With the gradual rise of the Internet 10 years ago, the view that IP-based networks will become a full-service bearer network has been widely recognized. Therefore, many problems existing in IPv4 network have become the focus of industry research, such as QoS problems and mobility problems of IP networks. The core problem is that the address space capacity of the IPv4 protocol cannot meet the requirements of business development. Experts believe that at the current consumption rate, China's IPv4 addresses will run out by 2015. Therefore, IPv6, which has a huge address space, has become one of the candidates to replace IPv4. Some even assert that "IPv6 will replace IPv4 as the only network layer protocol for IP networks."
Current status of IPv4/v6 comprehensive networking
Regarding the question of how to transition from IPv4 to IPv6, the IETF (Internet Engineering Task Force) has established the "Next Generation Network Transition Working Group (Ngtrans)". The work results of this working group are reflected in 14 RFCs and over 20 drafts. The newly established "IPv6 Network Interoperability Working Group (IPv6ops)" is responsible for studying integration and interoperability issues. Research results show that during the transition process, IPv4 network will coexist with IPv6 network for a long time.
Researching the comprehensive IPv4/v6 networking will help explore the development direction and technical model of the next generation of Internet; it will be conducive to the technical research of the next generation of telecommunications networks; it will provide reference for the research and development of IPv6 products by equipment manufacturers; and promote the practical and commercialization of IPv6. Therefore, the research on IPv4/v6 comprehensive networking is very urgent and necessary.
The main research contents of IPv4/v6 comprehensive networking technology include: the technical characteristics and scope of application of different existing transition strategies and network transition tools; the network structure after the carrier network is introduced into IPv6; the technical requirements for IPv4/v6 comprehensive networking by different telecommunications networking environments; possible comprehensive networking solutions for different networking environments (different needs); routing and domain name issues during comprehensive networking, security analysis, address allocation strategies, interconnection (compatibility) of different networking technologies in the network, etc.
Research on IPv4/v6 comprehensive networking technology has formed a toolbox containing multiple network transition tools, and the research on specific networking methods has also received more and more attention, but overall, the research is still in its infancy. Since the corresponding networking needs cannot be determined, the IETF's research on network environment and networking needs in the draft stage is now aimed at the Internet. In telecommunications operation networks, although research on the networking environment and networking scheme of IPv4/v6 comprehensive networking has also been paid attention to and some results have been achieved (mainly reflected in the fact that IPv6 equipment manufacturers have proposed some IPv4/v6 comprehensive networking schemes related to their own products), objectively speaking, both in terms of research depth and breadth are in the early stage.
Basic principles of IPv4/v6 comprehensive networking
When conducting IPv4/v6 comprehensive networking, the following principles should be followed: maximize the protection of existing investments of end users, ISPs, ICPs and telecom operators; ensure the interoperability between IPv4 and IPv6 hosts; support the interoperability of the two services under the premise that IPv4 services and IPv6 services do not affect each other; ensure the normal application of existing IPv4 applications in the comprehensive networking environment; avoid dependence between devices, and the update of equipment must be independent; the comprehensive networking process should be easy to understand and implement for network managers and end users; improve network flexibility, support the gradual upgrade of the network, and users have the choice to transition when to choose. and the right to transition; after comprehensive networking, the service quality of the network should not have a significant impact, the reliability and stability of the network cannot be weakened, and the network management function should be strengthened compared with the original network; the gradual evolution strategy from the edge to the backbone should be considered (at the same time, the strategies from the backbone to the edge); the benefits that can be brought to end users (business, points of interest, etc.); the improvements to some problems existing in the existing IPv4 network (NAT, address planning, etc.) should be considered during comprehensive networking; the technical selection between various parts of the network should be independent, such as the metropolitan core network, access network, and resident network should be able to choose different technologies.
IPv4/v6 comprehensive networking strategy
According to the basic principles of comprehensive networking, the commonly used networking strategies include Dual Stack Transition Mechanism (DSTM), tunneling strategies and translation strategies. Among them, the dual-stack strategy can be divided into two types: host dual-stack and router dual-stack; tunneling strategies include manual tunnel and automatic tunnel; translation strategy implementation protocols include NAT-PT (Network Address Translation Protocol Translation), TRT (Transport Relay Translations), BIS (Bump In the Stack), and BIA (Bump In the Application program interface). The above strategies are usually used in combination.
