口节点需要更改其链路层地址时,它将删除接受列表中的每个条目,并且在更改链路层地址之前,还应向相应的入口节点发送空AERO重定向消息(即,与第6.4.12节中描述的移动性操作相同)。接收空AERO重定向消息的任何入口节点将删除任何相应的转发列表条目,并再次允许数据包通过中间路由器。然后,出口更改链路层地址,并发送新的AERO重定向消息,以响应使用新链路层地址时从中间路由器接收的任何AERO Predirect消息。
When an AERO node configures one or more FORWARD/ACCEPT list prefix pair entries, and the prefixes associated with the pair are somehow reconfigured or renumbered, the stale FORWARD/ACCEPT list information must be deleted.
当AERO节点配置一个或多个转发/接受列表前缀对条目,并且以某种方式重新配置或重新编号与该对关联的前缀时,必须删除过时的转发/接受列表信息。
When an ingress node ('B') reconfigures its network-layer source prefix in such a way that the ACCEPT list entry in the egress node ('D') would no longer be valid (e.g., the prefix length of the source prefix changes), the ingress node ('B') simply deletes the prefix pair form its FORWARD list and allows subsequent packets to again flow through an intermediate router ('A').
当入口节点('B')重新配置其网络层源前缀时,出口节点('D')中的接受列表条目将不再有效(例如,源前缀的前缀长度改变),入口节点('B')只需从转发列表中删除前缀对,并允许后续数据包再次流经中间路由器(“A”)。
When the egress node ('D') reconfigures its network-layer destination prefix in such a way that the FORWARD list entry in the ingress node ('B') would no longer be valid, the egress node ('D') sends a NULL AERO Redirect message to the ingress node ('B') the same as described for mobility and link-layer address change considerations when it receives either an AERO Predirect message or a data packet (subject to rate limiting) from the ingress node ('B').
当出口节点('D')以入口节点('B')中的转发列表条目不再有效的方式重新配置其网络层目的地前缀时,出口节点('D')向入口节点('B')发送空AERO重定向消息当接收到来自入口节点(“B”)的AERO Predirect消息或数据包(受速率限制)时,与移动和链路层地址更改注意事项所述相同。
There are no backward compatibility considerations since AERO Redirect/Predirect messages use a new UDP port number that distinguishes them from other kinds of control messages. Therefore, legacy nodes will simply discard any AERO Redirect/Predirect messages they may accidentally receive.
由于AERO Redirect/Predirect消息使用一个新的UDP端口号,使其与其他类型的控制消息区分开来,因此没有向后兼容性考虑。因此,遗留节点只需丢弃它们可能意外接收到的任何AERO重定向/预定向消息。
Note however that AERO redirection requires that all three (the ingress, intermediate router, and egress) participate in the protocol. Additionally, the intermediate router SHOULD disable ordinary ICMPv6 Redirects when AERO redirection is enabled.
但是请注意,AERO重定向要求所有三个(入口、中间路由器和出口)都参与协议。此外,启用AERO重定向时,中间路由器应禁用普通ICMPv6重定向。
IANA has assigned UDP user port number 8060 for this protocol via the expert review process [RFC5226].
IANA已通过专家评审过程[RFC5226]为此协议分配了UDP用户端口号8060。
AERO link security considerations are the same as for standard IPv6 Neighbor Discovery [RFC4861] except that AERO improves on some aspects. In particular, AERO is dependent on a trust basis between AERO edge nodes and intermediate routers, where the edge nodes must only engage in the AERO mechanism when it is facilitated by a trusted intermediate router.
AERO链路安全注意事项与标准IPv6邻居发现[RFC4861]相同,只是AERO在某些方面有所改进。特别是,AERO依赖于AERO边缘节点和中间路由器之间的信任基础,其中边缘节点只有在受信任的中间路由器促进时才能参与AERO机制。
AERO links must be protected against link-layer address spoofing attacks in which an attacker on the link pretends to be a trusted neighbor. Links that provide link-layer securing mechanisms (e.g., WiFi networks) and links that provide physical security (e.g., enterprise network LANs) provide a first line of defense that is often sufficient. In other instances, sufficient assurances against link-layer address spoofing attacks are possible if the source can digitally sign its messages through means outside the scope of this document.
AERO链路必须受到保护,防止链路层地址欺骗攻击,在这种攻击中,链路上的攻击者假装是受信任的邻居。提供链路层安全机制的链路(如WiFi网络)和提供物理安全的链路(如企业网络LAN)提供了通常足够的第一道防线。在其他情况下,如果源可以通过本文档范围之外的方式对其消息进行数字签名,则可以充分保证不会受到链路层地址欺骗攻击。
Discussions both on the v6ops list and in private exchanges helped shape some of the concepts in this work. Individuals who contributed insights include Mikael Abrahamsson, Fred Baker, Stewart Bryant, Brian Carpenter, Brian Haberman, Joel Halpern, and Lee Howard. Members of the IESG also provided valuable input during their review process that greatly improved the document. Special thanks go to Stewart Bryant, Joel Halpern, and Brian Haberman for their shepherding guidance.