Among the three networking strategies, the dual-stack strategy usually solves the problem of how the dual-stack host in the IPv6 network (usually only has IPv6 addresses but no IPv4 addresses) communicates with network elements in the external IPv4 network (only owns IPv4 addresses). It can only be used in the internal network and is not suitable for use in backbone networks and core networks. The translation strategy allows the IPv4 network and IPv6 network to be conveniently interoperable without any protocol adjustment. However, the communication efficiency of this interoperability is not high and limits the application of some general protocols, such as IPsec, multicast protocol, etc. Therefore, based on the current technical level, for performance considerations such as scalability, this technology is generally not suitable when interconnecting the core network and the backbone network. Usually, dual-stack strategy and translation strategy are used for enterprise networks or resident networks; while tunneling strategies are used when forming core networks and backbone networks. The following is a focus on tunneling strategy.
Tunneling Strategy
Tunneling strategy is a mechanism commonly used in IPv4/v6 comprehensive networking technology. Tunneling uses one protocol to transmit data from another protocol. It includes tunnel entrances and tunnel exits (tunnel ends), which are usually double stack nodes. At the tunnel entrance, the data of another protocol is encapsulated and sent in the form of one protocol; at the tunnel exit, the received protocol data is deencapsulated and corresponding processing is performed. Generally, some tunnel-related information must be maintained at the tunnel entrance, such as recording tunnel MTU and other parameters; at the tunnel exit, for security reasons, the encapsulated data must be filtered to prevent malicious attacks from outside.
Tunnel policies are usually distinguished by configuration, with two types: manual tunnel configuration and automatic tunnel. MPLS tunnels often used in backbone and core networks can be configured in both manual and automatic forms.
Manually configured tunnels include two types: Manual Tunnel (RFC2893) and GRE (RFC2473). Manual Tunnel must explicitly specify the IPv4 address of the tunnel end point (two-way); GRE is mainly used in situations where individual IPv6 hosts or networks need to communicate through IPv4 networks, and other applications are basically the same as Manual Tunnel. The manual tunnel configuration method is relatively simple to implement, but the scalability is poor. When the number of tunnels increases, the workload of tunnel configuration and maintenance is large, so it is suitable for the early stage of comprehensive networking. In the later stage of comprehensive networking, it can also exist in the form of a "default tunnel".
Automatic tunnels include tunnel broker, 6to4 tunnel, 6over4 tunnel, ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) tunnel, TEREDO tunnel, MPLS tunnel, compatible address automatic tunnel, etc. Among them, the compatible automatic tunneling method is no longer recommended, and its scalability is poor, so I will not introduce it here. The following highlights other methods.
Tunnel Agent (RFC3053)
Tunnel proxy is usually used in separate small IPv6 sites, especially when IPv6 hosts independently distributed in the IPv4 Internet need to be connected to an existing IPv6 network. It provides a way to simplify the configuration of tunnels, which can reduce the heavy tunnel configuration effort. The idea is to automatically manage tunnel requests issued by users through a dedicated server. Through the tunnel proxy, users can easily establish tunnel connections with the IPv6 network, thereby accessing external available IPv6 resources. Tunnel agents provided a very simple access method for early IPv6 providers. Currently, there are some applications in * and Japan.
6to4 Tunnel (RFC3056)
6to4 tunnel is a network transition mechanism with broad application prospects that the IETF attaches more importance to and has been studied in depth. It can enable isolated IPv6 subnets or IPv6 sites connected to pure IPv4 networks to communicate with other similar sites when they have not yet obtained pure IPv6 connections. A variety of routing protocols (OSPF, BGP, RIP, IS-IS, etc.) can be used within the IPv4 network, and routing can be achieved through MP-BGP routing between two 6to4 domains.
The 6to4 tunnel uses a special IPv6 address. IANA (Internet Numbering Committee) allocates a permanent IPv6 format prefix 0x2002 to the 6to4 tunnel, which means that the IPv6 address prefix format is 2002::/16. If a user site has at least one valid world-unique 32-bit IPv4 address (v4ADDR), then the user site will not require any allocation request to have the following IPv6 address prefix 2002:(v4ADDR)::/48.
There are two application environments for 6to4 tunnels: one is that both parties in the 6to4 domain and both use 6to4 addresses; the other is that one end of the communication is in the 6to4 domain and uses 6to4 addresses, while the other end is in the pure IPv6 domain and uses pure IPv6 addresses. At this time, the 6to4 repeater should be used for connection. The 6to4 repeater participates in the IPv6 unicast routing protocol on its pure IPv6 interface; participates in the IPv6 unicast routing protocol on the 6to4 pseudo-interface; and participates in the IPv4 unicast routing protocol on the IPv4 interface that supports 6to4.
The implementation of 6to4 tunnel is relatively simple and supports many devices, but this mechanism has a certain degree of coupling in network layout. A 6to4 repeater is required when communicating with pure IPv6. Of course, as a tunneling mechanism, 6to4 also faces security problems, and the problem is even more complicated due to the existence of 6to4 repeaters.
6over4 Tunnel (RFC2529)
The 6over4 tunnel enables an isolated IPv6 host that does not directly connect to the IPv6 router to form an IPv6 interconnection through the IPv4 multicast domain (using this as a virtual link layer). Therefore, in the multicast domain of the same IPv4, at least one IPv6 router using 6over4 and the 6over4 host connection is required. Through the 6over4 mechanism, IPv6 can be independent of the underlying links and can cross the IPv4 subnet that supports multicast.
The 6over4 mechanism requires IPv4 networks to support multicast functions, but most networks currently do not have this function, so in practical applications, it is rarely used. In addition, using the multicast feature of IPv4 as the virtual link layer is a local transmission mechanism with a very small scope of application and is only suitable for communication between dual-stack hosts. It cannot solve the problem of connecting an isolated node to a global IPv6 network. 6over4 tunnels can usually only be used at the edge of the network, such as enterprise networks and access networks.
ISATAP mechanism
ISATAP can enable dual-stack nodes in IPv4 sites to be accessed to IPv6 routers through automatic tunneling, allowing dual-stack nodes that do not share the same physical link with IPv6 routers to deliver packets to IPv6 next hop through IPv4 automatic tunneling. ISATAP uses an IPv6 address with an embedded IPv4 address. Whether the site uses a global or private IPv4 address, IPv6-in-IPv4 automatic tunneling technology can be used within the site. The ISATAP address format can use both the site unicast IPv6 address prefix or the global unicast IPv6 address prefix, that is, it can support site and global IPv6 routing. The ISATAP mechanism is usually applied at the edge of the network, such as the enterprise network or the access network. ISATAP can be used in conjunction with 6to4 technology.
Teredo Tunnel
IPv6 nodes located behind NAT use general tunneling technology (IPv6-over-IPv4) to communicate with IPv6 nodes outside the NAT domain, because current NAT generally does not support packets with protocol type 41 (that is, IPv6-over-IPv4). Teredo tunnel is different from the general IPv6-over-IPv4 tunnel. To be precise, it is an IPv6-over-UDP tunnel, where packets pass through the NAT by being encapsulated in a UDP payload.
The communication entities of the Teredo tunnel include clients, servers, relays, and relays specific to the Teredo host. Teredo client refers to IPv4/v6 nodes that support Teredo tunnel interface. Through this tunnel interface, data packets are transmitted to other Teredo clients and other nodes on the IPv6 network (through Teredo relay). Teredo addresses are only assigned to Teredo clients, and other entities do not assign Teredo addresses. Teredo server refers to IPv4/v6 nodes connecting IPv4 networks and IPv6 networks. It supports Teredo tunnel interfaces used to receive data packets. Its common function is to help Teredo clients configure their address and assist in establishing communication connections between Teredo clients or between clients and pure IPv6 hosts. It uses UDP 3544 port to listen for Teredo communication. Teredo relay refers to an IPv4/v6 router that can transfer packets between Teredo clients on an IPv4 network (using a Teredo tunnel interface) and between a pure IPv6 host. It uses a UDP 3544 port to listen for Teredo communication. Teredo host-specific relay refers to an IPv4/v6 node that has both IPv4 and IPv6 Internet connections and communicates directly with Teredo clients over an IPv4 network without Teredo relay. It uses UDP 3544 port to listen for Teredo communication. It enables Teredo clients to communicate effectively with 6to4 hosts, IPv6 hosts with non-6to4 global address prefixes, or ISATAPs and 6over4 hosts using global prefixes in organizational internal addresses.