关于v6ops列表和私人交易所的讨论有助于形成这项工作中的一些概念。贡献见解的个人包括米凯尔·亚伯拉罕松、弗雷德·贝克、斯图尔特·布莱恩特、布赖恩·卡彭特、布赖恩·哈伯曼、乔尔·哈尔潘和李·霍华德。IESG成员在审查过程中也提供了宝贵的意见,大大改进了文件。特别感谢Stewart Bryant、Joel Halpern和Brian Haberman的指导。
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, August 1980.
[RFC0768]Postel,J.,“用户数据报协议”,STD 6,RFC 768,1980年8月。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.
[RFC2460]Deering,S.和R.Hinden,“互联网协议,第6版(IPv6)规范”,RFC 2460,1998年12月。
[RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", RFC 4191, November 2005.
[RFC4191]Draves,R.和D.Thaler,“默认路由器首选项和更具体的路由”,RFC 41912005年11月。
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, September 2007.
[RFC4861]Narten,T.,Nordmark,E.,Simpson,W.,和H.Soliman,“IP版本6(IPv6)的邻居发现”,RFC 48612007年9月。
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, September 2007.
[RFC4862]Thomson,S.,Narten,T.,和T.Jinmei,“IPv6无状态地址自动配置”,RFC 48622007年9月。
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008.
[RFC5226]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 5226,2008年5月。
[RFC6434] Jankiewicz, E., Loughney, J., and T. Narten, "IPv6 Node Requirements", RFC 6434, December 2011.
[RFC6434]Jankiewicz,E.,Loughney,J.和T.Narten,“IPv6节点要求”,RFC 64342011年12月。
[IRON] Templin, F., "The Internet Routing Overlay Network (IRON)", Work in Progress, June 2012.
[IRON]Templin,F.,“互联网路由覆盖网络(IRON)”,正在进行的工作,2012年6月。
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.
[RFC0791]Postel,J.,“互联网协议”,STD 5,RFC 7911981年9月。
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, RFC 792, September 1981.
[RFC0792]Postel,J.,“互联网控制消息协议”,STD 5,RFC 792,1981年9月。
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997.
[RFC2131]Droms,R.,“动态主机配置协议”,RFC21311997年3月。
[RFC2529] Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4 Domains without Explicit Tunnels", RFC 2529, March 1999.
[RFC2529]Carpenter,B.和C.Jung,“在没有明确隧道的IPv4域上传输IPv6”,RFC 2529,1999年3月。
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3315]Droms,R.,Bound,J.,Volz,B.,Lemon,T.,Perkins,C.,和M.Carney,“IPv6的动态主机配置协议(DHCPv6)”,RFC3315,2003年7月。
[RFC3633] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003.
[RFC3633]Troan,O.和R.Droms,“动态主机配置协议(DHCP)版本6的IPv6前缀选项”,RFC 3633,2003年12月。
[RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC4443]Conta,A.,Deering,S.和M.Gupta,“互联网协议版本6(IPv6)规范的互联网控制消息协议(ICMPv6)”,RFC 4443,2006年3月。
[RFC5214] Templin, F., Gleeson, T., and D. Thaler, "Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214, March 2008.
[RFC5214]Templin,F.,Gleeson,T.,和D.Thaler,“站点内自动隧道寻址协议(ISATAP)”,RFC 52142008年3月。
[RFC5569] Despres, R., "IPv6 Rapid Deployment on IPv4 Infrastructures (6rd)", RFC 5569, January 2010.
[RFC5569]Despres,R.,“IPv4基础设施上的IPv6快速部署(第6次)”,RFC 5569,2010年1月。
[RFC6204] Singh, H., Beebee, W., Donley, C., Stark, B., and O. Troan, "Basic Requirements for IPv6 Customer Edge Routers", RFC 6204, April 2011.
[RFC6204]Singh,H.,Beebee,W.,Donley,C.,Stark,B.,和O.Troan,“IPv6客户边缘路由器的基本要求”,RFC 62042011年4月。
[VET] Templin, F., "Virtual Enterprise Traversal (VET)", Work in Progress, June 2012.
[VET]Templin,F.,“虚拟企业遍历(VET)”,正在进行的工作,2012年6月。
Figure 3 depicts a reference AERO operational scenario with a single intermediate router on the AERO link. In order to support scaling to larger numbers of nodes, the AERO link can deploy multiple intermediate routers, e.g., as shown in Figure 6.