Teredo tunnels can enable IPv6 nodes in the NAT domain to obtain global IPv6 connections. In areas where IPv4 addresses are scarce and NAT is widely operated, especially in China, it undoubtedly has good application prospects. However, Teredo's operation requires the support of Relay, and it does not support the existence of Symmetric NAT in the middle of the tunnel; in addition, the prefix of Teredo addresses in the prescribed format does not conform to the idea of IPv6 routing hierarchy. These shortcomings will affect Teredo's deployment to some extent.
If the original IPv6, 6to4, or ISATAP connection is available, the host does not have to be a Teredo client. Now, more and more IPv4 NATs have been upgraded to be able to support 6to4, and IPv6 connections are becoming more common, so Teredo will be used less and less until it is abandoned completely.
There are three main forms of MPLS tunnel: configure IPv6 tunnel on the CE (customer edge) router, circuit transmission (layer 2 tunnel) IPv6 on the PE (provider edge) router, and use IPv6 (6PE) on the PE (provider edge) router. Among them, the first two have certain problems in scalability; the latter is a better strategy.
6PE requires that IPv6 sites must be connected to one or more dual-stack PEs running MP-BGP (Multi-Protocol Extension-Border Gateway Protocol) through CE. These PEs exchange IPv6 routing information through MP-BGP and transmit IPv6 data packets through tunnels. 6PE is suitable for network transition strategies from edge to core. First of all, it can still maintain the original IPv4 protocol in the backbone network and the metropolitan core network, but only realize the transmission of IPv4 packets and IPv6 packets through MPLS technology at the edge of the network. Secondly, it has better scalability. When the original network has implemented MPLS, each edge network can independently choose the network transition time and networking method (the networking method of the local network is not affected by the MPLS tunneling mechanism). The 6PE router uses two-layer MPLS tags to encapsulate IPv6 data: the top-level tag is distributed by the LDP (label distribution path) used by the core network device, and is used to carry data packets to the destination's 6PE based on routing information; the second or bottom tag is related to the destination's IPv6 prefix and is propagated through multi-protocol BGP-4. The main disadvantage of 6PE is that its implementation is based on the premise that MPLS has been deployed and implemented in the network, and is not applicable to networks that have not yet been deployed. Table 1 is a comparison of the characteristics of several MPLS tunneling methods. Article entry: csh Editor in charge: csh
Current status of IPv4/v6 comprehensive networking
Regarding the question of how to transition from IPv4 to IPv6, the IETF (Internet Engineering Task Force) has established the "Next Generation Network Transition Working Group (Ngtrans)". The work results of this working group are reflected in 14 RFCs and over 20 drafts. The newly established "IPv6 Network Interoperability Working Group (IPv6ops)" is responsible for studying integration and interoperability issues. Research results show that during the transition process, IPv4 network will coexist with IPv6 network for a long time.
Researching the comprehensive IPv4/v6 networking will help explore the development direction and technical model of the next generation of Internet; it will be conducive to the technical research of the next generation of telecommunications networks; it will provide reference for the research and development of IPv6 products by equipment manufacturers; and promote the practical and commercialization of IPv6. Therefore, the research on IPv4/v6 comprehensive networking is very urgent and necessary.
The main research contents of IPv4/v6 comprehensive networking technology include: the technical characteristics and scope of application of different existing transition strategies and network transition tools; the network structure after the carrier network is introduced into IPv6; the technical requirements for IPv4/v6 comprehensive networking by different telecommunications networking environments; possible comprehensive networking solutions for different networking environments (different needs); routing and domain name issues during comprehensive networking, security analysis, address allocation strategies, interconnection (compatibility) of different networking technologies in the network, etc.
Research on IPv4/v6 comprehensive networking technology has formed a toolbox containing multiple network transition tools, and the research on specific networking methods has also received more and more attention, but overall, the research is still in its infancy. Since the corresponding networking needs cannot be determined, the IETF's research on network environment and networking needs in the draft stage is now aimed at the Internet. In telecommunications operation networks, although research on the networking environment and networking scheme of IPv4/v6 comprehensive networking has also been paid attention to and some results have been achieved (mainly reflected in the fact that IPv6 equipment manufacturers have proposed some IPv4/v6 comprehensive networking schemes related to their own products), objectively speaking, both in terms of research depth and breadth are in the early stage.
Basic principles of IPv4/v6 comprehensive networking
When conducting IPv4/v6 comprehensive networking, the following principles should be followed: maximize the protection of existing investments of end users, ISPs, ICPs and telecom operators; ensure the interoperability between IPv4 and IPv6 hosts; support the interoperability of the two services under the premise that IPv4 services and IPv6 services do not affect each other; ensure the normal application of existing IPv4 applications in the comprehensive networking environment; avoid dependence between devices, and the update of equipment must be independent; the comprehensive networking process should be easy to understand and implement for network managers and end users; improve network flexibility, support the gradual upgrade of the network, and users have the choice to transition when to choose. and the right to transition; after comprehensive networking, the service quality of the network should not have a significant impact, the reliability and stability of the network cannot be weakened, and the network management function should be strengthened compared with the original network; the gradual evolution strategy from the edge to the backbone should be considered (at the same time, the strategies from the backbone to the edge); the benefits that can be brought to end users (business, points of interest, etc.); the improvements to some problems existing in the existing IPv4 network (NAT, address planning, etc.) should be considered during comprehensive networking; the technical selection between various parts of the network should be independent, such as the metropolitan core network, access network, and resident network should be able to choose different technologies.
IPv4/v6 comprehensive networking strategy
According to the basic principles of comprehensive networking, the commonly used networking strategies include Dual Stack Transition Mechanism (DSTM), tunneling strategies and translation strategies. Among them, the dual-stack strategy can be divided into two types: host dual-stack and router dual-stack; tunneling strategies include manual tunnel and automatic tunnel; translation strategy implementation protocols include NAT-PT (Network Address Translation Protocol Translation), TRT (Transport Relay Translations), BIS (Bump In the Stack), and BIA (Bump In the Application program interface). The above strategies are usually used in combination.
Among the three networking strategies, the dual-stack strategy usually solves the problem of how the dual-stack host in the IPv6 network (usually only has IPv6 addresses but no IPv4 addresses) communicates with network elements in the external IPv4 network (only owns IPv4 addresses). It can only be used in the internal network and is not suitable for use in backbone networks and core networks. The translation strategy allows the IPv4 network and IPv6 network to be conveniently interoperable without any protocol adjustment. However, the communication efficiency of this interoperability is not high and limits the application of some general protocols, such as IPsec, multicast protocol, etc. Therefore, based on the current technical level, for performance considerations such as scalability, this technology is generally not suitable when interconnecting the core network and the backbone network. Usually, dual-stack strategy and translation strategy are used for enterprise networks or resident networks; while tunneling strategies are used when forming core networks and backbone networks. The following is a focus on tunneling strategy.
Tunneling Strategy
Tunneling strategy is a mechanism commonly used in IPv4/v6 comprehensive networking technology. Tunneling uses one protocol to transmit data from another protocol. It includes tunnel entrances and tunnel exits (tunnel ends), which are usually double stack nodes. At the tunnel entrance, the data of another protocol is encapsulated and sent in the form of one protocol; at the tunnel exit, the received protocol data is deencapsulated and corresponding processing is performed. Generally, some tunnel-related information must be maintained at the tunnel entrance, such as recording tunnel MTU and other parameters; at the tunnel exit, for security reasons, the encapsulated data must be filtered to prevent malicious attacks from outside.
Tunnel policies are usually distinguished by configuration, with two types: manual tunnel configuration and automatic tunnel. MPLS tunnels often used in backbone and core networks can be configured in both manual and automatic forms.
Manually configured tunnels include two types: Manual Tunnel (RFC2893) and GRE (RFC2473). Manual Tunnel must explicitly specify the IPv4 address of the tunnel end point (two-way); GRE is mainly used in situations where individual IPv6 hosts or networks need to communicate through IPv4 networks, and other applications are basically the same as Manual Tunnel. The manual tunnel configuration method is relatively simple to implement, but the scalability is poor. When the number of tunnels increases, the workload of tunnel configuration and maintenance is large, so it is suitable for the early stage of comprehensive networking. In the later stage of comprehensive networking, it can also exist in the form of a "default tunnel".