图3描述了在AERO链路上使用单个中间路由器的参考AERO操作场景。为了支持扩展到更多节点,AERO link可以部署多个中间路由器,如图6所示。
+--------------+ +--------------+ | Intermediate | +--------------+ | Intermediate | | Router C | | Core Router D| | Router E | | (default->D) | | (A->C; G->E) | | (default->D) | | (A->B) | +--------------+ | (G->F) | +-------+------+ +------+-------+ | | X---+---+--------------------------------------+---+---X | AERO Link | +-----+--------+ +--------+-----+ | Edge Router B| | Edge Router F| | (default->C) | | (default->E) | +--------------+ +--------------+ .-. .-. ,-( _)-. ,-( _)-. .-(_ IPv6 )-. .-(_ IPv6 )-. (__ EUN ) (__ EUN ) `-(______)-' `-(______)-' | | +--------+ +--------+ | Host A | | Host G | +--------+ +--------+
+--------------+ +--------------+ | Intermediate | +--------------+ | Intermediate | | Router C | | Core Router D| | Router E | | (default->D) | | (A->C; G->E) | | (default->D) | | (A->B) | +--------------+ | (G->F) | +-------+------+ +------+-------+ | | X---+---+--------------------------------------+---+---X | AERO Link | +-----+--------+ +--------+-----+ | Edge Router B| | Edge Router F| | (default->C) | | (default->E) | +--------------+ +--------------+ .-. .-. ,-( _)-. ,-( _)-. .-(_ IPv6 )-. .-(_ IPv6 )-. (__ EUN ) (__ EUN ) `-(______)-' `-(______)-' | | +--------+ +--------+ | Host A | | Host G | +--------+ +--------+
Figure 6: Multiple Intermediate Routers
图6:多个中间路由器
In this example, the ingress AERO node ('B') (in this case an edge router, but could also be a host) associates with intermediate AERO router ('C'), while the egress AERO node ('F') (in this case an edge router, but could also be a host) associates with intermediate AERO router ('E'). Furthermore, intermediate routers ('C') and ('E') do not associate with each other directly, but rather have an association with a "core" router ('D') (i.e., a router that has full topology information concerning its associated intermediate routers). Core router ('D') may connect to either the AERO link or to other physical or virtual links (not shown) to which intermediate routers ('C') and ('E') also connect.
在此示例中,入口AERO节点('B')(在本例中为边缘路由器,但也可以是主机)与中间AERO路由器('C')关联,而出口AERO节点('F')(在本例中为边缘路由器,但也可以是主机)与中间AERO路由器('E')关联。此外,中间路由器('C')和('E')不直接相互关联,而是与“核心”路由器('D')关联(即,具有与其关联的中间路由器有关的完整拓扑信息的路由器)。核心路由器(“D”)可以连接到AERO链路或其他物理或虚拟链路(未显示),中间路由器(“C”)和(“E”)也可以连接到这些链路。
When host ('A') sends a packet toward destination host ('G'), IPv6 forwarding directs the packet through the EUN to edge router ('B'), which forwards the packet to intermediate router ('C') in absence of more-specific forwarding information. Intermediate router ('C')
当主机('A')向目标主机('G')发送数据包时,IPv6转发通过EUN到边缘路由器('B')将数据包转发到中间路由器('C'),而不需要更具体的转发信息。中间路由器('C')
forwards the packet, and it also generates an AERO Predirect message that is then forwarded through core router ('D') to intermediate router ('E'). When intermediate router ('E') receives the message, it forwards the message to egress router ('F').
转发数据包,它还生成AERO预定向消息,然后通过核心路由器('D')转发到中间路由器('E')。当中间路由器('E')接收到消息时,它将消息转发给出口路由器('F')。
After processing the AERO Predirect message, egress router ('F') sends an AERO Redirect message to intermediate router ('E').
在处理AERO预定向消息后,出口路由器(“F”)向中间路由器(“E”)发送AERO重定向消息。
Intermediate router ('E'), in turn, forwards the message through core router ('D') to intermediate router ('C'). When intermediate router ('C') receives the message, it forwards the message to ingress edge router ('B') informing it that host 'G's EUN can be reached via egress router ('F'), thus completing the AERO redirection.
中间路由器('E')通过核心路由器('D')将消息转发给中间路由器('C')。当中间路由器(“C”)接收到该消息时,它将该消息转发给入口边缘路由器(“B”),通知它可以通过出口路由器(“F”)到达主机“G”的EUN,从而完成AERO重定向。
The interworkings between intermediate and core routers (including the conveyance of pseudo Predirects and Redirects) must be carefully coordinated in a manner outside the scope of this document. In particular, the intermediate and core routers must ensure that any routing loops that may be formed are temporal in nature. See [IRON] for an architectural discussion of coordination between intermediate and core routers.
中间路由器和核心路由器之间的互通(包括伪预定向和重定向的传输)必须以本文件范围之外的方式仔细协调。特别是,中间路由器和核心路由器必须确保可能形成的任何路由环路本质上是暂时的。有关中间路由器和核心路由器之间协调的体系结构讨论,请参见[IRON]。
Author's Address
作者地址
Fred L. Templin (editor) Boeing Research & Technology P.O. Box 3707 MC 7L-49 Seattle, WA 98124 USA
Fred L.Templin(编辑)美国华盛顿州西雅图波音研究与技术公司邮政信箱3707 MC 7L-49 98124
EMail: fltemplin@acm.org
EMail: fltemplin@acm.org