Automatic tunnels include tunnel broker, 6to4 tunnel, 6over4 tunnel, ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) tunnel, TEREDO tunnel, MPLS tunnel, compatible address automatic tunnel, etc. Among them, the compatible automatic tunneling method is no longer recommended, and its scalability is poor, so I will not introduce it here. The following highlights other methods.
Tunnel Agent (RFC3053)
Tunnel proxy is usually used in separate small IPv6 sites, especially when IPv6 hosts independently distributed in the IPv4 Internet need to be connected to an existing IPv6 network. It provides a way to simplify the configuration of tunnels, which can reduce the heavy tunnel configuration effort. The idea is to automatically manage tunnel requests issued by users through a dedicated server. Through the tunnel proxy, users can easily establish tunnel connections with the IPv6 network, thereby accessing external available IPv6 resources. Tunnel agents provided a very simple access method for early IPv6 providers. Currently, there are some applications in * and Japan.
6to4 Tunnel (RFC3056)
6to4 tunnel is a network transition mechanism with broad application prospects that the IETF attaches more importance to and has been studied in depth. It can enable isolated IPv6 subnets or IPv6 sites connected to pure IPv4 networks to communicate with other similar sites when they have not yet obtained pure IPv6 connections. A variety of routing protocols (OSPF, BGP, RIP, IS-IS, etc.) can be used within the IPv4 network, and routing can be achieved through MP-BGP routing between two 6to4 domains.
The 6to4 tunnel uses a special IPv6 address. IANA (Internet Numbering Committee) allocates a permanent IPv6 format prefix 0x2002 to the 6to4 tunnel, which means that the IPv6 address prefix format is 2002::/16. If a user site has at least one valid world-unique 32-bit IPv4 address (v4ADDR), then the user site will not require any allocation request to have the following IPv6 address prefix 2002:(v4ADDR)::/48.
There are two application environments for 6to4 tunnels: one is that both parties in the 6to4 domain and both use 6to4 addresses; the other is that one end of the communication is in the 6to4 domain and uses 6to4 addresses, while the other end is in the pure IPv6 domain and uses pure IPv6 addresses. At this time, the 6to4 repeater should be used for connection. The 6to4 repeater participates in the IPv6 unicast routing protocol on its pure IPv6 interface; participates in the IPv6 unicast routing protocol on the 6to4 pseudo-interface; and participates in the IPv4 unicast routing protocol on the IPv4 interface that supports 6to4.
The implementation of 6to4 tunnel is relatively simple and supports many devices, but this mechanism has a certain degree of coupling in network layout. A 6to4 repeater is required when communicating with pure IPv6. Of course, as a tunneling mechanism, 6to4 also faces security problems, and the problem is even more complicated due to the existence of 6to4 repeaters.
6over4 Tunnel (RFC2529)
The 6over4 tunnel enables an isolated IPv6 host that does not directly connect to the IPv6 router to form an IPv6 interconnection through the IPv4 multicast domain (using this as a virtual link layer). Therefore, in the multicast domain of the same IPv4, at least one IPv6 router using 6over4 and the 6over4 host connection is required. Through the 6over4 mechanism, IPv6 can be independent of the underlying links and can cross the IPv4 subnet that supports multicast.
The 6over4 mechanism requires IPv4 networks to support multicast functions, but most networks currently do not have this function, so in practical applications, it is rarely used. In addition, using the multicast feature of IPv4 as the virtual link layer is a local transmission mechanism with a very small scope of application and is only suitable for communication between dual-stack hosts. It cannot solve the problem of connecting an isolated node to a global IPv6 network. 6over4 tunnels can usually only be used at the edge of the network, such as enterprise networks and access networks.
ISATAP mechanism
ISATAP can enable dual-stack nodes in IPv4 sites to be accessed to IPv6 routers through automatic tunneling, allowing dual-stack nodes that do not share the same physical link with IPv6 routers to deliver packets to IPv6 next hop through IPv4 automatic tunneling. ISATAP uses an IPv6 address with an embedded IPv4 address. Whether the site uses a global or private IPv4 address, IPv6-in-IPv4 automatic tunneling technology can be used within the site. The ISATAP address format can use both the site unicast IPv6 address prefix or the global unicast IPv6 address prefix, that is, it can support site and global IPv6 routing. The ISATAP mechanism is usually applied at the edge of the network, such as the enterprise network or the access network. ISATAP can be used in conjunction with 6to4 technology.
Teredo Tunnel
IPv6 nodes located behind NAT use general tunneling technology (IPv6-over-IPv4) to communicate with IPv6 nodes outside the NAT domain, because current NAT generally does not support packets with protocol type 41 (that is, IPv6-over-IPv4). Teredo tunnel is different from the general IPv6-over-IPv4 tunnel. To be precise, it is an IPv6-over-UDP tunnel, where packets pass through the NAT by being encapsulated in a UDP payload.
The communication entities of the Teredo tunnel include clients, servers, relays, and relays specific to the Teredo host. Teredo client refers to IPv4/v6 nodes that support Teredo tunnel interface. Through this tunnel interface, data packets are transmitted to other Teredo clients and other nodes on the IPv6 network (through Teredo relay). Teredo addresses are only assigned to Teredo clients, and other entities do not assign Teredo addresses. Teredo server refers to IPv4/v6 nodes connecting IPv4 networks and IPv6 networks. It supports Teredo tunnel interfaces used to receive data packets. Its common function is to help Teredo clients configure their address and assist in establishing communication connections between Teredo clients or between clients and pure IPv6 hosts. It uses UDP 3544 port to listen for Teredo communication. Teredo relay refers to an IPv4/v6 router that can transfer packets between Teredo clients on an IPv4 network (using a Teredo tunnel interface) and between a pure IPv6 host. It uses a UDP 3544 port to listen for Teredo communication. Teredo host-specific relay refers to an IPv4/v6 node that has both IPv4 and IPv6 Internet connections and communicates directly with Teredo clients over an IPv4 network without Teredo relay. It uses UDP 3544 port to listen for Teredo communication. It enables Teredo clients to communicate effectively with 6to4 hosts, IPv6 hosts with non-6to4 global address prefixes, or ISATAPs and 6over4 hosts using global prefixes in organizational internal addresses.
Teredo tunnels can enable IPv6 nodes in the NAT domain to obtain global IPv6 connections. In areas where IPv4 addresses are scarce and NAT is widely operated, especially in China, it undoubtedly has good application prospects. However, Teredo's operation requires the support of Relay, and it does not support the existence of Symmetric NAT in the middle of the tunnel; in addition, the prefix of Teredo addresses in the prescribed format does not conform to the idea of IPv6 routing hierarchy. These shortcomings will affect Teredo's deployment to some extent.
If the original IPv6, 6to4, or ISATAP connection is available, the host does not have to be a Teredo client. Now, more and more IPv4 NATs have been upgraded to be able to support 6to4, and IPv6 connections are becoming more common, so Teredo will be used less and less until it is abandoned completely.
There are three main forms of MPLS tunnel: configure IPv6 tunnel on the CE (customer edge) router, circuit transmission (layer 2 tunnel) IPv6 on the PE (provider edge) router, and use IPv6 (6PE) on the PE (provider edge) router. Among them, the first two have certain problems in scalability; the latter is a better strategy.
6PE requires that IPv6 sites must be connected to one or more dual-stack PEs running MP-BGP (Multi-Protocol Extension-Border Gateway Protocol) through CE. These PEs exchange IPv6 routing information through MP-BGP and transmit IPv6 data packets through tunnels. 6PE is suitable for network transition strategies from edge to core. First of all, it can still maintain the original IPv4 protocol in the backbone network and the metropolitan core network, but only realize the transmission of IPv4 packets and IPv6 packets through MPLS technology at the edge of the network. Secondly, it has better scalability. When the original network has implemented MPLS, each edge network can independently choose the network transition time and networking method (the networking method of the local network is not affected by the MPLS tunneling mechanism). The 6PE router uses two-layer MPLS tags to encapsulate IPv6 data: the top-level tag is distributed by the LDP (label distribution path) used by the core network device, and is used to carry data packets to the destination's 6PE based on routing information; the second or bottom tag is related to the destination's IPv6 prefix and is propagated through multi-protocol BGP-4. The main disadvantage of 6PE is that its implementation is based on the premise that MPLS has been deployed and implemented in the network, and is not applicable to networks that have not yet been deployed. Table 1 is a comparison of the characteristics of several MPLS tunneling methods. Article entry: csh Editor in charge: csh